Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
20bd3b7d
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
20bd3b7d
编写于
8月 12, 2020
作者:
G
GitLab Bot
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add latest changes from gitlab-org/gitlab@master
上级
90156f52
变更
12
隐藏空白更改
内联
并排
Showing
12 changed file
with
359 addition
and
80 deletion
+359
-80
GITALY_SERVER_VERSION
GITALY_SERVER_VERSION
+1
-1
app/services/clusters/parse_cluster_applications_artifact_service.rb
...s/clusters/parse_cluster_applications_artifact_service.rb
+0
-2
changelogs/unreleased/remove_cluster_applications_artifact_flag.yml
.../unreleased/remove_cluster_applications_artifact_flag.yml
+5
-0
doc/api/graphql/reference/gitlab_schema.graphql
doc/api/graphql/reference/gitlab_schema.graphql
+51
-0
doc/api/graphql/reference/gitlab_schema.json
doc/api/graphql/reference/gitlab_schema.json
+167
-0
doc/api/graphql/reference/index.md
doc/api/graphql/reference/index.md
+10
-0
doc/ci/pipelines/index.md
doc/ci/pipelines/index.md
+4
-1
doc/ci/yaml/README.md
doc/ci/yaml/README.md
+4
-0
doc/user/clusters/applications.md
doc/user/clusters/applications.md
+5
-0
doc/user/project/merge_requests/code_quality.md
doc/user/project/merge_requests/code_quality.md
+61
-0
lib/gitlab/sidekiq_logger.rb
lib/gitlab/sidekiq_logger.rb
+0
-9
spec/services/clusters/parse_cluster_applications_artifact_service_spec.rb
...sters/parse_cluster_applications_artifact_service_spec.rb
+51
-67
未找到文件。
GITALY_SERVER_VERSION
浏览文件 @
20bd3b7d
6730c101d0be2db5155b6e2c4de689dc906337f4
187f550dce577f1fb39503976a30a73a58b2b8e1
app/services/clusters/parse_cluster_applications_artifact_service.rb
浏览文件 @
20bd3b7d
...
...
@@ -14,8 +14,6 @@ module Clusters
end
def
execute
(
artifact
)
return
success
unless
Feature
.
enabled?
(
:cluster_applications_artifact
,
project
)
raise
ArgumentError
,
'Artifact is not cluster_applications file type'
unless
artifact
&
.
cluster_applications?
return
error
(
too_big_error_message
,
:bad_request
)
unless
artifact
.
file
.
size
<
MAX_ACCEPTABLE_ARTIFACT_SIZE
...
...
changelogs/unreleased/remove_cluster_applications_artifact_flag.yml
0 → 100644
浏览文件 @
20bd3b7d
---
title
:
Enable state tracking for managed applications installed via the management project
merge_request
:
38759
author
:
type
:
added
doc/api/graphql/reference/gitlab_schema.graphql
浏览文件 @
20bd3b7d
...
...
@@ -2907,6 +2907,56 @@ type DastSiteProfilePermissions {
createOnDemandDastScan
:
Boolean
!
}
"""
Autogenerated
input
type
of
DastSiteProfileUpdate
"""
input
DastSiteProfileUpdateInput
{
"""
A
unique
identifier
for
the
client
performing
the
mutation
.
"""
clientMutationId
:
String
"""
The
project
the
site
profile
belongs
to
.
"""
fullPath
:
ID
!
"""
ID
of
the
site
profile
to
be
updated
.
"""
id
:
DastSiteProfileID
!
"""
The
name
of
the
site
profile
.
"""
profileName
:
String
!
"""
The
URL
of
the
target
to
be
scanned
.
"""
targetUrl
:
String
}
"""
Autogenerated
return
type
of
DastSiteProfileUpdate
"""
type
DastSiteProfileUpdatePayload
{
"""
A
unique
identifier
for
the
client
performing
the
mutation
.
"""
clientMutationId
:
String
"""
Errors
encountered
during
execution
of
the
mutation
.
"""
errors
:
[
String
!]!
"""
ID
of
the
site
profile
.
"""
id
:
DastSiteProfileID
}
enum
DastSiteProfileValidationStatusEnum
{
"""
Site
validation
process
finished
but
failed
...
...
@@ -9349,6 +9399,7 @@ type Mutation {
dastScannerProfileCreate
(
input
:
DastScannerProfileCreateInput
!):
DastScannerProfileCreatePayload
dastSiteProfileCreate
(
input
:
DastSiteProfileCreateInput
!):
DastSiteProfileCreatePayload
dastSiteProfileDelete
(
input
:
DastSiteProfileDeleteInput
!):
DastSiteProfileDeletePayload
dastSiteProfileUpdate
(
input
:
DastSiteProfileUpdateInput
!):
DastSiteProfileUpdatePayload
deleteAnnotation
(
input
:
DeleteAnnotationInput
!):
DeleteAnnotationPayload
designManagementDelete
(
input
:
DesignManagementDeleteInput
!):
DesignManagementDeletePayload
designManagementMove
(
input
:
DesignManagementMoveInput
!):
DesignManagementMovePayload
...
...
doc/api/graphql/reference/gitlab_schema.json
浏览文件 @
20bd3b7d
...
...
@@ -7876,6 +7876,146 @@
"enumValues": null,
"possibleTypes": null
},
{
"kind": "INPUT_OBJECT",
"name": "DastSiteProfileUpdateInput",
"description": "Autogenerated input type of DastSiteProfileUpdate",
"fields": null,
"inputFields": [
{
"name": "fullPath",
"description": "The project the site profile belongs to.",
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "ID",
"ofType": null
}
},
"defaultValue": null
},
{
"name": "id",
"description": "ID of the site profile to be updated.",
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "DastSiteProfileID",
"ofType": null
}
},
"defaultValue": null
},
{
"name": "profileName",
"description": "The name of the site profile.",
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "String",
"ofType": null
}
},
"defaultValue": null
},
{
"name": "targetUrl",
"description": "The URL of the target to be scanned.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
},
{
"name": "clientMutationId",
"description": "A unique identifier for the client performing the mutation.",
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"defaultValue": null
}
],
"interfaces": null,
"enumValues": null,
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "DastSiteProfileUpdatePayload",
"description": "Autogenerated return type of DastSiteProfileUpdate",
"fields": [
{
"name": "clientMutationId",
"description": "A unique identifier for the client performing the mutation.",
"args": [
],
"type": {
"kind": "SCALAR",
"name": "String",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "errors",
"description": "Errors encountered during execution of the mutation.",
"args": [
],
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "LIST",
"name": null,
"ofType": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "SCALAR",
"name": "String",
"ofType": null
}
}
}
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "id",
"description": "ID of the site profile.",
"args": [
],
"type": {
"kind": "SCALAR",
"name": "DastSiteProfileID",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
}
],
"inputFields": null,
"interfaces": [
],
"enumValues": null,
"possibleTypes": null
},
{
"kind": "ENUM",
"name": "DastSiteProfileValidationStatusEnum",
...
...
@@ -26800,6 +26940,33 @@
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "dastSiteProfileUpdate",
"description": null,
"args": [
{
"name": "input",
"description": null,
"type": {
"kind": "NON_NULL",
"name": null,
"ofType": {
"kind": "INPUT_OBJECT",
"name": "DastSiteProfileUpdateInput",
"ofType": null
}
},
"defaultValue": null
}
],
"type": {
"kind": "OBJECT",
"name": "DastSiteProfileUpdatePayload",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "deleteAnnotation",
"description": null,
doc/api/graphql/reference/index.md
浏览文件 @
20bd3b7d
...
...
@@ -487,6 +487,16 @@ Check permissions for the current user on site profile
| --- | ---- | ---------- |
|
`createOnDemandDastScan`
| Boolean! | Indicates the user can perform
`create_on_demand_dast_scan`
on this resource |
## DastSiteProfileUpdatePayload
Autogenerated return type of DastSiteProfileUpdate
| Name | Type | Description |
| --- | ---- | ---------- |
|
`clientMutationId`
| String | A unique identifier for the client performing the mutation. |
|
`errors`
| String! => Array | Errors encountered during execution of the mutation. |
|
`id`
| DastSiteProfileID | ID of the site profile. |
## DeleteAnnotationPayload
Autogenerated return type of DeleteAnnotation
...
...
doc/ci/pipelines/index.md
浏览文件 @
20bd3b7d
...
...
@@ -423,7 +423,10 @@ In the following example:
#### Custom collapsible sections
You can create collapsible sections in job logs by manually outputting special codes
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/14664) in GitLab 12.0.
You can create
[
collapsible sections in job logs
](
../pipelines/index.md#expand-and-collapse-job-log-sections
)
by manually outputting special codes
that GitLab uses to determine what sections to collapse:
-
Section start marker:
`section_start:UNIX_TIMESTAMP:SECTION_NAME\r\e[0K`
+
`TEXT_OF_SECTION_HEADER`
...
...
doc/ci/yaml/README.md
浏览文件 @
20bd3b7d
...
...
@@ -828,6 +828,10 @@ $ tr a-z A-Z << END_TEXT # collapsed multi-line command
FOUR FIVE SIX
```
#### Custom collapsible sections
See
[
custom collapsible sections
](
../pipelines/index.md#custom-collapsible-sections
)
.
### `stage`
`stage`
is defined per-job and relies on
[
`stages`
](
#stages
)
which is defined
...
...
doc/user/clusters/applications.md
浏览文件 @
20bd3b7d
...
...
@@ -946,6 +946,11 @@ management project. Refer to the
[
Cilium chart
](
https://github.com/cilium/cilium/tree/master/install/kubernetes/cilium
)
for the available configuration options.
You can check Cilium's installation status on the cluster management page:
-
[
Project-level cluster
](
../project/clusters/index.md
)
: Navigate to your project's
**Operations > Kubernetes**
page.
-
[
Group-level cluster
](
../group/clusters/index.md
)
: Navigate to your group's
**Kubernetes**
page.
CAUTION:
**Caution:**
Installation and removal of the Cilium requires a
**manual**
[
restart
](
https://docs.cilium.io/en/stable/gettingstarted/k8s-install-gke/#restart-unmanaged-pods
)
...
...
doc/user/project/merge_requests/code_quality.md
浏览文件 @
20bd3b7d
...
...
@@ -130,6 +130,67 @@ definition they will be able to execute privileged Docker commands on the Runner
host. Having proper access control policies mitigates this attack vector by
allowing access only to trusted actors.
### Disabling the code quality job
The
`code_quality`
job will not run if the
`$CODE_QUALITY_DISABLED`
environment
variable is present. Please refer to the environment variables
[
documentation
](
../../../ci/variables/README.md
)
to learn more about how to define one.
To disable the
`code_quality`
job, add
`CODE_QUALITY_DISABLED`
as a custom environment
variable. This can be done:
-
For the whole project,
[
in the project settings
](
../../../ci/variables/README.md#create-a-custom-variable-in-the-ui
)
or
[
CI/CD configuration
](
../../../ci/variables/README.md#create-a-custom-variable-in-the-ui
)
.
-
For a single pipeline run:
1.
Go to
**CI/CD > Pipelines**
1.
Click
**Run Pipeline**
1.
Add
`CODE_QUALITY_DISABLED`
as the variable key, with any value.
### Using with merge request pipelines
The configuration provided by the Code Quality template does not let the
`code_quality`
job
run on
[
pipelines for merge requests
](
../../../ci/merge_request_pipelines/index.md
)
.
If pipelines for merge requests is enabled, the
`code_quality:rules`
must be redefined.
The template has these
[
`rules`
](
../../../ci/yaml/README.md#rules
)
for the
`code quality`
job:
```
yaml
code_quality
:
rules
:
-
if
:
'
$CODE_QUALITY_DISABLED'
when
:
never
-
if
:
'
$CI_COMMIT_TAG
||
$CI_COMMIT_BRANCH'
```
If you are using merge request pipelines, your
`rules`
(or
[
`workflow: rules`
](
../../../ci/yaml/README.md#workflowrules
)
)
might look like this example:
```
yaml
job1
:
rules
:
-
if
:
'
$CI_PIPELINE_SOURCE
==
"merge_request_event"'
# Run job1 in merge request pipelines
-
if
:
'
$CI_COMMIT_BRANCH
==
"master"'
# Run job1 in pipelines on the master branch (but not in other branch pipelines)
-
if
:
'
$CI_COMMIT_TAG'
# Run job1 in pipelines for tags
```
To make these work together, you will need to overwrite the code quality
`rules`
so that they match your current
`rules`
. From the example above, it could look like:
```
yaml
include
:
-
template
:
Code-Quality.gitlab-ci.yml
code_quality
:
rules
:
-
if
:
'
$CODE_QUALITY_DISABLED'
when
:
never
-
if
:
'
$CI_PIPELINE_SOURCE
==
"merge_request_event"'
# Run code quality job in merge request pipelines
-
if
:
'
$CI_COMMIT_BRANCH
==
$CI_DEFAULT_BRANCH'
# Run code quality job in pipelines on the master branch (but not in other branch pipelines)
-
if
:
'
$CI_COMMIT_TAG'
# Run code quality job in pipelines for tags
```
## Configuring jobs using variables
The Code Quality job supports environment variables that users can set to
...
...
lib/gitlab/sidekiq_logger.rb
已删除
100644 → 0
浏览文件 @
90156f52
# frozen_string_literal: true
module
Gitlab
class
SidekiqLogger
<
Gitlab
::
Logger
def
self
.
file_name_noext
'sidekiq'
end
end
end
spec/services/clusters/parse_cluster_applications_artifact_service_spec.rb
浏览文件 @
20bd3b7d
...
...
@@ -36,105 +36,89 @@ RSpec.describe Clusters::ParseClusterApplicationsArtifactService do
let
(
:job
)
{
deployment
.
deployable
}
let
(
:artifact
)
{
create
(
:ci_job_artifact
,
:cluster_applications
,
job:
job
)
}
context
'when cluster_applications_artifact feature flag is disabled'
do
before
do
stub_feature_flags
(
cluster_applications_artifact:
false
)
end
it
'does not call Gitlab::Kubernetes::Helm::Parsers::ListV2 and returns success immediately'
do
expect
(
Gitlab
::
Kubernetes
::
Helm
::
Parsers
::
ListV2
).
not_to
receive
(
:new
)
it
'calls Gitlab::Kubernetes::Helm::Parsers::ListV2'
do
expect
(
Gitlab
::
Kubernetes
::
Helm
::
Parsers
::
ListV2
).
to
receive
(
:new
).
and_call_original
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
expect
(
result
[
:status
]).
to
eq
(
:success
)
end
expect
(
result
[
:status
]).
to
eq
(
:success
)
end
context
'when cluster_applications_artifact feature flag is enabled for project'
do
before
do
stub_feature_flags
(
cluster_applications_artifact:
job
.
project
)
context
'artifact is not of cluster_applications type'
do
let
(
:artifact
)
{
create
(
:ci_job_artifact
,
:archive
)
}
let
(
:job
)
{
artifact
.
job
}
it
'raise ArgumentError'
do
expect
do
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
end
.
to
raise_error
(
ArgumentError
,
'Artifact is not cluster_applications file type'
)
end
end
it
'calls Gitlab::Kubernetes::Helm::Parsers::ListV2'
do
expect
(
Gitlab
::
Kubernetes
::
Helm
::
Parsers
::
ListV2
).
to
receive
(
:new
).
and_call_original
context
'artifact exceeds acceptable size'
do
it
'returns an error'
do
stub_const
(
"
#{
described_class
}
::MAX_ACCEPTABLE_ARTIFACT_SIZE"
,
1
.
byte
)
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
expect
(
result
[
:status
]).
to
eq
(
:success
)
expect
(
result
[
:status
]).
to
eq
(
:error
)
expect
(
result
[
:message
]).
to
eq
(
'Cluster_applications artifact too big. Maximum allowable size: 1 Byte'
)
end
end
context
'artifact is not of cluster_applications type'
do
let
(
:artifact
)
{
create
(
:ci_job_artifact
,
:archive
)
}
let
(
:job
)
{
artifact
.
job
}
context
'job has no deployment'
do
let
(
:job
)
{
build
(
:ci_build
)
}
it
'raise ArgumentE
rror'
do
expect
do
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
end
.
to
raise_error
(
ArgumentError
,
'Artifact is not cluster_applications file type'
)
e
nd
it
'returns an e
rror'
do
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
expect
(
result
[
:status
]).
to
eq
(
:error
)
e
xpect
(
result
[
:message
]).
to
eq
(
'No deployment found for this job'
)
end
end
context
'artifact exceeds acceptable size
'
do
it
'returns an error'
do
stub_const
(
"
#{
described_class
}
::MAX_ACCEPTABLE_ARTIFACT_SIZE"
,
1
.
byte
)
context
'job has no deployment cluster
'
do
let
(
:deployment
)
{
create
(
:deployment
)
}
let
(
:job
)
{
deployment
.
deployable
}
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
it
'returns an error'
do
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
expect
(
result
[
:status
]).
to
eq
(
:error
)
expect
(
result
[
:message
]).
to
eq
(
'Cluster_applications artifact too big. Maximum allowable size: 1 Byte'
)
end
expect
(
result
[
:status
]).
to
eq
(
:error
)
expect
(
result
[
:message
]).
to
eq
(
'No deployment cluster found for this job'
)
end
end
context
'job has no deployment'
do
let
(
:job
)
{
build
(
:ci_build
)
}
context
'blob is empty'
do
let
(
:file
)
{
fixture_file_upload
(
Rails
.
root
.
join
(
"spec/fixtures/helm/helm_list_v2_empty_blob.json.gz"
))
}
let
(
:artifact
)
{
create
(
:ci_job_artifact
,
:cluster_applications
,
job:
job
,
file:
file
)
}
it
'returns an error
'
do
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
it
'returns success
'
do
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
expect
(
result
[
:status
]).
to
eq
(
:error
)
expect
(
result
[
:message
]).
to
eq
(
'No deployment found for this job'
)
end
expect
(
result
[
:status
]).
to
eq
(
:success
)
end
end
context
'job has no
deployment cluster'
do
let
(
:deployment
)
{
create
(
:deployment
)
}
let
(
:
job
)
{
deployment
.
deployable
}
context
'job has
deployment cluster'
do
context
'current user does not have access to deployment cluster'
do
let
(
:
other_user
)
{
create
(
:user
)
}
it
'returns an error'
do
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
result
=
described_class
.
new
(
job
,
other_
user
).
execute
(
artifact
)
expect
(
result
[
:status
]).
to
eq
(
:error
)
expect
(
result
[
:message
]).
to
eq
(
'No deployment cluster found for this job'
)
end
end
context
'blob is empty'
do
let
(
:file
)
{
fixture_file_upload
(
Rails
.
root
.
join
(
"spec/fixtures/helm/helm_list_v2_empty_blob.json.gz"
))
}
let
(
:artifact
)
{
create
(
:ci_job_artifact
,
:cluster_applications
,
job:
job
,
file:
file
)
}
it
'returns success'
do
result
=
described_class
.
new
(
job
,
user
).
execute
(
artifact
)
expect
(
result
[
:status
]).
to
eq
(
:success
)
end
it
'does not affect unpermitted cluster applications'
do
expect
(
Clusters
::
ParseClusterApplicationsArtifactService
::
RELEASE_NAMES
).
to
contain_exactly
(
'cilium'
)
end
context
'job has deployment cluster'
do
context
'current user does not have access to deployment cluster'
do
let
(
:other_user
)
{
create
(
:user
)
}
it
'returns an error'
do
result
=
described_class
.
new
(
job
,
other_user
).
execute
(
artifact
)
expect
(
result
[
:status
]).
to
eq
(
:error
)
expect
(
result
[
:message
]).
to
eq
(
'No deployment cluster found for this job'
)
end
end
Clusters
::
ParseClusterApplicationsArtifactService
::
RELEASE_NAMES
.
each
do
|
release_name
|
context
release_name
do
include_examples
'parse cluster applications artifact'
,
release_name
end
Clusters
::
ParseClusterApplicationsArtifactService
::
RELEASE_NAMES
.
each
do
|
release_name
|
context
release_name
do
include_examples
'parse cluster applications artifact'
,
release_name
end
end
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录