Add latest changes from gitlab-org/gitlab@master

af969ba2 · GitLab Bot · 2f5731cf · af969ba2 · af969ba2 · af969ba2
10 changed file
--- a/app/assets/javascripts/prometheus_alerts/components/reset_key.vue
+++ b/app/assets/javascripts/prometheus_alerts/components/reset_key.vue
 <script>
-import {
-  GlDeprecatedButton,
-  GlFormGroup,
-  GlFormInput,
-  GlModal,
-  GlModalDirective,
-} from '@gitlab/ui';
+import { GlButton, GlFormGroup, GlFormInput, GlModal, GlModalDirective } from '@gitlab/ui';
 import ClipboardButton from '~/vue_shared/components/clipboard_button.vue';
 import axios from '~/lib/utils/axios_utils';
 import { __, sprintf } from '~/locale';
@@ -14,7 +8,7 @@ import createFlash from '~/flash';
 export default {
  copyToClipboard: __('Copy'),
  components: {
-    GlDeprecatedButton,
+    GlButton,
    GlFormGroup,
    GlFormInput,
    GlModal,
@@ -131,20 +125,13 @@ export default {
            )
          }}
        </gl-modal>
-        <gl-deprecated-button
-          v-gl-modal.authKeyModal
-          class="js-reset-auth-key"
-          :disabled="disabled"
-          >{{ __('Reset key') }}</gl-deprecated-button
-        >
+        <gl-button v-gl-modal.authKeyModal class="js-reset-auth-key" :disabled="disabled">{{
+          __('Reset key')
+        }}</gl-button>
      </template>
-      <gl-deprecated-button
-        v-else
-        :disabled="disabled"
-        class="js-reset-auth-key"
-        @click="resetKey"
-        >{{ __('Generate key') }}</gl-deprecated-button
-      >
+      <gl-button v-else :disabled="disabled" class="js-reset-auth-key" @click="resetKey">{{
+        __('Generate key')
+      }}</gl-button>
    </div>
  </div>
 </template>
--- a/app/models/ci/pipeline_artifact.rb
+++ b/app/models/ci/pipeline_artifact.rb
@@ -6,6 +6,7 @@ module Ci
  class PipelineArtifact < ApplicationRecord
    extend Gitlab::Ci::Model
    include Artifactable
+    include FileStoreMounter

    FILE_STORE_SUPPORTED = [
      ObjectStorage::Store::LOCAL,
@@ -22,9 +23,8 @@ module Ci
    validates :size, presence: true, numericality: { less_than_or_equal_to: FILE_SIZE_LIMIT }
    validates :file_type, presence: true

-    mount_uploader :file, Ci::PipelineArtifactUploader
+    mount_file_store_uploader Ci::PipelineArtifactUploader
    before_save :set_size, if: :file_changed?
-    after_save :update_file_store, if: :saved_change_to_file?

    enum file_type: {
      code_coverage: 1
@@ -33,11 +33,5 @@ module Ci
    def set_size
      self.size = file.size
    end
-
-    def update_file_store
-      # The file.object_store is set during `uploader.store!`
-      # which happens after object is inserted/updated
-      self.update_column(:file_store, file.object_store)
-    end
  end
 end
--- a/app/services/merge_requests/after_create_service.rb
+++ b/app/services/merge_requests/after_create_service.rb
@@ -14,3 +14,5 @@ module MergeRequests
    end
  end
 end
+
+MergeRequests::AfterCreateService.prepend_if_ee('EE::MergeRequests::AfterCreateService')
--- a/doc/api/scim.md
+++ b/doc/api/scim.md
@@ -35,7 +35,7 @@ Pagination follows the [SCIM spec](https://tools.ietf.org/html/rfc7644#section-3
 Example request:

 ```shell
-curl 'https://example.gitlab.com/api/scim/v2/groups/test_group/Users?filter=id%20eq%20"0b1d561c-21ff-4092-beab-8154b17f82f2"' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
+curl 'https://gitlab.example.com/api/scim/v2/groups/test_group/Users?filter=id%20eq%20"0b1d561c-21ff-4092-beab-8154b17f82f2"' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
 ```

 Example response:
@@ -86,7 +86,7 @@ Parameters:
 Example request:

 ```shell
-curl "https://example.gitlab.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
+curl "https://gitlab.example.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
 ```

 Example response:
@@ -130,7 +130,7 @@ Parameters:
 Example request:

 ```shell
-curl --verbose --request POST "https://example.gitlab.com/api/scim/v2/groups/test_group/Users" --data '{"externalId":"test_uid","active":null,"userName":"username","emails":[{"primary":true,"type":"work","value":"name@example.com"}],"name":{"formatted":"Test User","familyName":"User","givenName":"Test"},"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],"meta":{"resourceType":"User"}}' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
+curl --verbose --request POST "https://gitlab.example.com/api/scim/v2/groups/test_group/Users" --data '{"externalId":"test_uid","active":null,"userName":"username","emails":[{"primary":true,"type":"work","value":"name@example.com"}],"name":{"formatted":"Test User","familyName":"User","givenName":"Test"},"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],"meta":{"resourceType":"User"}}' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
 ```

 Example response:
@@ -184,7 +184,7 @@ Parameters:
 Example request:

 ```shell
-curl --verbose --request PATCH "https://example.gitlab.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --data '{ "Operations": [{"op":"Add","path":"name.formatted","value":"New Name"}] }' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
+curl --verbose --request PATCH "https://gitlab.example.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --data '{ "Operations": [{"op":"Add","path":"name.formatted","value":"New Name"}] }' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
 ```

 Returns an empty response with a `204` status code if successful.
@@ -207,7 +207,7 @@ Parameters:
 Example request:

 ```shell
-curl --verbose --request DELETE "https://example.gitlab.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
+curl --verbose --request DELETE "https://gitlab.example.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"
 ```

 Returns an empty response with a `204` status code if successful.

--- a/doc/development/testing_guide/testing_migrations_guide.md
+++ b/doc/development/testing_guide/testing_migrations_guide.md
@@ -37,15 +37,37 @@ ensures proper isolation.

 To test an `ActiveRecord::Migration` class (i.e., a
 regular migration `db/migrate` or a post-migration `db/post_migrate`), you
-will need to manually `require` the migration file because it is not
-autoloaded with Rails. Example:
+will need to load the migration file by using the `require_migration!` helper
+method because it is not autoloaded by Rails.
+
+Example:

 ```ruby
-require Rails.root.join('db', 'post_migrate', '20170526185842_migrate_pipeline_stages.rb')
+require 'spec_helper'
+
+require_migration!
+
+RSpec.describe ...
 ```

 ### Test helpers

+#### `require_migration!`
+
+Since the migration files are not autoloaded by Rails, you will need to manually
+load the migration file. To do so, you can use the `require_migration!` helper method
+which can automatically load the correct migration file based on the spec file name.
+
+For example, if your spec file is named as `populate_foo_column_spec.rb` then the
+helper method will try to load `${schema_version}_populate_foo_column.rb` migration file.
+
+In case there is no pattern between your spec file and the actual migration file,
+you can provide the migration file name without the schema version, like so:
+
+```ruby
+require_migration!('populate_foo_column')
+```
+
 #### `table`

 Use the `table` helper to create a temporary `ActiveRecord::Base`-derived model
@@ -110,7 +132,8 @@ migration. You can find the complete spec in

 ```ruby
 require 'spec_helper'
-require Rails.root.join('db', 'post_migrate', '20170526185842_migrate_pipeline_stages.rb')
+
+require_migration!

 RSpec.describe MigratePipelineStages do
  # Create test data - pipeline and CI/CD jobs.

--- a/doc/user/infrastructure/index.md
+++ b/doc/user/infrastructure/index.md
@@ -190,6 +190,12 @@ and the CI YAML file:

 The output from the above `terraform` commands should be viewable in the job logs.

+CAUTION: **Caution:**
+Like any other job artifact, Terraform plan data is [viewable by anyone with Guest access](../permissions.md) to the repository.
+Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform plan
+includes sensitive data such as passwords, access tokens, or certificates, GitLab strongly
+recommends encrypting plan output or modifying the project visibility settings.
+
 ## Example project

 See [this reference project](https://gitlab.com/nicholasklick/gitlab-terraform-aws) using GitLab and Terraform to deploy a basic AWS EC2 within a custom VPC.

--- a/scripts/review_apps/review-apps.sh
+++ b/scripts/review_apps/review-apps.sh
@@ -147,9 +147,9 @@ function disable_sign_ups() {
  run_task "${ruby_cmd}"

  # Disable sign-ups
-  curl  --silent --show-error --request PUT --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" "${CI_ENVIRONMENT_URL}/api/v4/application/settings?signup_enabled=false"
+  retry 'curl --silent --show-error --request PUT --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" "${CI_ENVIRONMENT_URL}/api/v4/application/settings?signup_enabled=false"'

-  local signup_enabled=$(curl --silent --show-error --request GET --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" "${CI_ENVIRONMENT_URL}/api/v4/application/settings" | jq ".signup_enabled")
+  local signup_enabled=$(retry 'curl --silent --show-error --request GET --header "PRIVATE-TOKEN: ${REVIEW_APPS_ROOT_TOKEN}" "${CI_ENVIRONMENT_URL}/api/v4/application/settings" | jq ".signup_enabled"')
  if [[ "${signup_enabled}" == "false" ]]; then
    echoinfo "Sign-ups have been disabled successfully."
  else

--- a/spec/finders/todos_finder_spec.rb
+++ b/spec/finders/todos_finder_spec.rb
@@ -4,14 +4,14 @@ require 'spec_helper'

 RSpec.describe TodosFinder do
  describe '#execute' do
-    let(:user) { create(:user) }
-    let(:group) { create(:group) }
-    let(:project) { create(:project, namespace: group) }
-    let(:issue) { create(:issue, project: project) }
-    let(:merge_request) { create(:merge_request, source_project: project) }
+    let_it_be(:user) { create(:user) }
+    let_it_be(:group) { create(:group) }
+    let_it_be(:project) { create(:project, :repository, namespace: group) }
+    let_it_be(:issue) { create(:issue, project: project) }
+    let_it_be(:merge_request) { create(:merge_request, source_project: project) }
    let(:finder) { described_class }

-    before do
+    before_all do
      group.add_developer(user)
    end

@@ -89,8 +89,6 @@ RSpec.describe TodosFinder do
          end

          it 'raises an argument error when invalid type is passed' do
-            create(:todo, user: user, group: group, target: create(:design))
-
            todos_finder = finder.new(user, { type: %w[Issue MergeRequest NotAValidType] })

            expect { todos_finder.execute }.to raise_error(ArgumentError)
@@ -131,8 +129,8 @@ RSpec.describe TodosFinder do
        end

        context 'when filtering by author' do
-          let(:author1) { create(:user) }
-          let(:author2) { create(:user) }
+          let_it_be(:author1) { create(:user) }
+          let_it_be(:author2) { create(:user) }

          let!(:todo1) { create(:todo, user: user, author: author1) }
          let!(:todo2) { create(:todo, user: user, author: author2) }
@@ -154,7 +152,7 @@ RSpec.describe TodosFinder do

        context 'by groups' do
          context 'with subgroups' do
-            let(:subgroup) { create(:group, parent: group) }
+            let_it_be(:subgroup) { create(:group, parent: group) }
            let!(:todo3) { create(:todo, user: user, group: subgroup, target: issue) }

            it 'returns todos from subgroups when filtered by a group' do
@@ -167,17 +165,14 @@ RSpec.describe TodosFinder do
          context 'filtering for multiple groups' do
            let_it_be(:group2) { create(:group) }
            let_it_be(:group3) { create(:group) }
+            let_it_be(:subgroup1) { create(:group, parent: group) }
+            let_it_be(:subgroup2) { create(:group, parent: group2) }

            let!(:todo1) { create(:todo, user: user, project: project, target: issue) }
            let!(:todo2) { create(:todo, user: user, group: group, target: merge_request) }
            let!(:todo3) { create(:todo, user: user, group: group2, target: merge_request) }
-
-            let(:subgroup1) { create(:group, parent: group) }
            let!(:todo4) { create(:todo, user: user, group: subgroup1, target: issue) }
-
-            let(:subgroup2) { create(:group, parent: group2) }
            let!(:todo5) { create(:todo, user: user, group: subgroup2, target: issue) }
-
            let!(:todo6) { create(:todo, user: user, group: group3, target: issue) }

            it 'returns the expected groups' do

--- a/spec/models/ci/pipeline_artifact_spec.rb
+++ b/spec/models/ci/pipeline_artifact_spec.rb
@@ -66,10 +66,16 @@ RSpec.describe Ci::PipelineArtifact, type: :model do
    subject { create(:ci_pipeline_artifact) }

    context 'when existing object has local store' do
-      it 'is stored locally' do
-        expect(subject.file_store).to be(ObjectStorage::Store::LOCAL)
-        expect(subject.file).to be_file_storage
-        expect(subject.file.object_store).to eq(ObjectStorage::Store::LOCAL)
+      it_behaves_like 'mounted file in local store'
+    end
+
+    context 'when direct upload is enabled' do
+      before do
+        stub_artifacts_object_storage(Ci::PipelineArtifactUploader, direct_upload: true)
+      end
+
+      context 'when file is stored' do
+        it_behaves_like 'mounted file in object store'
      end
    end
  end

--- a/spec/support/helpers/require_migration.rb
+++ b/spec/support/helpers/require_migration.rb
+# frozen_string_literal: true
+
+require 'find'
+
+class RequireMigration
+  MIGRATION_FOLDERS = %w(db/migrate db/post_migrate ee/db/geo/migrate ee/db/geo/post_migrate).freeze
+  SPEC_FILE_PATTERN = /.+\/(?<file_name>.+)_spec\.rb/.freeze
+
+  class << self
+    def require_migration!(file_name)
+      file_paths = search_migration_file(file_name)
+
+      require file_paths.first
+    end
+
+    def search_migration_file(file_name)
+      MIGRATION_FOLDERS.flat_map do |path|
+        migration_path = Rails.root.join(path).to_s
+
+        Find.find(migration_path).grep(/\d+_#{file_name}\.rb/)
+      end
+    end
+  end
+end
+
+def require_migration!(file_name = nil)
+  location_info = caller_locations.first.path.match(RequireMigration::SPEC_FILE_PATTERN)
+  file_name ||= location_info[:file_name]
+
+  RequireMigration.require_migration!(file_name)
+end