Commit 5049b3cd authored by GitLab Bot's avatar GitLab Bot

Add latest changes from gitlab-org/gitlab@13-4-stable-ee

parent d5cc1255
......@@ -120,7 +120,7 @@ gem 'fog-local', '~> 0.6'
gem 'fog-openstack', '~> 1.0'
gem 'fog-rackspace', '~> 0.1.1'
gem 'fog-aliyun', '~> 0.3'
gem 'gitlab-fog-azure-rm', '~> 0.9', require: false
gem 'gitlab-fog-azure-rm', '~> 1.0', require: false
# for Google storage
gem 'google-api-client', '~> 0.33'
......
......@@ -421,7 +421,7 @@ GEM
github-markup (1.7.0)
gitlab-chronic (0.10.5)
numerizer (~> 0.2)
gitlab-fog-azure-rm (0.9.0)
gitlab-fog-azure-rm (1.0.0)
azure-storage-blob (~> 2.0)
azure-storage-common (~> 2.0)
fog-core (= 2.1.0)
......@@ -1325,7 +1325,7 @@ DEPENDENCIES
gitaly (~> 13.3.0.pre.rc1)
github-markup (~> 1.7.0)
gitlab-chronic (~> 0.10.5)
gitlab-fog-azure-rm (~> 0.9)
gitlab-fog-azure-rm (~> 1.0)
gitlab-labkit (= 0.12.1)
gitlab-license (~> 1.0)
gitlab-mail_room (~> 0.0.6)
......
......@@ -11,7 +11,7 @@ module EnforcesTwoFactorAuthentication
extend ActiveSupport::Concern
included do
before_action :check_two_factor_requirement
before_action :check_two_factor_requirement, except: [:route_not_found]
# to include this in controllers inheriting from `ActionController::Metal`
# we need to add this block
......
......@@ -19,6 +19,7 @@ class UploadsController < ApplicationController
rescue_from UnknownUploadModelError, with: :render_404
skip_before_action :authenticate_user!
skip_before_action :check_two_factor_requirement, only: [:show]
before_action :upload_mount_satisfied?
before_action :authorize_access!, only: [:show]
before_action :authorize_create_access!, only: [:create, :authorize]
......
......@@ -56,7 +56,7 @@ module Issuable
end
def copy_resource_weight_events
return unless original_entity.respond_to?(:resource_weight_events)
return unless both_respond_to?(:resource_weight_events)
copy_events(ResourceWeightEvent.table_name, original_entity.resource_weight_events) do |event|
event.attributes
......
......@@ -25,7 +25,10 @@ module Projects
tag_names = tags.map(&:name)
Projects::ContainerRepository::DeleteTagsService
.new(container_repository.project, current_user, tags: tag_names)
.new(container_repository.project,
current_user,
tags: tag_names,
container_expiration_policy: params['container_expiration_policy'])
.execute(container_repository)
end
......
......@@ -7,7 +7,10 @@ module Projects
def execute(container_repository)
@container_repository = container_repository
return error('access denied') unless can?(current_user, :destroy_container_image, project)
unless params[:container_expiration_policy]
return error('access denied') unless can?(current_user, :destroy_container_image, project)
end
@tag_names = params[:tags]
return error('not tags specified') if @tag_names.blank?
......
......@@ -135,8 +135,8 @@ module Projects
end
def ensure_wiki_exists
ProjectWiki.new(project, project.owner).wiki
rescue Wiki::CouldNotCreateWikiError
return if project.create_wiki
log_error("Could not create wiki for #{project.full_name}")
Gitlab::Metrics.counter(:wiki_can_not_be_created_total, 'Counts the times we failed to create a wiki').increment
end
......
---
title: use create_wiki method on ensure_wiki_exists in update_service
merge_request: 42910
author:
type: fixed
---
title: Exclude 2FA from upload#show routes and 404s
merge_request: 42784
author:
type: fixed
---
title: Fix large backups not working with Azure Blob storage
merge_request: 44233
author:
type: fixed
......@@ -69,7 +69,8 @@ If you don't already have GitLab installed via Helm please refer to our [install
When installing/upgrading the GitLab Helm chart please consider the following Helm 2 example (if using Helm 3 please modify):
```shell
helm upgrade --force --install gitlab . \
helm repo update
helm upgrade --force --install gitlab gitlab/gitlab \
--timeout 600 \
--set global.hosts.domain=<YOUR_DOMAIN> \
--set global.hosts.externalIP=<YOUR_IP> \
......@@ -299,6 +300,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
namespace: gitlab-agent # Can be any namespace managed by you that the agent has access to.
spec:
selector:
matchLabels:
......
......@@ -245,7 +245,7 @@ RSpec.describe Projects::ContainerRepository::CleanupTagsService do
end
it 'succeeds without a user' do
expect_delete(%w(Bb Ba C))
expect_delete(%w(Bb Ba C), container_expiration_policy: true)
is_expected.to include(status: :success, deleted: %w(Bb Ba C))
end
......@@ -287,10 +287,10 @@ RSpec.describe Projects::ContainerRepository::CleanupTagsService do
end
end
def expect_delete(tags)
def expect_delete(tags, container_expiration_policy: nil)
expect(Projects::ContainerRepository::DeleteTagsService)
.to receive(:new)
.with(repository.project, user, tags: tags)
.with(repository.project, user, tags: tags, container_expiration_policy: container_expiration_policy)
.and_call_original
expect_any_instance_of(Projects::ContainerRepository::DeleteTagsService)
......
......@@ -85,81 +85,85 @@ RSpec.describe Projects::ContainerRepository::DeleteTagsService do
end
end
describe '#execute' do
let(:tags) { %w[A Ba] }
subject { service.execute(repository) }
before do
stub_feature_flags(container_registry_expiration_policies_throttling: false)
end
RSpec.shared_examples 'supporting fast delete' do
context 'when the registry supports fast delete' do
context 'and the feature is enabled' do
before do
allow(repository.client).to receive(:supports_tag_delete?).and_return(true)
end
context 'without permissions' do
it { is_expected.to include(status: :error) }
end
it_behaves_like 'calling the correct delete tags service', ::Projects::ContainerRepository::Gitlab::DeleteTagsService
context 'with permissions' do
before do
project.add_developer(user)
end
it_behaves_like 'handling invalid params'
context 'when the registry supports fast delete' do
context 'and the feature is enabled' do
context 'with the real service' do
before do
allow(repository.client).to receive(:supports_tag_delete?).and_return(true)
stub_delete_reference_requests(tags)
expect_delete_tag_by_names(tags)
end
it_behaves_like 'calling the correct delete tags service', ::Projects::ContainerRepository::Gitlab::DeleteTagsService
it { is_expected.to include(status: :success) }
it_behaves_like 'handling invalid params'
it_behaves_like 'logging a success response'
end
context 'with the real service' do
before do
stub_delete_reference_requests(tags)
expect_delete_tag_by_names(tags)
context 'with a timeout error' do
before do
expect_next_instance_of(::Projects::ContainerRepository::Gitlab::DeleteTagsService) do |delete_service|
expect(delete_service).to receive(:delete_tags).and_raise(::Projects::ContainerRepository::Gitlab::DeleteTagsService::TimeoutError)
end
it { is_expected.to include(status: :success) }
it_behaves_like 'logging a success response'
end
context 'with a timeout error' do
before do
expect_next_instance_of(::Projects::ContainerRepository::Gitlab::DeleteTagsService) do |delete_service|
expect(delete_service).to receive(:delete_tags).and_raise(::Projects::ContainerRepository::Gitlab::DeleteTagsService::TimeoutError)
end
end
it { is_expected.to include(status: :error, message: 'timeout while deleting tags') }
it { is_expected.to include(status: :error, message: 'timeout while deleting tags') }
it_behaves_like 'logging an error response', message: 'timeout while deleting tags'
end
end
it_behaves_like 'logging an error response', message: 'timeout while deleting tags'
end
context 'and the feature is disabled' do
before do
stub_feature_flags(container_registry_fast_tag_delete: false)
end
context 'and the feature is disabled' do
it_behaves_like 'calling the correct delete tags service', ::Projects::ContainerRepository::ThirdParty::DeleteTagsService
it_behaves_like 'handling invalid params'
context 'with the real service' do
before do
stub_feature_flags(container_registry_fast_tag_delete: false)
stub_upload('sha256:4435000728ee66e6a80e55637fc22725c256b61de344a2ecdeaac6bdb36e8bc3')
tags.each { |tag| stub_put_manifest_request(tag) }
expect_delete_tag_by_digest('sha256:dummy')
end
it_behaves_like 'calling the correct delete tags service', ::Projects::ContainerRepository::ThirdParty::DeleteTagsService
it { is_expected.to include(status: :success) }
it_behaves_like 'handling invalid params'
it_behaves_like 'logging a success response'
end
end
end
end
context 'with the real service' do
before do
stub_upload('sha256:4435000728ee66e6a80e55637fc22725c256b61de344a2ecdeaac6bdb36e8bc3')
tags.each { |tag| stub_put_manifest_request(tag) }
expect_delete_tag_by_digest('sha256:dummy')
end
describe '#execute' do
let(:tags) { %w[A Ba] }
it { is_expected.to include(status: :success) }
subject { service.execute(repository) }
it_behaves_like 'logging a success response'
end
end
before do
stub_feature_flags(container_registry_expiration_policies_throttling: false)
end
context 'without permissions' do
it { is_expected.to include(status: :error) }
end
context 'with permissions' do
before do
project.add_developer(user)
end
it_behaves_like 'supporting fast delete'
context 'when the registry does not support fast delete' do
before do
allow(repository.client).to receive(:supports_tag_delete?).and_return(false)
......@@ -170,5 +174,19 @@ RSpec.describe Projects::ContainerRepository::DeleteTagsService do
it_behaves_like 'handling invalid params'
end
end
context 'without user' do
let_it_be(:user) { nil }
context 'when not run by a cleanup policy' do
it { is_expected.to include(status: :error) }
end
context 'when run by a cleanup policy' do
let(:params) { { tags: tags, container_expiration_policy: true } }
it_behaves_like 'supporting fast delete'
end
end
end
end
File mode changed from 100755 to 100644
File mode changed from 100755 to 100644
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment