Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
89eff770
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
89eff770
编写于
8月 18, 2020
作者:
G
GitLab Bot
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add latest changes from gitlab-org/gitlab@master
上级
681ca59b
变更
34
隐藏空白更改
内联
并排
Showing
34 changed file
with
325 addition
and
345 deletion
+325
-345
app/assets/javascripts/monitoring/components/charts/time_series.vue
.../javascripts/monitoring/components/charts/time_series.vue
+1
-2
app/graphql/resolvers/ci_configuration/sast_resolver.rb
app/graphql/resolvers/ci_configuration/sast_resolver.rb
+0
-17
app/graphql/resolvers/project_pipeline_resolver.rb
app/graphql/resolvers/project_pipeline_resolver.rb
+1
-1
app/graphql/types/ci/pipeline_config_source_enum.rb
app/graphql/types/ci/pipeline_config_source_enum.rb
+11
-0
app/graphql/types/ci/pipeline_type.rb
app/graphql/types/ci/pipeline_type.rb
+2
-0
app/graphql/types/ci_configuration/sast/analyzers_entity_type.rb
...phql/types/ci_configuration/sast/analyzers_entity_type.rb
+0
-25
app/graphql/types/ci_configuration/sast/entity_type.rb
app/graphql/types/ci_configuration/sast/entity_type.rb
+0
-34
app/graphql/types/ci_configuration/sast/options_entity_type.rb
...raphql/types/ci_configuration/sast/options_entity_type.rb
+0
-19
app/graphql/types/ci_configuration/sast/type.rb
app/graphql/types/ci_configuration/sast/type.rb
+0
-22
app/graphql/types/project_type.rb
app/graphql/types/project_type.rb
+0
-4
app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
...mas/security_ci_configuration_schemas/sast_ui_schema.json
+18
-58
changelogs/unreleased/229914-remove-constraint-on-audit-event-type.yml
...released/229914-remove-constraint-on-audit-event-type.yml
+5
-0
changelogs/unreleased/null-pipeline-in-graphql-response-224687.yml
...s/unreleased/null-pipeline-in-graphql-response-224687.yml
+5
-0
db/migrate/20200811055018_remove_not_null_constraint_on_type_from_audit_events.rb
...8_remove_not_null_constraint_on_type_from_audit_events.rb
+27
-0
db/schema_migrations/20200811055018
db/schema_migrations/20200811055018
+1
-0
db/structure.sql
db/structure.sql
+2
-2
doc/api/graphql/reference/gitlab_schema.graphql
doc/api/graphql/reference/gitlab_schema.graphql
+18
-0
doc/api/graphql/reference/gitlab_schema.json
doc/api/graphql/reference/gitlab_schema.json
+73
-0
doc/api/graphql/reference/index.md
doc/api/graphql/reference/index.md
+1
-0
lib/gitlab/usage_data.rb
lib/gitlab/usage_data.rb
+4
-0
rubocop/cop/usage_data/distinct_count_by_large_foreign_key.rb
...cop/cop/usage_data/distinct_count_by_large_foreign_key.rb
+43
-0
rubocop/rubocop-usage-data.yml
rubocop/rubocop-usage-data.yml
+13
-0
spec/graphql/resolvers/ci_configuration/sast_resolver_spec.rb
.../graphql/resolvers/ci_configuration/sast_resolver_spec.rb
+0
-28
spec/graphql/resolvers/project_pipeline_resolver_spec.rb
spec/graphql/resolvers/project_pipeline_resolver_spec.rb
+17
-0
spec/graphql/types/ci_configuration/sast/analyzers_entity_type_spec.rb
...types/ci_configuration/sast/analyzers_entity_type_spec.rb
+0
-11
spec/graphql/types/ci_configuration/sast/entity_type_spec.rb
spec/graphql/types/ci_configuration/sast/entity_type_spec.rb
+0
-11
spec/graphql/types/ci_configuration/sast/options_entity_spec.rb
...raphql/types/ci_configuration/sast/options_entity_spec.rb
+0
-11
spec/graphql/types/ci_configuration/sast/type_spec.rb
spec/graphql/types/ci_configuration/sast/type_spec.rb
+0
-11
spec/graphql/types/project_type_spec.rb
spec/graphql/types/project_type_spec.rb
+1
-89
spec/models/audit_event_partitioned_spec.rb
spec/models/audit_event_partitioned_spec.rb
+16
-0
spec/requests/api/graphql/project/pipeline_spec.rb
spec/requests/api/graphql/project/pipeline_spec.rb
+6
-0
spec/rubocop/cop/usage_data/distinct_count_by_large_foreign_key_spec.rb
...op/usage_data/distinct_count_by_large_foreign_key_spec.rb
+38
-0
spec/support/gitlab_stubs/gitlab_ci_for_sast.yml
spec/support/gitlab_stubs/gitlab_ci_for_sast.yml
+13
-0
spec/support/shared_contexts/read_ci_configuration_shared_context.rb
...t/shared_contexts/read_ci_configuration_shared_context.rb
+9
-0
未找到文件。
app/assets/javascripts/monitoring/components/charts/time_series.vue
浏览文件 @
89eff770
<
script
>
import
{
isEmpty
,
omit
,
throttle
}
from
'
lodash
'
;
import
{
GlLink
,
Gl
DeprecatedButton
,
Gl
Tooltip
,
GlResizeObserverDirective
}
from
'
@gitlab/ui
'
;
import
{
GlLink
,
GlTooltip
,
GlResizeObserverDirective
}
from
'
@gitlab/ui
'
;
import
{
GlAreaChart
,
GlLineChart
,
GlChartSeriesLabel
}
from
'
@gitlab/ui/dist/charts
'
;
import
{
s__
}
from
'
~/locale
'
;
import
{
getSvgIconPathContent
}
from
'
~/lib/utils/icon_utils
'
;
...
...
@@ -25,7 +25,6 @@ export default {
GlAreaChart
,
GlLineChart
,
GlTooltip
,
GlDeprecatedButton
,
GlChartSeriesLabel
,
GlLink
,
Icon
,
...
...
app/graphql/resolvers/ci_configuration/sast_resolver.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
require
"json"
module
Resolvers
module
CiConfiguration
class
SastResolver
<
BaseResolver
SAST_UI_SCHEMA_PATH
=
'app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json'
type
::
Types
::
CiConfiguration
::
Sast
::
Type
,
null:
true
def
resolve
(
**
args
)
Gitlab
::
Json
.
parse
(
File
.
read
(
Rails
.
root
.
join
(
SAST_UI_SCHEMA_PATH
)))
end
end
end
end
app/graphql/resolvers/project_pipeline_resolver.rb
浏览文件 @
89eff770
...
...
@@ -10,7 +10,7 @@ module Resolvers
def
resolve
(
iid
:)
BatchLoader
::
GraphQL
.
for
(
iid
).
batch
(
key:
project
)
do
|
iids
,
loader
,
args
|
args
[
:key
].
ci
_pipelines
.
for_iid
(
iids
).
each
{
|
pl
|
loader
.
call
(
pl
.
iid
.
to_s
,
pl
)
}
args
[
:key
].
all
_pipelines
.
for_iid
(
iids
).
each
{
|
pl
|
loader
.
call
(
pl
.
iid
.
to_s
,
pl
)
}
end
end
end
...
...
app/graphql/types/ci/pipeline_config_source_enum.rb
0 → 100644
浏览文件 @
89eff770
# frozen_string_literal: true
module
Types
module
Ci
class
PipelineConfigSourceEnum
<
BaseEnum
::
Ci
::
PipelineEnums
.
config_sources
.
keys
.
each
do
|
state_symbol
|
value
state_symbol
.
to_s
.
upcase
,
value:
state_symbol
.
to_s
end
end
end
end
app/graphql/types/ci/pipeline_type.rb
浏览文件 @
89eff770
...
...
@@ -25,6 +25,8 @@ module Types
field
:detailed_status
,
Types
::
Ci
::
DetailedStatusType
,
null:
false
,
description:
'Detailed status of the pipeline'
,
resolve:
->
(
obj
,
_args
,
ctx
)
{
obj
.
detailed_status
(
ctx
[
:current_user
])
}
field
:config_source
,
PipelineConfigSourceEnum
,
null:
true
,
description:
"Config source of the pipeline (
#{
::
Ci
::
PipelineEnums
.
config_sources
.
keys
.
join
(
', '
).
upcase
}
)"
field
:duration
,
GraphQL
::
INT_TYPE
,
null:
true
,
description:
'Duration of the pipeline in seconds'
field
:coverage
,
GraphQL
::
FLOAT_TYPE
,
null:
true
,
...
...
app/graphql/types/ci_configuration/sast/analyzers_entity_type.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
module
Types
module
CiConfiguration
module
Sast
# rubocop: disable Graphql/AuthorizeTypes
class
AnalyzersEntityType
<
BaseObject
graphql_name
'SastCiConfigurationAnalyzersEntity'
description
'Represents an analyzer entity in SAST CI configuration'
field
:name
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Name of the analyzer.'
field
:label
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Analyzer label used in the config UI.'
field
:enabled
,
GraphQL
::
BOOLEAN_TYPE
,
null:
true
,
description:
'Indicates whether an analyzer is enabled.'
field
:description
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Analyzer description that is displayed on the form.'
end
end
end
end
app/graphql/types/ci_configuration/sast/entity_type.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
module
Types
module
CiConfiguration
module
Sast
# rubocop: disable Graphql/AuthorizeTypes
class
EntityType
<
BaseObject
graphql_name
'SastCiConfigurationEntity'
description
'Represents an entity in SAST CI configuration'
field
:field
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'CI keyword of entity.'
field
:label
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Label for entity used in the form.'
field
:type
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Type of the field value.'
field
:options
,
::
Types
::
CiConfiguration
::
Sast
::
OptionsEntityType
.
connection_type
,
null:
true
,
description:
'Different possible values of the field.'
field
:default_value
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Default value that is used if value is empty.'
field
:description
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Entity description that is displayed on the form.'
field
:value
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Current value of the entity.'
end
end
end
end
app/graphql/types/ci_configuration/sast/options_entity_type.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
module
Types
module
CiConfiguration
module
Sast
# rubocop: disable Graphql/AuthorizeTypes
class
OptionsEntityType
<
BaseObject
graphql_name
'SastCiConfigurationOptionsEntity'
description
'Represents an entity for options in SAST CI configuration'
field
:label
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Label of option entity.'
field
:value
,
GraphQL
::
STRING_TYPE
,
null:
true
,
description:
'Value of option entity.'
end
end
end
end
app/graphql/types/ci_configuration/sast/type.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
module
Types
module
CiConfiguration
module
Sast
# rubocop: disable Graphql/AuthorizeTypes
class
Type
<
BaseObject
graphql_name
'SastCiConfiguration'
description
'Represents a CI configuration of SAST'
field
:global
,
::
Types
::
CiConfiguration
::
Sast
::
EntityType
.
connection_type
,
null:
true
,
description:
'List of global entities related to SAST configuration.'
field
:pipeline
,
::
Types
::
CiConfiguration
::
Sast
::
EntityType
.
connection_type
,
null:
true
,
description:
'List of pipeline entities related to SAST configuration.'
field
:analyzers
,
::
Types
::
CiConfiguration
::
Sast
::
AnalyzersEntityType
.
connection_type
,
null:
true
,
description:
'List of analyzers entities attached to SAST configuration.'
end
end
end
end
app/graphql/types/project_type.rb
浏览文件 @
89eff770
...
...
@@ -175,10 +175,6 @@ module Types
description:
'A single environment of the project'
,
resolver:
Resolvers
::
EnvironmentsResolver
.
single
field
:sast_ci_configuration
,
::
Types
::
CiConfiguration
::
Sast
::
Type
,
null:
true
,
description:
'SAST CI configuration for the project'
,
resolver:
::
Resolvers
::
CiConfiguration
::
SastResolver
field
:issue
,
Types
::
IssueType
,
null:
true
,
...
...
app/validators/json_schemas/security_ci_configuration_schemas/sast_ui_schema.json
浏览文件 @
89eff770
...
...
@@ -4,83 +4,43 @@
"field"
:
"SECURE_ANALYZERS_PREFIX"
,
"label"
:
"Image prefix"
,
"type"
:
"string"
,
"default_value"
:
"registry.gitlab.com/gitlab-org/security-products/analyzers"
,
"value"
:
""
"default_value"
:
""
,
"value"
:
""
,
"description"
:
"Analyzer image's registry prefix (or Name of the registry providing the analyzers' image)"
},
{
"field"
:
"SAST_EXCLUDED_PATHS"
,
"label"
:
"Excluded Paths"
,
"type"
:
"string"
,
"default_value"
:
"spec, test, tests, tmp"
,
"value"
:
""
"default_value"
:
""
,
"value"
:
""
,
"description"
:
"Comma-separated list of paths to be excluded from analyzer output. Patterns can be globs, file paths, or folder paths."
},
{
"field"
:
"SAST_ANALYZER_IMAGE_TAG"
,
"label"
:
"Image tag"
,
"type"
:
"string"
,
"options"
:
[],
"default_value"
:
"2"
,
"value"
:
""
},
{
"field"
:
"SAST_DISABLED"
,
"label"
:
"Disable SAST"
,
"type"
:
"options"
,
"options"
:
[
{
"value"
:
"true"
,
"label"
:
"true (disables SAST)"
},
{
"value"
:
"false"
,
"label"
:
"false (enables SAST)"
}
],
"default_value"
:
"false"
,
"value"
:
""
"default_value"
:
""
,
"value"
:
""
,
"description"
:
"Analyzer image's tag"
}
],
"pipeline"
:
[
{
"field"
:
"stage"
,
"label"
:
"Stage"
,
"type"
:
"dropdown"
,
"options"
:
[
{
"value"
:
"test"
,
"label"
:
"test"
},
{
"value"
:
"build"
,
"label"
:
"build"
}
],
"default_value"
:
"test"
,
"value"
:
""
},
{
"field"
:
"allow_failure"
,
"label"
:
"Allow Failure"
,
"type"
:
"options"
,
"options"
:
[
{
"value"
:
"true"
,
"label"
:
"Allows pipeline failure"
},
{
"value"
:
"false"
,
"label"
:
"Does not allow pipeline failure"
}
],
"default_value"
:
"true"
,
"value"
:
""
"type"
:
"string"
,
"default_value"
:
""
,
"value"
:
""
,
"description"
:
"Pipeline stage in which the scan jobs run"
},
{
"field"
:
"
rules
"
,
"label"
:
"
Rules
"
,
"type"
:
"
multiline
"
,
"field"
:
"
SEARCH_MAX_DEPTH
"
,
"label"
:
"
Search maximum depth
"
,
"type"
:
"
string
"
,
"default_value"
:
""
,
"value"
:
""
"value"
:
""
,
"description"
:
"Maximum depth of language and framework detection"
}
],
"analyzers"
:
[
...
...
changelogs/unreleased/229914-remove-constraint-on-audit-event-type.yml
0 → 100644
浏览文件 @
89eff770
---
title
:
Remove not-null constraint on type column in audit_events
merge_request
:
39192
author
:
type
:
other
changelogs/unreleased/null-pipeline-in-graphql-response-224687.yml
0 → 100644
浏览文件 @
89eff770
---
title
:
Allow GraphQL pipeline to resolve non-CI pipelines and expose configSource field
merge_request
:
39275
author
:
type
:
added
db/migrate/20200811055018_remove_not_null_constraint_on_type_from_audit_events.rb
0 → 100644
浏览文件 @
89eff770
# frozen_string_literal: true
class
RemoveNotNullConstraintOnTypeFromAuditEvents
<
ActiveRecord
::
Migration
[
6.0
]
include
Gitlab
::
Database
::
MigrationHelpers
DOWNTIME
=
false
disable_ddl_transaction!
# rubocop:disable Migration/WithLockRetriesDisallowedMethod
# To avoid deadlock on audit_event and audit_event_part... since there is a trigger to insert record from audit_events
# to audit_events_part..., we need to ensure each ALTER TABLE command run in its own transaction.
def
up
with_lock_retries
do
change_column_null
:audit_events_part_5fc467ac26
,
:type
,
true
end
with_lock_retries
do
change_column_null
:audit_events
,
:type
,
true
end
end
# rubocop:enable Migration/WithLockRetriesDisallowedMethod
def
down
# no-op -- null values might be added after this constraint is removed.
end
end
db/schema_migrations/20200811055018
0 → 100644
浏览文件 @
89eff770
b7477fbcba166d848e3b1bd7f4a184f50f3b2fafe80bfcf44fd6f4f9979ffcb7
\ No newline at end of file
db/structure.sql
浏览文件 @
89eff770
...
...
@@ -68,7 +68,7 @@ COMMENT ON FUNCTION public.table_sync_function_2be879775d() IS 'Partitioning mig
CREATE TABLE public.audit_events_part_5fc467ac26 (
id bigint NOT NULL,
author_id integer NOT NULL,
type character varying
NOT NULL
,
type character varying,
entity_id integer NOT NULL,
entity_type character varying NOT NULL,
details text,
...
...
@@ -9466,7 +9466,7 @@ CREATE TABLE public.ar_internal_metadata (
CREATE TABLE public.audit_events (
id integer NOT NULL,
author_id integer NOT NULL,
type character varying
NOT NULL
,
type character varying,
entity_id integer NOT NULL,
entity_type character varying NOT NULL,
details text,
...
...
doc/api/graphql/reference/gitlab_schema.graphql
浏览文件 @
89eff770
...
...
@@ -10261,6 +10261,13 @@ type Pipeline {
"""
committedAt
:
Time
"""
Config
source
of
the
pipeline
(
UNKNOWN_SOURCE
,
REPOSITORY_SOURCE
,
AUTO_DEVOPS_SOURCE
,
WEBIDE_SOURCE
,
REMOTE_SOURCE
,
EXTERNAL_PROJECT_SOURCE
,
BRIDGE_SOURCE
,
PARAMETER_SOURCE
)
"""
configSource
:
PipelineConfigSourceEnum
"""
Coverage
percentage
"""
...
...
@@ -10353,6 +10360,17 @@ type Pipeline {
userPermissions
:
PipelinePermissions
!
}
enum
PipelineConfigSourceEnum
{
AUTO_DEVOPS_SOURCE
BRIDGE_SOURCE
EXTERNAL_PROJECT_SOURCE
PARAMETER_SOURCE
REMOTE_SOURCE
REPOSITORY_SOURCE
UNKNOWN_SOURCE
WEBIDE_SOURCE
}
"""
The connection type for Pipeline.
"""
...
...
doc/api/graphql/reference/gitlab_schema.json
浏览文件 @
89eff770
...
...
@@ -30652,6 +30652,20 @@
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "configSource",
"description": "Config source of the pipeline (UNKNOWN_SOURCE, REPOSITORY_SOURCE, AUTO_DEVOPS_SOURCE, WEBIDE_SOURCE, REMOTE_SOURCE, EXTERNAL_PROJECT_SOURCE, BRIDGE_SOURCE, PARAMETER_SOURCE)",
"args": [
],
"type": {
"kind": "ENUM",
"name": "PipelineConfigSourceEnum",
"ofType": null
},
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "coverage",
"description": "Coverage percentage",
...
...
@@ -30927,6 +30941,65 @@
"enumValues": null,
"possibleTypes": null
},
{
"kind": "ENUM",
"name": "PipelineConfigSourceEnum",
"description": null,
"fields": null,
"inputFields": null,
"interfaces": null,
"enumValues": [
{
"name": "UNKNOWN_SOURCE",
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "REPOSITORY_SOURCE",
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "AUTO_DEVOPS_SOURCE",
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "WEBIDE_SOURCE",
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "REMOTE_SOURCE",
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "EXTERNAL_PROJECT_SOURCE",
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "BRIDGE_SOURCE",
"description": null,
"isDeprecated": false,
"deprecationReason": null
},
{
"name": "PARAMETER_SOURCE",
"description": null,
"isDeprecated": false,
"deprecationReason": null
}
],
"possibleTypes": null
},
{
"kind": "OBJECT",
"name": "PipelineConnection",
doc/api/graphql/reference/index.md
浏览文件 @
89eff770
...
...
@@ -1571,6 +1571,7 @@ Information about pagination in a connection.
| --- | ---- | ---------- |
|
`beforeSha`
| String | Base SHA of the source branch |
|
`committedAt`
| Time | Timestamp of the pipeline's commit |
|
`configSource`
| PipelineConfigSourceEnum | Config source of the pipeline (UNKNOWN_SOURCE, REPOSITORY_SOURCE, AUTO_DEVOPS_SOURCE, WEBIDE_SOURCE, REMOTE_SOURCE, EXTERNAL_PROJECT_SOURCE, BRIDGE_SOURCE, PARAMETER_SOURCE) |
|
`coverage`
| Float | Coverage percentage |
|
`createdAt`
| Time! | Timestamp of the pipeline's creation |
|
`detailedStatus`
| DetailedStatus! | Detailed status of the pipeline |
...
...
lib/gitlab/usage_data.rb
浏览文件 @
89eff770
...
...
@@ -306,6 +306,7 @@ module Gitlab
Gitlab
::
UsageData
::
Topology
.
new
.
topology_usage_data
end
# rubocop: disable UsageData/DistinctCountByLargeForeignKey
def
ingress_modsecurity_usage
##
# This method measures usage of the Modsecurity Web Application Firewall across the entire
...
...
@@ -326,6 +327,7 @@ module Gitlab
ingress_modsecurity_not_installed:
distinct_count
(
successful_deployments_with_cluster
(
::
Clusters
::
Applications
::
Ingress
.
modsecurity_not_installed
),
column
)
}
end
# rubocop: enable UsageData/DistinctCountByLargeForeignKey
# rubocop: disable CodeReuse/ActiveRecord
def
container_expiration_policies_usage
...
...
@@ -729,9 +731,11 @@ module Gitlab
end
# rubocop: disable CodeReuse/ActiveRecord
# rubocop: disable UsageData/DistinctCountByLargeForeignKey
def
cluster_applications_user_distinct_count
(
applications
,
time_period
)
distinct_count
(
applications
.
where
(
time_period
).
available
.
joins
(
:cluster
),
'clusters.user_id'
)
end
# rubocop: enable UsageData/DistinctCountByLargeForeignKey
def
clusters_user_distinct_count
(
clusters
,
time_period
)
distinct_count
(
clusters
.
where
(
time_period
),
:user_id
)
...
...
rubocop/cop/usage_data/distinct_count_by_large_foreign_key.rb
0 → 100644
浏览文件 @
89eff770
# frozen_string_literal: true
module
RuboCop
module
Cop
module
UsageData
# Allows counts only for selected tables' foreign keys for `distinct_count` method.
#
# Because distinct_counts over large tables' foreign keys will take a long time
#
# @example
#
# # bad because pipeline_id points to a large table
# distinct_count(Ci::Build, :commit_id)
#
class
DistinctCountByLargeForeignKey
<
RuboCop
::
Cop
::
Cop
MSG
=
'Avoid doing `%s` for large foreign keys.'
.
freeze
def_node_matcher
:distinct_count?
,
<<-
PATTERN
(send _ $:distinct_count $...)
PATTERN
def
on_send
(
node
)
distinct_count?
(
node
)
do
|
method_name
,
method_arguments
|
next
unless
method_arguments
&&
method_arguments
.
length
>=
2
next
if
allowed_foreign_key?
(
method_arguments
[
1
])
add_offense
(
node
,
location: :selector
,
message:
format
(
MSG
,
method_name
))
end
end
private
def
allowed_foreign_key?
(
key
)
key
.
type
==
:sym
&&
allowed_foreign_keys
.
include?
(
key
.
value
)
end
def
allowed_foreign_keys
cop_config
[
'AllowedForeignKeys'
]
||
[]
end
end
end
end
end
rubocop/rubocop-usage-data.yml
浏览文件 @
89eff770
...
...
@@ -30,3 +30,16 @@ UsageData/LargeTable:
-
:arel_table
-
:minimum
-
:maximum
UsageData/DistinctCountByLargeForeignKey
:
Enabled
:
true
Include
:
-
'
lib/gitlab/usage_data.rb'
-
'
ee/lib/ee/gitlab/usage_data.rb'
AllowedForeignKeys
:
-
:user_id
-
:author_id
-
:creator_id
-
:owner_id
-
:project_id
-
:issue_id
-
:merge_request_id
spec/graphql/resolvers/ci_configuration/sast_resolver_spec.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
Resolvers
::
CiConfiguration
::
SastResolver
do
include
GraphqlHelpers
let_it_be
(
:user
)
{
create
(
:user
)
}
let_it_be
(
:project
)
{
create
(
:project
)
}
describe
'#resolve'
do
subject
(
:sast_config
)
{
resolve
(
described_class
,
ctx:
{
current_user:
user
},
obj:
project
)
}
it
'returns global variable informations related to SAST'
do
expect
(
sast_config
[
'global'
].
first
[
'field'
]).
to
eql
(
"SECURE_ANALYZERS_PREFIX"
)
expect
(
sast_config
[
'global'
].
first
[
'label'
]).
to
eql
(
"Image prefix"
)
expect
(
sast_config
[
'global'
].
first
[
'type'
]).
to
eql
(
"string"
)
expect
(
sast_config
[
'pipeline'
].
first
[
'field'
]).
to
eql
(
"stage"
)
expect
(
sast_config
[
'pipeline'
].
first
[
'label'
]).
to
eql
(
"Stage"
)
expect
(
sast_config
[
'pipeline'
].
first
[
'type'
]).
to
eql
(
"dropdown"
)
expect
(
sast_config
[
'analyzers'
].
first
[
'name'
]).
to
eql
(
"brakeman"
)
expect
(
sast_config
[
'analyzers'
].
first
[
'label'
]).
to
eql
(
"Brakeman"
)
expect
(
sast_config
[
'analyzers'
].
first
[
'enabled'
]).
to
be
true
end
end
end
spec/graphql/resolvers/project_pipeline_resolver_spec.rb
浏览文件 @
89eff770
...
...
@@ -33,4 +33,21 @@ RSpec.describe Resolvers::ProjectPipelineResolver do
it
'errors when no iid is passed'
do
expect
{
resolve_pipeline
(
project
,
{})
}.
to
raise_error
(
ArgumentError
)
end
context
'when the pipeline is not a ci_config_source'
do
let
(
:pipeline
)
do
config_source_value
=
Ci
::
PipelineEnums
.
non_ci_config_source_values
.
first
config_source
=
Ci
::
PipelineEnums
.
config_sources
.
key
(
config_source_value
)
create
(
:ci_pipeline
,
config_source:
config_source
,
project:
project
)
end
it
'resolves pipeline for the passed iid'
do
result
=
batch_sync
do
resolve_pipeline
(
project
,
{
iid:
pipeline
.
iid
.
to_s
})
end
expect
(
result
).
to
eq
(
pipeline
)
end
end
end
spec/graphql/types/ci_configuration/sast/analyzers_entity_type_spec.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
GitlabSchema
.
types
[
'SastCiConfigurationAnalyzersEntity'
]
do
let
(
:fields
)
{
%i[name label enabled description]
}
it
{
expect
(
described_class
.
graphql_name
).
to
eq
(
'SastCiConfigurationAnalyzersEntity'
)
}
it
{
expect
(
described_class
).
to
have_graphql_fields
(
fields
)
}
end
spec/graphql/types/ci_configuration/sast/entity_type_spec.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
GitlabSchema
.
types
[
'SastCiConfigurationEntity'
]
do
let
(
:fields
)
{
%i[field label description type options default_value value]
}
it
{
expect
(
described_class
.
graphql_name
).
to
eq
(
'SastCiConfigurationEntity'
)
}
it
{
expect
(
described_class
).
to
have_graphql_fields
(
fields
)
}
end
spec/graphql/types/ci_configuration/sast/options_entity_spec.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
GitlabSchema
.
types
[
'SastCiConfigurationOptionsEntity'
]
do
let
(
:fields
)
{
%i[label value]
}
it
{
expect
(
described_class
.
graphql_name
).
to
eq
(
'SastCiConfigurationOptionsEntity'
)
}
it
{
expect
(
described_class
).
to
have_graphql_fields
(
fields
)
}
end
spec/graphql/types/ci_configuration/sast/type_spec.rb
已删除
100644 → 0
浏览文件 @
681ca59b
# frozen_string_literal: true
require
'spec_helper'
RSpec
.
describe
GitlabSchema
.
types
[
'SastCiConfiguration'
]
do
let
(
:fields
)
{
%i[global pipeline analyzers]
}
it
{
expect
(
described_class
.
graphql_name
).
to
eq
(
'SastCiConfiguration'
)
}
it
{
expect
(
described_class
).
to
have_graphql_fields
(
fields
)
}
end
spec/graphql/types/project_type_spec.rb
浏览文件 @
89eff770
...
...
@@ -26,7 +26,7 @@ RSpec.describe GitlabSchema.types['Project'] do
grafanaIntegration autocloseReferencedIssues suggestion_commit_message environments
environment boards jira_import_status jira_imports services releases release
alert_management_alerts alert_management_alert alert_management_alert_status_counts
container_expiration_policy s
ast_ci_configuration s
ervice_desk_enabled service_desk_address
container_expiration_policy service_desk_enabled service_desk_address
issue_status_counts
]
...
...
@@ -150,93 +150,5 @@ RSpec.describe GitlabSchema.types['Project'] do
it
{
is_expected
.
to
have_graphql_type
(
Types
::
ContainerExpirationPolicyType
)
}
end
describe
'sast_ci_configuration'
do
let_it_be
(
:project
)
{
create
(
:project
)
}
let_it_be
(
:user
)
{
create
(
:user
)
}
let_it_be
(
:query
)
do
%(
query {
project(fullPath: "#{project.full_path}") {
sastCiConfiguration {
global {
nodes {
type
options {
nodes {
label
value
}
}
field
label
defaultValue
value
}
}
pipeline {
nodes {
type
options {
nodes {
label
value
}
}
field
label
defaultValue
value
}
}
analyzers {
nodes {
name
label
enabled
}
}
}
}
}
)
end
subject
{
GitlabSchema
.
execute
(
query
,
context:
{
current_user:
user
}).
as_json
}
before
do
project
.
add_developer
(
user
)
end
it
"returns the project's sast configuration for global variables"
do
query_result
=
subject
.
dig
(
'data'
,
'project'
,
'sastCiConfiguration'
,
'global'
,
'nodes'
)
first_config
=
query_result
.
first
fourth_config
=
query_result
[
3
]
expect
(
first_config
[
'type'
]).
to
eq
(
'string'
)
expect
(
first_config
[
'field'
]).
to
eq
(
'SECURE_ANALYZERS_PREFIX'
)
expect
(
first_config
[
'label'
]).
to
eq
(
'Image prefix'
)
expect
(
first_config
[
'defaultValue'
]).
to
eq
(
'registry.gitlab.com/gitlab-org/security-products/analyzers'
)
expect
(
first_config
[
'value'
]).
to
eq
(
''
)
expect
(
first_config
[
'options'
]).
to
be_nil
expect
(
fourth_config
[
'options'
][
'nodes'
]).
to
match
([{
"value"
=>
"true"
,
"label"
=>
"true (disables SAST)"
},
{
"value"
=>
"false"
,
"label"
=>
"false (enables SAST)"
}])
end
it
"returns the project's sast configuration for pipeline variables"
do
configuration
=
subject
.
dig
(
'data'
,
'project'
,
'sastCiConfiguration'
,
'pipeline'
,
'nodes'
).
first
expect
(
configuration
[
'type'
]).
to
eq
(
'dropdown'
)
expect
(
configuration
[
'field'
]).
to
eq
(
'stage'
)
expect
(
configuration
[
'label'
]).
to
eq
(
'Stage'
)
expect
(
configuration
[
'defaultValue'
]).
to
eq
(
'test'
)
expect
(
configuration
[
'value'
]).
to
eq
(
''
)
end
it
"returns the project's sast configuration for analyzer variables"
do
configuration
=
subject
.
dig
(
'data'
,
'project'
,
'sastCiConfiguration'
,
'analyzers'
,
'nodes'
).
first
expect
(
configuration
[
'name'
]).
to
eq
(
'brakeman'
)
expect
(
configuration
[
'label'
]).
to
eq
(
'Brakeman'
)
expect
(
configuration
[
'enabled'
]).
to
eq
(
true
)
end
end
it_behaves_like
'a GraphQL type with labels'
end
spec/models/audit_event_partitioned_spec.rb
浏览文件 @
89eff770
...
...
@@ -10,6 +10,13 @@ RSpec.describe AuditEventPartitioned do
expect
(
partitioned_table
.
column_names
).
to
match_array
(
source_table
.
column_names
)
end
it
'has the same null constraints as the source table'
do
constraints_from_source_table
=
null_constraints
(
source_table
)
constraints_from_partitioned_table
=
null_constraints
(
partitioned_table
)
expect
(
constraints_from_partitioned_table
.
to_a
).
to
match_array
(
constraints_from_source_table
.
to_a
)
end
it
'inserts the same record as the one in the source table'
,
:aggregate_failures
do
expect
{
create
(
:audit_event
)
}.
to
change
{
partitioned_table
.
count
}.
by
(
1
)
...
...
@@ -22,4 +29,13 @@ RSpec.describe AuditEventPartitioned do
expect
(
event_from_partitioned_table
).
to
eq
(
event_from_source_table
)
end
def
null_constraints
(
table
)
table
.
connection
.
select_all
(
<<~
SQL
)
SELECT c.column_name, c.is_nullable
FROM information_schema.columns c
WHERE c.table_name = '
#{
table
.
table_name
}
'
AND c.column_name != 'created_at'
SQL
end
end
spec/requests/api/graphql/project/pipeline_spec.rb
浏览文件 @
89eff770
...
...
@@ -29,4 +29,10 @@ RSpec.describe 'getting pipeline information nested in a project' do
expect
(
pipeline_graphql_data
).
not_to
be_nil
end
it
'contains configSource'
do
post_graphql
(
query
,
current_user:
current_user
)
expect
(
pipeline_graphql_data
.
dig
(
'configSource'
)).
to
eq
(
'UNKNOWN_SOURCE'
)
end
end
spec/rubocop/cop/usage_data/distinct_count_by_large_foreign_key_spec.rb
0 → 100644
浏览文件 @
89eff770
# frozen_string_literal: true
require
'fast_spec_helper'
require
'rubocop'
require
'rubocop/rspec/support'
require_relative
'../../../../rubocop/cop/usage_data/distinct_count_by_large_foreign_key'
RSpec
.
describe
RuboCop
::
Cop
::
UsageData
::
DistinctCountByLargeForeignKey
,
type: :rubocop
do
include
CopHelper
let
(
:allowed_foreign_keys
)
{
%i[author_id user_id]
}
let
(
:config
)
do
RuboCop
::
Config
.
new
(
'UsageData/DistinctCountByLargeForeignKey'
=>
{
'AllowedForeignKeys'
=>
allowed_foreign_keys
})
end
subject
(
:cop
)
{
described_class
.
new
(
config
)
}
context
'when counting by disallowed key'
do
it
'register an offence'
do
inspect_source
(
'distinct_count(Issue, :creator_id)'
)
expect
(
cop
.
offenses
.
size
).
to
eq
(
1
)
end
end
context
'when calling by allowed key'
do
it
'does not register an offence'
do
inspect_source
(
'distinct_count(Issue, :author_id)'
)
expect
(
cop
.
offenses
).
to
be_empty
end
end
end
spec/support/gitlab_stubs/gitlab_ci_for_sast.yml
0 → 100644
浏览文件 @
89eff770
include
:
-
template
:
SAST.gitlab-ci.yml
variables
:
SECURE_ANALYZERS_PREFIX
:
"
registry.gitlab.com/gitlab-org/security-products/analyzers2"
SAST_EXCLUDED_PATHS
:
"
spec,
executables"
stages
:
-
our_custom_security_stage
sast
:
stage
:
our_custom_security_stage
variables
:
SEARCH_MAX_DEPTH
:
8
spec/support/shared_contexts/read_ci_configuration_shared_context.rb
0 → 100644
浏览文件 @
89eff770
# frozen_string_literal: true
RSpec
.
shared_context
'read ci configuration for sast enabled project'
do
let_it_be
(
:gitlab_ci_yml_content
)
do
File
.
read
(
Rails
.
root
.
join
(
'spec/support/gitlab_stubs/gitlab_ci_for_sast.yml'
))
end
let_it_be
(
:project
)
{
create
(
:project
,
:repository
)
}
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录