Merge remote-tracking branch 'origin/master' into...

Merge remote-tracking branch 'origin/master' into 46487-add-support-for-jupyter-in-gitlab-via-kubernetes

Merge remote-tracking branch 'origin/master' into...
Merge remote-tracking branch 'origin/master' into 46487-add-support-for-jupyter-in-gitlab-via-kubernetes
22866a28 · Dmitriy Zaporozhets · 112bd853 · 99ac06df · 22866a28 · 22866a28
Commit 22866a28 authored May 30, 2018 by Dmitriy Zaporozhets
14 changed files
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -591,7 +591,7 @@ ee_compat_check:
  except:
    - master
    - tags
-    - /^[\d-]+-stable(-ee)?/
+    - /[\d-]+-stable(-ee)?/
    - /^security-/
    - branches@gitlab-org/gitlab-ee
    - branches@gitlab/gitlab-ee

--- a/Gemfile
+++ b/Gemfile
@@ -219,7 +219,7 @@ gem 'asana', '~> 0.6.0'
 gem 'ruby-fogbugz', '~> 0.2.1'

 # Kubernetes integration
-gem 'kubeclient', '~> 3.0'
+gem 'kubeclient', '~> 3.1.0'

 # Sanitize user input
 gem 'sanitize', '~> 2.0'

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -168,7 +168,7 @@ GEM
    diff-lcs (1.3)
    diffy (3.1.0)
    docile (1.1.5)
-    domain_name (0.5.20170404)
+    domain_name (0.5.20180417)
      unf (>= 0.0.5, < 1.0.0)
    doorkeeper (4.3.2)
      railties (>= 4.2)
@@ -446,9 +446,9 @@ GEM
    knapsack (1.16.0)
      rake
      timecop (>= 0.1.0)
-    kubeclient (3.0.0)
+    kubeclient (3.1.0)
      http (~> 2.2.2)
-      recursive-open-struct (~> 1.0.4)
+      recursive-open-struct (~> 1.0, >= 1.0.4)
      rest-client (~> 2.0)
    launchy (2.4.3)
      addressable (~> 2.3)
@@ -698,7 +698,7 @@ GEM
    re2 (1.1.1)
    recaptcha (3.0.0)
      json
-    recursive-open-struct (1.0.5)
+    recursive-open-struct (1.1.0)
    redcarpet (3.4.0)
    redis (3.3.5)
    redis-actionpack (5.0.2)
@@ -1067,7 +1067,7 @@ DEPENDENCIES
  jwt (~> 1.5.6)
  kaminari (~> 1.0)
  knapsack (~> 1.16)
-  kubeclient (~> 3.0)
+  kubeclient (~> 3.1.0)
  letter_opener_web (~> 1.3.0)
  license_finder (~> 3.1)
  licensee (~> 8.9)

--- a/app/controllers/groups/shared_projects_controller.rb
+++ b/app/controllers/groups/shared_projects_controller.rb
+module Groups
+  class SharedProjectsController < Groups::ApplicationController
+    respond_to :json
+    before_action :group
+    skip_cross_project_access_check :index
+
+    def index
+      shared_projects = GroupProjectsFinder.new(
+        group: group,
+        current_user: current_user,
+        params: finder_params,
+        options: { only_shared: true }
+      ).execute
+      serializer = GroupChildSerializer.new(current_user: current_user)
+                     .with_pagination(request, response)
+
+      render json: serializer.represent(shared_projects)
+    end
+
+    private
+
+    def finder_params
+      @finder_params ||= begin
+                           # Make the `search` param consistent for the frontend,
+                           # which will be using `filter`.
+                           params[:search] ||= params[:filter] if params[:filter]
+                           params.permit(:sort, :search)
+                         end
+    end
+  end
+end
--- a/app/models/service.rb
+++ b/app/models/service.rb
@@ -206,10 +206,11 @@ class Service < ActiveRecord::Base
    args.each do |arg|
      class_eval %{
        def #{arg}?
+          # '!!' is used because nil or empty string is converted to nil
          if Gitlab.rails5?
-            !ActiveModel::Type::Boolean::FALSE_VALUES.include?(#{arg})
+            !!ActiveRecord::Type::Boolean.new.cast(#{arg})
          else
-            ActiveRecord::ConnectionAdapters::Column::TRUE_VALUES.include?(#{arg})
+            !!ActiveRecord::Type::Boolean.new.type_cast_from_database(#{arg})
          end
        end
      }

--- a/app/serializers/group_child_entity.rb
+++ b/app/serializers/group_child_entity.rb
@@ -31,7 +31,7 @@ class GroupChildEntity < Grape::Entity
  end

  # Project only attributes
-  expose :star_count,
+  expose :star_count, :archived,
         if: lambda { |_instance, _options| project? }

  # Group only attributes

--- a/app/uploaders/object_storage.rb
+++ b/app/uploaders/object_storage.rb
@@ -11,6 +11,7 @@ module ObjectStorage
  ObjectStorageUnavailable = Class.new(StandardError)

  DIRECT_UPLOAD_TIMEOUT = 4.hours
+  DIRECT_UPLOAD_EXPIRE_OFFSET = 15.minutes
  TMP_UPLOAD_PATH = 'tmp/uploads'.freeze

  module Store
@@ -174,11 +175,12 @@ module ObjectStorage
        id = [CarrierWave.generate_cache_id, SecureRandom.hex].join('-')
        upload_path = File.join(TMP_UPLOAD_PATH, id)
        connection = ::Fog::Storage.new(self.object_store_credentials)
-        expire_at = Time.now + DIRECT_UPLOAD_TIMEOUT
+        expire_at = Time.now + DIRECT_UPLOAD_TIMEOUT + DIRECT_UPLOAD_EXPIRE_OFFSET
        options = { 'Content-Type' => 'application/octet-stream' }

        {
          ID: id,
+          Timeout: DIRECT_UPLOAD_TIMEOUT,
          GetURL: connection.get_object_url(remote_store_path, upload_path, expire_at),
          DeleteURL: connection.delete_object_url(remote_store_path, upload_path, expire_at),
          StoreURL: connection.put_object_url(remote_store_path, upload_path, expire_at, options)

--- a/changelogs/unreleased/bump-kubeclient-version-3-1-0.yml
+++ b/changelogs/unreleased/bump-kubeclient-version-3-1-0.yml
+---
+title: Updates the version of kubeclient from 3.0 to 3.1.0
+merge_request: 19199
+author:
+type: other
--- a/changelogs/unreleased/fix-missing-timeout.yml
+++ b/changelogs/unreleased/fix-missing-timeout.yml
+---
+title: Missing timeout value in object storage pre-authorization
+merge_request: 19201
+author:
+type: fixed
--- a/config/routes/group.rb
+++ b/config/routes/group.rb
@@ -30,6 +30,7 @@ constraints(::Constraints::GroupUrlConstrainer.new) do
    resource :variables, only: [:show, :update]

    resources :children, only: [:index]
+    resources :shared_projects, only: [:index]

    resources :labels, except: [:show] do
      post :toggle_subscription, on: :member

--- a/doc/administration/custom_hooks.md
+++ b/doc/administration/custom_hooks.md
@@ -80,7 +80,7 @@ STDERR takes precedence over STDOUT.

 ![Custom message from custom Git hook](img/custom_hooks_error_msg.png)

-[CI]: ../ci/readme.md
+[CI]: ../ci/README.md
 [hooks]: https://git-scm.com/book/en/v2/Customizing-Git-Git-Hooks#Server-Side-Hooks
 [webhooks]: ../user/project/integrations/webhooks.md
 [5073]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5073

--- a/doc/administration/high_availability/nfs.md
+++ b/doc/administration/high_availability/nfs.md
@@ -25,7 +25,9 @@ options:
  errors when the Omnibus package tries to alter permissions. Note that GitLab
  and other bundled components do **not** run as `root` but as non-privileged
  users. The recommendation for `no_root_squash` is to allow the Omnibus package
-  to set ownership and permissions on files, as needed.
+  to set ownership and permissions on files, as needed. In some cases where the
+  `no_root_squash` option is not available, the `root` flag can achieve the same
+  result.
 - `sync` - Force synchronous behavior. Default is asynchronous and under certain
  circumstances it could lead to data loss if a failure occurs before data has
  synced.

--- a/spec/controllers/groups/shared_projects_controller_spec.rb
+++ b/spec/controllers/groups/shared_projects_controller_spec.rb
+require 'spec_helper'
+
+describe Groups::SharedProjectsController do
+  def get_shared_projects(params = {})
+    get :index, params.reverse_merge(format: :json, group_id: group.full_path)
+  end
+
+  def share_project(project)
+    Projects::GroupLinks::CreateService.new(
+      project,
+      user,
+      link_group_access: ProjectGroupLink::DEVELOPER
+    ).execute(group)
+  end
+
+  set(:group) { create(:group) }
+  set(:user) { create(:user) }
+  set(:shared_project) do
+    shared_project = create(:project, namespace: user.namespace)
+    share_project(shared_project)
+
+    shared_project
+  end
+
+  let(:json_project_ids) { json_response.map { |project_info| project_info['id'] } }
+
+  before do
+    sign_in(user)
+  end
+
+  describe 'GET #index' do
+    it 'returns only projects shared with the group' do
+      create(:project, namespace: group)
+
+      get_shared_projects
+
+      expect(json_project_ids).to contain_exactly(shared_project.id)
+    end
+
+    it 'allows filtering shared projects' do
+      project = create(:project, :archived, namespace: user.namespace, name: "Searching for")
+      share_project(project)
+
+      get_shared_projects(filter: 'search')
+
+      expect(json_project_ids).to contain_exactly(project.id)
+    end
+
+    it 'allows sorting projects' do
+      shared_project.update!(name: 'bbb')
+      second_project = create(:project, namespace: user.namespace, name: 'aaaa')
+      share_project(second_project)
+
+      get_shared_projects(sort: 'name_asc')
+
+      expect(json_project_ids).to eq([second_project.id, shared_project.id])
+    end
+  end
+end
--- a/spec/uploaders/object_storage_spec.rb
+++ b/spec/uploaders/object_storage_spec.rb
@@ -382,6 +382,8 @@ describe ObjectStorage do
        is_expected.to have_key(:RemoteObject)

        expect(subject[:RemoteObject]).to have_key(:ID)
+        expect(subject[:RemoteObject]).to include(Timeout: a_kind_of(Integer))
+        expect(subject[:RemoteObject][:Timeout]).to be(ObjectStorage::DIRECT_UPLOAD_TIMEOUT)
        expect(subject[:RemoteObject]).to have_key(:GetURL)
        expect(subject[:RemoteObject]).to have_key(:DeleteURL)
        expect(subject[:RemoteObject]).to have_key(:StoreURL)