Automatic merge of gitlab-org/gitlab master

app/models/packages/package.rb

@@ -293,6 +293,13 @@ class Packages::Package < ApplicationRecord
     ::Packages::Maven::Metadata::SyncWorker.perform_async(user.id, project.id, name)
   end
 
+  def create_build_infos!(build)
+    return unless build&.pipeline
+
+    # TODO: use an upsert call when https://gitlab.com/gitlab-org/gitlab/-/issues/339093 is implemented
+    build_infos.find_or_create_by!(pipeline: build.pipeline)
+  end
+
   private
 
   def composer_tag_version?

app/services/packages/generic/create_package_file_service.rb

@@ -29,7 +29,8 @@ module Packages
 
         package.update_column(:status, params[:status]) if params[:status] && params[:status] != package.status
 
-        package.build_infos.safe_find_or_create_by!(pipeline: params[:build].pipeline) if params[:build].present?
+        package.create_build_infos!(params[:build])
+
         package
       end
 

app/services/packages/maven/find_or_create_package_service.rb

@@ -51,7 +51,7 @@ module Packages
                                                    .execute
         end
 
-        package.build_infos.safe_find_or_create_by!(pipeline: params[:build].pipeline) if params[:build].present?
+        package.create_build_infos!(params[:build])
 
         ServiceResponse.success(payload: { package: package })
       end

doc/user/project/settings/index.md

@@ -87,59 +87,64 @@ Example `.compliance-gitlab-ci.yml`
 # Allows compliance team to control the ordering and interweaving of stages/jobs.
 # Stages without jobs defined will remain hidden.
 stages:
-- pre-compliance
-- build
-- test
-- pre-deploy-compliance
-- deploy
-- post-compliance
-
-variables: # can be overriden by a developer's local .gitlab-ci.yml
+  - pre-compliance
+  - build
+  - test
+  - pre-deploy-compliance
+  - deploy
+  - post-compliance
+
+variables: # Can be overridden by setting a job-specific variable in project's local .gitlab-ci.yml
   FOO: sast
 
-sast: # none of these attributes can be overriden by a developer's local .gitlab-ci.yml
+sast: # None of these attributes can be overridden by a project's local .gitlab-ci.yml
   variables:
     FOO: sast
   image: ruby:2.6
   stage: pre-compliance
   rules:
-        - when: always
+    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push"
+      when: never
+    - when: always  # or when: on_success
   allow_failure: false
   before_script:
-  - "# No before scripts."
+    - "# No before scripts."
   script:
-  - echo "running $FOO"
+    - echo "running $FOO"
   after_script:
-  - "# No after scripts."
+    - "# No after scripts."
 
 sanity check:
   image: ruby:2.6
   stage: pre-deploy-compliance
   rules:
-        - when: always
+    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push"
+      when: never
+    - when: always  # or when: on_success
   allow_failure: false
   before_script:
-  - "# No before scripts."
+    - "# No before scripts."
   script:
-  - echo "running $FOO"
+    - echo "running $FOO"
   after_script:
-  - "# No after scripts."
-
+    - "# No after scripts."
 
 audit trail:
   image: ruby:2.6
   stage: post-compliance
   rules:
-        - when: always
+    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push"
+      when: never
+    - when: always  # or when: on_success
   allow_failure: false
   before_script:
-  - "# No before scripts."
+    - "# No before scripts."
   script:
-  - echo "running $FOO"
+    - echo "running $FOO"
   after_script:
-  - "# No after scripts."
+    - "# No after scripts."
 
-include: # Execute individual project's configuration
+include: # Execute individual project's configuration (if project contains .gitlab-ci.yml)
   project: '$CI_PROJECT_PATH'
   file: '$CI_CONFIG_PATH'
   ref: '$CI_COMMIT_REF_NAME' # Must be defined or MR pipelines always use the use default branch.
@@ -187,7 +192,7 @@ section.
 You can now change the [Project visibility](../../../public_access/public_access.md).
 If you set **Project Visibility** to public, you can limit access to some features
 to **Only Project Members**. In addition, you can select the option to
-[Allow users to request access](../members/index.md#prevent-users-from-requesting-access-to-a-project).
+[Allow users to request access](../members/index.md#request-access-to-a-project).
 
 Use the switches to enable or disable the following features:
 
@@ -350,7 +355,7 @@ to transfer a project.
 
 You can transfer an existing project into a [group](../../group/index.md) if:
 
-- You have at least the Maintainer** role in that group.
+- You have at least **Maintainer** [role](../../permissions.md#project-members-permissions) in that group.
 - You're at least an **Owner** of the project to be transferred.
 - The group to which the project is being transferred to must allow creation of new projects.
 
@@ -457,7 +462,7 @@ To do so:
 1. Confirm the action by typing the project's path as instructed.
 
 NOTE:
-Only project Owners have the [permissions](../../permissions.md#project-members-permissions)
+Only project owners have the [permissions](../../permissions.md#project-members-permissions)
 to remove a fork relationship.
 
 ## Monitor settings

spec/factories/packages.rb

@@ -354,4 +354,12 @@ FactoryBot.define do
     package
     sequence(:name) { |n| "tag-#{n}"}
   end
+
+  factory :packages_build_info, class: 'Packages::BuildInfo' do
+    package
+
+    trait :with_pipeline do
+      association :pipeline, factory: [:ci_pipeline, :with_job]
+    end
+  end
 end

spec/models/packages/package_spec.rb

@@ -1165,4 +1165,47 @@ RSpec.describe Packages::Package, type: :model do
       it_behaves_like 'not enqueuing a sync worker job'
     end
   end
+
+  describe '#create_build_infos!' do
+    let_it_be(:package) { create(:package) }
+    let_it_be(:pipeline) { create(:ci_pipeline) }
+
+    let(:build) { double(pipeline: pipeline) }
+
+    subject { package.create_build_infos!(build) }
+
+    context 'with a valid build' do
+      it 'creates a build info' do
+        expect { subject }.to change { ::Packages::BuildInfo.count }.by(1)
+
+        last_build = ::Packages::BuildInfo.last
+        expect(last_build.package).to eq(package)
+        expect(last_build.pipeline).to eq(pipeline)
+      end
+
+      context 'with an already existing build info' do
+        let_it_be(:build_info) { create(:packages_build_info, package: package, pipeline: pipeline) }
+
+        it 'does not create a build info' do
+          expect { subject }.not_to change { ::Packages::BuildInfo.count }
+        end
+      end
+    end
+
+    context 'with a nil build' do
+      let(:build) { nil }
+
+      it 'does not create a build info' do
+        expect { subject }.not_to change { ::Packages::BuildInfo.count }
+      end
+    end
+
+    context 'with a build without a pipeline' do
+      let(:build) { double(pipeline: nil) }
+
+      it 'does not create a build info' do
+        expect { subject }.not_to change { ::Packages::BuildInfo.count }
+      end
+    end
+  end
 end

spec/services/packages/generic/create_package_file_service_spec.rb

@@ -105,6 +105,37 @@ RSpec.describe Packages::Generic::CreatePackageFileService do
           it { expect { execute_service }.to change { project.package_files.count }.by(1) }
         end
       end
+
+      context 'with multiple files for the same package and the same pipeline' do
+        let(:file_2_params) { params.merge(file_name:  'myfile.tar.gz.2', file: file2) }
+        let(:file_3_params) { params.merge(file_name:  'myfile.tar.gz.3', file: file3) }
+
+        let(:temp_file2) { Tempfile.new("test2") }
+        let(:temp_file3) { Tempfile.new("test3") }
+
+        let(:file2) { UploadedFile.new(temp_file2.path, sha256: sha256) }
+        let(:file3) { UploadedFile.new(temp_file3.path, sha256: sha256) }
+
+        before do
+          FileUtils.touch(temp_file2)
+          FileUtils.touch(temp_file3)
+          expect(::Packages::Generic::FindOrCreatePackageService).to receive(:new).with(project, user, package_params).and_return(package_service).twice
+          expect(package_service).to receive(:execute).and_return(package).twice
+        end
+
+        after do
+          FileUtils.rm_f(temp_file2)
+          FileUtils.rm_f(temp_file3)
+        end
+
+        it 'creates the build info only once' do
+          expect do
+            described_class.new(project, user, params).execute
+            described_class.new(project, user, file_2_params).execute
+            described_class.new(project, user, file_3_params).execute
+          end.to change { package.build_infos.count }.by(1)
+        end
+      end
     end
   end
 end

spec/services/packages/maven/find_or_create_package_service_spec.rb

@@ -98,6 +98,19 @@ RSpec.describe Packages::Maven::FindOrCreatePackageService do
       it 'creates a build_info' do
         expect { subject }.to change { Packages::BuildInfo.count }.by(1)
       end
+
+      context 'with multiple files for the same package and the same pipeline' do
+        let(:file_2_params) { params.merge(file_name: 'test2.jar') }
+        let(:file_3_params) { params.merge(file_name: 'test3.jar') }
+
+        it 'creates a single build info' do
+          expect do
+            described_class.new(project, user, params).execute
+            described_class.new(project, user, file_2_params).execute
+            described_class.new(project, user, file_3_params).execute
+          end.to change { ::Packages::BuildInfo.count }.by(1)
+        end
+      end
     end
 
     context 'when package duplicates are not allowed' do