Merge branch 'eb-project-group-max-artifacts-size-fields' into 'master'

Add project and group max artifacts size fields

See merge request gitlab-org/gitlab!18286

app/controllers/groups/settings/ci_cd_controller.rb

@@ -5,11 +5,22 @@ module Groups
     class CiCdController < Groups::ApplicationController
       skip_cross_project_access_check :show
       before_action :authorize_admin_group!
+      before_action :authorize_update_max_artifacts_size!, only: [:update]
 
       def show
         define_ci_variables
       end
 
+      def update
+        if update_group_service.execute
+          flash[:notice] = s_('GroupSettings|Pipeline settings was updated for the group')
+        else
+          flash[:alert] = s_("GroupSettings|There was a problem updating the pipeline settings: %{error_messages}." % { error_messages: group.errors.full_messages })
+        end
+
+        redirect_to group_settings_ci_cd_path
+      end
+
       def reset_registration_token
         @group.reset_runners_token!
 
@@ -40,6 +51,10 @@ module Groups
         return render_404 unless can?(current_user, :admin_group, group)
       end
 
+      def authorize_update_max_artifacts_size!
+        return render_404 unless can?(current_user, :update_max_artifacts_size, group)
+      end
+
       def auto_devops_params
         params.require(:group).permit(:auto_devops_enabled)
       end
@@ -47,6 +62,14 @@ module Groups
       def auto_devops_service
         Groups::AutoDevopsService.new(group, current_user, auto_devops_params)
       end
+
+      def update_group_service
+        Groups::UpdateService.new(group, current_user, update_group_params)
+      end
+
+      def update_group_params
+        params.require(:group).permit(:max_artifacts_size)
+      end
     end
   end
 end

app/controllers/projects/settings/ci_cd_controller.rb

@@ -46,13 +46,19 @@ module Projects
       private
 
       def update_params
-        params.require(:project).permit(
+        params.require(:project).permit(*permitted_project_params)
+      end
+
+      def permitted_project_params
+        [
           :runners_token, :builds_enabled, :build_allow_git_fetch,
           :build_timeout_human_readable, :build_coverage_regex, :public_builds,
           :auto_cancel_pending_pipelines, :ci_config_path,
           auto_devops_attributes: [:id, :domain, :enabled, :deploy_strategy],
           ci_cd_settings_attributes: [:default_git_depth]
-        )
+        ].tap do |list|
+          list << :max_artifacts_size if can?(current_user, :update_max_artifacts_size, project)
+        end
       end
 
       def run_autodevops_pipeline(service)

app/policies/group_policy.rb

@@ -53,7 +53,10 @@ class GroupPolicy < BasePolicy
     enable :upload_file
   end
 
-  rule { admin }.enable :read_group
+  rule { admin }.policy do
+    enable :read_group
+    enable :update_max_artifacts_size
+  end
 
   rule { has_projects }.policy do
     enable :read_group

app/policies/project_policy.rb

@@ -137,6 +137,8 @@ class ProjectPolicy < BasePolicy
   # not.
   rule { guest | admin }.enable :read_project_for_iids
 
+  rule { admin }.enable :update_max_artifacts_size
+
   rule { guest }.enable :guest_access
   rule { reporter }.enable :reporter_access
   rule { developer }.enable :developer_access

app/views/admin/application_settings/_ci_cd.html.haml

@@ -34,7 +34,7 @@
       = f.number_field :max_artifacts_size, class: 'form-control'
       .form-text.text-muted
         = _("Set the maximum file size for each job's artifacts")
-        = link_to icon('question-circle'), help_page_path('user/admin_area/settings/continuous_integration', anchor: 'maximum-artifacts-size')
+        = link_to icon('question-circle'), help_page_path('user/admin_area/settings/continuous_integration', anchor: 'maximum-artifacts-size-core-only')
     .form-group
       = f.label :default_artifacts_expire_in, _('Default artifacts expiration'), class: 'label-bold'
       = f.text_field :default_artifacts_expire_in, class: 'form-control'

app/views/groups/settings/ci_cd/_form.html.haml

+.row.prepend-top-default
+  .col-lg-12
+    = form_for group, url: group_settings_ci_cd_path(group, anchor: 'js-general-pipeline-settings') do |f|
+      = form_errors(group)
+      %fieldset.builds-feature
+        .form-group
+          = f.label :max_artifacts_size, _('Maximum artifacts size (MB)'), class: 'label-bold'
+          = f.number_field :max_artifacts_size, class: 'form-control'
+          %p.form-text.text-muted
+            = _("Set the maximum file size for each job's artifacts")
+            = link_to icon('question-circle'), help_page_path('user/admin_area/settings/continuous_integration', anchor: 'maximum-artifacts-size-core-only'), target: '_blank'
+
+        = f.submit _('Save changes'), class: "btn btn-success"

app/views/groups/settings/ci_cd/show.html.haml

@@ -2,6 +2,21 @@
 - page_title "CI / CD"
 
 - expanded = expanded_by_default?
+- general_expanded = @group.errors.empty? ? expanded : true
+
+-# Given we only have one field in this form which is also admin-only,
+-# we don't want to show an empty section to non-admin users,
+- if can?(current_user, :update_max_artifacts_size, @group)
+  %section.settings#js-general-pipeline-settings.no-animate{ class: ('expanded' if general_expanded) }
+    .settings-header
+      %h4
+        = _("General pipelines")
+      %button.btn.js-settings-toggle{ type: 'button' }
+        = expanded ? _('Collapse') : _('Expand')
+      %p
+        = _("Customize your pipeline configuration.")
+    .settings-content
+      = render 'groups/settings/ci_cd/form', group: @group
 
 %section.settings#ci-variables.no-animate{ class: ('expanded' if expanded) }
   .settings-header

app/views/projects/settings/ci_cd/_form.html.haml

@@ -40,6 +40,15 @@
             = _('If any job surpasses this timeout threshold, it will be marked as failed. Human readable time input language is accepted like "1 hour". Values without specification represent seconds.')
             = link_to icon('question-circle'), help_page_path('user/project/pipelines/settings', anchor: 'timeout'), target: '_blank'
 
+        - if can?(current_user, :update_max_artifacts_size, @project)
+          %hr
+          .form-group
+            = f.label :max_artifacts_size, _('Maximum artifacts size (MB)'), class: 'label-bold'
+            = f.number_field :max_artifacts_size, class: 'form-control'
+            %p.form-text.text-muted
+              = _("Set the maximum file size for each job's artifacts")
+              = link_to icon('question-circle'), help_page_path('user/admin_area/settings/continuous_integration', anchor: 'maximum-artifacts-size-core-only'), target: '_blank'
+
         %hr
         .form-group
           = f.label :ci_config_path, _('Custom CI config path'), class: 'label-bold'

changelogs/unreleased/eb-project-group-max-artifacts-size-fields.yml

+---
+title: Add max_artifacts_size fields under project and group settings.
+merge_request: 18286
+author:
+type: added

config/routes/group.rb

@@ -30,7 +30,7 @@ constraints(::Constraints::GroupUrlConstrainer.new) do
         as: :group,
         constraints: { group_id: Gitlab::PathRegex.full_namespace_route_regex }) do
     namespace :settings do
-      resource :ci_cd, only: [:show], controller: 'ci_cd' do
+      resource :ci_cd, only: [:show, :update], controller: 'ci_cd' do
         put :reset_registration_token
         patch :update_auto_devops
       end

doc/user/admin_area/settings/continuous_integration.md

@@ -29,15 +29,27 @@ If you want to disable it for a specific project, you can do so in
 ## Maximum artifacts size **(CORE ONLY)**
 
 The maximum size of the [job artifacts](../../../administration/job_artifacts.md)
-can be set in the Admin area of your GitLab instance. The value is in *MB* and
+can be set at the project level, group level, and at the instance level. The value is in *MB* and
 the default is 100MB per job; on GitLab.com it's [set to 1G](../../gitlab_com/index.md#gitlab-cicd).
 
-To change it:
+To change it at the instance level:
 
 1. Go to **Admin area > Settings > Continuous Integration and Deployment**.
 1. Change the value of maximum artifacts size (in MB).
 1. Hit **Save changes** for the changes to take effect.
 
+at the group level (this will override the instance setting):
+
+1. Go to **Group > Settings > CI / CD > General Pipelines**.
+1. Change the value of maximum artifacts size (in MB).
+1. Hit **Save changes** for the changes to take effect.
+
+at the project level (this will override the instance and group settings):
+
+1. Go to **Project > Settings > CI / CD > General Pipelines**.
+1. Change the value of maximum artifacts size (in MB).
+1. Hit **Save changes** for the changes to take effect.
+
 ## Default artifacts expiration **(CORE ONLY)**
 
 The default expiration time of the [job artifacts](../../../administration/job_artifacts.md)

locale/gitlab.pot

@@ -4843,6 +4843,9 @@ msgstr ""
 msgid "Customize your pipeline configuration, view your pipeline status and coverage report."
 msgstr ""
 
+msgid "Customize your pipeline configuration."
+msgstr ""
+
 msgid "Cycle Analytics"
 msgstr ""
 
@@ -8225,6 +8228,9 @@ msgstr ""
 msgid "GroupSettings|New runners registration token has been generated!"
 msgstr ""
 
+msgid "GroupSettings|Pipeline settings was updated for the group"
+msgstr ""
+
 msgid "GroupSettings|Prevent sharing a project within %{group} with other groups"
 msgstr ""
 
@@ -8237,6 +8243,9 @@ msgstr ""
 msgid "GroupSettings|There was a problem updating Auto DevOps pipeline: %{error_messages}."
 msgstr ""
 
+msgid "GroupSettings|There was a problem updating the pipeline settings: %{error_messages}."
+msgstr ""
+
 msgid "GroupSettings|This setting is applied on %{ancestor_group} and has been overridden on this subgroup."
 msgstr ""
 

spec/controllers/groups/settings/ci_cd_controller_spec.rb

@@ -156,4 +156,58 @@ describe Groups::Settings::CiCdController do
       end
     end
   end
+
+  describe 'PATCH #update' do
+    subject do
+      patch :update, params: {
+        group_id: group,
+        group: { max_artifacts_size: 10 }
+      }
+    end
+
+    context 'when user is not an admin' do
+      before do
+        group.add_owner(user)
+      end
+
+      it { is_expected.to have_gitlab_http_status(404) }
+    end
+
+    context 'when user is an admin' do
+      let(:user) { create(:admin) }
+
+      before do
+        group.add_owner(user)
+      end
+
+      it { is_expected.to redirect_to(group_settings_ci_cd_path) }
+
+      context 'when service execution went wrong' do
+        let(:update_service) { double }
+
+        before do
+          allow(Groups::UpdateService).to receive(:new).and_return(update_service)
+          allow(update_service).to receive(:execute).and_return(false)
+          allow_any_instance_of(Group).to receive_message_chain(:errors, :full_messages)
+            .and_return(['Error 1'])
+
+          subject
+        end
+
+        it 'returns a flash alert' do
+          expect(response).to set_flash[:alert]
+            .to eq("There was a problem updating the pipeline settings: [\"Error 1\"].")
+        end
+      end
+
+      context 'when service execution was successful' do
+        it 'returns a flash notice' do
+          subject
+
+          expect(response).to set_flash[:notice]
+            .to eq('Pipeline settings was updated for the group')
+        end
+      end
+    end
+  end
 end

spec/controllers/projects/settings/ci_cd_controller_spec.rb

@@ -215,6 +215,30 @@ describe Projects::Settings::CiCdController do
           expect(project.ci_default_git_depth).to eq(10)
         end
       end
+
+      context 'when max_artifacts_size is specified' do
+        let(:params) { { max_artifacts_size: 10 } }
+
+        context 'and user is not an admin' do
+          it 'does not set max_artifacts_size' do
+            subject
+
+            project.reload
+            expect(project.max_artifacts_size).to be_nil
+          end
+        end
+
+        context 'and user is an admin' do
+          let(:user) { create(:admin)  }
+
+          it 'sets max_artifacts_size' do
+            subject
+
+            project.reload
+            expect(project.max_artifacts_size).to eq(10)
+          end
+        end
+      end
     end
   end
 end

spec/policies/group_policy_spec.rb

@@ -547,4 +547,28 @@ describe GroupPolicy do
              groups: [clusterable])
     end
   end
+
+  describe 'update_max_artifacts_size' do
+    let(:group) { create(:group, :public) }
+
+    context 'when no user' do
+      let(:current_user) { nil }
+
+      it { expect_disallowed(:update_max_artifacts_size) }
+    end
+
+    context 'admin' do
+      let(:current_user) { admin }
+
+      it { expect_allowed(:update_max_artifacts_size) }
+    end
+
+    %w(guest reporter developer maintainer owner).each do |role|
+      context role do
+        let(:current_user) { send(role) }
+
+        it { expect_disallowed(:update_max_artifacts_size) }
+      end
+    end
+  end
 end

spec/policies/project_policy_spec.rb

@@ -478,4 +478,28 @@ describe ProjectPolicy do
       end
     end
   end
+
+  describe 'update_max_artifacts_size' do
+    subject { described_class.new(current_user, project) }
+
+    context 'when no user' do
+      let(:current_user) { nil }
+
+      it { expect_disallowed(:update_max_artifacts_size) }
+    end
+
+    context 'admin' do
+      let(:current_user) { admin }
+
+      it { expect_allowed(:update_max_artifacts_size) }
+    end
+
+    %w(guest reporter developer maintainer owner).each do |role|
+      context role do
+        let(:current_user) { send(role) }
+
+        it { expect_disallowed(:update_max_artifacts_size) }
+      end
+    end
+  end
 end