Commit 1e4637ba authored by Rémy Coutable's avatar Rémy Coutable

Merge remote-tracking branch 'origin/master' into ce-to-ee-2018-08-21

Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parents bfcc9126 d2989917
...@@ -17,6 +17,14 @@ module Projects ...@@ -17,6 +17,14 @@ module Projects
link_fork_network(fork_to_project) link_fork_network(fork_to_project)
# A forked project stores its LFS objects in the `forked_from_project`.
# So the LFS objects become inaccessible, and therefore delete them from
# the database so they'll get cleaned up.
#
# TODO: refactor this to get the correct lfs objects when implementing
# https://gitlab.com/gitlab-org/gitlab-ce/issues/39769
fork_to_project.lfs_objects_projects.delete_all
fork_to_project fork_to_project
end end
......
---
title: Allow project owners to set up forking relation through API
merge_request: 18104
author:
type: changed
...@@ -6,6 +6,7 @@ const argumentsParser = require('commander'); ...@@ -6,6 +6,7 @@ const argumentsParser = require('commander');
const webpackConfig = require('./webpack.config.js'); const webpackConfig = require('./webpack.config.js');
const ROOT_PATH = path.resolve(__dirname, '..'); const ROOT_PATH = path.resolve(__dirname, '..');
const SPECS_PATH = /^(?:\.[\\\/])?(ee[\\\/])?spec[\\\/]javascripts[\\\/]/;
function fatalError(message) { function fatalError(message) {
console.error(chalk.red(`\nError: ${message}\n`)); console.error(chalk.red(`\nError: ${message}\n`));
...@@ -34,9 +35,19 @@ const specFilters = argumentsParser ...@@ -34,9 +35,19 @@ const specFilters = argumentsParser
) )
.parse(process.argv).filterSpec; .parse(process.argv).filterSpec;
if (specFilters.length) { const createContext = (specFiles, regex, suffix) => {
const specsPath = /^(?:\.[\\\/])?spec[\\\/]javascripts[\\\/]/; const newContext = specFiles.reduce((context, file) => {
const relativePath = file.replace(SPECS_PATH, '');
context[file] = `./${relativePath}`;
return context;
}, {});
webpackConfig.plugins.push(
new webpack.ContextReplacementPlugin(regex, path.join(ROOT_PATH, suffix), newContext)
);
};
if (specFilters.length) {
// resolve filters // resolve filters
let filteredSpecFiles = specFilters.map(filter => let filteredSpecFiles = specFilters.map(filter =>
glob glob
...@@ -57,23 +68,15 @@ if (specFilters.length) { ...@@ -57,23 +68,15 @@ if (specFilters.length) {
fatalError('Your filter did not match any test files.'); fatalError('Your filter did not match any test files.');
} }
if (!filteredSpecFiles.every(file => specsPath.test(file))) { if (!filteredSpecFiles.every(file => SPECS_PATH.test(file))) {
fatalError('Test files must be located within /spec/javascripts.'); fatalError('Test files must be located within /spec/javascripts.');
} }
const newContext = filteredSpecFiles.reduce((context, file) => { const CE_FILES = filteredSpecFiles.filter(file => !file.startsWith('ee'));
const relativePath = file.replace(specsPath, ''); createContext(CE_FILES, /[^e]{2}[\\\/]spec[\\\/]javascripts$/, 'spec/javascripts');
context[file] = `./${relativePath}`;
return context;
}, {});
webpackConfig.plugins.push( const EE_FILES = filteredSpecFiles.filter(file => file.startsWith('ee'));
new webpack.ContextReplacementPlugin( createContext(EE_FILES, /ee[\\\/]spec[\\\/]javascripts$/, 'ee/spec/javascripts');
/spec[\\\/]javascripts$/,
path.join(ROOT_PATH, 'spec/javascripts'),
newContext
)
);
} }
// Karma configuration // Karma configuration
......
...@@ -27,10 +27,14 @@ Rails.application.routes.draw do ...@@ -27,10 +27,14 @@ Rails.application.routes.draw do
authorizations: 'oauth/authorizations' authorizations: 'oauth/authorizations'
end end
scope path: '/-/jira/login/oauth', controller: 'oauth/jira/authorizations', as: :oauth_jira do # This prefixless path is required because Jira gets confused if we set it up with a path
# More information: https://gitlab.com/gitlab-org/gitlab-ee/issues/6752
scope path: '/login/oauth', controller: 'oauth/jira/authorizations', as: :oauth_jira do
get :authorize, action: :new get :authorize, action: :new
get :callback get :callback
post :access_token post :access_token
# This helps minimize merge conflicts with CE for this scope block
match ':action', via: [:get, :post], to: proc { [404, {}, ['']] }
end end
namespace :oauth do namespace :oauth do
......
# frozen_string_literal: true
class RenameLoginRootNamespaces < ActiveRecord::Migration
include Gitlab::Database::MigrationHelpers
include Gitlab::Database::RenameReservedPathsMigration::V1
DOWNTIME = false
# We're taking over the /login namespace as part of a fix for the Jira integration
def up
rename_root_paths 'login'
end
def down
revert_renames
end
end
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
# #
# It's strongly recommended that you check this file into your version control system. # It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 20180809195358) do ActiveRecord::Schema.define(version: 20180816193530) do
# These are extensions that must be enabled in order to support this database # These are extensions that must be enabled in order to support this database
enable_extension "plpgsql" enable_extension "plpgsql"
......
...@@ -1446,12 +1446,17 @@ DELETE /projects/:id/hooks/:hook_id ...@@ -1446,12 +1446,17 @@ DELETE /projects/:id/hooks/:hook_id
Note the JSON response differs if the hook is available or not. If the project hook Note the JSON response differs if the hook is available or not. If the project hook
is available before it is returned in the JSON response or an empty response is returned. is available before it is returned in the JSON response or an empty response is returned.
## Admin fork relation ## Fork relationship
Allows modification of the forked relationship between existing projects. Available only for admins. Allows modification of the forked relationship between existing projects. Available only for project owners and admins.
### Create a forked from/to relation between existing projects ### Create a forked from/to relation between existing projects
CAUTION: **Warning:**
This will destroy the LFS objects stored in the fork.
So to retain the LFS objects, make sure you've pulled them **before** creating the fork relation,
and push them again **after** creating the fork relation.
``` ```
POST /projects/:id/fork/:forked_from_id POST /projects/:id/fork/:forked_from_id
``` ```
......
# GitLab Helm Chart # GitLab Helm Chart
> **Note:** The chart is currently **beta**, if you encounter any problems please [open an issue](https://gitlab.com/charts/gitlab/issues/new).
For more information on available GitLab Helm Charts, please see our [overview](index.md#chart-overview). This is the official and recommended way to install GitLab on a cloud native environment.
For more information on other available GitLab Helm Charts, see the [charts overview](index.md#chart-overview).
## Introduction ## Introduction
The `gitlab` chart is the best way to operate GitLab on Kubernetes. This chart contains all the required components to get started, and can scale to large deployments. The `gitlab` chart is the best way to operate GitLab on Kubernetes. This chart
contains all the required components to get started, and can scale to large deployments.
The default deployment includes: The default deployment includes:
...@@ -14,78 +15,94 @@ The default deployment includes: ...@@ -14,78 +15,94 @@ The default deployment includes:
- An auto-scaling, unprivileged [GitLab Runner](https://docs.gitlab.com/runner/) using the Kubernetes executor - An auto-scaling, unprivileged [GitLab Runner](https://docs.gitlab.com/runner/) using the Kubernetes executor
- Automatically provisioned SSL via [Let's Encrypt](https://letsencrypt.org/). - Automatically provisioned SSL via [Let's Encrypt](https://letsencrypt.org/).
### Limitations ## Limitations
Some features and functions are not currently available in the beta release. Some features of GitLab are not currently available:
For details, see [known issues and limitations](https://gitlab.com/charts/gitlab/blob/master/doc/architecture/beta.md#known-issues-and-limitations) in the charts repository.
## Prerequisites - [GitLab Pages](https://gitlab.com/charts/gitlab/issues/37)
- [GitLab Geo](https://gitlab.com/charts/gitlab/issues/8)
- [No in-cluster HA database](https://gitlab.com/charts/gitlab/issues/48)
- MySQL will not be supported, as support is [deprecated within GitLab](https://docs.gitlab.com/omnibus/settings/database.html#using-a-mysql-database-management-server-enterprise-edition-only)
In order to deploy GitLab on Kubernetes, a few prerequisites are required. ## Installing GitLab using the Helm Chart
The `gitlab` chart includes all required dependencies, and takes a few minutes
to deploy.
TIP: **Tip:**
For large scale deployments, we strongly recommend using the
[detailed installation instructions](https://gitlab.com/charts/gitlab/blob/master/doc/installation/README.md)
utilizing [external Postgres, Redis, and object storage](https://gitlab.com/charts/gitlab/tree/master/doc/advanced) services.
### Requirements
In order to deploy GitLab on Kubernetes, the following are required:
1. `helm` and `kubectl` [installed on your computer](preparation/tools_installation.md). 1. `helm` and `kubectl` [installed on your computer](preparation/tools_installation.md).
1. A Kubernetes cluster, version 1.8 or higher. 6vCPU and 16GB of RAM is recommended. 1. A Kubernetes cluster, version 1.8 or higher. 6vCPU and 16GB of RAM is recommended.
* [Google GKE](https://cloud.google.com/kubernetes-engine/docs/how-to/creating-a-container-cluster) - [Google GKE](https://cloud.google.com/kubernetes-engine/docs/how-to/creating-a-container-cluster)
* [Amazon EKS](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html) - [Amazon EKS](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html)
* [Microsoft AKS](https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal) - [Microsoft AKS](https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal)
1. A [wildcard DNS entry and external IP address](preparation/networking.md) 1. A [wildcard DNS entry and external IP address](preparation/networking.md)
1. [Authenticate and connect](preparation/connect.md) to the cluster 1. [Authenticate and connect](preparation/connect.md) to the cluster
1. Configure and initialize [Helm Tiller](preparation/tiller.md). 1. Configure and initialize [Helm Tiller](preparation/tiller.md).
## Configuring and Installing GitLab ### Deployment of GitLab to Kubernetes
> **Note**: For deployments to Amazon EKS, there are [additional configuration requirements](preparation/eks.md). To deploy GitLab, the following three parameters are required:
For simple deployments, running all services within Kubernetes, only three parameters are required: - `global.hosts.domain`: the [base domain](preparation/networking.md) of the
- `global.hosts.domain`: the [base domain](preparation/networking.md) of the wildcard host entry. For example, `mycompany.io` if the wild card entry is `*.mycompany.io`. wildcard host entry. For example, `exampe.com` if the wild card entry is
- `global.hosts.externalIP`: the [external IP](preparation/networking.md) which the wildcard DNS resolves to. `*.example.com`.
- `certmanager-issuer.email`: Email address to use when requesting new SSL certificates from Let's Encrypt. - `global.hosts.externalIP`: the [external IP](preparation/networking.md) which
the wildcard DNS resolves to.
- `certmanager-issuer.email`: the email address to use when requesting new SSL
certificates from Let's Encrypt.
For enterprise deployments, or to utilize advanced settings, please use the instructions in the [`gitlab` chart project](https://gitlab.com/charts/gitlab) for the most up to date directions. NOTE: **Note:**
- [External Postgres, Redis, and other dependencies](https://gitlab.com/charts/gitlab/tree/master/doc/advanced) For deployments to Amazon EKS, there are
- [Persistence settings](https://gitlab.com/charts/gitlab/blob/master/doc/installation/storage.md) [additional configuration requirements](preparation/eks.md). A full list of
- [Manual TLS certificates](https://gitlab.com/charts/gitlab/blob/master/doc/installation/tls.md) configuration options is [also available](https://gitlab.com/charts/gitlab/blob/master/doc/installation/command-line-options.md).
- [Manual secret creation](https://gitlab.com/charts/gitlab/blob/master/doc/installation/secrets.md)
For additional configuration options, consult the [full list of settings](https://gitlab.com/charts/gitlab/blob/master/doc/installation/command-line-options.md). Once you have all of your configuration options collected, you can get any
dependencies and run helm. In this example, the helm release is named "gitlab":
## Installing GitLab using the Helm Chart ```sh
Once you have all of your configuration options collected, we can get any dependencies and
run helm. In this example, we've named our helm release "gitlab".
```
helm repo add gitlab https://charts.gitlab.io/ helm repo add gitlab https://charts.gitlab.io/
helm update helm repo update
helm upgrade --install gitlab gitlab/gitlab \ helm upgrade --install gitlab gitlab/gitlab \
--timeout 600 \ --timeout 600 \
--set global.hosts.domain=example.local \ --set global.hosts.domain=example.com \
--set global.hosts.externalIP=10.10.10.10 \ --set global.hosts.externalIP=10.10.10.10 \
--set certmanager-issuer.email=me@example.local --set certmanager-issuer.email=email@example.com
``` ```
### Monitoring the Deployment ### Monitoring the Deployment
This will output the list of resources installed once the deployment finishes which may take 5-10 minutes. This will output the list of resources installed once the deployment finishes,
which may take 5-10 minutes.
The status of the deployment can be checked by running `helm status gitlab` which can also be done while The status of the deployment can be checked by running `helm status gitlab`
the deployment is taking place if you run the command in another terminal. which can also be done while the deployment is taking place if you run the
command in another terminal.
### Initial login ### Initial login
You can access the GitLab instance by visiting the domain name beginning with `gitlab.` followed by the domain specified during installation. From the example above, the URL would be `https://gitlab.example.local`. You can access the GitLab instance by visiting the domain name beginning with
`gitlab.` followed by the domain specified during installation. From the example
above, the URL would be `https://gitlab.example.com`.
If you manually created the secret for initial root password, you If you manually created the secret for initial root password, you
can use that to sign in as `root` user. If not, Gitlab automatically can use that to sign in as `root` user. If not, Gitlab automatically
created a random password for `root` user. This can be extracted by the created a random password for `root` user. This can be extracted by the
following command (replace `<name>` by name of the release - which is `gitlab` following command (replace `<name>` by name of the release - which is `gitlab`
if you used the command above). if you used the command above):
``` ```sh
kubectl get secret <name>-gitlab-initial-root-password -ojsonpath={.data.password} | base64 --decode kubectl get secret <name>-gitlab-initial-root-password -ojsonpath={.data.password} | base64 --decode ; echo
``` ```
## Outgoing email ### Outgoing email
By default outgoing email is disabled. To enable it, provide details for your SMTP server By default outgoing email is disabled. To enable it, provide details for your SMTP server
using the `global.smtp` and `global.email` settings. You can find details for these settings in the using the `global.smtp` and `global.email` settings. You can find details for these settings in the
...@@ -95,14 +112,14 @@ If your SMTP server requires authentication make sure to read the section on pro ...@@ -95,14 +112,14 @@ If your SMTP server requires authentication make sure to read the section on pro
your password in the [secrets documentation](https://gitlab.com/charts/gitlab/blob/master/doc/installation/secrets.md#smtp-password). your password in the [secrets documentation](https://gitlab.com/charts/gitlab/blob/master/doc/installation/secrets.md#smtp-password).
You can disable authentication settings with `--set global.smtp.authentication=""`. You can disable authentication settings with `--set global.smtp.authentication=""`.
If your Kubernetes cluster is on GKE, be aware that smtp [ports 25, 465, and 587 If your Kubernetes cluster is on GKE, be aware that SMTP ports [25, 465, and 587
are blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/#using_standard_email_ports). are blocked](https://cloud.google.com/compute/docs/tutorials/sending-mail/#using_standard_email_ports).
## Deploying the Community Edition ### Deploying the Community Edition
To deploy the Community Edition, include these options in your `helm install` command: To deploy the Community Edition, include these options in your `helm install` command:
```shell ```sh
--set gitlab.migrations.image.repository=registry.gitlab.com/gitlab-org/build/cng/gitlab-rails-ce --set gitlab.migrations.image.repository=registry.gitlab.com/gitlab-org/build/cng/gitlab-rails-ce
--set gitlab.sidekiq.image.repository=registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce --set gitlab.sidekiq.image.repository=registry.gitlab.com/gitlab-org/build/cng/gitlab-sidekiq-ce
--set gitlab.unicorn.image.repository=registry.gitlab.com/gitlab-org/build/cng/gitlab-unicorn-ce --set gitlab.unicorn.image.repository=registry.gitlab.com/gitlab-org/build/cng/gitlab-unicorn-ce
...@@ -113,15 +130,15 @@ To deploy the Community Edition, include these options in your `helm install` co ...@@ -113,15 +130,15 @@ To deploy the Community Edition, include these options in your `helm install` co
Once your GitLab Chart is installed, configuration changes and chart updates Once your GitLab Chart is installed, configuration changes and chart updates
should be done using `helm upgrade`: should be done using `helm upgrade`:
```bash ```sh
helm upgrade -f values.yaml gitlab gitlab/gitlab helm upgrade --reuse-values gitlab gitlab/gitlab
``` ```
## Uninstalling GitLab using the Helm Chart ## Uninstalling GitLab using the Helm Chart
To uninstall the GitLab Chart, run the following: To uninstall the GitLab Chart, run the following:
```bash ```sh
helm delete gitlab helm delete gitlab
``` ```
......
# GitLab-Omnibus Helm Chart # GitLab-Omnibus Helm Chart
> **Note:**.
* This chart has been tested on Google Kubernetes Engine and Azure Container Service.
**[This chart is beta](#limitations), and is the best way to install GitLab on Kubernetes today.** A new [cloud native GitLab chart](index.md#cloud-native-gitlab-chart) is in development with increased scalability and resilience, among other benefits. Once available, the cloud native chart will be the recommended installation method for Kubernetes, and this chart will be deprecated. CAUTION: **Caution:**
This chart is **deprecated**. We recommend using the [`gitlab` chart](gitlab_chart.md)
instead. A comparison of the two charts is available in [this video](https://youtu.be/Z6jWR8Z8dv8).
For more information on available GitLab Helm Charts, please see our [overview](index.md#chart-overview). For more information on available GitLab Helm Charts, see the [charts overview](index.md#chart-overview).
This work is based partially on: https://github.com/lwolf/kubernetes-gitlab/. GitLab would like to thank Sergey Nuzhdin for his work. - This GitLab-Omnibus chart has been tested on Google Kubernetes Engine and Azure Container Service.
- This work is based partially on: https://github.com/lwolf/kubernetes-gitlab/. GitLab would like to thank Sergey Nuzhdin for his work.
## Introduction ## Introduction
This chart provides an easy way to get started with GitLab, provisioning an installation with nearly all functionality enabled. SSL is automatically provisioned via [Let's Encrypt](https://letsencrypt.org/). This chart provides an easy way to get started with GitLab, provisioning an
installation with nearly all functionality enabled. SSL is automatically
provisioned via [Let's Encrypt](https://letsencrypt.org/).
This Helm chart is in beta, and is suited for small to medium deployments. It will be deprecated by the [cloud native GitLab chart](https://gitlab.com/charts/helm.gitlab.io/blob/master/README.md) once available. Due to the significant architectural changes, migrating will require backing up data out of this instance and importing it into the new deployment. This Helm chart is suited for small to medium deployments and is **deprecated**
and replaced by the [cloud native GitLab chart](https://gitlab.com/charts/helm.gitlab.io/blob/master/README.md).
Due to the significant architectural changes, migrating will require backing up
data out of this instance and importing it into the new deployment.
The deployment includes: The deployment includes:
...@@ -23,14 +29,12 @@ The deployment includes: ...@@ -23,14 +29,12 @@ The deployment includes:
- [NGINX Ingress](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress) - [NGINX Ingress](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress)
- Persistent Volume Claims for Data, Registry, Postgres, and Redis - Persistent Volume Claims for Data, Registry, Postgres, and Redis
### Limitations ## Limitations
* This chart is in beta, and suited for small to medium size deployments. [High Availability](https://docs.gitlab.com/ee/administration/high_availability/) and [Geo](https://docs.gitlab.com/ee/gitlab-geo/README.html) are not supported. [High Availability](../../administration/high_availability/README.md) and
* A new generation [cloud native GitLab chart](index.md#cloud-native-gitlab-chart) is in development, and will deprecate this chart. Due to the difficulty in supporting upgrades to the new architecture, migrating will require exporting data out of this instance and importing it into the new deployment. We plan to release the new chart in beta by the end of 2017. [Geo](https://docs.gitlab.com/ee/gitlab-geo/README.html) are not supported.
For more information on available GitLab Helm Charts, please see our [overview](index.md#chart-overview). ## Requirements
## Prerequisites
- _At least_ 4 GB of RAM available on your cluster. 41GB of storage and 2 CPU are also required. - _At least_ 4 GB of RAM available on your cluster. 41GB of storage and 2 CPU are also required.
- Kubernetes 1.4+ with Beta APIs enabled - Kubernetes 1.4+ with Beta APIs enabled
...@@ -39,43 +43,65 @@ For more information on available GitLab Helm Charts, please see our [overview]( ...@@ -39,43 +43,65 @@ For more information on available GitLab Helm Charts, please see our [overview](
- The `kubectl` CLI installed locally and authenticated for the cluster - The `kubectl` CLI installed locally and authenticated for the cluster
- The [Helm client](https://github.com/kubernetes/helm/blob/master/docs/quickstart.md) installed locally on your machine - The [Helm client](https://github.com/kubernetes/helm/blob/master/docs/quickstart.md) installed locally on your machine
### Networking Prerequisites ### Networking requirements
This chart configures a GitLab server and Kubernetes cluster which can support dynamic [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/index.html), as well as services like the integrated [Container Registry](https://docs.gitlab.com/ee/user/project/container_registry.html) and [Mattermost](https://docs.gitlab.com/omnibus/gitlab-mattermost/). This chart configures a GitLab server and Kubernetes cluster which can support
dynamic [Review Apps](../../ci/review_apps/index.md), as well as services like
the integrated [Container Registry](../../user/project/container_registry.md)
and [Mattermost](https://docs.gitlab.com/omnibus/gitlab-mattermost/).
To support the GitLab services and dynamic environments, a wildcard DNS entry is required which resolves to the [Load Balancer](#load-balancer-ip) or [External IP](#external-ip). Configuration of the DNS entry will depend upon the DNS service being used. To support the GitLab services and dynamic environments, a wildcard DNS entry
is required which resolves to the [load balancer](#load-balancer-ip) or
[external IP](#external-ip). Configuration of the DNS entry will depend upon
the DNS service being used.
#### External IP (Recommended) #### External IP (recommended)
To provision an external IP on GCP and Azure, simply request a new address from the Networking section. Ensure that the region matches the region your container cluster is created in. Note, it is important that the IP is not assigned at this point in time. It will be automatically assigned once the Helm chart is installed, and assigned to the Load Balancer. To provision an external IP on GCP and Azure, simply request a new address from
the Networking section. Ensure that the region matches the region your container
cluster is created in. It is important that the IP is not assigned at this point
in time. It will be automatically assigned once the Helm chart is installed,
and assigned to the Load Balancer.
Now that an external IP address has been allocated, ensure that the wildcard DNS entry you would like to use resolves to this IP. Please consult the documentation for your DNS service for more information on creating DNS records. Now that an external IP address has been allocated, ensure that the wildcard
DNS entry you would like to use resolves to this IP. Please consult the
documentation for your DNS service for more information on creating DNS records.
Finally, set the `baseIP` setting to this IP address when [deploying GitLab](#configuring-and-installing-gitlab). Finally, set the `baseIP` setting to this IP address when
[deploying GitLab](#configuring-and-installing-gitlab).
#### Load Balancer IP #### Load Balancer IP
If you do not specify a `baseIP`, an IP will be assigned to the Load Balancer or Ingress. You can retrieve this IP by running the following command *after* deploying GitLab: If you do not specify a `baseIP`, an IP will be assigned to the Load Balancer or
Ingress. You can retrieve this IP by running the following command *after* deploying GitLab:
`kubectl get svc -w --namespace nginx-ingress nginx` ```sh
kubectl get svc -w --namespace nginx-ingress nginx
```
The IP address will be displayed in the `EXTERNAL-IP` field, and should be used to configure the Wildcard DNS entry. For more information on creating a wildcard DNS entry, consult the documentation for the DNS server you are using. The IP address will be displayed in the `EXTERNAL-IP` field, and should be used
to configure the Wildcard DNS entry. For more information on creating a wildcard
DNS entry, consult the documentation for the DNS server you are using.
For production deployments of GitLab, we strongly recommend using an [External IP](#external-ip). For production deployments of GitLab, we strongly recommend using a
[external IP](#external-ip).
## Configuring and Installing GitLab ## Configuring and Installing GitLab
For most installations, only two parameters are required: For most installations, two parameters are required:
- `baseDomain`: the [base domain](#networking-prerequisites) of the wildcard host entry. For example, `mycompany.io` if the wild card entry is `*.mycompany.io`. - `baseDomain`: the [base domain](#networking-prerequisites) of the wildcard host entry. For example, `mycompany.io` if the wild card entry is `*.mycompany.io`.
- `legoEmail`: Email address to use when requesting new SSL certificates from Let's Encrypt. - `legoEmail`: Email address to use when requesting new SSL certificates from Let's Encrypt.
Other common configuration options: Other common configuration options:
- `baseIP`: the desired [external IP address](#external-ip-recommended) - `baseIP`: the desired [external IP address](#external-ip-recommended)
- `gitlab`: Choose the [desired edition](https://about.gitlab.com/pricing), either `ee` or `ce`. `ce` is the default. - `gitlab`: Choose the [desired edition](https://about.gitlab.com/pricing), either `ee` or `ce`. `ce` is the default.
- `gitlabEELicense`: For Enterprise Edition, the [license](https://docs.gitlab.com/ee/user/admin_area/license.html) can be installed directly via the Chart - `gitlabEELicense`: For Enterprise Edition, the [license](https://docs.gitlab.com/ee/user/admin_area/license.html) can be installed directly via the Chart
- `provider`: Optimizes the deployment for a cloud provider. The default is `gke` for [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine/), with `acs` also supported for the [Azure Container Service](https://azure.microsoft.com/en-us/services/container-service/). - `provider`: Optimizes the deployment for a cloud provider. The default is `gke` for [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine/), with `acs` also supported for the [Azure Container Service](https://azure.microsoft.com/en-us/services/container-service/).
For additional configuration options, consult the [values.yaml](https://gitlab.com/charts/charts.gitlab.io/blob/master/charts/gitlab-omnibus/values.yaml). For additional configuration options, consult the
[`values.yaml`](https://gitlab.com/charts/charts.gitlab.io/blob/master/charts/gitlab-omnibus/values.yaml).
### Choosing a different GitLab release version ### Choosing a different GitLab release version
...@@ -92,13 +118,14 @@ The different images can be found in the [gitlab-ce](https://hub.docker.com/r/gi ...@@ -92,13 +118,14 @@ The different images can be found in the [gitlab-ce](https://hub.docker.com/r/gi
repositories on Docker Hub. repositories on Docker Hub.
### Persistent storage ### Persistent storage
> **Note:**
If you are using a machine type with support for less than 4 attached disks, like an Azure trial, you should disable dedicated storage for Postgres and Redis.
By default, persistent storage is enabled for GitLab and the charts it depends NOTE: **Note:**
on (Redis and PostgreSQL). If you are using a machine type with support for less than 4 attached disks,
like an Azure trial, you should disable dedicated storage for Postgres and Redis.
Components can have their claim size set from your `values.yaml`, along with whether to provision separate storage for Postgres and Redis. By default, persistent storage is enabled for GitLab and the charts it depends
on (Redis and PostgreSQL). Components can have their claim size set from your
`values.yaml`, along with whether to provision separate storage for Postgres and Redis.
Basic configuration: Basic configuration:
...@@ -117,14 +144,23 @@ gitlabConfigStorageSize: 1Gi ...@@ -117,14 +144,23 @@ gitlabConfigStorageSize: 1Gi
### Routing and SSL ### Routing and SSL
Ingress routing and SSL are automatically configured within this Chart. An NGINX ingress is provisioned and configured, and will route traffic to any service. SSL certificates are automatically created and configured by [kube-lego](https://github.com/kubernetes/charts/tree/master/stable/kube-lego). Ingress routing and SSL are automatically configured within this Chart. An NGINX
ingress is provisioned and configured, and will route traffic to any service.
SSL certificates are automatically created and configured by
[kube-lego](https://github.com/kubernetes/charts/tree/master/stable/kube-lego).
> **Note:** NOTE: **Note:**
Let's Encrypt limits a single TLD to five certificate requests within a single week. This means that common DNS wildcard services like [nip.io](http://nip.io) are unlikely to work. Let's Encrypt limits a single TLD to five certificate requests within a single
week. This means that common DNS wildcard services like [nip.io](http://nip.io)
and [xip.io](http://xip.io) are unlikely to work.
## Installing GitLab using the Helm Chart ## Installing GitLab using the Helm Chart
> **Note:**
You may see a temporary error message `SchedulerPredicates failed due to PersistentVolumeClaim is not bound` while storage provisions. Once the storage provisions, the pods will automatically start. This may take a couple minutes depending on your cloud provider. If the error persists, please review the [prerequisites](#prerequisites) to ensure you have enough RAM, CPU, and storage. NOTE: **Note:**
You may see a temporary error message `SchedulerPredicates failed due to PersistentVolumeClaim is not bound`
while storage provisions. Once the storage provisions, the pods will automatically start.
This may take a couple minutes depending on your cloud provider. If the error persists,
please review the [requirements sections](#requirements) to ensure you have enough RAM, CPU, and storage.
Add the GitLab Helm repository and initialize Helm: Add the GitLab Helm repository and initialize Helm:
...@@ -133,15 +169,15 @@ helm init ...@@ -133,15 +169,15 @@ helm init
helm repo add gitlab https://charts.gitlab.io helm repo add gitlab https://charts.gitlab.io
``` ```
Once you have reviewed the [configuration settings](#configuring-and-installing-gitlab) you can install the chart. We recommending saving your configuration options in a `values.yaml` file for easier upgrades in the future. Once you have reviewed the [configuration settings](#configuring-and-installing-gitlab),
you can install the chart. We recommending saving your configuration options in a
For example: `values.yaml` file for easier upgrades in the future:
```bash ```bash
helm install --name gitlab -f values.yaml gitlab/gitlab-omnibus helm install --name gitlab -f values.yaml gitlab/gitlab-omnibus
``` ```
or passing them on the command line: Or you can pass them on the command line:
```bash ```bash
helm install --name gitlab --set baseDomain=gitlab.io,baseIP=192.0.2.1,gitlab=ee,gitlabEELicense=$LICENSE,legoEmail=email@gitlab.com gitlab/gitlab-omnibus helm install --name gitlab --set baseDomain=gitlab.io,baseIP=192.0.2.1,gitlab=ee,gitlabEELicense=$LICENSE,legoEmail=email@gitlab.com gitlab/gitlab-omnibus
...@@ -149,8 +185,11 @@ helm install --name gitlab --set baseDomain=gitlab.io,baseIP=192.0.2.1,gitlab=ee ...@@ -149,8 +185,11 @@ helm install --name gitlab --set baseDomain=gitlab.io,baseIP=192.0.2.1,gitlab=ee
## Updating GitLab using the Helm Chart ## Updating GitLab using the Helm Chart
>**Note**: If you are upgrading from a previous version to 0.1.35 or above, you will need to change the access mode values for GitLab's storage. To do this, set the following in `values.yaml` or on the CLI: If you are upgrading from a previous version to 0.1.35 or above, you will need to
``` change the access mode values for GitLab's storage. To do this, set the following
in `values.yaml` or on the CLI:
```sh
gitlabDataAccessMode=ReadWriteMany gitlabDataAccessMode=ReadWriteMany
gitlabRegistryAccessMode=ReadWriteMany gitlabRegistryAccessMode=ReadWriteMany
gitlabConfigAccessMode=ReadWriteMany gitlabConfigAccessMode=ReadWriteMany
...@@ -159,15 +198,20 @@ gitlabConfigAccessMode=ReadWriteMany ...@@ -159,15 +198,20 @@ gitlabConfigAccessMode=ReadWriteMany
Once your GitLab Chart is installed, configuration changes and chart updates Once your GitLab Chart is installed, configuration changes and chart updates
should be done using `helm upgrade`: should be done using `helm upgrade`:
```bash ```sh
helm upgrade -f values.yaml gitlab gitlab/gitlab-omnibus helm upgrade -f values.yaml gitlab gitlab/gitlab-omnibus
``` ```
## Upgrading from CE to EE using the Helm Chart ## Upgrading from CE to EE using the Helm Chart
If you have installed the Community Edition using this chart, upgrading to Enterprise Edition is easy. If you have installed the Community Edition using this chart, upgrading to
Enterprise Edition is easy.
If you are using a `values.yaml` file to specify the configuration options, edit the file and set `gitlab=ee`. If you would like to run a specific version of GitLab EE, set `gitlabEEImage` to be the desired GitLab [docker image](https://hub.docker.com/r/gitlab/gitlab-ee/tags/). Then you can use `helm upgrade` to update your GitLab instance to EE: If you are using a `values.yaml` file to specify the configuration options, edit
the file and set `gitlab=ee`. If you would like to run a specific version of
GitLab EE, set `gitlabEEImage` to be the desired GitLab
[docker image](https://hub.docker.com/r/gitlab/gitlab-ee/tags/). Then you can
use `helm upgrade` to update your GitLab instance to EE:
```bash ```bash
helm upgrade -f values.yaml gitlab gitlab/gitlab-omnibus helm upgrade -f values.yaml gitlab gitlab/gitlab-omnibus
...@@ -191,9 +235,12 @@ helm delete gitlab ...@@ -191,9 +235,12 @@ helm delete gitlab
### Storage errors when updating `gitlab-omnibus` versions prior to 0.1.35 ### Storage errors when updating `gitlab-omnibus` versions prior to 0.1.35
Users upgrading `gitlab-omnibus` from a version prior to 0.1.35, may see an error like: `Error: UPGRADE FAILED: PersistentVolumeClaim "gitlab-gitlab-config-storage" is invalid: spec: Forbidden: field is immutable after creation`. Users upgrading `gitlab-omnibus` from a version prior to 0.1.35, may see an error
like: `Error: UPGRADE FAILED: PersistentVolumeClaim "gitlab-gitlab-config-storage" is invalid: spec: Forbidden: field is immutable after creation`.
This is due to a change in the access mode for GitLab storage in version 0.1.35. To successfully upgrade, the access mode flags must be set to `ReadWriteMany` as detailed in the [update section](#updating-gitlab-using-the-helm-chart). This is due to a change in the access mode for GitLab storage in version 0.1.35.
To successfully upgrade, the access mode flags must be set to `ReadWriteMany`
as detailed in the [update section](#updating-gitlab-using-the-helm-chart).
[kube-srv]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types [kube-srv]: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types
[storageclass]: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#storageclasses [storageclass]: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#storageclasses
...@@ -4,7 +4,8 @@ description: 'Read through the different methods to deploy GitLab on Kubernetes. ...@@ -4,7 +4,8 @@ description: 'Read through the different methods to deploy GitLab on Kubernetes.
# Installing GitLab on Kubernetes # Installing GitLab on Kubernetes
> **Note**: These charts have been tested on Google Kubernetes Engine. Other Kubernetes installations may work as well, if not please [open an issue](https://gitlab.com/charts/issues). NOTE: **Note**: These charts have been tested on Google Kubernetes Engine. Other
Kubernetes installations may work as well, if not please [open an issue](https://gitlab.com/charts/issues).
The easiest method to deploy GitLab on [Kubernetes](https://kubernetes.io/) is The easiest method to deploy GitLab on [Kubernetes](https://kubernetes.io/) is
to take advantage of GitLab's Helm charts. [Helm] is a package to take advantage of GitLab's Helm charts. [Helm] is a package
...@@ -14,30 +15,31 @@ should be deployed, upgraded, and configured. ...@@ -14,30 +15,31 @@ should be deployed, upgraded, and configured.
## Chart Overview ## Chart Overview
* **[GitLab Chart](gitlab_chart.html)**: The recommended GitLab chart, currently in beta. Supports large deployments with horizontal scaling of individual GitLab components, and does not require NFS. - **[GitLab Chart](gitlab_chart.html)**: Deploys GitLab on Kubernetes. Includes all the required components to get started, and can scale to large deployments.
* **[GitLab Runner Chart](gitlab_runner_chart.md)**: For deploying just the GitLab Runner. - **[GitLab Runner Chart](gitlab_runner_chart.md)**: For deploying just the GitLab Runner.
* Other Charts - Other Charts
* [GitLab-Omnibus](gitlab_omnibus.md): Chart based on the Omnibus GitLab linux package, only suitable for small deployments. The chart will be deprecated by the [GitLab chart](#gitlab-chart) when it is GA. - [GitLab-Omnibus](gitlab_omnibus.md): Chart based on the Omnibus GitLab package, only suitable for small deployments. Deprecated, we strongly recommend using the [gitlab](#gitlab-chart) chart.
* [Community Contributed Charts](#community-contributed-charts): Community contributed charts, deprecated by the official GitLab chart. - [Community contributed charts](#community-contributed-charts): Community contributed charts.
## GitLab Chart ## GitLab Chart
> **Note**: This chart is **beta**, while we work on the [remaining items for GA](https://gitlab.com/groups/charts/-/epics/15). This chart contains all the required components to get started, and can scale to
large deployments. It offers a number of benefits:
The best way to operate GitLab on Kubernetes. This chart contains all the required components to get started, and can scale to large deployments. - Horizontal scaling of individual components
- No requirement for shared storage to scale
- Containers do not need `root` permissions
- Automatic SSL with Let's Encrypt
- and plenty more.
This chart offers a number of benefits: Learn more about the [GitLab chart](gitlab_chart.md).
* Horizontal scaling of individual components
* No requirement for shared storage to scale
* Containers do not need `root` permissions
* Automatic SSL with Let's Encrypt
* and plenty more.
Learn more about the [GitLab chart here](gitlab_chart.md) and [here [Video]](https://youtu.be/Z6jWR8Z8dv8).
## GitLab Runner Chart ## GitLab Runner Chart
If you already have a GitLab instance running, inside or outside of Kubernetes, and you'd like to leverage the Runner's [Kubernetes capabilities](https://docs.gitlab.com/runner/executors/kubernetes.html), it can be deployed with the GitLab Runner chart. If you already have a GitLab instance running, inside or outside of Kubernetes,
and you'd like to leverage the Runner's
[Kubernetes capabilities](https://docs.gitlab.com/runner/executors/kubernetes.html),
it can be deployed with the GitLab Runner chart.
Learn more about [gitlab-runner chart](gitlab_runner_chart.md). Learn more about [gitlab-runner chart](gitlab_runner_chart.md).
...@@ -45,11 +47,18 @@ Learn more about [gitlab-runner chart](gitlab_runner_chart.md). ...@@ -45,11 +47,18 @@ Learn more about [gitlab-runner chart](gitlab_runner_chart.md).
### GitLab-Omnibus Chart ### GitLab-Omnibus Chart
> **Note**: This chart is beta, and **will be deprecated** when the [`gitlab`](#gitlab-chart) chart is GA. CAUTION: **Deprecated:**
This chart is **deprecated**. We recommend using the [GitLab Chart](gitlab_chart.md)
instead. A comparison of the two charts is available in [this video](https://youtu.be/Z6jWR8Z8dv8).
It deploys and configures nearly all features of GitLab, including: a [Runner](https://docs.gitlab.com/runner/), [Container Registry](../../user/project/container_registry.html#gitlab-container-registry), [Mattermost](https://docs.gitlab.com/omnibus/gitlab-mattermost/), [automatic SSL](https://github.com/kubernetes/charts/tree/master/stable/kube-lego), and a [load balancer](https://github.com/kubernetes/ingress/tree/master/controllers/nginx). It is based on our [GitLab Omnibus Docker Images](https://docs.gitlab.com/omnibus/docker/README.html). This chart is based on the [GitLab Omnibus Docker images](https://docs.gitlab.com/omnibus/docker/).
It deploys and configures nearly all features of GitLab, including:
Once the [GitLab chart](#gitlab-chart) is GA, this chart will be deprecated. Migrating to the `gitlab` chart will require exporting data out of this instance and importing it into a new deployment. - a [GitLab Runner](https://docs.gitlab.com/runner/)
- [Container Registry](../../user/project/container_registry.html#gitlab-container-registry)
- [Mattermost](https://docs.gitlab.com/omnibus/gitlab-mattermost/)
- [automatic SSL](https://github.com/kubernetes/charts/tree/master/stable/kube-lego)
- and an [NGINX load balancer](https://github.com/kubernetes/ingress/tree/master/controllers/nginx).
Learn more about the [gitlab-omnibus chart](gitlab_omnibus.md). Learn more about the [gitlab-omnibus chart](gitlab_omnibus.md).
......
...@@ -2,19 +2,14 @@ ...@@ -2,19 +2,14 @@
In order to deploy software and settings to a cluster, you must connect and authenticate to it. In order to deploy software and settings to a cluster, you must connect and authenticate to it.
* [GKE cluster](#connect-to-gke-cluster)
* [EKS cluster](#connect-to-eks-cluster)
* [Local minikube cluster](#connect-to-local-minikube-cluster)
## Connect to GKE cluster ## Connect to GKE cluster
The command for connection to the cluster can be obtained from the [Google Cloud Platform Console](https://console.cloud.google.com/kubernetes/list) by the individual cluster. The command for connection to the cluster can be obtained from the
[Google Cloud Platform Console](https://console.cloud.google.com/kubernetes/list)
Look for the **Connect** button in the clusters list page. by the individual cluster.
**Or**
Use the command below, filling in your cluster's informtion: Look for the **Connect** button in the clusters list page or use the command below,
filling in your cluster's information:
``` ```
gcloud container clusters get-credentials <cluster-name> --zone <zone> --project <project-id> gcloud container clusters get-credentials <cluster-name> --zone <zone> --project <project-id>
...@@ -22,7 +17,8 @@ gcloud container clusters get-credentials <cluster-name> --zone <zone> --project ...@@ -22,7 +17,8 @@ gcloud container clusters get-credentials <cluster-name> --zone <zone> --project
## Connect to EKS cluster ## Connect to EKS cluster
For the most up to date instructions, follow the Amazon EKS documentation on [connecting to a cluster](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html#eks-configure-kubectl). For the most up to date instructions, follow the Amazon EKS documentation on
[connecting to a cluster](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html#eks-configure-kubectl).
## Connect to local minikube cluster ## Connect to local minikube cluster
......
# Networking Prerequisites # Networking Prerequisites
> **Note**: Amazon EKS utilizes Elastic Load Balancers, which are addressed by DNS name and cannot be known ahead of time. Skip this section. NOTE: **Note:**
Amazon EKS utilizes Elastic Load Balancers, which are addressed by DNS name and
cannot be known ahead of time. If you're using EKS, you can skip this section.
The `gitlab` chart configures a GitLab server and Kubernetes cluster which can support dynamic [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/index.html), as well as services like the integrated [Container Registry](https://docs.gitlab.com/ee/user/project/container_registry.html). The `gitlab` chart configures a GitLab server and Kubernetes cluster which can support dynamic [Review Apps](https://docs.gitlab.com/ee/ci/review_apps/index.html), as well as services like the integrated [Container Registry](https://docs.gitlab.com/ee/user/project/container_registry.html).
...@@ -30,7 +32,7 @@ Now that an external IP address has been allocated, ensure that the wildcard DNS ...@@ -30,7 +32,7 @@ Now that an external IP address has been allocated, ensure that the wildcard DNS
Please consult the documentation for your DNS service for more information on creating DNS records: Please consult the documentation for your DNS service for more information on creating DNS records:
* [Google Domains](https://support.google.com/domains/answer/3290350?hl=en) - [Google Domains](https://support.google.com/domains/answer/3290350?hl=en)
* [GoDaddy](https://www.godaddy.com/help/add-an-a-record-19238) - [GoDaddy](https://www.godaddy.com/help/add-an-a-record-19238)
Set `global.hosts.domain` to this DNS name when [deploying GitLab](../gitlab_chart.md#configuring-and-installing-gitlab). Set `global.hosts.domain` to this DNS name when [deploying GitLab](../gitlab_chart.md#configuring-and-installing-gitlab).
# Role Based Access Control # Role Based Access Control
Until Kubernetes 1.7, there were no permissions within a cluster. With the launch of 1.7, there is now a role based access control system ([RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)) which determines what services can perform actions within a cluster. Until Kubernetes 1.7, there were no permissions within a cluster. With the launch
of 1.7, there is now a [role based access control system (RBAC)](https://kubernetes.io/docs/admin/authorization/rbac/)
which determines what services can perform actions within a cluster.
RBAC affects a few different aspects of GitLab: RBAC affects a few different aspects of GitLab:
* [Installation of GitLab using Helm](tiller.md#preparing-for-helm-with-rbac)
* Prometheus monitoring
* GitLab Runner
## Checking that RBAC is enabled - [Installation of GitLab using Helm](tiller.md#preparing-for-helm-with-rbac)
- Prometheus monitoring
- GitLab Runner
Try listing the current cluster roles, if it fails then `RBAC` is disabled ## Checking that RBAC is enabled
This command will output `false` if `RBAC` is disabled and `true` otherwise Try listing the current cluster roles, if it fails then `RBAC` is disabled.
The following command will output `false` if `RBAC` is disabled and `true` otherwise:
`kubectl get clusterroles > /dev/null 2>&1 && echo true || echo false` ```sh
kubectl get clusterroles > /dev/null 2>&1 && echo true || echo false
```
# Configuring and initializing Helm Tiller # Configuring and initializing Helm Tiller
To make use of Helm, you must have a [Kubernetes][k8s-io] cluster. Ensure you can access your cluster using `kubectl`. To make use of Helm, you must have a [Kubernetes][k8s-io] cluster. Ensure you can
access your cluster using `kubectl`.
Helm consists of two parts, the `helm` client and a `tiller` server inside Kubernetes. Helm consists of two parts, the `helm` client and a `tiller` server inside Kubernetes.
> **Note**: If you are not able to run Tiller in your cluster, for example on OpenShift, it is possible to use [Tiller locally](https://gitlab.com/charts/gitlab/tree/master/doc/helm#local-tiller) and avoid deploying it into the cluster. This should only be used when Tiller cannot be normally deployed. NOTE: **Note:**
If you are not able to run Tiller in your cluster, for example on OpenShift, it
is possible to use [Tiller locally](https://gitlab.com/charts/gitlab/tree/master/doc/helm#local-tiller)
and avoid deploying it into the cluster. This should only be used when Tiller
cannot be normally deployed.
## Initialize Helm and Tiller ## Initialize Helm and Tiller
......
...@@ -31,9 +31,9 @@ account, in order to maximize the integrated GitLab projects used by your team. ...@@ -31,9 +31,9 @@ account, in order to maximize the integrated GitLab projects used by your team.
Enter a useful name for the `Name` field. Enter a useful name for the `Name` field.
For the `Redirect URI` field, enter `https://<your-gitlab-instance-domain>/-/jira/login/oauth/callback`, For the `Redirect URI` field, enter `https://<your-gitlab-instance-domain>/login/oauth/callback`,
replacing `<your-gitlab-instance-domain>` appropriately. So for example, if you are using GitLab.com, replacing `<your-gitlab-instance-domain>` appropriately. So for example, if you are using GitLab.com,
this would be `https://gitlab.com/-/jira/login/oauth/callback`. this would be `https://gitlab.com/login/oauth/callback`.
![GitLab Application setup](img/jira_dev_panel_gl_setup_1.png) ![GitLab Application setup](img/jira_dev_panel_gl_setup_1.png)
- Check `api` in the Scopes section. - Check `api` in the Scopes section.
...@@ -58,9 +58,9 @@ from the left navigation menu. Click `Link GitHub account` to start creating a n ...@@ -58,9 +58,9 @@ from the left navigation menu. Click `Link GitHub account` to start creating a n
![Creation of Jira DVCS integration](img/jira_dev_panel_jira_setup_2.png) ![Creation of Jira DVCS integration](img/jira_dev_panel_jira_setup_2.png)
For the `Host URL` field, enter `https://<your-gitlab-instance-domain>/-/jira`, For the `Host URL` field, enter `https://<your-gitlab-instance-domain>/`,
replacing `<your-gitlab-instance-domain>` appropriately. So for example, if you are using GitLab.com, replacing `<your-gitlab-instance-domain>` appropriately. So for example, if you are using GitLab.com,
this would be `https://gitlab.com/-/jira`. this would be `https://gitlab.com/`.
For the `Client ID` field, use the `Application ID` value from the previous section. For the `Client ID` field, use the `Application ID` value from the previous section.
......
...@@ -26,7 +26,6 @@ module EE ...@@ -26,7 +26,6 @@ module EE
def define_protected_env_variables def define_protected_env_variables
@protected_environments = @project.protected_environments.order(:name) @protected_environments = @project.protected_environments.order(:name)
@protected_environments_count = @protected_environments.count
@protected_environment = @project.protected_environments.new @protected_environment = @project.protected_environments.new
end end
......
...@@ -11,7 +11,7 @@ ...@@ -11,7 +11,7 @@
%col{ width: '10%' } %col{ width: '10%' }
%thead %thead
%tr %tr
%th= s_('ProtectedEnvironment|Protected Environment (%{protected_environments_count})') % { protected_environments_count: @protected_environments_count } %th= s_('ProtectedEnvironment|Protected Environment (%{protected_environments_count})') % { protected_environments_count: limited_counter_with_delimiter(@protected_environments) }
%th= s_('ProtectedEnvironment|Allowed to deploy') %th= s_('ProtectedEnvironment|Allowed to deploy')
- if can_admin_project - if can_admin_project
%th %th
......
---
title: Fix Jira integration duplicating branches and MRs
merge_request: 6876
author:
type: fixed
---
title: Use limited count approach on Protected Environments view
merge_request: 6987
author:
type: performance
...@@ -98,30 +98,42 @@ module API ...@@ -98,30 +98,42 @@ module API
# Jira handles the filtering, presenting just MRs mentioning the Jira # Jira handles the filtering, presenting just MRs mentioning the Jira
# issue ID on the MR title / description. # issue ID on the MR title / description.
resource :repos do resource :repos do
# Keeping for backwards compatibility with old Jira integration instructions
# so that users that do not change it will not suddenly have a broken integration
get '/-/jira/pulls' do get '/-/jira/pulls' do
present find_merge_requests, with: ::API::Github::Entities::PullRequest present find_merge_requests, with: ::API::Github::Entities::PullRequest
end end
params do
use :project_full_path
end
get ':namespace/:project/pulls', requirements: PROJECT_ENDPOINT_REQUIREMENTS do
user_project = find_project_with_access(params)
merge_requests = MergeRequestsFinder.new(current_user, authorized_only: true, project_id: user_project.id).execute
present paginate(merge_requests), with: ::API::Github::Entities::PullRequest
end
# In Github, each Merge Request is automatically also an issue. # In Github, each Merge Request is automatically also an issue.
# Therefore we return its comments here. # Therefore we return its comments here.
# It'll present _just_ the comments counting with a link to GitLab on # It'll present _just_ the comments counting with a link to GitLab on
# Jira dev panel, not the actual note content. # Jira dev panel, not the actual note content.
# get ':namespace/:project/issues/:id/comments' do
get '/-/jira/issues/:id/comments' do
merge_request = find_merge_request_with_access(params[:id]) merge_request = find_merge_request_with_access(params[:id])
present find_notes(merge_request), with: ::API::Github::Entities::NoteableComment present find_notes(merge_request), with: ::API::Github::Entities::NoteableComment
end end
# This refers to "review" comments but Jira dev panel doesn't seem to # This refer to "review" comments but Jira dev panel doesn't seem to
# present it accordingly. # present it accordingly.
get '/-/jira/pulls/:id/comments' do get ':namespace/:project/pulls/:id/comments' do
present [] present []
end end
# Commits are not presented within "Pull Requests" modal on Jira dev # Commits are not presented within "Pull Requests" modal on Jira dev
# panel. # panel.
get '/-/jira/pulls/:id/commits' do get ':namespace/:project/pulls/:id/commits' do
present [] present []
end end
...@@ -129,7 +141,7 @@ module API ...@@ -129,7 +141,7 @@ module API
# after fetching branches. # after fetching branches.
# We need to respond with a 200 request to avoid breaking the # We need to respond with a 200 request to avoid breaking the
# integration flow (fetching merge requests). # integration flow (fetching merge requests).
get '/-/jira/events' do get ':namespace/:project/events' do
present [] present []
end end
......
...@@ -35,7 +35,7 @@ describe Oauth::Jira::AuthorizationsController do ...@@ -35,7 +35,7 @@ describe Oauth::Jira::AuthorizationsController do
'client_id' => 'client-123', 'client_id' => 'client-123',
'client_secret' => 'secret-123', 'client_secret' => 'secret-123',
'grant_type' => 'authorization_code', 'grant_type' => 'authorization_code',
'redirect_uri' => 'http://test.host/-/jira/login/oauth/callback' } 'redirect_uri' => 'http://test.host/login/oauth/callback' }
expect(Gitlab::HTTP).to receive(:post).with(oauth_token_url, allow_local_requests: true, body: expected_auth_params) do expect(Gitlab::HTTP).to receive(:post).with(oauth_token_url, allow_local_requests: true, body: expected_auth_params) do
{ 'access_token' => 'fake-123', 'scope' => 'foo', 'token_type' => 'bar' } { 'access_token' => 'fake-123', 'scope' => 'foo', 'token_type' => 'bar' }
......
...@@ -95,7 +95,13 @@ describe 'New project' do ...@@ -95,7 +95,13 @@ describe 'New project' do
click_button 'Create project' click_button 'Create project'
created_project = Project.last created_project = Project.last
expect(current_path).to eq(project_path(created_project))
if Gitlab.rails5?
expect(current_path).to eq(project_import_path(created_project))
else
expect(current_path).to eq(project_path(created_project))
end
expect(created_project.project_feature).to be_issues_enabled expect(created_project.project_feature).to be_issues_enabled
end end
end end
...@@ -113,7 +119,13 @@ describe 'New project' do ...@@ -113,7 +119,13 @@ describe 'New project' do
click_button 'Create project' click_button 'Create project'
created_project = Project.last created_project = Project.last
expect(current_path).to eq(project_path(created_project))
if Gitlab.rails5?
expect(current_path).to eq(project_import_path(created_project))
else
expect(current_path).to eq(project_path(created_project))
end
expect(created_project.mirror).to eq(true) expect(created_project.mirror).to eq(true)
expect(created_project.project_feature).not_to be_issues_enabled expect(created_project.project_feature).not_to be_issues_enabled
end end
......
...@@ -3,10 +3,12 @@ require 'spec_helper' ...@@ -3,10 +3,12 @@ require 'spec_helper'
describe API::V3::Github do describe API::V3::Github do
let(:user) { create(:user) } let(:user) { create(:user) }
let!(:project) { create(:project, :repository, creator: user) } let!(:project) { create(:project, :repository, creator: user) }
let!(:project2) { create(:project, :repository, creator: user) }
before do before do
allow(Gitlab::Jira::Middleware).to receive(:jira_dvcs_connector?) { true } allow(Gitlab::Jira::Middleware).to receive(:jira_dvcs_connector?) { true }
project.add_maintainer(user) project.add_maintainer(user)
project2.add_maintainer(user)
end end
describe 'GET /orgs/:namespace/repos' do describe 'GET /orgs/:namespace/repos' do
...@@ -37,91 +39,125 @@ describe API::V3::Github do ...@@ -37,91 +39,125 @@ describe API::V3::Github do
end end
end end
describe 'GET /repos/-/jira/events' do shared_examples_for 'Jira-specific mimicked GitHub endpoints' do
it 'returns an empty array' do describe 'GET /repos/.../events' do
get v3_api('/repos/-/jira/events', user) it 'returns an empty array' do
get v3_api("/repos/#{path}/events", user)
expect(response).to have_gitlab_http_status(200) expect(response).to have_gitlab_http_status(200)
expect(json_response).to eq([]) expect(json_response).to eq([])
end end
end
describe 'GET /-/jira/pulls' do
let(:assignee) { create(:user) }
let!(:merge_request) do
create(:merge_request, source_project: project, target_project: project, author: user, assignee: assignee)
end end
it 'returns an array of merge requests with github format' do describe 'GET /.../issues/:id/comments' do
stub_licensed_features(jira_dev_panel_integration: true) context 'when user has access to the merge request' do
let(:merge_request) do
create(:merge_request, source_project: project, target_project: project)
end
let!(:note) do
create(:note, project: project, noteable: merge_request)
end
get v3_api('/repos/-/jira/pulls', user) it 'returns an array of notes' do
stub_licensed_features(jira_dev_panel_integration: true)
expect(response).to have_gitlab_http_status(200) get v3_api("/repos/#{path}/issues/#{merge_request.id}/comments", user)
expect(json_response).to be_an(Array)
expect(json_response.size).to eq(1)
expect(response).to match_response_schema('entities/github/pull_requests', dir: 'ee')
end
end
describe 'GET /-/jira/issues/:id/comments' do expect(response).to have_gitlab_http_status(200)
context 'when user has access to the merge request' do expect(json_response).to be_an(Array)
let(:merge_request) do expect(json_response.size).to eq(1)
create(:merge_request, source_project: project, target_project: project) end
end
let!(:note) do
create(:note, project: project, noteable: merge_request)
end end
it 'returns an array of notes' do context 'when user has no access to the merge request' do
stub_licensed_features(jira_dev_panel_integration: true) let(:private_project) { create(:project, :private) }
let(:merge_request) do
create(:merge_request, source_project: private_project, target_project: private_project)
end
let!(:note) do
create(:note, project: private_project, noteable: merge_request)
end
get v3_api("/repos/-/jira/issues/#{merge_request.id}/comments", user) before do
private_project.add_guest(user)
end
expect(response).to have_gitlab_http_status(200) it 'returns 404' do
expect(json_response).to be_an(Array) stub_licensed_features(jira_dev_panel_integration: true)
expect(json_response.size).to eq(1)
get v3_api("/repos/#{path}/issues/#{merge_request.id}/comments", user)
expect(response).to have_gitlab_http_status(404)
end
end end
end end
context 'when user has no access to the merge request' do describe 'GET /.../pulls/:id/commits' do
let(:private_project) { create(:project, :private) } it 'returns an empty array' do
let(:merge_request) do get v3_api("/repos/#{path}/pulls/xpto/commits", user)
create(:merge_request, source_project: private_project, target_project: private_project)
end
let!(:note) do
create(:note, project: private_project, noteable: merge_request)
end
before do expect(response).to have_gitlab_http_status(200)
private_project.add_guest(user) expect(json_response).to eq([])
end end
end
it 'returns 404' do describe 'GET /.../pulls/:id/comments' do
stub_licensed_features(jira_dev_panel_integration: true) it 'returns an empty array' do
get v3_api("/repos/#{path}/pulls/xpto/comments", user)
get v3_api("/repos/-/jira/issues/#{merge_request.id}/comments", user)
expect(response).to have_gitlab_http_status(404) expect(response).to have_gitlab_http_status(200)
expect(json_response).to eq([])
end end
end end
end end
describe 'GET /-/jira/pulls/:id/commits' do # Here we test that using /-/jira as namespace/project still works,
it 'returns an empty array' do # since that is how old Jira setups will talk to us
get v3_api("/repos/-/jira/pulls/xpto/commits", user) context 'old /-/jira endpoints' do
it_behaves_like 'Jira-specific mimicked GitHub endpoints' do
let(:path) { '-/jira' }
end
end
expect(response).to have_gitlab_http_status(200) context 'new :namespace/:project jira endpoints' do
expect(json_response).to eq([]) it_behaves_like 'Jira-specific mimicked GitHub endpoints' do
let(:path) { "#{project.namespace.path}/#{project.path}" }
end end
end end
describe 'GET /-/jira/pulls/:id/comments' do describe 'repo pulls' do
it 'returns an empty array' do let(:assignee) { create(:user) }
get v3_api("/repos/-/jira/pulls/xpto/comments", user) let!(:merge_request) do
create(:merge_request, source_project: project, target_project: project, author: user, assignee: assignee)
end
let!(:merge_request_2) do
create(:merge_request, source_project: project2, target_project: project2, author: user, assignee: assignee)
end
expect(response).to have_gitlab_http_status(200) describe 'GET /-/jira/pulls' do
expect(json_response).to eq([]) it 'returns an array of merge requests with github format' do
stub_licensed_features(jira_dev_panel_integration: true)
get v3_api('/repos/-/jira/pulls', user)
expect(response).to have_gitlab_http_status(200)
expect(json_response).to be_an(Array)
expect(json_response.size).to eq(2)
expect(response).to match_response_schema('entities/github/pull_requests', dir: 'ee')
end
end
describe 'GET /repos/:namespace/:project/pulls' do
it 'returns an array of merge requests for the proper project in github format' do
stub_licensed_features(jira_dev_panel_integration: true)
get v3_api("/repos/#{project.namespace.path}/#{project.path}/pulls", user)
expect(response).to have_gitlab_http_status(200)
expect(json_response).to be_an(Array)
expect(json_response.size).to eq(1)
expect(response).to match_response_schema('entities/github/pull_requests', dir: 'ee')
end
end end
end end
......
...@@ -389,7 +389,7 @@ module API ...@@ -389,7 +389,7 @@ module API
requires :forked_from_id, type: String, desc: 'The ID of the project it was forked from' requires :forked_from_id, type: String, desc: 'The ID of the project it was forked from'
end end
post ":id/fork/:forked_from_id" do post ":id/fork/:forked_from_id" do
authenticated_as_admin! authorize! :admin_project, user_project
fork_from_project = find_project!(params[:forked_from_id]) fork_from_project = find_project!(params[:forked_from_id])
......
...@@ -40,6 +40,7 @@ module Gitlab ...@@ -40,6 +40,7 @@ module Gitlab
invites invites
jwt jwt
koding koding
login
notification_settings notification_settings
oauth oauth
profile profile
......
...@@ -402,7 +402,7 @@ describe API::Projects do ...@@ -402,7 +402,7 @@ describe API::Projects do
context 'and with min_access_level' do context 'and with min_access_level' do
before do before do
project2.add_master(user2) project2.add_maintainer(user2)
project3.add_developer(user2) project3.add_developer(user2)
project4.add_reporter(user2) project4.add_reporter(user2)
end end
...@@ -1171,47 +1171,87 @@ describe API::Projects do ...@@ -1171,47 +1171,87 @@ describe API::Projects do
describe 'fork management' do describe 'fork management' do
let(:project_fork_target) { create(:project) } let(:project_fork_target) { create(:project) }
let(:project_fork_source) { create(:project, :public) } let(:project_fork_source) { create(:project, :public) }
let(:private_project_fork_source) { create(:project, :private) }
describe 'POST /projects/:id/fork/:forked_from_id' do describe 'POST /projects/:id/fork/:forked_from_id' do
let(:new_project_fork_source) { create(:project, :public) } context 'user is a developer' do
before do
project_fork_target.add_developer(user)
end
it "is not available for non admin users" do it 'denies project to be forked from an existing project' do
post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", user) post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", user)
expect(response).to have_gitlab_http_status(403)
end
it 'allows project to be forked from an existing project' do expect(response).to have_gitlab_http_status(403)
expect(project_fork_target.forked?).not_to be_truthy end
post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
expect(response).to have_gitlab_http_status(201)
project_fork_target.reload
expect(project_fork_target.forked_from_project.id).to eq(project_fork_source.id)
expect(project_fork_target.forked_project_link).not_to be_nil
expect(project_fork_target.forked?).to be_truthy
end end
it 'refreshes the forks count cache' do it 'refreshes the forks count cache' do
expect(project_fork_source.forks_count).to be_zero expect(project_fork_source.forks_count).to be_zero
end
context 'user is maintainer' do
before do
project_fork_target.add_maintainer(user)
end
post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin) it 'allows project to be forked from an existing project' do
expect(project_fork_target).not_to be_forked
expect(project_fork_source.forks_count).to eq(1) post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", user)
end project_fork_target.reload
it 'fails if forked_from project which does not exist' do expect(response).to have_gitlab_http_status(201)
post api("/projects/#{project_fork_target.id}/fork/9999", admin) expect(project_fork_target.forked_from_project.id).to eq(project_fork_source.id)
expect(response).to have_gitlab_http_status(404) expect(project_fork_target.forked_project_link).to be_present
expect(project_fork_target).to be_forked
end
it 'denies project to be forked from a private project' do
post api("/projects/#{project_fork_target.id}/fork/#{private_project_fork_source.id}", user)
expect(response).to have_gitlab_http_status(404)
end
end end
it 'fails with 409 if already forked' do context 'user is admin' do
post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin) it 'allows project to be forked from an existing project' do
project_fork_target.reload expect(project_fork_target).not_to be_forked
expect(project_fork_target.forked_from_project.id).to eq(project_fork_source.id)
post api("/projects/#{project_fork_target.id}/fork/#{new_project_fork_source.id}", admin) post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
expect(response).to have_gitlab_http_status(409)
project_fork_target.reload expect(response).to have_gitlab_http_status(201)
expect(project_fork_target.forked_from_project.id).to eq(project_fork_source.id) end
expect(project_fork_target.forked?).to be_truthy
it 'allows project to be forked from a private project' do
post api("/projects/#{project_fork_target.id}/fork/#{private_project_fork_source.id}", admin)
expect(response).to have_gitlab_http_status(201)
end
it 'refreshes the forks count cachce' do
expect do
post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
end.to change(project_fork_source, :forks_count).by(1)
end
it 'fails if forked_from project which does not exist' do
post api("/projects/#{project_fork_target.id}/fork/9999", admin)
expect(response).to have_gitlab_http_status(404)
end
it 'fails with 409 if already forked' do
other_project_fork_source = create(:project, :public)
Projects::ForkService.new(project_fork_source, admin).execute(project_fork_target)
post api("/projects/#{project_fork_target.id}/fork/#{other_project_fork_source.id}", admin)
project_fork_target.reload
expect(response).to have_gitlab_http_status(409)
expect(project_fork_target.forked_from_project.id).to eq(project_fork_source.id)
expect(project_fork_target).to be_forked
end
end end
end end
...@@ -1233,8 +1273,8 @@ describe API::Projects do ...@@ -1233,8 +1273,8 @@ describe API::Projects do
before do before do
post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin) post api("/projects/#{project_fork_target.id}/fork/#{project_fork_source.id}", admin)
project_fork_target.reload project_fork_target.reload
expect(project_fork_target.forked_from_project).not_to be_nil expect(project_fork_target.forked_from_project).to be_present
expect(project_fork_target.forked?).to be_truthy expect(project_fork_target).to be_forked
end end
it 'makes forked project unforked' do it 'makes forked project unforked' do
...@@ -1243,7 +1283,7 @@ describe API::Projects do ...@@ -1243,7 +1283,7 @@ describe API::Projects do
expect(response).to have_gitlab_http_status(204) expect(response).to have_gitlab_http_status(204)
project_fork_target.reload project_fork_target.reload
expect(project_fork_target.forked_from_project).to be_nil expect(project_fork_target.forked_from_project).to be_nil
expect(project_fork_target.forked?).not_to be_truthy expect(project_fork_target).not_to be_forked
end end
it_behaves_like '412 response' do it_behaves_like '412 response' do
...@@ -1278,8 +1318,8 @@ describe API::Projects do ...@@ -1278,8 +1318,8 @@ describe API::Projects do
before do before do
post api("/projects/#{private_fork.id}/fork/#{project_fork_source.id}", admin) post api("/projects/#{private_fork.id}/fork/#{project_fork_source.id}", admin)
private_fork.reload private_fork.reload
expect(private_fork.forked_from_project).not_to be_nil expect(private_fork.forked_from_project).to be_present
expect(private_fork.forked?).to be_truthy expect(private_fork).to be_forked
project_fork_source.reload project_fork_source.reload
expect(project_fork_source.forks.length).to eq(1) expect(project_fork_source.forks.length).to eq(1)
expect(project_fork_source.forks).to include(private_fork) expect(project_fork_source.forks).to include(private_fork)
......
...@@ -264,6 +264,14 @@ describe Projects::ForkService do ...@@ -264,6 +264,14 @@ describe Projects::ForkService do
expect(fork_from_project.forks_count).to eq(1) expect(fork_from_project.forks_count).to eq(1)
end end
it 'leaves no LFS objects dangling' do
create(:lfs_objects_project, project: fork_to_project)
expect { subject.execute(fork_to_project) }
.to change { fork_to_project.lfs_objects_projects.count }
.to(0)
end
end end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment