Commit 33185181 authored by GitLab Bot's avatar GitLab Bot

Add latest changes from gitlab-org/gitlab@master

parent 4e516dbf
......@@ -176,6 +176,7 @@ module ApplicationSettingsHelper
:container_registry_token_expire_delay,
:default_artifacts_expire_in,
:default_branch_protection,
:default_ci_config_path,
:default_group_visibility,
:default_project_creation,
:default_project_visibility,
......
......@@ -297,6 +297,12 @@ class ApplicationSetting < ApplicationRecord
pass: :external_auth_client_key_pass,
if: -> (setting) { setting.external_auth_client_cert.present? }
validates :default_ci_config_path,
format: { without: %r{(\.{2}|\A/)},
message: N_('cannot include leading slash or directory traversal.') },
length: { maximum: 255 },
allow_blank: true
attr_encrypted :asset_proxy_secret_key,
mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base_truncated,
......
......@@ -42,6 +42,7 @@ module ApplicationSettingImplementation
container_registry_token_expire_delay: 5,
default_artifacts_expire_in: '30 days',
default_branch_protection: Settings.gitlab['default_branch_protection'],
default_ci_config_path: nil,
default_group_visibility: Settings.gitlab.default_projects_features['visibility_level'],
default_project_creation: Settings.gitlab['default_project_creation'],
default_project_visibility: Settings.gitlab.default_projects_features['visibility_level'],
......
......@@ -21,6 +21,7 @@ module Clusters
}
FETCH_IP_ADDRESS_DELAY = 30.seconds
MODSEC_SIDECAR_INITIAL_DELAY_SECONDS = 10
state_machine :status do
after_transition any => [:installed] do |application|
......@@ -81,11 +82,39 @@ module Clusters
"enable-owasp-modsecurity-crs" => "true",
"modsecurity.conf" => modsecurity_config_content
},
"extraContainers" => [
{
"name" => "modsecurity-log",
"image" => "busybox",
"args" => [
"/bin/sh",
"-c",
"tail -f /var/log/modsec/audit.log"
],
"volumeMounts" => [
{
"name" => "modsecurity-log-volume",
"mountPath" => "/var/log/modsec",
"readOnly" => true
}
],
"startupProbe" => {
"exec" => {
"command" => ["ls", "/var/log/modsec"]
},
"initialDelaySeconds" => MODSEC_SIDECAR_INITIAL_DELAY_SECONDS
}
}
],
"extraVolumeMounts" => [
{
"name" => "modsecurity-template-volume",
"mountPath" => "/etc/nginx/modsecurity/modsecurity.conf",
"subPath" => "modsecurity.conf"
},
{
"name" => "modsecurity-log-volume",
"mountPath" => "/var/log/modsec"
}
],
"extraVolumes" => [
......@@ -100,6 +129,10 @@ module Clusters
}
]
}
},
{
"name" => "modsecurity-log-volume",
"emptyDir" => {}
}
]
}
......
......@@ -108,10 +108,6 @@ module Noteable
discussions_resolvable? && resolvable_discussions.none?(&:to_be_resolved?)
end
def discussions_to_be_resolved?
discussions_resolvable? && !discussions_resolved?
end
def discussions_to_be_resolved
@discussions_to_be_resolved ||= resolvable_discussions.select(&:to_be_resolved?)
end
......
......@@ -68,6 +68,7 @@ class MergeRequest < ApplicationRecord
has_many :cached_closes_issues, through: :merge_requests_closing_issues, source: :issue
has_many :pipelines_for_merge_request, foreign_key: 'merge_request_id', class_name: 'Ci::Pipeline'
has_many :suggestions, through: :notes
has_many :unresolved_notes, -> { unresolved }, as: :noteable, class_name: 'Note'
has_many :merge_request_assignees
has_many :assignees, class_name: "User", through: :merge_request_assignees
......@@ -211,7 +212,7 @@ class MergeRequest < ApplicationRecord
scope :join_project, -> { joins(:target_project) }
scope :references_project, -> { references(:target_project) }
scope :with_api_entity_associations, -> {
preload(:assignees, :author, :notes, :labels, :milestone, :timelogs,
preload(:assignees, :author, :unresolved_notes, :labels, :milestone, :timelogs,
latest_merge_request_diff: [:merge_request_diff_commits],
metrics: [:latest_closed_by, :merged_by],
target_project: [:route, { namespace: :route }],
......@@ -923,7 +924,7 @@ class MergeRequest < ApplicationRecord
def mergeable_discussions_state?
return true unless project.only_allow_merge_if_all_discussions_are_resolved?
!discussions_to_be_resolved?
unresolved_notes.none?(&:to_be_resolved?)
end
def for_fork?
......
......@@ -92,6 +92,7 @@ class Project < ApplicationRecord
default_value_for :snippets_enabled, gitlab_config_features.snippets
default_value_for :only_allow_merge_if_all_discussions_are_resolved, false
default_value_for :remove_source_branch_after_merge, true
default_value_for(:ci_config_path) { Gitlab::CurrentSettings.default_ci_config_path }
add_authentication_token_field :runners_token, encrypted: -> { Feature.enabled?(:projects_tokens_optional_encryption, default_enabled: true) ? :optional : :required }
......
......@@ -53,5 +53,11 @@
= s_('AdminSettings|Environment variables are protected by default')
.form-text.text-muted
= s_('AdminSettings|When creating a new environment variable it will be protected by default.')
.form-group
= f.label :ci_config_path, _('Default CI configuration path'), class: 'label-bold'
= f.text_field :default_ci_config_path, class: 'form-control', placeholder: '.gitlab-ci.yml'
%p.form-text.text-muted
= _("The default CI configuration path for new projects.").html_safe
= link_to icon('question-circle'), help_page_path('user/project/pipelines/settings', anchor: 'custom-ci-config-path'), target: '_blank'
= f.submit _('Save changes'), class: "btn btn-success"
---
title: Add modsecurity logging sidecar to ingress controller
merge_request: 19600
author:
type: added
---
title: Add index on marked_for_deletion_at in projects table
merge_request: 19788
author:
type: other
---
title: Add index for authenticated requests to projects API default endpoint
merge_request: 19993
author:
type: performance
---
title: Allow to define a default CI configuration path for new projects
merge_request: 18073
author: Mathieu Parent
type: added
---
title: Optimize MergeRequest#mergeable_discussions_state? method
merge_request: 19988
author:
type: performance
# frozen_string_literal: true
class AddIndexToProjectsOnMarkedForDeletion < ActiveRecord::Migration[5.2]
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
disable_ddl_transaction!
def up
add_concurrent_index :projects, :marked_for_deletion_at, where: 'marked_for_deletion_at IS NOT NULL'
end
def down
remove_concurrent_index :projects, :marked_for_deletion_at
end
end
# frozen_string_literal: true
class DefaultCiConfigPath < ActiveRecord::Migration[5.2]
DOWNTIME = false
def up
add_column :application_settings, :default_ci_config_path, :string, limit: 255
end
def down
remove_column :application_settings, :default_ci_config_path
end
end
# frozen_string_literal: true
class AddIndexesForProjectsApiDefaultParamsAuthenticated < ActiveRecord::Migration[5.2]
include Gitlab::Database::MigrationHelpers
DOWNTIME = false
disable_ddl_transaction!
def up
add_concurrent_index :projects, %i(created_at id)
remove_concurrent_index_by_name :projects, 'index_projects_on_created_at'
end
def down
add_concurrent_index :projects, :created_at
remove_concurrent_index_by_name :projects, 'index_projects_on_created_at_and_id'
end
end
......@@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
ActiveRecord::Schema.define(version: 2019_11_12_214305) do
ActiveRecord::Schema.define(version: 2019_11_12_221821) do
# These are extensions that must be enabled in order to support this database
enable_extension "pg_trgm"
......@@ -351,6 +351,7 @@ ActiveRecord::Schema.define(version: 2019_11_12_214305) do
t.text "encrypted_eks_secret_access_key"
t.string "snowplow_app_id"
t.datetime_with_timezone "productivity_analytics_start_date"
t.string "default_ci_config_path", limit: 255
t.index ["custom_project_templates_group_id"], name: "index_application_settings_on_custom_project_templates_group_id"
t.index ["file_template_project_id"], name: "index_application_settings_on_file_template_project_id"
t.index ["instance_administration_project_id"], name: "index_applicationsettings_on_instance_administration_project_id"
......@@ -3121,7 +3122,7 @@ ActiveRecord::Schema.define(version: 2019_11_12_214305) do
t.integer "marked_for_deletion_by_user_id"
t.index "lower((name)::text)", name: "index_projects_on_lower_name"
t.index ["archived", "pending_delete", "merge_requests_require_code_owner_approval"], name: "projects_requiring_code_owner_approval", where: "((pending_delete = false) AND (archived = false) AND (merge_requests_require_code_owner_approval = true))"
t.index ["created_at"], name: "index_projects_on_created_at"
t.index ["created_at", "id"], name: "index_projects_on_created_at_and_id"
t.index ["creator_id"], name: "index_projects_on_creator_id"
t.index ["description"], name: "index_projects_on_description_trigram", opclass: :gin_trgm_ops, using: :gin
t.index ["id", "repository_storage", "last_repository_updated_at"], name: "idx_projects_on_repository_storage_last_repository_updated_at"
......@@ -3131,6 +3132,7 @@ ActiveRecord::Schema.define(version: 2019_11_12_214305) do
t.index ["last_repository_check_at"], name: "index_projects_on_last_repository_check_at", where: "(last_repository_check_at IS NOT NULL)"
t.index ["last_repository_check_failed"], name: "index_projects_on_last_repository_check_failed"
t.index ["last_repository_updated_at"], name: "index_projects_on_last_repository_updated_at"
t.index ["marked_for_deletion_at"], name: "index_projects_on_marked_for_deletion_at", where: "(marked_for_deletion_at IS NOT NULL)"
t.index ["marked_for_deletion_by_user_id"], name: "index_projects_on_marked_for_deletion_by_user_id", where: "(marked_for_deletion_by_user_id IS NOT NULL)"
t.index ["mirror_last_successful_update_at"], name: "index_projects_on_mirror_last_successful_update_at"
t.index ["mirror_user_id"], name: "index_projects_on_mirror_user_id"
......
......@@ -34,7 +34,7 @@ The MemoryKiller is controlled using environment variables.
In _daemon_ mode, the MemoryKiller checks the Sidekiq process RSS every 3 seconds
(defined by `SIDEKIQ_MEMORY_KILLER_CHECK_INTERVAL`).
- `SIDEKIQ_MEMORY_KILLER_MAX_RSS`: if this variable is set, and its value is greater
- `SIDEKIQ_MEMORY_KILLER_MAX_RSS` (KB): if this variable is set, and its value is greater
than 0, the MemoryKiller is enabled. Otherwise the MemoryKiller is disabled.
`SIDEKIQ_MEMORY_KILLER_MAX_RSS` defines the Sidekiq process allowed RSS.
......@@ -52,7 +52,7 @@ The MemoryKiller is controlled using environment variables.
[in the Omnibus GitLab
repository](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/attributes/default.rb).
- `SIDEKIQ_MEMORY_KILLER_HARD_LIMIT_RSS`: is used by _daemon_ mode. If the Sidekiq
- `SIDEKIQ_MEMORY_KILLER_HARD_LIMIT_RSS` (KB): is used by _daemon_ mode. If the Sidekiq
process RSS (expressed in kilobytes) exceeds `SIDEKIQ_MEMORY_KILLER_HARD_LIMIT_RSS`,
an immediate graceful restart of Sidekiq is triggered.
......
......@@ -40,6 +40,7 @@ Example response:
"domain_blacklist_enabled" : false,
"domain_blacklist" : [],
"created_at" : "2016-01-04T15:44:55.176Z",
"default_ci_config_path" : null,
"default_project_visibility" : "private",
"default_group_visibility" : "private",
"gravatar_enabled" : true,
......@@ -113,6 +114,7 @@ Example response:
"restricted_visibility_levels": [],
"max_attachment_size": 10,
"session_expire_delay": 10080,
"default_ci_config_path" : null,
"default_project_visibility": "internal",
"default_snippet_visibility": "private",
"default_group_visibility": "private",
......@@ -198,6 +200,7 @@ are listed in the descriptions of the relevant settings.
| `container_registry_token_expire_delay` | integer | no | Container Registry token duration in minutes. |
| `default_artifacts_expire_in` | string | no | Set the default expiration time for each job's artifacts. |
| `default_branch_protection` | integer | no | Determine if developers can push to master. Can take: `0` _(not protected, both developers and maintainers can push new commits, force push, or delete the branch)_, `1` _(partially protected, developers and maintainers can push new commits, but cannot force push or delete the branch)_ or `2` _(fully protected, developers cannot push new commits, but maintainers can; no-one can force push or delete the branch)_ as a parameter. Default is `2`. |
| `default_ci_config_path` | string | no | Default CI configuration path for new projects (`.gitlab-ci.yml` if not set). |
| `default_group_visibility` | string | no | What visibility level new groups receive. Can take `private`, `internal` and `public` as a parameter. Default is `private`. |
| `default_project_creation` | integer | no | Default project creation protection. Can take: `0` _(No one)_, `1` _(Maintainers)_ or `2` _(Developers + Maintainers)_|
| `default_projects_limit` | integer | no | Project limit per user. Default is `100000`. |
......
......@@ -2023,8 +2023,6 @@ Defining an empty array will skip downloading any artifacts for that job.
The status of the previous job is not considered when using `dependencies`, so
if it failed or it is a manual job that was not run, no error occurs.
---
In the following example, we define two jobs with artifacts, `build:osx` and
`build:linux`. When the `test:osx` is executed, the artifacts from `build:osx`
will be downloaded and extracted in the context of the build. The same happens
......
......@@ -67,8 +67,6 @@ This document was moved to [another location](path/to/new_doc.md).
where `path/to/new_doc.md` is the relative path to the root directory `doc/`.
---
For example, if you move `doc/workflow/lfs/lfs_administration.md` to
`doc/administration/lfs.md`, then the steps would be:
......
......@@ -604,9 +604,6 @@ Inside the document:
- Always use a proper description for what the image is about. That way, when a
browser fails to show the image, this text will be used as an alternative
description.
- If there are consecutive images with little text between them, always add
three dashes (`---`) between the image and the text to create a horizontal
line for better clarity.
- If a heading is placed right after an image, always add three dashes (`---`)
between the image and the heading.
......
......@@ -23,8 +23,6 @@ tools that will help us achieve our goal.
For a video demonstration on installing GitLab on OpenShift, check the article [In 13 minutes from Kubernetes to a complete application development tool](https://about.gitlab.com/blog/2016/11/14/idea-to-production/).
---
## Prerequisites
CAUTION: **Caution:** This information is no longer up to date, as the current versions
......
......@@ -134,6 +134,19 @@ Once that time passes, the jobs will be archived and no longer able to be
retried. Make it empty to never expire jobs. It has to be no less than 1 day,
for example: <code>15 days</code>, <code>1 month</code>, <code>2 years</code>.
## Default CI configuration path
> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/18073) in GitLab 12.5.
The default CI configuration file path for new projects can be set in the Admin
area of your GitLab instance (`.gitlab-ci.yml` if not set):
1. Go to **Admin area > Settings > Continuous Integration and Deployment**.
1. Input the new path in the **Default CI configuration path** field.
1. Hit **Save changes** for the changes to take effect.
It is also possible to specify a [custom CI configuration path for a specific project](../../project/pipelines/settings.md#custom-ci-configuration-path).
<!-- ## Troubleshooting
Include any troubleshooting steps that you can foresee. If you know beforehand what issues
......
......@@ -263,7 +263,7 @@ This feature:
For example:
```sh
kubectl -n gitlab-managed-apps exec -it $(kubectl get pods -n gitlab-managed-apps | grep 'ingress-controller' | awk '{print $1}') -- tail -f /var/log/modsec_audit.log
kubectl -n gitlab-managed-apps exec -it $(kubectl get pods -n gitlab-managed-apps | grep 'ingress-controller' | awk '{print $1}') -- tail -f /var/log/modsec/audit.log
```
There is a small performance overhead by enabling `modsecurity`. However, if this is
......
......@@ -73,7 +73,7 @@ The following table depicts the various user permission levels in a project.
| See a commit status | | ✓ | ✓ | ✓ | ✓ |
| See a container registry | | ✓ | ✓ | ✓ | ✓ |
| See environments | | ✓ | ✓ | ✓ | ✓ |
| See a list of merge requests | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ |
| See a list of merge requests | | ✓ | ✓ | ✓ | ✓ |
| View project statistics | | ✓ | ✓ | ✓ | ✓ |
| View Error Tracking list | | ✓ | ✓ | ✓ | ✓ |
| Pull from [Conan repository](packages/conan_repository/index.md), [Maven repository](packages/maven_repository/index.md), or [NPM registry](packages/npm_registry/index.md) **(PREMIUM)** | | ✓ | ✓ | ✓ | ✓ |
......@@ -83,7 +83,7 @@ The following table depicts the various user permission levels in a project.
| Push to non-protected branches | | | ✓ | ✓ | ✓ |
| Force push to non-protected branches | | | ✓ | ✓ | ✓ |
| Remove non-protected branches | | | ✓ | ✓ | ✓ |
| Create new merge request | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ |
| Create new merge request | | ✓ | ✓ | ✓ | ✓ |
| Assign merge requests | | | ✓ | ✓ | ✓ |
| Label merge requests | | | ✓ | ✓ | ✓ |
| Lock merge request threads | | | ✓ | ✓ | ✓ |
......
......@@ -77,7 +77,7 @@ To select a notification level for a project, use either of these methods:
1. Locate the project in the **Projects** section.
1. Select the desired [notification level](#notification-levels).
---
Or:
1. Navigate to the project's page.
1. Click the notification dropdown, marked with a bell icon.
......
......@@ -75,7 +75,5 @@ You also can:
![Gitea importer page](img/import_projects_from_gitea_importer_v12_3.png)
---
You can also choose a different name for the project and a different namespace,
if you have the privileges to do so.
......@@ -219,8 +219,6 @@ and the project level approvers are changed after a merge request is created,
the merge request retains the previous approvers.
However, the approvers can be changed by [editing the merge request](#overriding-the-merge-request-approvals-default-settings).
---
The default approval settings can now be overridden when creating a
[merge request](index.md) or by editing it after it's been created:
......
......@@ -42,6 +42,7 @@ module API
optional :asset_proxy_whitelist, type: Array[String], coerce_with: Validations::Types::CommaSeparatedToArray.coerce, desc: 'Assets that match these domain(s) will NOT be proxied. Wildcards allowed. Your GitLab installation URL is automatically whitelisted.'
optional :container_registry_token_expire_delay, type: Integer, desc: 'Authorization token duration (minutes)'
optional :default_artifacts_expire_in, type: String, desc: "Set the default expiration time for each job's artifacts"
optional :default_ci_config_path, type: String, desc: 'The instance default CI configuration path for new projects'
optional :default_project_creation, type: Integer, values: ::Gitlab::Access.project_creation_values, desc: 'Determine if developers can create projects in the group'
optional :default_branch_protection, type: Integer, values: ::Gitlab::Access.protection_values, desc: 'Determine if developers can push to master'
optional :default_group_visibility, type: String, values: Gitlab::VisibilityLevel.string_values, desc: 'The default group visibility'
......
......@@ -5241,6 +5241,9 @@ msgstr ""
msgid "Default Branch"
msgstr ""
msgid "Default CI configuration path"
msgstr ""
msgid "Default artifacts expiration"
msgstr ""
......@@ -16840,6 +16843,9 @@ msgstr ""
msgid "The content of this page is not encoded in UTF-8. Edits can only be made via the Git repository."
msgstr ""
msgid "The default CI configuration path for new projects."
msgstr ""
msgid "The dependency list details information about the components used within your project."
msgstr ""
......
......@@ -120,6 +120,7 @@ merge_requests:
- pipelines_for_merge_request
- merge_request_assignees
- suggestions
- unresolved_notes
- assignees
- reviews
- approval_rules
......
......@@ -165,6 +165,12 @@ describe Clusters::Applications::Ingress do
expect(subject.values).to include('extraVolumes')
expect(subject.values).to include('extraVolumeMounts')
end
it 'includes modsecurity sidecar container' do
expect(subject.values).to include('modsecurity-log-volume')
expect(subject.values).to include('extraContainers')
end
end
context 'when ingress_modsecurity is disabled' do
......@@ -190,6 +196,12 @@ describe Clusters::Applications::Ingress do
expect(subject.values).not_to include('extraVolumes')
expect(subject.values).not_to include('extraVolumeMounts')
end
it 'excludes modsecurity sidecar container' do
expect(subject.values).not_to include('modsecurity-log-volume')
expect(subject.values).not_to include('extraContainers')
end
end
end
end
......@@ -177,50 +177,6 @@ describe Noteable do
end
end
describe "#discussions_to_be_resolved?" do
context "when discussions are not resolvable" do
before do
allow(subject).to receive(:discussions_resolvable?).and_return(false)
end
it "returns false" do
expect(subject.discussions_to_be_resolved?).to be false
end
end
context "when discussions are resolvable" do
before do
allow(subject).to receive(:discussions_resolvable?).and_return(true)
allow(first_discussion).to receive(:resolvable?).and_return(true)
allow(second_discussion).to receive(:resolvable?).and_return(false)
allow(third_discussion).to receive(:resolvable?).and_return(true)
end
context "when all resolvable discussions are resolved" do
before do
allow(first_discussion).to receive(:resolved?).and_return(true)
allow(third_discussion).to receive(:resolved?).and_return(true)
end
it "returns false" do
expect(subject.discussions_to_be_resolved?).to be false
end
end
context "when some resolvable discussions are not resolved" do
before do
allow(first_discussion).to receive(:resolved?).and_return(true)
allow(third_discussion).to receive(:resolved?).and_return(false)
end
it "returns true" do
expect(subject.discussions_to_be_resolved?).to be true
end
end
end
end
describe "#discussions_to_be_resolved" do
before do
allow(first_discussion).to receive(:to_be_resolved?).and_return(true)
......
......@@ -2029,24 +2029,37 @@ describe Project do
end
describe '#ci_config_path=' do
let(:project) { create(:project) }
using RSpec::Parameterized::TableSyntax
it 'sets nil' do
project.update!(ci_config_path: nil)
let(:project) { create(:project) }
expect(project.ci_config_path).to be_nil
where(:default_ci_config_path, :project_ci_config_path, :expected_ci_config_path) do
nil | :notset | :default
nil | nil | :default
nil | '' | :default
nil | "cust\0om/\0/path" | 'custom//path'
'' | :notset | :default
'' | nil | :default
'' | '' | :default
'' | "cust\0om/\0/path" | 'custom//path'
'global/path' | :notset | 'global/path'
'global/path' | nil | :default
'global/path' | '' | :default
'global/path' | "cust\0om/\0/path" | 'custom//path'
end
it 'sets a string' do
project.update!(ci_config_path: 'foo/.gitlab_ci.yml')
expect(project.ci_config_path).to eq('foo/.gitlab_ci.yml')
end
with_them do
before do
stub_application_setting(default_ci_config_path: default_ci_config_path)
it 'sets a string but removes all null characters' do
project.update!(ci_config_path: "f\0oo/\0/.gitlab_ci.yml")
if project_ci_config_path != :notset
project.ci_config_path = project_ci_config_path
end
end
expect(project.ci_config_path).to eq('foo//.gitlab_ci.yml')
it 'returns the correct path' do
expect(project.ci_config_path.presence || :default).to eq(expected_ci_config_path)
end
end
end
......
......@@ -701,16 +701,20 @@ describe API::MergeRequests do
expect(json_response.first['id']).to eq merge_request_closed.id
end
it 'avoids N+1 queries' do
control = ActiveRecord::QueryRecorder.new do
get api("/projects/#{project.id}/merge_requests", user)
end.count
context 'a project which enforces all discussions to be resolved' do
let!(:project) { create(:project, :repository, only_allow_merge_if_all_discussions_are_resolved: true) }
create(:merge_request, author: user, assignees: [user], source_project: project, target_project: project, created_at: base_time)
it 'avoids N+1 queries' do
control = ActiveRecord::QueryRecorder.new do
get api("/projects/#{project.id}/merge_requests", user)
end.count
expect do
get api("/projects/#{project.id}/merge_requests", user)
end.not_to exceed_query_limit(control)
create(:merge_request, author: user, assignees: [user], source_project: project, target_project: project, created_at: base_time)
expect do
get api("/projects/#{project.id}/merge_requests", user)
end.not_to exceed_query_limit(control)
end
end
end
......
......@@ -18,6 +18,7 @@ describe API::Settings, 'Settings' do
expect(json_response['password_authentication_enabled']).to be_truthy
expect(json_response['plantuml_enabled']).to be_falsey
expect(json_response['plantuml_url']).to be_nil
expect(json_response['default_ci_config_path']).to be_nil
expect(json_response['default_project_visibility']).to be_a String
expect(json_response['default_snippet_visibility']).to be_a String
expect(json_response['default_group_visibility']).to be_a String
......@@ -49,6 +50,7 @@ describe API::Settings, 'Settings' do
it "updates application settings" do
put api("/application/settings", admin),
params: {
default_ci_config_path: 'debian/salsa-ci.yml',
default_projects_limit: 3,
default_project_creation: 2,
password_authentication_enabled_for_web: false,
......@@ -80,6 +82,7 @@ describe API::Settings, 'Settings' do
}
expect(response).to have_gitlab_http_status(200)
expect(json_response['default_ci_config_path']).to eq('debian/salsa-ci.yml')
expect(json_response['default_projects_limit']).to eq(3)
expect(json_response['default_project_creation']).to eq(::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS)
expect(json_response['password_authentication_enabled_for_web']).to be_falsey
......
......@@ -236,7 +236,8 @@ SecAuditLogParts ABIJDEFHZ
# assumes that you will use the audit log only ocassionally.
#
# SecAuditLogType Serial
SecAuditLog /var/log/modsec_audit.log
SecAuditLogFormat JSON
SecAuditLog /var/log/modsec/audit.log
# Specify the path for concurrent audit logging.
#SecAuditLogStorageDir /opt/modsecurity/var/audit/
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment