Commit 92077e0f authored by GitLab Bot's avatar GitLab Bot

Add latest changes from gitlab-org/gitlab@master

parent 83a3209c
...@@ -402,7 +402,6 @@ RSpec/RepeatedExample: ...@@ -402,7 +402,6 @@ RSpec/RepeatedExample:
- 'spec/models/ability_spec.rb' - 'spec/models/ability_spec.rb'
- 'spec/models/ci/build_spec.rb' - 'spec/models/ci/build_spec.rb'
- 'spec/models/concerns/issuable_spec.rb' - 'spec/models/concerns/issuable_spec.rb'
- 'spec/models/concerns/prometheus_adapter_spec.rb'
- 'spec/models/member_spec.rb' - 'spec/models/member_spec.rb'
- 'spec/models/project_services/chat_message/pipeline_message_spec.rb' - 'spec/models/project_services/chat_message/pipeline_message_spec.rb'
- 'spec/models/user_spec.rb' - 'spec/models/user_spec.rb'
......
import _ from 'underscore'; import { memoize, throttle } from 'lodash';
import $ from 'jquery'; import $ from 'jquery';
class DirtySubmitForm { class DirtySubmitForm {
...@@ -21,8 +21,8 @@ class DirtySubmitForm { ...@@ -21,8 +21,8 @@ class DirtySubmitForm {
} }
registerListeners() { registerListeners() {
const getThrottledHandlerForInput = _.memoize(() => const getThrottledHandlerForInput = memoize(() =>
_.throttle(event => this.updateDirtyInput(event), DirtySubmitForm.THROTTLE_DURATION), throttle(event => this.updateDirtyInput(event), DirtySubmitForm.THROTTLE_DURATION),
); );
const throttledUpdateDirtyInput = event => { const throttledUpdateDirtyInput = event => {
......
...@@ -4,6 +4,7 @@ module Repositories ...@@ -4,6 +4,7 @@ module Repositories
class GitHttpController < Repositories::GitHttpClientController class GitHttpController < Repositories::GitHttpClientController
include WorkhorseRequest include WorkhorseRequest
before_action :snippet_request_allowed?
before_action :access_check before_action :access_check
prepend_before_action :deny_head_requests, only: [:info_refs] prepend_before_action :deny_head_requests, only: [:info_refs]
...@@ -12,8 +13,6 @@ module Repositories ...@@ -12,8 +13,6 @@ module Repositories
rescue_from Gitlab::GitAccess::ProjectCreationError, with: :render_422_with_exception rescue_from Gitlab::GitAccess::ProjectCreationError, with: :render_422_with_exception
rescue_from Gitlab::GitAccess::TimeoutError, with: :render_503_with_exception rescue_from Gitlab::GitAccess::TimeoutError, with: :render_503_with_exception
before_action :snippet_request_allowed?
# GET /foo/bar.git/info/refs?service=git-upload-pack (git pull) # GET /foo/bar.git/info/refs?service=git-upload-pack (git pull)
# GET /foo/bar.git/info/refs?service=git-receive-pack (git push) # GET /foo/bar.git/info/refs?service=git-receive-pack (git push)
def info_refs def info_refs
...@@ -121,6 +120,7 @@ module Repositories ...@@ -121,6 +120,7 @@ module Repositories
def snippet_request_allowed? def snippet_request_allowed?
if repo_type.snippet? && Feature.disabled?(:version_snippets, user) if repo_type.snippet? && Feature.disabled?(:version_snippets, user)
Gitlab::AppLogger.info('Snippet access attempt with feature disabled')
render plain: 'The project you were looking for could not be found.', status: :not_found render plain: 'The project you were looking for could not be found.', status: :not_found
end end
end end
......
---
title: Fix invalid class option for ionice
merge_request: 28023
author:
type: fixed
---
title: Check first if feature flag version_snippet is enabled
merge_request: 28352
author:
type: fixed
...@@ -117,8 +117,6 @@ randomly placed on one of the selected paths. ...@@ -117,8 +117,6 @@ randomly placed on one of the selected paths.
[ce-4578]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4578 [ce-4578]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4578
[restart-gitlab]: restart_gitlab.md#installations-from-source [restart-gitlab]: restart_gitlab.md#installations-from-source
[reconfigure-gitlab]: restart_gitlab.md#omnibus-gitlab-reconfigure
[backups]: ../raketasks/backup_restore.md [backups]: ../raketasks/backup_restore.md
[raketask]: https://gitlab.com/gitlab-org/gitlab/blob/033e5423a2594e08a7ebcd2379bd2331f4c39032/lib/backup/repository.rb#L54-56 [raketask]: https://gitlab.com/gitlab-org/gitlab/blob/033e5423a2594e08a7ebcd2379bd2331f4c39032/lib/backup/repository.rb#L54-56
[repospath]: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/8-9-stable/config/gitlab.yml.example#L457 [repospath]: https://gitlab.com/gitlab-org/gitlab-foss/-/blob/8-9-stable/config/gitlab.yml.example#L457
[ce-11449]: https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/11449
...@@ -67,7 +67,7 @@ Asana - Teamwork without email ...@@ -67,7 +67,7 @@ Asana - Teamwork without email
Set Asana service for a project. Set Asana service for a project.
> This service adds commit messages as comments to Asana tasks. Once enabled, commit messages are checked for Asana task URLs (for example, `https://app.asana.com/0/123456/987654`) or task IDs starting with # (for example, `#987654`). Every task ID found will get the commit comment added to it. You can also close a task with a message containing: `fix #123456`. You can find your API Keys here: <https://asana.com/developers/documentation/getting-started/auth#api-key>. > This service adds commit messages as comments to Asana tasks. Once enabled, commit messages are checked for Asana task URLs (for example, `https://app.asana.com/0/123456/987654`) or task IDs starting with # (for example, `#987654`). Every task ID found will get the commit comment added to it. You can also close a task with a message containing: `fix #123456`. You can find your API Keys here: <https://developers.asana.com/docs/#authentication-basics>.
```plaintext ```plaintext
PUT /projects/:id/services/asana PUT /projects/:id/services/asana
......
...@@ -44,7 +44,7 @@ infrastructure is up and running, and that your units of code work well together ...@@ -44,7 +44,7 @@ infrastructure is up and running, and that your units of code work well together
## Selenium and WebdriverIO ## Selenium and WebdriverIO
[Selenium](https://selenium.dev/) is a piece of software that can control web browsers, e.g., to make them [Selenium](https://www.selenium.dev/) is a piece of software that can control web browsers, e.g., to make them
visit a specific URL or interact with elements on the page. It can be programmatically controlled visit a specific URL or interact with elements on the page. It can be programmatically controlled
from a variety of programming languages. In this article we're going to be using the from a variety of programming languages. In this article we're going to be using the
[WebdriverIO](https://webdriver.io/) JavaScript bindings, but the general concept should carry over [WebdriverIO](https://webdriver.io/) JavaScript bindings, but the general concept should carry over
......
...@@ -811,7 +811,7 @@ module Gitlab ...@@ -811,7 +811,7 @@ module Gitlab
end end
``` ```
A [Query Analyzer](https://graphql-ruby.org/queries/analysis.html#analyzer-api) contains a series A [Query Analyzer](https://graphql-ruby.org/queries/ast_analysis.html#analyzer-api) contains a series
of callbacks to validate queries before they are executed. Each field can pass through of callbacks to validate queries before they are executed. Each field can pass through
the analyzer, and the final value is also available to you. the analyzer, and the final value is also available to you.
......
...@@ -160,7 +160,7 @@ Component statuses are linked to configuration documentation for each component. ...@@ -160,7 +160,7 @@ Component statuses are linked to configuration documentation for each component.
| [Elasticsearch](#elasticsearch) | Improved search within GitLab | [][elasticsearch-omnibus] | [][elasticsearch-charts] | [][elasticsearch-charts] | [](https://gitlab.com/groups/gitlab-org/-/epics/153) | [][elasticsearch-source] | [][elasticsearch-gdk] | EE Only | | [Elasticsearch](#elasticsearch) | Improved search within GitLab | [][elasticsearch-omnibus] | [][elasticsearch-charts] | [][elasticsearch-charts] | [](https://gitlab.com/groups/gitlab-org/-/epics/153) | [][elasticsearch-source] | [][elasticsearch-gdk] | EE Only |
| [Sentry integration](#sentry) | Error tracking for deployed apps | [][sentry-integration] | [][sentry-integration] | [][sentry-integration] | [][sentry-integration] | [][sentry-integration] | [][sentry-integration] | CE & EE | | [Sentry integration](#sentry) | Error tracking for deployed apps | [][sentry-integration] | [][sentry-integration] | [][sentry-integration] | [][sentry-integration] | [][sentry-integration] | [][sentry-integration] | CE & EE |
| [Jaeger integration](#jaeger) | Distributed tracing for deployed apps | [][jaeger-integration] | [][jaeger-integration] | [][jaeger-integration] | [][jaeger-integration] | [][jaeger-integration] | [][jaeger-integration] | EE Only | | [Jaeger integration](#jaeger) | Distributed tracing for deployed apps | [][jaeger-integration] | [][jaeger-integration] | [][jaeger-integration] | [][jaeger-integration] | [][jaeger-integration] | [][jaeger-integration] | EE Only |
| [GitLab Managed Apps](#gitlab-managed-apps) | Deploy [Helm](https://helm.sh/docs/), [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/), [Cert-Manager](https://docs.cert-manager.io/en/latest/), [Prometheus](https://prometheus.io/docs/introduction/overview/), a [Runner](https://docs.gitlab.com/runner/), [JupyterHub](https://jupyter.org), [Knative](https://cloud.google.com/knative/) to a cluster | [][managed-k8s-apps] | [][managed-k8s-apps] | [][managed-k8s-apps] | [][managed-k8s-apps] | [][managed-k8s-apps] | [][managed-k8s-apps] | CE & EE | | [GitLab Managed Apps](#gitlab-managed-apps) | Deploy [Helm](https://helm.sh/docs/), [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/), [Cert-Manager](https://cert-manager.io/docs/), [Prometheus](https://prometheus.io/docs/introduction/overview/), a [Runner](https://docs.gitlab.com/runner/), [JupyterHub](https://jupyter.org), [Knative](https://cloud.google.com/knative/) to a cluster | [][managed-k8s-apps] | [][managed-k8s-apps] | [][managed-k8s-apps] | [][managed-k8s-apps] | [][managed-k8s-apps] | [][managed-k8s-apps] | CE & EE |
### Component details ### Component details
...@@ -207,7 +207,7 @@ Consul is a tool for service discovery and configuration. Consul is distributed, ...@@ -207,7 +207,7 @@ Consul is a tool for service discovery and configuration. Consul is distributed,
#### Elasticsearch #### Elasticsearch
- [Project page](https://github.com/elastic/elasticsearch/blob/master/README.asciidoc) - [Project page](https://github.com/elastic/elasticsearch/)
- Configuration: [Omnibus][elasticsearch-omnibus], [Charts][elasticsearch-charts], [Source][elasticsearch-source], [GDK][elasticsearch-gdk] - Configuration: [Omnibus][elasticsearch-omnibus], [Charts][elasticsearch-charts], [Source][elasticsearch-source], [GDK][elasticsearch-gdk]
- Layer: Core Service (Data) - Layer: Core Service (Data)
...@@ -424,7 +424,7 @@ An external registry can also be configured to use GitLab as an auth endpoint. ...@@ -424,7 +424,7 @@ An external registry can also be configured to use GitLab as an auth endpoint.
#### Sentry #### Sentry
- [Project page](https://github.com/getsentry/sentry/blob/master/README.rst) - [Project page](https://github.com/getsentry/sentry/)
- Configuration: [Omnibus][sentry-omnibus], [Charts][sentry-charts], [Source][gitlab-yml], [GDK][gitlab-yml] - Configuration: [Omnibus][sentry-omnibus], [Charts][sentry-charts], [Source][gitlab-yml], [GDK][gitlab-yml]
- Layer: Monitoring - Layer: Monitoring
......
...@@ -6,7 +6,7 @@ description: "Learn how GitLab's documentation website is architectured." ...@@ -6,7 +6,7 @@ description: "Learn how GitLab's documentation website is architectured."
The [`gitlab-docs`](https://gitlab.com/gitlab-org/gitlab-docs) project hosts The [`gitlab-docs`](https://gitlab.com/gitlab-org/gitlab-docs) project hosts
the repository which is used to generate the GitLab documentation website and the repository which is used to generate the GitLab documentation website and
is deployed to <https://docs.gitlab.com>. It uses the [Nanoc](http://nanoc.ws) is deployed to <https://docs.gitlab.com>. It uses the [Nanoc](https://nanoc.ws/)
static site generator. static site generator.
## Architecture ## Architecture
......
...@@ -424,7 +424,7 @@ This is a list of available features: ...@@ -424,7 +424,7 @@ This is a list of available features:
- Do not add commas (`,`) or semicolons (`;`) to the end of list items. - Do not add commas (`,`) or semicolons (`;`) to the end of list items.
- Only add periods to the end of a list item if the item consists of a complete sentence. - Only add periods to the end of a list item if the item consists of a complete sentence.
The [definition of full sentence](https://www2.le.ac.uk/offices/ld/resources/writing/grammar/grammar-guides/sentence) The [definition of full sentence](https://www2.le.ac.uk/offices/ld/all-resources/writing/grammar/grammar-guides/sentence)
is: _"a complete sentence always contains a verb, expresses a complete idea, and makes sense standing alone"_. is: _"a complete sentence always contains a verb, expresses a complete idea, and makes sense standing alone"_.
- Be consistent throughout the list: if the majority of the items do not end in a period, - Be consistent throughout the list: if the majority of the items do not end in a period,
do not end any of the items in a period, even if they consist of a complete sentence. do not end any of the items in a period, even if they consist of a complete sentence.
......
...@@ -23,7 +23,7 @@ Default client accepts two parameters: `resolvers` and `config`. ...@@ -23,7 +23,7 @@ Default client accepts two parameters: `resolvers` and `config`.
- `resolvers` parameter is created to accept an object of resolvers for [local state management](#local-state-with-apollo) queries and mutations - `resolvers` parameter is created to accept an object of resolvers for [local state management](#local-state-with-apollo) queries and mutations
- `config` parameter takes an object of configuration settings: - `config` parameter takes an object of configuration settings:
- `cacheConfig` field accepts an optional object of settings to [customize Apollo cache](https://github.com/apollographql/apollo-client/tree/master/packages/apollo-cache-inmemory#configuration) - `cacheConfig` field accepts an optional object of settings to [customize Apollo cache](https://www.apollographql.com/docs/react/caching/cache-configuration/#configuring-the-cache)
- `baseUrl` allows us to pass a URL for GraphQL endpoint different from our main endpoint (i.e.`${gon.relative_url_root}/api/graphql`) - `baseUrl` allows us to pass a URL for GraphQL endpoint different from our main endpoint (i.e.`${gon.relative_url_root}/api/graphql`)
- `assumeImmutableResults` (set to `false` by default) - this setting, when set to `true`, will assume that every single operation on updating Apollo Cache is immutable. It also sets `freezeResults` to `true`, so any attempt on mutating Apollo Cache will throw a console warning in development environment. Please ensure you're following the immutability pattern on cache update operations before setting this option to `true`. - `assumeImmutableResults` (set to `false` by default) - this setting, when set to `true`, will assume that every single operation on updating Apollo Cache is immutable. It also sets `freezeResults` to `true`, so any attempt on mutating Apollo Cache will throw a console warning in development environment. Please ensure you're following the immutability pattern on cache update operations before setting this option to `true`.
...@@ -601,7 +601,7 @@ defaultClient.query({ query }) ...@@ -601,7 +601,7 @@ defaultClient.query({ query })
Read more about the [Apollo] client in the [Apollo documentation](https://www.apollographql.com/docs/tutorial/client/). Read more about the [Apollo] client in the [Apollo documentation](https://www.apollographql.com/docs/tutorial/client/).
[Apollo]: https://www.apollographql.com/ [Apollo]: https://www.apollographql.com/
[vue-apollo]: https://github.com/Akryum/vue-apollo/ [vue-apollo]: https://github.com/vuejs/vue-apollo
[feature-flags]: ../feature_flags.md [feature-flags]: ../feature_flags.md
[default-client]: https://gitlab.com/gitlab-org/gitlab/blob/master/app/assets/javascripts/lib/graphql.js [default-client]: https://gitlab.com/gitlab-org/gitlab/blob/master/app/assets/javascripts/lib/graphql.js
[vue-test-utils]: https://vue-test-utils.vuejs.org/ [vue-test-utils]: https://vue-test-utils.vuejs.org/
......
...@@ -13,7 +13,7 @@ There are several ways to import a project. ...@@ -13,7 +13,7 @@ There are several ways to import a project.
The first option is to simply [import the Project tarball file via the GitLab UI](../user/project/settings/import_export.md#importing-the-project): The first option is to simply [import the Project tarball file via the GitLab UI](../user/project/settings/import_export.md#importing-the-project):
1. Create the group `qa-perf-testing` 1. Create the group `qa-perf-testing`
1. Import the [GitLab FOSS project tarball](https://gitlab.com/gitlab-org/quality/performance-data/raw/master/gitlabhq_export.tar.gz) into the Group. 1. Import the [GitLab FOSS project tarball](https://gitlab.com/gitlab-org/quality/performance-data/-/blob/master/projects_export/gitlabhq_export.tar.gz) into the Group.
It should take up to 15 minutes for the project to fully import. You can head to the project's main page for the current status. It should take up to 15 minutes for the project to fully import. You can head to the project's main page for the current status.
...@@ -132,7 +132,7 @@ For Performance testing, we should: ...@@ -132,7 +132,7 @@ For Performance testing, we should:
- Count the number of executed SQL queries during the restore. - Count the number of executed SQL queries during the restore.
- Observe the number of GC cycles happening. - Observe the number of GC cycles happening.
You can use this [snippet](https://gitlab.com/gitlab-org/gitlab/snippets/1924954), which will restore the project, and measure the execution time of `Project::TreeRestorer`, number of SQL queries and number of GC cycles happening. You can use this snippet: `https://gitlab.com/gitlab-org/gitlab/snippets/1924954` (must be logged in), which will restore the project, and measure the execution time of `Project::TreeRestorer`, number of SQL queries and number of GC cycles happening.
You can execute the script from the `gdk/gitlab` directory like this: You can execute the script from the `gdk/gitlab` directory like this:
......
...@@ -307,7 +307,7 @@ It is recommended to reuse the identifiers the GitLab scanners already define: ...@@ -307,7 +307,7 @@ It is recommended to reuse the identifiers the GitLab scanners already define:
| [OSVD](https://cve.mitre.org/data/refs/refmap/source-OSVDB.html) | `osvdb` | OSVDB-113928 | | [OSVD](https://cve.mitre.org/data/refs/refmap/source-OSVDB.html) | `osvdb` | OSVDB-113928 |
| [USN](https://usn.ubuntu.com/) | `usn` | USN-4234-1 | | [USN](https://usn.ubuntu.com/) | `usn` | USN-4234-1 |
| [WASC](http://projects.webappsec.org/Threat-Classification-Reference-Grid) | `wasc` | WASC-19 | | [WASC](http://projects.webappsec.org/Threat-Classification-Reference-Grid) | `wasc` | WASC-19 |
| [RHSA](https://access.redhat.com/errata) | `rhsa` | RHSA-2020:0111 | | [RHSA](https://access.redhat.com/errata/#/) | `rhsa` | RHSA-2020:0111 |
| [ELSA](https://linux.oracle.com/security/) | `elsa` | ELSA-2020-0085 | | [ELSA](https://linux.oracle.com/security/) | `elsa` | ELSA-2020-0085 |
The generic identifiers listed above are defined in the [common library](https://gitlab.com/gitlab-org/security-products/analyzers/common); The generic identifiers listed above are defined in the [common library](https://gitlab.com/gitlab-org/security-products/analyzers/common);
......
...@@ -107,9 +107,9 @@ For instance `RETRIES=1 bin/rspec ...` would retry the failing examples once. ...@@ -107,9 +107,9 @@ For instance `RETRIES=1 bin/rspec ...` would retry the failing examples once.
## Resources ## Resources
- [Flaky Tests: Are You Sure You Want to Rerun Them?](http://semaphoreci.com/blog/2017/04/20/flaky-tests.html) - [Flaky Tests: Are You Sure You Want to Rerun Them?](https://semaphoreci.com/blog/2017/04/20/flaky-tests.html)
- [How to Deal With and Eliminate Flaky Tests](https://semaphoreci.com/community/tutorials/how-to-deal-with-and-eliminate-flaky-tests) - [How to Deal With and Eliminate Flaky Tests](https://semaphoreci.com/community/tutorials/how-to-deal-with-and-eliminate-flaky-tests)
- [Tips on Treating Flakiness in your Rails Test Suite](http://semaphoreci.com/blog/2017/08/03/tips-on-treating-flakiness-in-your-test-suite.html) - [Tips on Treating Flakiness in your Rails Test Suite](https://semaphoreci.com/blog/2017/08/03/tips-on-treating-flakiness-in-your-test-suite.html)
- ['Flaky' tests: a short story](https://www.ombulabs.com/blog/rspec/continuous-integration/how-to-track-down-a-flaky-test.html) - ['Flaky' tests: a short story](https://www.ombulabs.com/blog/rspec/continuous-integration/how-to-track-down-a-flaky-test.html)
- [Using Insights to Discover Flaky, Slow, and Failed Tests](https://circleci.com/blog/using-insights-to-discover-flaky-slow-and-failed-tests/) - [Using Insights to Discover Flaky, Slow, and Failed Tests](https://circleci.com/blog/using-insights-to-discover-flaky-slow-and-failed-tests/)
......
...@@ -108,7 +108,7 @@ ahead and select this one, but please choose the size which best meets your own ...@@ -108,7 +108,7 @@ ahead and select this one, but please choose the size which best meets your own
> **Note:** be aware that while your VM is active (known as "allocated"), it will incur > **Note:** be aware that while your VM is active (known as "allocated"), it will incur
"compute charges" which, ultimately, you will be billed for. So, even if you're using the "compute charges" which, ultimately, you will be billed for. So, even if you're using the
free trial credits, you'll likely want to learn free trial credits, you'll likely want to learn
[how to properly shutdown an Azure VM to save money](https://buildazure.com/properly-shutdown-azure-vm-to-save-money/). [how to properly shutdown an Azure VM to save money](https://build5nines.com/properly-shutdown-azure-vm-to-save-money/).
Go ahead and click your chosen size, then click **"Select"** when you're ready to proceed to the Go ahead and click your chosen size, then click **"Select"** when you're ready to proceed to the
next step. next step.
...@@ -420,7 +420,7 @@ Check out our other [Technical Articles](../../articles/index.md) or browse the ...@@ -420,7 +420,7 @@ Check out our other [Technical Articles](../../articles/index.md) or browse the
- [Azure Portal][Azure-Portal] - [Azure Portal][Azure-Portal]
- [Azure - Pricing Calculator][Azure-Pricing-Calculator] - [Azure - Pricing Calculator][Azure-Pricing-Calculator]
- [Azure - Troubleshoot SSH Connections to an Azure Linux VM](https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/troubleshoot-ssh-connection) - [Azure - Troubleshoot SSH Connections to an Azure Linux VM](https://docs.microsoft.com/en-us/azure/virtual-machines/troubleshooting/troubleshoot-ssh-connection)
- [Azure - Properly Shutdown an Azure VM](https://buildazure.com/properly-shutdown-azure-vm-to-save-money/) - [Azure - Properly Shutdown an Azure VM](https://build5nines.com/properly-shutdown-azure-vm-to-save-money/)
- [SSH], [PuTTY](https://www.putty.org) and [Using SSH in PuTTY][Using-SSH-In-Putty] - [SSH], [PuTTY](https://www.putty.org) and [Using SSH in PuTTY][Using-SSH-In-Putty]
[Original-Blog-Post]: https://about.gitlab.com/blog/2016/07/13/how-to-setup-a-gitlab-instance-on-microsoft-azure/ "How to Set up a GitLab Instance on Microsoft Azure" [Original-Blog-Post]: https://about.gitlab.com/blog/2016/07/13/how-to-setup-a-gitlab-instance-on-microsoft-azure/ "How to Set up a GitLab Instance on Microsoft Azure"
......
...@@ -281,7 +281,7 @@ sudo apt-get update ...@@ -281,7 +281,7 @@ sudo apt-get update
sudo apt-get install yarn sudo apt-get install yarn
``` ```
Visit the official websites for [node](https://nodejs.org/en/download/package-manager/) and [yarn](https://yarnpkg.com/en/docs/install/) if you have any trouble with these steps. Visit the official websites for [node](https://nodejs.org/en/download/package-manager/) and [yarn](https://classic.yarnpkg.com/en/docs/install/) if you have any trouble with these steps.
## 5. System users ## 5. System users
...@@ -533,7 +533,7 @@ As of Bundler 1.5.2, you can invoke `bundle install -jN` (where `N` is the numbe ...@@ -533,7 +533,7 @@ As of Bundler 1.5.2, you can invoke `bundle install -jN` (where `N` is the numbe
Make sure you have `bundle` (run `bundle -v`): Make sure you have `bundle` (run `bundle -v`):
- `>= 1.5.2`, because some [issues](https://devcenter.heroku.com/changelog-items/411) were [fixed](https://github.com/bundler/bundler/pull/2817) in 1.5.2. - `>= 1.5.2`, because some [issues](https://devcenter.heroku.com/changelog-items/411) were [fixed](https://github.com/rubygems/bundler/pull/2817) in 1.5.2.
- `< 2.x`. - `< 2.x`.
```shell ```shell
......
...@@ -70,7 +70,7 @@ version of Node.js 10.13.0. ...@@ -70,7 +70,7 @@ version of Node.js 10.13.0.
You can check which version you are running with `node -v`. If you are running You can check which version you are running with `node -v`. If you are running
a version older than `v10.13.0`, you need to update to a newer version. You a version older than `v10.13.0`, you need to update to a newer version. You
can find instructions to install from community maintained packages or compile can find instructions to install from community maintained packages or compile
from source at the [Node.js website](https://nodejs.org/en/download). from source at the [Node.js website](https://nodejs.org/en/download/).
## Hardware requirements ## Hardware requirements
......
...@@ -31,8 +31,8 @@ of this document. ...@@ -31,8 +31,8 @@ of this document.
NOTE: **Note:** NOTE: **Note:**
Elasticsearch should be installed on a separate server, whether you install Elasticsearch should be installed on a separate server, whether you install
it yourself or use a cloud hosted offering like Elastic's [Elasticsearch Service](https://www.elastic.co/products/elasticsearch/service) (available on AWS, GCP, or Azure) or the it yourself or use a cloud hosted offering like Elastic's [Elasticsearch Service](https://www.elastic.co/elasticsearch/service) (available on AWS, GCP, or Azure) or the
[Amazon Elasticsearch](http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html) service. Running Elasticsearch on the same server as GitLab is not recommended [Amazon Elasticsearch](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-gsg.html) service. Running Elasticsearch on the same server as GitLab is not recommended
and will likely cause a degradation in GitLab instance performance. and will likely cause a degradation in GitLab instance performance.
NOTE: **Note:** NOTE: **Note:**
......
# UltraAuth OmniAuth Provider # UltraAuth OmniAuth Provider
You can integrate your GitLab instance with [UltraAuth](https://ultraauth.com) to enable users to perform secure biometric authentication to your GitLab instance with your UltraAuth account. Users have to perform the biometric authentication using their mobile device with fingerprint sensor. You can integrate your GitLab instance with [UltraAuth](https://github.com/ultraauth) to enable users to perform secure biometric authentication to your GitLab instance with your UltraAuth account. Users have to perform the biometric authentication using their mobile device with fingerprint sensor.
## Create UltraAuth Application ## Create UltraAuth Application
To enable UltraAuth OmniAuth provider, you must use UltraAuth's credentials for your GitLab instance. To enable UltraAuth OmniAuth provider, you must use UltraAuth's credentials for your GitLab instance.
To get the credentials (a pair of Client ID and Client Secret), you must register an application on UltraAuth. To get the credentials (a pair of Client ID and Client Secret), you must register an application on UltraAuth.
1. Sign in to [UltraAuth](https://ultraauth.com). 1. Sign in to [UltraAuth](https://app.ultraauth.com).
1. Navigate to **Create an App** and click on **Ruby on Rails**. 1. Navigate to **Create an App** and click on **Ruby on Rails**.
1. Scroll down the page that is displayed to locate the **Client ID** and **Client Secret**. 1. Scroll down the page that is displayed to locate the **Client ID** and **Client Secret**.
Keep this page open as you continue configuration. Keep this page open as you continue configuration.
......
...@@ -18,7 +18,7 @@ The following assumes you already have Vault installed and running. ...@@ -18,7 +18,7 @@ The following assumes you already have Vault installed and running.
First you'll need to create a GitLab application to obtain an application ID and secret for authenticating into Vault. To do this, sign in to GitLab and follow these steps: First you'll need to create a GitLab application to obtain an application ID and secret for authenticating into Vault. To do this, sign in to GitLab and follow these steps:
1. On GitLab, click your avatar on the top-right corner, and select your user **Settings > Applications**. 1. On GitLab, click your avatar on the top-right corner, and select your user **Settings > Applications**.
1. Fill out the application **Name** and [**Redirect URI**](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris), 1. Fill out the application **Name** and [**Redirect URI**](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris),
making sure to select the **OpenID** scope. making sure to select the **OpenID** scope.
1. Save application. 1. Save application.
1. Copy client ID and secret, or keep the page open for reference. 1. Copy client ID and secret, or keep the page open for reference.
...@@ -66,7 +66,7 @@ The following assumes you already have Vault installed and running. ...@@ -66,7 +66,7 @@ The following assumes you already have Vault installed and running.
1. **Write the OIDC Role Config:** 1. **Write the OIDC Role Config:**
Now that Vault has a GitLab application ID and secret, it needs to know the [**Redirect URIs**](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris) and scopes given to GitLab during the application creation process. The redirect URIs need to match where your Vault instance is running. The `oidc_scopes` field needs to include the `openid`. Similarly to the previous step, replace `your_application_id` with the generated application ID from GitLab: Now that Vault has a GitLab application ID and secret, it needs to know the [**Redirect URIs**](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris) and scopes given to GitLab during the application creation process. The redirect URIs need to match where your Vault instance is running. The `oidc_scopes` field needs to include the `openid`. Similarly to the previous step, replace `your_application_id` with the generated application ID from GitLab:
This configuration is saved under the name of the role you are creating. In this case, we are creating a `demo` role. Later, we'll show how you can access this role through the Vault CLI. This configuration is saved under the name of the role you are creating. In this case, we are creating a `demo` role. Later, we'll show how you can access this role through the Vault CLI.
...@@ -107,7 +107,7 @@ The following assumes you already have Vault installed and running. ...@@ -107,7 +107,7 @@ The following assumes you already have Vault installed and running.
1. In the **Write the OIDC Role Config** (step 4), we created a role called `demo`. We set `role=demo` so Vault knows which configuration we'd like to login in with. 1. In the **Write the OIDC Role Config** (step 4), we created a role called `demo`. We set `role=demo` so Vault knows which configuration we'd like to login in with.
1. To set Vault to use the `OIDC` sign-in method, we set `-method=oidc`. 1. To set Vault to use the `OIDC` sign-in method, we set `-method=oidc`.
1. To set the port that GitLab should redirect to, we set `port=8250` or another port number that matches the port given to GitLab when listing [Redirect URIs](https://www.vaultproject.io/docs/auth/jwt.html#redirect-uris). 1. To set the port that GitLab should redirect to, we set `port=8250` or another port number that matches the port given to GitLab when listing [Redirect URIs](https://www.vaultproject.io/docs/auth/jwt/#redirect-uris).
Once you run the command above, it will present a link in the terminal. Once you run the command above, it will present a link in the terminal.
Click the link in the terminal and a tab will open in the browser confirming you're signed into Vault via OIDC: Click the link in the terminal and a tab will open in the browser confirming you're signed into Vault via OIDC:
......
...@@ -2,18 +2,35 @@ ...@@ -2,18 +2,35 @@
comments: false comments: false
--- ---
# Rake tasks # Rake tasks **(CORE ONLY)**
- [Backup restore](backup_restore.md) GitLab provides [Rake](https://ruby.github.io/rake/) tasks for common administration and operational processes.
- [Check](check.md)
- [Cleanup](cleanup.md) GitLab Rake tasks are performed using:
- [Features](features.md)
- [LDAP Maintenance](../administration/raketasks/ldap.md) - `gitlab-rake <raketask>` for [Omnibus GitLab](https://docs.gitlab.com/omnibus/README.html) installations.
- [General Maintenance](../administration/raketasks/maintenance.md) and self-checks - `bundle exec rake <raketask>` for [source](../install/installation.md) installations.
- [User management](user_management.md)
- [Webhooks](web_hooks.md) ## Available Rake tasks
- [Import](import.md) of Git repositories in bulk
- [Rebuild authorized_keys file](../administration/raketasks/maintenance.md#rebuild-authorized_keys-file) task for administrators The following are available Rake tasks:
- [Uploads Migrate](../administration/raketasks/uploads/migrate.md)
- [Uploads Sanitize](../administration/raketasks/uploads/sanitize.md) | Tasks | Description |
- [Importing large GitLab project exports](../development/import_project.md#importing-via-a-rake-task) |:-------------------------------------------------------------------------------------------|:------------------------------------------------------------------------------------------|
| [Back up and restore](backup_restore.md) | Back up, restore, and migrate GitLab instances between servers. |
| [Clean up](cleanup.md) | Clean up unneeded items GitLab instances. |
| [Enable namespaces](features.md) | Enable usernames and namespaces for user projects. |
| [General maintenance](../administration/raketasks/maintenance.md) | General maintenance and self-check tasks. |
| [Geo maintenance](../administration/raketasks/geo.md) **(PREMIUM ONLY)** | [Geo](../administration/geo/replication/index.md)-related maintenance. |
| [GitHub import](../administration/raketasks/github_import.md) | Retrieve and import repositories from GitHub. |
| [Import repositories](import.md) | Import bare repositories into your GitLab instance. |
| [Import large project exports](../development/import_project.md#importing-via-a-rake-task) | Import large GitLab [project exports](../user/project/settings/import_export.md). |
| [Integrity checks](../administration/raketasks/check.md) | Check the integrity of repositories, files, and LDAP. |
| [LDAP maintenance](../administration/raketasks/ldap.md) | [LDAP](../administration/auth/ldap.md)-related tasks. |
| [List repositories](list_repos.md) | List of all GitLab-managed Git repositories on disk. |
| [Project import/export](../administration/raketasks/project_import_export.md) | Prepare for [project exports and imports](../user/project/settings/import_export.md). |
| [Repository storage](../administration/raketasks/storage.md) | List and migrate existing projects and attachments from legacy storage to hashed storage. |
| [Uploads migrate](../administration/raketasks/uploads/migrate.md) | Migrate uploads between storage local and object storage. |
| [Uploads sanitize](../administration/raketasks/uploads/sanitize.md) | Remove EXIF data from images uploaded to earlier versions of GitLab. |
| [User management](user_management.md) | Perform user management tasks. |
| [Webhooks administration](web_hooks.md) | Maintain project Webhooks. |
...@@ -79,7 +79,7 @@ is available. ...@@ -79,7 +79,7 @@ is available.
> Introduced in GitLab 11.6 for project- and group-level clusters. > Introduced in GitLab 11.6 for project- and group-level clusters.
[cert-manager](https://docs.cert-manager.io/en/latest/) is a native [cert-manager](https://cert-manager.io/docs/) is a native
Kubernetes certificate management controller that helps with issuing Kubernetes certificate management controller that helps with issuing
certificates. Installing cert-manager on your cluster will issue a certificates. Installing cert-manager on your cluster will issue a
certificate by [Let's Encrypt](https://letsencrypt.org/) and ensure that certificate by [Let's Encrypt](https://letsencrypt.org/) and ensure that
...@@ -98,7 +98,7 @@ If you have installed cert-manager prior to GitLab 12.3, Let's Encrypt will ...@@ -98,7 +98,7 @@ If you have installed cert-manager prior to GitLab 12.3, Let's Encrypt will
To resolve this: To resolve this:
1. Uninstall cert-manager (consider [backing up any additional configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html)). 1. Uninstall cert-manager (consider [backing up any additional configuration](https://cert-manager.io/docs/tutorials/backup/)).
1. Install cert-manager again. 1. Install cert-manager again.
### GitLab Runner ### GitLab Runner
...@@ -1047,7 +1047,7 @@ The applications below can be uninstalled. ...@@ -1047,7 +1047,7 @@ The applications below can be uninstalled.
| Application | GitLab version | Notes | | Application | GitLab version | Notes |
| ----------- | -------------- | ----- | | ----------- | -------------- | ----- |
| cert-manager | 12.2+ | The associated private key will be deleted and cannot be restored. Deployed applications will continue to use HTTPS, but certificates will not be renewed. Before uninstalling, you may wish to [back up your configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html) or [revoke your certificates](https://letsencrypt.org/docs/revoking/). | | cert-manager | 12.2+ | The associated private key will be deleted and cannot be restored. Deployed applications will continue to use HTTPS, but certificates will not be renewed. Before uninstalling, you may wish to [back up your configuration](https://cert-manager.io/docs/tutorials/backup/) or [revoke your certificates](https://letsencrypt.org/docs/revoking/). |
| GitLab Runner | 12.2+ | Any running pipelines will be canceled. | | GitLab Runner | 12.2+ | Any running pipelines will be canceled. |
| Helm | 12.2+ | The associated Tiller pod, the `gitlab-managed-apps` namespace, and all of its resources will be deleted and cannot be restored. | | Helm | 12.2+ | The associated Tiller pod, the `gitlab-managed-apps` namespace, and all of its resources will be deleted and cannot be restored. |
| Ingress | 12.1+ | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. | | Ingress | 12.1+ | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. |
......
...@@ -102,7 +102,7 @@ module Gitlab ...@@ -102,7 +102,7 @@ module Gitlab
if ionice if ionice
raise ArgumentError, 'Invalid niceness' unless VALID_NICENESS_LEVELS.include?(niceness) raise ArgumentError, 'Invalid niceness' unless VALID_NICENESS_LEVELS.include?(niceness)
cmd.unshift(*%W[#{ionice} --class #{niceness}]) cmd.unshift(*%W[#{ionice} -c #{niceness}])
end end
log_info("find command: '#{cmd.join(' ')}'") log_info("find command: '#{cmd.join(' ')}'")
......
...@@ -146,9 +146,12 @@ describe Repositories::GitHttpController do ...@@ -146,9 +146,12 @@ describe Repositories::GitHttpController do
let(:params) { container_params.merge(service: 'git-upload-pack') } let(:params) { container_params.merge(service: 'git-upload-pack') }
it 'returns 404' do it 'returns 404' do
expect(controller).not_to receive(:access_check)
get :info_refs, params: params get :info_refs, params: params
expect(response).to have_gitlab_http_status(:not_found) expect(response).to have_gitlab_http_status(:not_found)
expect(response.body).to eq "The project you were looking for could not be found."
end end
end end
...@@ -160,9 +163,12 @@ describe Repositories::GitHttpController do ...@@ -160,9 +163,12 @@ describe Repositories::GitHttpController do
end end
it 'returns 404' do it 'returns 404' do
expect(controller).not_to receive(:access_check)
post :git_upload_pack, params: params post :git_upload_pack, params: params
expect(response).to have_gitlab_http_status(:not_found) expect(response).to have_gitlab_http_status(:not_found)
expect(response.body).to eq "The project you were looking for could not be found."
end end
end end
end end
......
...@@ -70,6 +70,7 @@ describe('DirtySubmitForm', () => { ...@@ -70,6 +70,7 @@ describe('DirtySubmitForm', () => {
describe('throttling tests', () => { describe('throttling tests', () => {
beforeEach(() => { beforeEach(() => {
jasmine.clock().install(); jasmine.clock().install();
jasmine.clock().mockDate();
DirtySubmitForm.THROTTLE_DURATION = 100; DirtySubmitForm.THROTTLE_DURATION = 100;
}); });
......
...@@ -28,6 +28,12 @@ describe Gitlab::Cleanup::OrphanJobArtifactFiles do ...@@ -28,6 +28,12 @@ describe Gitlab::Cleanup::OrphanJobArtifactFiles do
expect { cleanup.run! }.to raise_error('Invalid niceness') expect { cleanup.run! }.to raise_error('Invalid niceness')
end end
it 'passes correct arguments to ionice' do
allow(Gitlab::Utils).to receive(:which).with('ionice').and_return('/fake/ionice')
expect(Open3).to receive(:popen3).with('/fake/ionice', '-c', any_args)
cleanup.run!
end
it 'finds artifacts on disk' do it 'finds artifacts on disk' do
artifact = create(:ci_job_artifact, :archive) artifact = create(:ci_job_artifact, :archive)
......
...@@ -131,7 +131,6 @@ describe PrometheusAdapter, :use_clean_rails_memory_store_caching do ...@@ -131,7 +131,6 @@ describe PrometheusAdapter, :use_clean_rails_memory_store_caching do
end end
it { expect(subject.to_json).to eq(prometheus_data.to_json) } it { expect(subject.to_json).to eq(prometheus_data.to_json) }
it { expect(subject.to_json).to eq(prometheus_data.to_json) }
end end
[404, 500].each do |status| [404, 500].each do |status|
......
...@@ -49,7 +49,7 @@ describe Spam::SpamCheckService do ...@@ -49,7 +49,7 @@ describe Spam::SpamCheckService do
end end
end end
shared_examples 'akismet spam' do shared_examples 'only checks for spam if a request is provided' do
context 'when request is missing' do context 'when request is missing' do
let(:request) { nil } let(:request) { nil }
...@@ -132,7 +132,7 @@ describe Spam::SpamCheckService do ...@@ -132,7 +132,7 @@ describe Spam::SpamCheckService do
stub_feature_flags(allow_possible_spam: false) stub_feature_flags(allow_possible_spam: false)
end end
it_behaves_like 'akismet spam' it_behaves_like 'only checks for spam if a request is provided'
it 'marks as spam' do it 'marks as spam' do
subject subject
...@@ -142,7 +142,7 @@ describe Spam::SpamCheckService do ...@@ -142,7 +142,7 @@ describe Spam::SpamCheckService do
end end
context 'when allow_possible_spam feature flag is true' do context 'when allow_possible_spam feature flag is true' do
it_behaves_like 'akismet spam' it_behaves_like 'only checks for spam if a request is provided'
it 'does not mark as spam' do it 'does not mark as spam' do
subject subject
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment