Add latest changes from gitlab-org/gitlab@master

7f0a4a64 · GitLab Bot · b3f7042d · 7f0a4a64 · 7f0a4a64 · 7f0a4a64
Commit 7f0a4a64 authored Oct 23, 2019 by GitLab Bot
15 changed files
--- a/app/models/clusters/applications/ingress.rb
+++ b/app/models/clusters/applications/ingress.rb
@@ -78,12 +78,42 @@ module Clusters
          "controller" => {
            "config" => {
              "enable-modsecurity" => "true",
-              "enable-owasp-modsecurity-crs" => "true"
-            }
+              "enable-owasp-modsecurity-crs" => "true",
+              "modsecurity.conf" => modsecurity_config_content
+            },
+            "extraVolumeMounts" => [
+              {
+                "name" => "modsecurity-template-volume",
+                "mountPath" => "/etc/nginx/modsecurity/modsecurity.conf",
+                "subPath" => "modsecurity.conf"
+              }
+            ],
+            "extraVolumes" => [
+              {
+                "name" => "modsecurity-template-volume",
+                "configMap" => {
+                  "name" => "ingress-nginx-ingress-controller",
+                  "items" => [
+                    {
+                      "key" => "modsecurity.conf",
+                      "path" => "modsecurity.conf"
+                    }
+                  ]
+                }
+              }
+            ]
          }
        }
      end

+      def modsecurity_config_content
+        File.read(modsecurity_config_file_path)
+      end
+
+      def modsecurity_config_file_path
+        Rails.root.join('vendor', 'ingress', 'modsecurity.conf')
+      end
+
      def content_values
        YAML.load_file(chart_values_file).deep_merge!(specification)
      end

--- a/changelogs/unreleased/13055-show-the-sync-information-for-design-repositories.yml
+++ b/changelogs/unreleased/13055-show-the-sync-information-for-design-repositories.yml
+---
+title: 'Geo: Add resigns-related fields to Geo Node Status table'
+merge_request: 18379
+author:
+type: other
--- a/changelogs/unreleased/8558-use-custom-modsecurity-ingress-config.yml
+++ b/changelogs/unreleased/8558-use-custom-modsecurity-ingress-config.yml
+---
+title: Add modsecurity template for ingress-controller
+merge_request: 18485
+author:
+type: changed
--- a/db/migrate/20191009100244_add_geo_design_repository_counters.rb
+++ b/db/migrate/20191009100244_add_geo_design_repository_counters.rb
+# frozen_string_literal: true
+
+class AddGeoDesignRepositoryCounters < ActiveRecord::Migration[5.1]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+
+  def change
+    change_table :geo_node_statuses do |t|
+      t.column :design_repositories_count, :integer
+      t.column :design_repositories_synced_count, :integer
+      t.column :design_repositories_failed_count, :integer
+      t.column :design_repositories_registry_count, :integer
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -1650,6 +1650,10 @@ ActiveRecord::Schema.define(version: 2019_10_17_045817) do
    t.integer "container_repositories_synced_count"
    t.integer "container_repositories_failed_count"
    t.integer "container_repositories_registry_count"
+    t.integer "design_repositories_count"
+    t.integer "design_repositories_synced_count"
+    t.integer "design_repositories_failed_count"
+    t.integer "design_repositories_registry_count"
    t.index ["geo_node_id"], name: "index_geo_node_statuses_on_geo_node_id", unique: true
  end


--- a/doc/administration/geo/replication/using_a_geo_server.md
+++ b/doc/administration/geo/replication/using_a_geo_server.md
@@ -10,8 +10,12 @@ Example of the output you will see when pushing to a **secondary** node:

 ```bash
 $ git push
-> GitLab: You're pushing to a Geo secondary.
-> GitLab: We'll help you by proxying this request to the primary: ssh://git@primary.geo/user/repo.git
+remote:
+remote: You're pushing to a Geo secondary. We'll help you by proxying this
+remote: request to the primary:
+remote:
+remote:   ssh://git@primary.geo/user/repo.git
+remote:
 Everything up-to-date
 ```


--- a/doc/api/geo_nodes.md
+++ b/doc/api/geo_nodes.md
@@ -237,6 +237,10 @@ Example response:
    "container_repositories_synced_count": nil,
    "container_repositories_failed_count": nil,
    "container_repositories_synced_in_percentage": "0.00%",
+    "design_repositories_count": 3,
+    "design_repositories_synced_count": nil,
+    "design_repositories_failed_count": nil,
+    "design_repositories_synced_in_percentage": "0.00%",
    "projects_count": 41,
    "repositories_failed_count": nil,
    "repositories_synced_count": nil,
@@ -304,6 +308,10 @@ Example response:
    "container_repositories_synced_count": nil,
    "container_repositories_failed_count": nil,
    "container_repositories_synced_in_percentage": "0.00%",
+    "design_repositories_count": 3,
+    "design_repositories_synced_count": nil,
+    "design_repositories_failed_count": nil,
+    "design_repositories_synced_in_percentage": "0.00%",
    "projects_count": 41,
    "repositories_failed_count": 1,
    "repositories_synced_count": 40,
@@ -387,6 +395,10 @@ Example response:
  "container_repositories_synced_count": nil,
  "container_repositories_failed_count": nil,
  "container_repositories_synced_in_percentage": "0.00%",
+  "design_repositories_count": 3,
+  "design_repositories_synced_count": nil,
+  "design_repositories_failed_count": nil,
+  "design_repositories_synced_in_percentage": "0.00%",
  "projects_count": 41,
  "repositories_failed_count": 1,
  "repositories_synced_count": 40,

--- a/lib/api/internal/base.rb
+++ b/lib/api/internal/base.rb
@@ -77,7 +77,7 @@ module API

            response_with_status(**payload)
          when ::Gitlab::GitAccessResult::CustomAction
-            response_with_status(code: 300, message: check_result.message, payload: check_result.payload)
+            response_with_status(code: 300, payload: check_result.payload, gl_console_messages: check_result.console_messages)
          else
            response_with_status(code: 500, success: false, message: UNKNOWN_CHECK_RESULT_ERROR)
          end

--- a/lib/gitlab/analytics/cycle_analytics/base_query_builder.rb
+++ b/lib/gitlab/analytics/cycle_analytics/base_query_builder.rb
@@ -68,3 +68,5 @@ module Gitlab
    end
  end
 end
+
+Gitlab::Analytics::CycleAnalytics::BaseQueryBuilder.prepend_if_ee('EE::Gitlab::Analytics::CycleAnalytics::BaseQueryBuilder')
--- a/lib/gitlab/analytics/cycle_analytics/records_fetcher.rb
+++ b/lib/gitlab/analytics/cycle_analytics/records_fetcher.rb
@@ -130,3 +130,5 @@ module Gitlab
    end
  end
 end
+
+Gitlab::Analytics::CycleAnalytics::RecordsFetcher.prepend_if_ee('EE::Gitlab::Analytics::CycleAnalytics::RecordsFetcher')
--- a/lib/gitlab/git_access_result/custom_action.rb
+++ b/lib/gitlab/git_access_result/custom_action.rb
@@ -3,7 +3,7 @@
 module Gitlab
  module GitAccessResult
    class CustomAction
-      attr_reader :payload, :message
+      attr_reader :payload, :console_messages

      # Example of payload:
      #
@@ -16,9 +16,9 @@ module Gitlab
      #   }
      # }
      #
-      def initialize(payload, message)
+      def initialize(payload, console_messages)
        @payload = payload
-        @message = message
+        @console_messages = console_messages
      end
    end
  end

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -7493,6 +7493,9 @@ msgstr ""
 msgid "GeoNodes|Data replication lag"
 msgstr ""

+msgid "GeoNodes|Design repositories"
+msgstr ""
+
 msgid "GeoNodes|Does not match the primary storage configuration"
 msgstr ""


--- a/spec/models/clusters/applications/ingress_spec.rb
+++ b/spec/models/clusters/applications/ingress_spec.rb
@@ -156,6 +156,15 @@ describe Clusters::Applications::Ingress do
      it 'includes modsecurity core ruleset enablement' do
        expect(subject.values).to include("enable-owasp-modsecurity-crs: 'true'")
      end
+
+      it 'includes modsecurity.conf content' do
+        expect(subject.values).to include('modsecurity.conf')
+        # Includes file content from Ingress#modsecurity_config_content
+        expect(subject.values).to include('SecAuditLog')
+
+        expect(subject.values).to include('extraVolumes')
+        expect(subject.values).to include('extraVolumeMounts')
+      end
    end

    context 'when ingress_modsecurity is disabled' do
@@ -172,6 +181,15 @@ describe Clusters::Applications::Ingress do
      it 'excludes modsecurity core ruleset enablement' do
        expect(subject.values).not_to include('enable-owasp-modsecurity-crs')
      end
+
+      it 'excludes modsecurity.conf content' do
+        expect(subject.values).not_to include('modsecurity.conf')
+        # Excludes file content from Ingress#modsecurity_config_content
+        expect(subject.values).not_to include('SecAuditLog')
+
+        expect(subject.values).not_to include('extraVolumes')
+        expect(subject.values).not_to include('extraVolumeMounts')
+      end
    end
  end
 end
--- a/spec/requests/api/internal/base_spec.rb
+++ b/spec/requests/api/internal/base_spec.rb
@@ -407,7 +407,6 @@ describe API::Internal::Base do

    context "custom action" do
      let(:access_checker) { double(Gitlab::GitAccess) }
-      let(:message) { 'CustomActionError message' }
      let(:payload) do
        {
          'action' => 'geo_proxy_to_primary',
@@ -418,8 +417,8 @@ describe API::Internal::Base do
          }
        }
      end
-
-      let(:custom_action_result) { Gitlab::GitAccessResult::CustomAction.new(payload, message) }
+      let(:console_messages) { ['informational message'] }
+      let(:custom_action_result) { Gitlab::GitAccessResult::CustomAction.new(payload, console_messages) }

      before do
        project.add_guest(user)
@@ -446,8 +445,8 @@ describe API::Internal::Base do

          expect(response).to have_gitlab_http_status(300)
          expect(json_response['status']).to be_truthy
-          expect(json_response['message']).to eql(message)
          expect(json_response['payload']).to eql(payload)
+          expect(json_response['gl_console_messages']).to eql(console_messages)
          expect(user.reload.last_activity_on).to be_nil
        end
      end

--- a/vendor/ingress/modsecurity.conf
+++ b/vendor/ingress/modsecurity.conf