Commit 3c61b13e authored by Kamil Trzcinski's avatar Kamil Trzcinski

Merge remote-tracking branch 'origin/master' into zj-mattermost-slash-config

parents dec1e90e 2bc3084d
...@@ -18,7 +18,7 @@ ...@@ -18,7 +18,7 @@
* The environments array is a recursive tree structure and we need to filter * The environments array is a recursive tree structure and we need to filter
* both root level environments and children environments. * both root level environments and children environments.
* *
* In order to acomplish that, both `filterState` and `filterEnvironmnetsByState` * In order to acomplish that, both `filterState` and `filterEnvironmentsByState`
* functions work together. * functions work together.
* The first one works as the filter that verifies if the given environment matches * The first one works as the filter that verifies if the given environment matches
* the given state. * the given state.
...@@ -34,9 +34,9 @@ ...@@ -34,9 +34,9 @@
* @param {Array} array * @param {Array} array
* @return {Array} * @return {Array}
*/ */
const filterEnvironmnetsByState = (fn, arr) => arr.map((item) => { const filterEnvironmentsByState = (fn, arr) => arr.map((item) => {
if (item.children) { if (item.children) {
const filteredChildren = filterEnvironmnetsByState(fn, item.children).filter(Boolean); const filteredChildren = filterEnvironmentsByState(fn, item.children).filter(Boolean);
if (filteredChildren.length) { if (filteredChildren.length) {
item.children = filteredChildren; item.children = filteredChildren;
return item; return item;
...@@ -76,12 +76,13 @@ ...@@ -76,12 +76,13 @@
helpPagePath: environmentsData.helpPagePath, helpPagePath: environmentsData.helpPagePath,
commitIconSvg: environmentsData.commitIconSvg, commitIconSvg: environmentsData.commitIconSvg,
playIconSvg: environmentsData.playIconSvg, playIconSvg: environmentsData.playIconSvg,
terminalIconSvg: environmentsData.terminalIconSvg,
}; };
}, },
computed: { computed: {
filteredEnvironments() { filteredEnvironments() {
return filterEnvironmnetsByState(filterState(this.visibility), this.state.environments); return filterEnvironmentsByState(filterState(this.visibility), this.state.environments);
}, },
scope() { scope() {
...@@ -102,7 +103,7 @@ ...@@ -102,7 +103,7 @@
}, },
/** /**
* Fetches all the environmnets and stores them. * Fetches all the environments and stores them.
* Toggles loading property. * Toggles loading property.
*/ */
created() { created() {
...@@ -230,6 +231,7 @@ ...@@ -230,6 +231,7 @@
:can-create-deployment="canCreateDeploymentParsed" :can-create-deployment="canCreateDeploymentParsed"
:can-read-environment="canReadEnvironmentParsed" :can-read-environment="canReadEnvironmentParsed"
:play-icon-svg="playIconSvg" :play-icon-svg="playIconSvg"
:terminal-icon-svg="terminalIconSvg"
:commit-icon-svg="commitIconSvg"></tr> :commit-icon-svg="commitIconSvg"></tr>
<tr v-if="model.isOpen && model.children && model.children.length > 0" <tr v-if="model.isOpen && model.children && model.children.length > 0"
...@@ -240,6 +242,7 @@ ...@@ -240,6 +242,7 @@
:can-create-deployment="canCreateDeploymentParsed" :can-create-deployment="canCreateDeploymentParsed"
:can-read-environment="canReadEnvironmentParsed" :can-read-environment="canReadEnvironmentParsed"
:play-icon-svg="playIconSvg" :play-icon-svg="playIconSvg"
:terminal-icon-svg="terminalIconSvg"
:commit-icon-svg="commitIconSvg"> :commit-icon-svg="commitIconSvg">
</tr> </tr>
......
...@@ -8,6 +8,7 @@ ...@@ -8,6 +8,7 @@
/*= require ./environment_external_url */ /*= require ./environment_external_url */
/*= require ./environment_stop */ /*= require ./environment_stop */
/*= require ./environment_rollback */ /*= require ./environment_rollback */
/*= require ./environment_terminal_button */
(() => { (() => {
/** /**
...@@ -33,6 +34,7 @@ ...@@ -33,6 +34,7 @@
'external-url-component': window.gl.environmentsList.ExternalUrlComponent, 'external-url-component': window.gl.environmentsList.ExternalUrlComponent,
'stop-component': window.gl.environmentsList.StopComponent, 'stop-component': window.gl.environmentsList.StopComponent,
'rollback-component': window.gl.environmentsList.RollbackComponent, 'rollback-component': window.gl.environmentsList.RollbackComponent,
'terminal-button-component': window.gl.environmentsList.TerminalButtonComponent,
}, },
props: { props: {
...@@ -68,6 +70,12 @@ ...@@ -68,6 +70,12 @@
type: String, type: String,
required: false, required: false,
}, },
terminalIconSvg: {
type: String,
required: false,
},
}, },
data() { data() {
...@@ -506,6 +514,14 @@ ...@@ -506,6 +514,14 @@
</stop-component> </stop-component>
</div> </div>
<div v-if="model.terminal_path"
class="inline js-terminal-button-container">
<terminal-button-component
:terminal-icon-svg="terminalIconSvg"
:terminal-path="model.terminal_path">
</terminal-button-component>
</div>
<div v-if="canRetry && canCreateDeployment" <div v-if="canRetry && canCreateDeployment"
class="inline js-rollback-component-container"> class="inline js-rollback-component-container">
<rollback-component <rollback-component
......
/*= require vue */
/* global Vue */
(() => {
window.gl = window.gl || {};
window.gl.environmentsList = window.gl.environmentsList || {};
window.gl.environmentsList.TerminalButtonComponent = Vue.component('terminal-button-component', {
props: {
terminalPath: {
type: String,
default: '',
},
terminalIconSvg: {
type: String,
default: '',
},
},
template: `
<a class="btn terminal-button"
:href="terminalPath">
<span class="js-terminal-icon-container" v-html="terminalIconSvg"></span>
</a>
`,
});
})();
/* global Terminal */
(() => {
class GLTerminal {
constructor(options) {
this.options = options || {};
this.options.cursorBlink = options.cursorBlink || true;
this.options.screenKeys = options.screenKeys || true;
this.container = document.querySelector(options.selector);
this.setSocketUrl();
this.createTerminal();
$(window).off('resize.terminal').on('resize.terminal', () => {
this.terminal.fit();
});
}
setSocketUrl() {
const { protocol, hostname, port } = window.location;
const wsProtocol = protocol === 'https:' ? 'wss://' : 'ws://';
const path = this.container.dataset.projectPath;
this.socketUrl = `${wsProtocol}${hostname}:${port}${path}`;
}
createTerminal() {
this.terminal = new Terminal(this.options);
this.socket = new WebSocket(this.socketUrl, ['terminal.gitlab.com']);
this.socket.binaryType = 'arraybuffer';
this.terminal.open(this.container);
this.socket.onopen = () => { this.runTerminal(); };
this.socket.onerror = () => { this.handleSocketFailure(); };
}
runTerminal() {
const decoder = new TextDecoder('utf-8');
const encoder = new TextEncoder('utf-8');
this.terminal.on('data', (data) => {
this.socket.send(encoder.encode(data));
});
this.socket.addEventListener('message', (ev) => {
this.terminal.write(decoder.decode(ev.data));
});
this.isTerminalInitialized = true;
this.terminal.fit();
}
handleSocketFailure() {
this.terminal.write('\r\nConnection failure');
}
}
window.gl = window.gl || {};
gl.Terminal = GLTerminal;
})();
//= require xterm/xterm.js
//= require xterm/fit.js
//= require ./terminal.js
$(() => new gl.Terminal({ selector: '#terminal' }));
...@@ -64,7 +64,7 @@ ...@@ -64,7 +64,7 @@
&.s32 { font-size: 20px; line-height: 30px; } &.s32 { font-size: 20px; line-height: 30px; }
&.s40 { font-size: 16px; line-height: 38px; } &.s40 { font-size: 16px; line-height: 38px; }
&.s60 { font-size: 32px; line-height: 58px; } &.s60 { font-size: 32px; line-height: 58px; }
&.s70 { font-size: 34px; line-height: 68px; } &.s70 { font-size: 34px; line-height: 70px; }
&.s90 { font-size: 36px; line-height: 88px; } &.s90 { font-size: 36px; line-height: 88px; }
&.s110 { font-size: 40px; line-height: 108px; font-weight: 300; } &.s110 { font-size: 40px; line-height: 108px; font-weight: 300; }
&.s140 { font-size: 72px; line-height: 138px; } &.s140 { font-size: 72px; line-height: 138px; }
......
...@@ -230,6 +230,13 @@ ...@@ -230,6 +230,13 @@
} }
} }
.btn-terminal {
svg {
height: 14px;
width: 18px;
}
}
.btn-lg { .btn-lg {
padding: 12px 20px; padding: 12px 20px;
} }
......
...@@ -726,3 +726,23 @@ ...@@ -726,3 +726,23 @@
padding: 5px 5px 5px 7px; padding: 5px 5px 5px 7px;
} }
} }
.terminal-icon {
margin-left: 3px;
}
.terminal-container {
.content-block {
border-bottom: none;
}
#terminal {
margin-top: 10px;
min-height: 450px;
box-sizing: border-box;
> div {
min-height: 450px;
}
}
}
...@@ -93,7 +93,6 @@ ...@@ -93,7 +93,6 @@
.group-avatar { .group-avatar {
float: none; float: none;
margin: 0 auto; margin: 0 auto;
border: none;
&.identicon { &.identicon {
border-radius: 50%; border-radius: 50%;
......
...@@ -25,7 +25,7 @@ class ApplicationController < ActionController::Base ...@@ -25,7 +25,7 @@ class ApplicationController < ActionController::Base
protect_from_forgery with: :exception protect_from_forgery with: :exception
helper_method :can?, :current_application_settings helper_method :can?, :current_application_settings
helper_method :import_sources_enabled?, :github_import_enabled?, :github_import_configured?, :gitlab_import_enabled?, :gitlab_import_configured?, :bitbucket_import_enabled?, :bitbucket_import_configured?, :google_code_import_enabled?, :fogbugz_import_enabled?, :git_import_enabled?, :gitlab_project_import_enabled? helper_method :import_sources_enabled?, :github_import_enabled?, :gitea_import_enabled?, :github_import_configured?, :gitlab_import_enabled?, :gitlab_import_configured?, :bitbucket_import_enabled?, :bitbucket_import_configured?, :google_code_import_enabled?, :fogbugz_import_enabled?, :git_import_enabled?, :gitlab_project_import_enabled?
rescue_from Encoding::CompatibilityError do |exception| rescue_from Encoding::CompatibilityError do |exception|
log_exception(exception) log_exception(exception)
...@@ -245,6 +245,10 @@ class ApplicationController < ActionController::Base ...@@ -245,6 +245,10 @@ class ApplicationController < ActionController::Base
current_application_settings.import_sources.include?('github') current_application_settings.import_sources.include?('github')
end end
def gitea_import_enabled?
current_application_settings.import_sources.include?('gitea')
end
def github_import_configured? def github_import_configured?
Gitlab::OAuth::Provider.enabled?(:github) Gitlab::OAuth::Provider.enabled?(:github)
end end
......
class Import::GiteaController < Import::GithubController
def new
if session[access_token_key].present? && session[host_key].present?
redirect_to status_import_url
end
end
def personal_access_token
session[host_key] = params[host_key]
super
end
def status
@gitea_host_url = session[host_key]
super
end
private
def host_key
:"#{provider}_host_url"
end
# Overriden methods
def provider
:gitea
end
# Gitea is not yet an OAuth provider
# See https://github.com/go-gitea/gitea/issues/27
def logged_in_with_provider?
false
end
def provider_auth
if session[access_token_key].blank? || session[host_key].blank?
redirect_to new_import_gitea_url,
alert: 'You need to specify both an Access Token and a Host URL.'
end
end
def client_options
{ host: session[host_key], api_version: 'v1' }
end
end
class Import::GithubController < Import::BaseController class Import::GithubController < Import::BaseController
before_action :verify_github_import_enabled before_action :verify_import_enabled
before_action :github_auth, only: [:status, :jobs, :create] before_action :provider_auth, only: [:status, :jobs, :create]
rescue_from Octokit::Unauthorized, with: :github_unauthorized rescue_from Octokit::Unauthorized, with: :provider_unauthorized
helper_method :logged_in_with_github?
def new def new
if logged_in_with_github? if logged_in_with_provider?
go_to_github_for_permissions go_to_provider_for_permissions
elsif session[:github_access_token] elsif session[access_token_key]
redirect_to status_import_github_url redirect_to status_import_url
end end
end end
def callback def callback
session[:github_access_token] = client.get_token(params[:code]) session[access_token_key] = client.get_token(params[:code])
redirect_to status_import_github_url redirect_to status_import_url
end end
def personal_access_token def personal_access_token
session[:github_access_token] = params[:personal_access_token] session[access_token_key] = params[:personal_access_token]
redirect_to status_import_github_url redirect_to status_import_url
end end
def status def status
@repos = client.repos @repos = client.repos
@already_added_projects = current_user.created_projects.where(import_type: "github") @already_added_projects = current_user.created_projects.where(import_type: provider)
already_added_projects_names = @already_added_projects.pluck(:import_source) already_added_projects_names = @already_added_projects.pluck(:import_source)
@repos.reject!{ |repo| already_added_projects_names.include? repo.full_name } @repos.reject! { |repo| already_added_projects_names.include? repo.full_name }
end end
def jobs def jobs
jobs = current_user.created_projects.where(import_type: "github").to_json(only: [:id, :import_status]) jobs = current_user.created_projects.where(import_type: provider).to_json(only: [:id, :import_status])
render json: jobs render json: jobs
end end
...@@ -44,8 +42,8 @@ class Import::GithubController < Import::BaseController ...@@ -44,8 +42,8 @@ class Import::GithubController < Import::BaseController
namespace_path = params[:target_namespace].presence || current_user.namespace_path namespace_path = params[:target_namespace].presence || current_user.namespace_path
@target_namespace = find_or_create_namespace(namespace_path, current_user.namespace_path) @target_namespace = find_or_create_namespace(namespace_path, current_user.namespace_path)
if current_user.can?(:create_projects, @target_namespace) if can?(current_user, :create_projects, @target_namespace)
@project = Gitlab::GithubImport::ProjectCreator.new(repo, @project_name, @target_namespace, current_user, access_params).execute @project = Gitlab::GithubImport::ProjectCreator.new(repo, @project_name, @target_namespace, current_user, access_params, type: provider).execute
else else
render 'unauthorized' render 'unauthorized'
end end
...@@ -54,34 +52,63 @@ class Import::GithubController < Import::BaseController ...@@ -54,34 +52,63 @@ class Import::GithubController < Import::BaseController
private private
def client def client
@client ||= Gitlab::GithubImport::Client.new(session[:github_access_token]) @client ||= Gitlab::GithubImport::Client.new(session[access_token_key], client_options)
end end
def verify_github_import_enabled def verify_import_enabled
render_404 unless github_import_enabled? render_404 unless import_enabled?
end end
def github_auth def go_to_provider_for_permissions
if session[:github_access_token].blank? redirect_to client.authorize_url(callback_import_url)
go_to_github_for_permissions
end
end end
def go_to_github_for_permissions def import_enabled?
redirect_to client.authorize_url(callback_import_github_url) __send__("#{provider}_import_enabled?")
end end
def github_unauthorized def new_import_url
session[:github_access_token] = nil public_send("new_import_#{provider}_url")
redirect_to new_import_github_url,
alert: 'Access denied to your GitHub account.'
end end
def logged_in_with_github? def status_import_url
current_user.identities.exists?(provider: 'github') public_send("status_import_#{provider}_url")
end
def callback_import_url
public_send("callback_import_#{provider}_url")
end
def provider_unauthorized
session[access_token_key] = nil
redirect_to new_import_url,
alert: "Access denied to your #{Gitlab::ImportSources.title(provider.to_s)} account."
end
def access_token_key
:"#{provider}_access_token"
end end
def access_params def access_params
{ github_access_token: session[:github_access_token] } { github_access_token: session[access_token_key] }
end
# The following methods are overriden in subclasses
def provider
:github
end
def logged_in_with_provider?
current_user.identities.exists?(provider: provider)
end
def provider_auth
if session[access_token_key].blank?
go_to_provider_for_permissions
end
end
def client_options
{}
end end
end end
...@@ -4,17 +4,19 @@ class Projects::EnvironmentsController < Projects::ApplicationController ...@@ -4,17 +4,19 @@ class Projects::EnvironmentsController < Projects::ApplicationController
before_action :authorize_create_environment!, only: [:new, :create] before_action :authorize_create_environment!, only: [:new, :create]
before_action :authorize_create_deployment!, only: [:stop] before_action :authorize_create_deployment!, only: [:stop]
before_action :authorize_update_environment!, only: [:edit, :update] before_action :authorize_update_environment!, only: [:edit, :update]
before_action :environment, only: [:show, :edit, :update, :stop] before_action :authorize_admin_environment!, only: [:terminal, :terminal_websocket_authorize]
before_action :environment, only: [:show, :edit, :update, :stop, :terminal, :terminal_websocket_authorize]
before_action :verify_api_request!, only: :terminal_websocket_authorize
def index def index
@scope = params[:scope] @scope = params[:scope]
@environments = project.environments @environments = project.environments
respond_to do |format| respond_to do |format|
format.html format.html
format.json do format.json do
render json: EnvironmentSerializer render json: EnvironmentSerializer
.new(project: @project) .new(project: @project, user: current_user)
.represent(@environments) .represent(@environments)
end end
end end
...@@ -56,8 +58,33 @@ class Projects::EnvironmentsController < Projects::ApplicationController ...@@ -56,8 +58,33 @@ class Projects::EnvironmentsController < Projects::ApplicationController
redirect_to polymorphic_path([project.namespace.becomes(Namespace), project, new_action]) redirect_to polymorphic_path([project.namespace.becomes(Namespace), project, new_action])
end end
def terminal
# Currently, this acts as a hint to load the terminal details into the cache
# if they aren't there already. In the future, users will need these details
# to choose between terminals to connect to.
@terminals = environment.terminals
end
# GET .../terminal.ws : implemented in gitlab-workhorse
def terminal_websocket_authorize
# Just return the first terminal for now. If the list is in the process of
# being looked up, this may result in a 404 response, so the frontend
# should retry those errors
terminal = environment.terminals.try(:first)
if terminal
set_workhorse_internal_api_content_type
render json: Gitlab::Workhorse.terminal_websocket(terminal)
else
render text: 'Not found', status: 404
end
end
private private
def verify_api_request!
Gitlab::Workhorse.verify_api_request!(request.headers)
end
def environment_params def environment_params
params.require(:environment).permit(:name, :external_url) params.require(:environment).permit(:name, :external_url)
end end
......
...@@ -4,8 +4,10 @@ module ImportHelper ...@@ -4,8 +4,10 @@ module ImportHelper
"#{namespace}/#{name}" "#{namespace}/#{name}"
end end
def github_project_link(path_with_namespace) def provider_project_link(provider, path_with_namespace)
link_to path_with_namespace, github_project_url(path_with_namespace), target: '_blank' url = __send__("#{provider}_project_url", path_with_namespace)
link_to path_with_namespace, url, target: '_blank'
end end
private private
...@@ -20,4 +22,8 @@ module ImportHelper ...@@ -20,4 +22,8 @@ module ImportHelper
provider = Gitlab.config.omniauth.providers.find { |p| p.name == 'github' } provider = Gitlab.config.omniauth.providers.find { |p| p.name == 'github' }
@github_url = provider.fetch('url', 'https://github.com') if provider @github_url = provider.fetch('url', 'https://github.com') if provider
end end
def gitea_project_url(path_with_namespace)
"#{@gitea_host_url.sub(%r{/+\z}, '')}/#{path_with_namespace}"
end
end end
module Milestoneish module Milestoneish
def closed_items_count(user) def closed_items_count(user)
issues_visible_to_user(user).closed.size + merge_requests.closed_and_merged.size memoize_per_user(user, :closed_items_count) do
(count_issues_by_state(user)['closed'] || 0) + merge_requests.closed_and_merged.size
end
end end
def total_items_count(user) def total_items_count(user)
issues_visible_to_user(user).size + merge_requests.size memoize_per_user(user, :total_items_count) do
issues_count = count_issues_by_state(user).values.sum
issues_count + merge_requests.size
end
end end
def complete?(user) def complete?(user)
...@@ -30,7 +35,10 @@ module Milestoneish ...@@ -30,7 +35,10 @@ module Milestoneish
end end
def issues_visible_to_user(user) def issues_visible_to_user(user)
IssuesFinder.new(user).execute.where(id: issues) memoize_per_user(user, :issues_visible_to_user) do
params = try(:project_id) ? { project_id: project_id } : {}
IssuesFinder.new(user, params).execute.where(milestone_id: milestoneish_ids)
end
end end
def upcoming? def upcoming?
...@@ -50,4 +58,18 @@ module Milestoneish ...@@ -50,4 +58,18 @@ module Milestoneish
def expired? def expired?
due_date && due_date.past? due_date && due_date.past?
end end
private
def count_issues_by_state(user)
memoize_per_user(user, :count_issues_by_state) do
issues_visible_to_user(user).reorder(nil).group(:state).count
end
end
def memoize_per_user(user, method_name)
@memoized ||= {}
@memoized[method_name] ||= {}
@memoized[method_name][user.try!(:id)] ||= yield
end
end end
# The ReactiveCaching concern is used to fetch some data in the background and
# store it in the Rails cache, keeping it up-to-date for as long as it is being
# requested. If the data hasn't been requested for +reactive_cache_lifetime+,
# it stop being refreshed, and then be removed.
#
# Example of use:
#
# class Foo < ActiveRecord::Base
# include ReactiveCaching
#
# self.reactive_cache_key = ->(thing) { ["foo", thing.id] }
#
# after_save :clear_reactive_cache!
#
# def calculate_reactive_cache
# # Expensive operation here. The return value of this method is cached
# end
#
# def result
# with_reactive_cache do |data|
# # ...
# end
# end
# end
#
# In this example, the first time `#result` is called, it will return `nil`.
# However, it will enqueue a background worker to call `#calculate_reactive_cache`
# and set an initial cache lifetime of ten minutes.
#
# Each time the background job completes, it stores the return value of
# `#calculate_reactive_cache`. It is also re-enqueued to run again after
# `reactive_cache_refresh_interval`, so keeping the stored value up to date.
# Calculations are never run concurrently.
#
# Calling `#result` while a value is in the cache will call the block given to
# `#with_reactive_cache`, yielding the cached value. It will also extend the
# lifetime by `reactive_cache_lifetime`.
#
# Once the lifetime has expired, no more background jobs will be enqueued and
# calling `#result` will again return `nil` - starting the process all over
# again
module ReactiveCaching
extend ActiveSupport::Concern
included do
class_attribute :reactive_cache_lease_timeout
class_attribute :reactive_cache_key
class_attribute :reactive_cache_lifetime
class_attribute :reactive_cache_refresh_interval
# defaults
self.reactive_cache_lease_timeout = 2.minutes
self.reactive_cache_refresh_interval = 1.minute
self.reactive_cache_lifetime = 10.minutes
def calculate_reactive_cache
raise NotImplementedError
end
def with_reactive_cache(&blk)
within_reactive_cache_lifetime do
data = Rails.cache.read(full_reactive_cache_key)
yield data if data.present?
end
ensure
Rails.cache.write(full_reactive_cache_key('alive'), true, expires_in: self.class.reactive_cache_lifetime)
ReactiveCachingWorker.perform_async(self.class, id)
end
def clear_reactive_cache!
Rails.cache.delete(full_reactive_cache_key)
end
def exclusively_update_reactive_cache!
locking_reactive_cache do
within_reactive_cache_lifetime do
enqueuing_update do
value = calculate_reactive_cache
Rails.cache.write(full_reactive_cache_key, value)
end
end
end
end
private
def full_reactive_cache_key(*qualifiers)
prefix = self.class.reactive_cache_key
prefix = prefix.call(self) if prefix.respond_to?(:call)
([prefix].flatten + qualifiers).join(':')
end
def locking_reactive_cache
lease = Gitlab::ExclusiveLease.new(full_reactive_cache_key, timeout: reactive_cache_lease_timeout)
uuid = lease.try_obtain
yield if uuid
ensure
Gitlab::ExclusiveLease.cancel(full_reactive_cache_key, uuid)
end
def within_reactive_cache_lifetime
yield if Rails.cache.read(full_reactive_cache_key('alive'))
end
def enqueuing_update
yield
ensure
ReactiveCachingWorker.perform_in(self.class.reactive_cache_refresh_interval, self.class, id)
end
end
end
...@@ -128,6 +128,14 @@ class Environment < ActiveRecord::Base ...@@ -128,6 +128,14 @@ class Environment < ActiveRecord::Base
end end
end end
def has_terminals?
project.deployment_service.present? && available? && last_deployment.present?
end
def terminals
project.deployment_service.terminals(self) if has_terminals?
end
# An environment name is not necessarily suitable for use in URLs, DNS # An environment name is not necessarily suitable for use in URLs, DNS
# or other third-party contexts, so provide a slugified version. A slug has # or other third-party contexts, so provide a slugified version. A slug has
# the following properties: # the following properties:
......
...@@ -24,12 +24,16 @@ class GlobalMilestone ...@@ -24,12 +24,16 @@ class GlobalMilestone
@first_milestone = milestones.find {|m| m.description.present? } || milestones.first @first_milestone = milestones.find {|m| m.description.present? } || milestones.first
end end
def milestoneish_ids
milestones.select(:id)
end
def safe_title def safe_title
@title.to_slug.normalize.to_s @title.to_slug.normalize.to_s
end end
def projects def projects
@projects ||= Project.for_milestones(milestones.select(:id)) @projects ||= Project.for_milestones(milestoneish_ids)
end end
def state def state
...@@ -49,11 +53,11 @@ class GlobalMilestone ...@@ -49,11 +53,11 @@ class GlobalMilestone
end end
def issues def issues
@issues ||= Issue.of_milestones(milestones.select(:id)).includes(:project, :assignee, :labels) @issues ||= Issue.of_milestones(milestoneish_ids).includes(:project, :assignee, :labels)
end end
def merge_requests def merge_requests
@merge_requests ||= MergeRequest.of_milestones(milestones.select(:id)).includes(:target_project, :assignee, :labels) @merge_requests ||= MergeRequest.of_milestones(milestoneish_ids).includes(:target_project, :assignee, :labels)
end end
def participants def participants
......
...@@ -129,6 +129,10 @@ class Milestone < ActiveRecord::Base ...@@ -129,6 +129,10 @@ class Milestone < ActiveRecord::Base
self.title self.title
end end
def milestoneish_ids
id
end
def can_be_closed? def can_be_closed?
active? && issues.opened.count.zero? active? && issues.opened.count.zero?
end end
......
...@@ -533,6 +533,10 @@ class Project < ActiveRecord::Base ...@@ -533,6 +533,10 @@ class Project < ActiveRecord::Base
import_type == 'gitlab_project' import_type == 'gitlab_project'
end end
def gitea_import?
import_type == 'gitea'
end
def check_limit def check_limit
unless creator.can_create_project? or namespace.kind == 'group' unless creator.can_create_project? or namespace.kind == 'group'
projects_limit = creator.projects_limit projects_limit = creator.projects_limit
......
...@@ -5,4 +5,17 @@ class ProjectAuthorization < ActiveRecord::Base ...@@ -5,4 +5,17 @@ class ProjectAuthorization < ActiveRecord::Base
validates :project, presence: true validates :project, presence: true
validates :access_level, inclusion: { in: Gitlab::Access.all_values }, presence: true validates :access_level, inclusion: { in: Gitlab::Access.all_values }, presence: true
validates :user, uniqueness: { scope: [:project, :access_level] }, presence: true validates :user, uniqueness: { scope: [:project, :access_level] }, presence: true
def self.insert_authorizations(rows, per_batch = 1000)
rows.each_slice(per_batch) do |slice|
tuples = slice.map do |tuple|
tuple.map { |value| connection.quote(value) }
end
connection.execute <<-EOF.strip_heredoc
INSERT INTO project_authorizations (user_id, project_id, access_level)
VALUES #{tuples.map { |tuple| "(#{tuple.join(', ')})" }.join(', ')}
EOF
end
end
end end
...@@ -12,4 +12,22 @@ class DeploymentService < Service ...@@ -12,4 +12,22 @@ class DeploymentService < Service
def predefined_variables def predefined_variables
[] []
end end
# Environments may have a number of terminals. Should return an array of
# hashes describing them, e.g.:
#
# [{
# :selectors => {"a" => "b", "foo" => "bar"},
# :url => "wss://external.example.com/exec",
# :headers => {"Authorization" => "Token xxx"},
# :subprotocols => ["foo"],
# :ca_pem => "----BEGIN CERTIFICATE...", # optional
# :created_at => Time.now.utc
# }]
#
# Selectors should be a set of values that uniquely identify a particular
# terminal
def terminals(environment)
raise NotImplementedError
end
end end
class KubernetesService < DeploymentService class KubernetesService < DeploymentService
include Gitlab::Kubernetes
include ReactiveCaching
self.reactive_cache_key = ->(service) { [ service.class.model_name.singular, service.project_id ] }
# Namespace defaults to the project path, but can be overridden in case that # Namespace defaults to the project path, but can be overridden in case that
# is an invalid or inappropriate name # is an invalid or inappropriate name
prop_accessor :namespace prop_accessor :namespace
...@@ -25,6 +30,8 @@ class KubernetesService < DeploymentService ...@@ -25,6 +30,8 @@ class KubernetesService < DeploymentService
length: 1..63 length: 1..63
end end
after_save :clear_reactive_cache!
def initialize_properties def initialize_properties
if properties.nil? if properties.nil?
self.properties = {} self.properties = {}
...@@ -41,7 +48,8 @@ class KubernetesService < DeploymentService ...@@ -41,7 +48,8 @@ class KubernetesService < DeploymentService
end end
def help def help
'' 'To enable terminal access to Kubernetes environments, label your ' \
'deployments with `app=$CI_ENVIRONMENT_SLUG`'
end end
def to_param def to_param
...@@ -75,9 +83,9 @@ class KubernetesService < DeploymentService ...@@ -75,9 +83,9 @@ class KubernetesService < DeploymentService
# Check we can connect to the Kubernetes API # Check we can connect to the Kubernetes API
def test(*args) def test(*args)
kubeclient = build_kubeclient kubeclient = build_kubeclient!
kubeclient.discover
kubeclient.discover
{ success: kubeclient.discovered, result: "Checked API discovery endpoint" } { success: kubeclient.discovered, result: "Checked API discovery endpoint" }
rescue => err rescue => err
{ success: false, result: err } { success: false, result: err }
...@@ -93,20 +101,48 @@ class KubernetesService < DeploymentService ...@@ -93,20 +101,48 @@ class KubernetesService < DeploymentService
variables variables
end end
private # Constructs a list of terminals from the reactive cache
#
# Returns nil if the cache is empty, in which case you should try again a
# short time later
def terminals(environment)
with_reactive_cache do |data|
pods = data.fetch(:pods, nil)
filter_pods(pods, app: environment.slug).
flat_map { |pod| terminals_for_pod(api_url, namespace, pod) }.
map { |terminal| add_terminal_auth(terminal, token, ca_pem) }
end
end
def build_kubeclient(api_path = '/api', api_version = 'v1') # Caches all pods in the namespace so other calls don't need to block on
return nil unless api_url && namespace && token # network access.
def calculate_reactive_cache
return unless active? && project && !project.pending_delete?
url = URI.parse(api_url) kubeclient = build_kubeclient!
url.path = url.path[0..-2] if url.path[-1] == "/"
url.path += api_path # Store as hashes, rather than as third-party types
pods = begin
kubeclient.get_pods(namespace: namespace).as_json
rescue KubeException => err
raise err unless err.error_code == 404
[]
end
# We may want to cache extra things in the future
{ pods: pods }
end
private
def build_kubeclient!(api_path: 'api', api_version: 'v1')
raise "Incomplete settings" unless api_url && namespace && token
::Kubeclient::Client.new( ::Kubeclient::Client.new(
url, join_api_url(api_path),
api_version, api_version,
ssl_options: kubeclient_ssl_options,
auth_options: kubeclient_auth_options, auth_options: kubeclient_auth_options,
ssl_options: kubeclient_ssl_options,
http_proxy_uri: ENV['http_proxy'] http_proxy_uri: ENV['http_proxy']
) )
end end
...@@ -125,4 +161,13 @@ class KubernetesService < DeploymentService ...@@ -125,4 +161,13 @@ class KubernetesService < DeploymentService
def kubeclient_auth_options def kubeclient_auth_options
{ bearer_token: token } { bearer_token: token }
end end
def join_api_url(*parts)
url = URI.parse(api_url)
prefix = url.path.sub(%r{/+\z}, '')
url.path = [ prefix, *parts ].join("/")
url.to_s
end
end end
...@@ -311,10 +311,6 @@ class User < ActiveRecord::Base ...@@ -311,10 +311,6 @@ class User < ActiveRecord::Base
find_by(id: Key.unscoped.select(:user_id).where(id: key_id)) find_by(id: Key.unscoped.select(:user_id).where(id: key_id))
end end
def build_user(attrs = {})
User.new(attrs)
end
def reference_prefix def reference_prefix
'@' '@'
end end
...@@ -443,22 +439,16 @@ class User < ActiveRecord::Base ...@@ -443,22 +439,16 @@ class User < ActiveRecord::Base
end end
def refresh_authorized_projects def refresh_authorized_projects
transaction do Users::RefreshAuthorizedProjectsService.new(self).execute
project_authorizations.delete_all end
# project_authorizations_union can return multiple records for the same def remove_project_authorizations(project_ids)
# project/user with different access_level so we take row with the maximum project_authorizations.where(id: project_ids).delete_all
# access_level end
project_authorizations.connection.execute <<-SQL
INSERT INTO project_authorizations (user_id, project_id, access_level) def set_authorized_projects_column
SELECT user_id, project_id, MAX(access_level) AS access_level unless authorized_projects_populated
FROM (#{project_authorizations_union.to_sql}) sub update_column(:authorized_projects_populated, true)
GROUP BY user_id, project_id
SQL
unless authorized_projects_populated
update_column(:authorized_projects_populated, true)
end
end end
end end
...@@ -905,18 +895,6 @@ class User < ActiveRecord::Base ...@@ -905,18 +895,6 @@ class User < ActiveRecord::Base
private private
# Returns a union query of projects that the user is authorized to access
def project_authorizations_union
relations = [
personal_projects.select("#{id} AS user_id, projects.id AS project_id, #{Gitlab::Access::MASTER} AS access_level"),
groups_projects.select_for_project_authorization,
projects.select_for_project_authorization,
groups.joins(:shared_projects).select_for_project_authorization
]
Gitlab::SQL::Union.new(relations)
end
def ci_projects_union def ci_projects_union
scope = { access_level: [Gitlab::Access::MASTER, Gitlab::Access::OWNER] } scope = { access_level: [Gitlab::Access::MASTER, Gitlab::Access::OWNER] }
groups = groups_projects.where(members: scope) groups = groups_projects.where(members: scope)
......
...@@ -23,5 +23,13 @@ class EnvironmentEntity < Grape::Entity ...@@ -23,5 +23,13 @@ class EnvironmentEntity < Grape::Entity
environment) environment)
end end
expose :terminal_path, if: ->(environment, _) { environment.has_terminals? } do |environment|
can?(request.user, :admin_environment, environment.project) &&
terminal_namespace_project_environment_path(
environment.project.namespace,
environment.project,
environment)
end
expose :created_at, :updated_at expose :created_at, :updated_at
end end
...@@ -8,4 +8,8 @@ module RequestAwareEntity ...@@ -8,4 +8,8 @@ module RequestAwareEntity
def request def request
@options.fetch(:request) @options.fetch(:request)
end end
def can?(object, action, subject)
Ability.allowed?(object, action, subject)
end
end end
...@@ -4,15 +4,6 @@ module Projects ...@@ -4,15 +4,6 @@ module Projects
class Error < StandardError; end class Error < StandardError; end
ALLOWED_TYPES = [
'bitbucket',
'fogbugz',
'gitlab',
'github',
'google_code',
'gitlab_project'
]
def execute def execute
add_repository_to_project unless project.gitlab_project_import? add_repository_to_project unless project.gitlab_project_import?
...@@ -64,14 +55,11 @@ module Projects ...@@ -64,14 +55,11 @@ module Projects
end end
def has_importer? def has_importer?
ALLOWED_TYPES.include?(project.import_type) Gitlab::ImportSources.importer_names.include?(project.import_type)
end end
def importer def importer
return Gitlab::ImportExport::Importer.new(project) if @project.gitlab_project_import? Gitlab::ImportSources.importer(project.import_type).new(project)
class_name = "Gitlab::#{project.import_type.camelize}Import::Importer"
class_name.constantize.new(project)
end end
def unknown_url? def unknown_url?
......
...@@ -146,7 +146,7 @@ module SystemNoteService ...@@ -146,7 +146,7 @@ module SystemNoteService
end end
def remove_merge_request_wip(noteable, project, author) def remove_merge_request_wip(noteable, project, author)
body = 'unmarked as a Work In Progress' body = 'unmarked as a **Work In Progress**'
create_note(noteable: noteable, project: project, author: author, note: body) create_note(noteable: noteable, project: project, author: author, note: body)
end end
......
module Users
# Service for refreshing the authorized projects of a user.
#
# This particular service class can not be used to update data for the same
# user concurrently. Doing so could lead to an incorrect state. To ensure this
# doesn't happen a caller must synchronize access (e.g. using
# `Gitlab::ExclusiveLease`).
#
# Usage:
#
# user = User.find_by(username: 'alice')
# service = Users::RefreshAuthorizedProjectsService.new(some_user)
# service.execute
class RefreshAuthorizedProjectsService
attr_reader :user
LEASE_TIMEOUT = 1.minute.to_i
# user - The User for which to refresh the authorized projects.
def initialize(user)
@user = user
# We need an up to date User object that has access to all relations that
# may have been created earlier. The only way to ensure this is to reload
# the User object.
user.reload
end
# This method returns the updated User object.
def execute
current = current_authorizations_per_project
fresh = fresh_access_levels_per_project
remove = current.each_with_object([]) do |(project_id, row), array|
# rows not in the new list or with a different access level should be
# removed.
if !fresh[project_id] || fresh[project_id] != row.access_level
array << row.id
end
end
add = fresh.each_with_object([]) do |(project_id, level), array|
# rows not in the old list or with a different access level should be
# added.
if !current[project_id] || current[project_id].access_level != level
array << [user.id, project_id, level]
end
end
update_with_lease(remove, add)
end
# Updates the list of authorizations using an exclusive lease.
def update_with_lease(remove = [], add = [])
lease_key = "refresh_authorized_projects:#{user.id}"
lease = Gitlab::ExclusiveLease.new(lease_key, timeout: LEASE_TIMEOUT)
until uuid = lease.try_obtain
# Keep trying until we obtain the lease. If we don't do so we may end up
# not updating the list of authorized projects properly. To prevent
# hammering Redis too much we'll wait for a bit between retries.
sleep(1)
end
begin
update_authorizations(remove, add)
ensure
Gitlab::ExclusiveLease.cancel(lease_key, uuid)
end
end
# Updates the list of authorizations for the current user.
#
# remove - The IDs of the authorization rows to remove.
# add - Rows to insert in the form `[user id, project id, access level]`
def update_authorizations(remove = [], add = [])
return if remove.empty? && add.empty?
User.transaction do
user.remove_project_authorizations(remove) unless remove.empty?
ProjectAuthorization.insert_authorizations(add) unless add.empty?
user.set_authorized_projects_column
end
# Since we batch insert authorization rows, Rails' associations may get
# out of sync. As such we force a reload of the User object.
user.reload
end
def fresh_access_levels_per_project
fresh_authorizations.each_with_object({}) do |row, hash|
hash[row.project_id] = row.access_level
end
end
def current_authorizations_per_project
current_authorizations.each_with_object({}) do |row, hash|
hash[row.project_id] = row
end
end
def current_authorizations
user.project_authorizations.select(:id, :project_id, :access_level)
end
def fresh_authorizations
ProjectAuthorization.
unscoped.
select('project_id, MAX(access_level) AS access_level').
from("(#{project_authorizations_union.to_sql}) #{ProjectAuthorization.table_name}").
group(:project_id)
end
private
# Returns a union query of projects that the user is authorized to access
def project_authorizations_union
relations = [
user.personal_projects.select("#{user.id} AS user_id, projects.id AS project_id, #{Gitlab::Access::MASTER} AS access_level"),
user.groups_projects.select_for_project_authorization,
user.projects.select_for_project_authorization,
user.groups.joins(:shared_projects).select_for_project_authorization
]
Gitlab::SQL::Union.new(relations)
end
end
end
- provider = local_assigns.fetch(:provider)
- provider_title = Gitlab::ImportSources.title(provider)
%p.light
Select projects you want to import.
%hr
%p
= button_tag class: "btn btn-import btn-success js-import-all" do
Import all projects
= icon("spinner spin", class: "loading-icon")
.table-responsive
%table.table.import-jobs
%colgroup.import-jobs-from-col
%colgroup.import-jobs-to-col
%colgroup.import-jobs-status-col
%thead
%tr
%th= "From #{provider_title}"
%th To GitLab
%th Status
%tbody
- @already_added_projects.each do |project|
%tr{id: "project_#{project.id}", class: "#{project_status_css_class(project.import_status)}"}
%td
= provider_project_link(provider, project.import_source)
%td
= link_to project.path_with_namespace, [project.namespace.becomes(Namespace), project]
%td.job-status
- if project.import_status == 'finished'
%span
%i.fa.fa-check
done
- elsif project.import_status == 'started'
%i.fa.fa-spinner.fa-spin
started
- else
= project.human_import_status_name
- @repos.each do |repo|
%tr{id: "repo_#{repo.id}"}
%td
= provider_project_link(provider, repo.full_name)
%td.import-target
%fieldset.row
.input-group
.project-path.input-group-btn
- if current_user.can_select_namespace?
- selected = params[:namespace_id] || :current_user
- opts = current_user.can_create_group? ? { extra_group: Group.new(name: repo.owner.login, path: repo.owner.login) } : {}
= select_tag :namespace_id, namespaces_options(selected, opts.merge({ display_path: true })), { class: 'select2 js-select-namespace', tabindex: 1 }
- else
= text_field_tag :path, current_user.namespace_path, class: "input-large form-control", tabindex: 1, disabled: true
%span.input-group-addon /
= text_field_tag :path, repo.name, class: "input-mini form-control", tabindex: 2, autofocus: true, required: true
%td.import-actions.job-status
= button_tag class: "btn btn-import js-add-to-import" do
Import
= icon("spinner spin", class: "loading-icon")
.js-importer-status{ data: { jobs_import_path: "#{url_for([:jobs, :import, provider])}", import_path: "#{url_for([:import, provider])}" } }
- page_title "Gitea Import"
- header_title "Projects", root_path
%h3.page-title
= custom_icon('go_logo')
Import Projects from Gitea
%p
To get started, please enter your Gitea Host URL and a
= succeed '.' do
= link_to 'Personal Access Token', 'https://github.com/gogits/go-gogs-client/wiki#access-token'
= form_tag personal_access_token_import_gitea_path, class: 'form-horizontal' do
.form-group
= label_tag :gitea_host_url, 'Gitea Host URL', class: 'control-label'
.col-sm-4
= text_field_tag :gitea_host_url, nil, placeholder: 'https://try.gitea.io', class: 'form-control'
.form-group
= label_tag :personal_access_token, 'Personal Access Token', class: 'control-label'
.col-sm-4
= text_field_tag :personal_access_token, nil, class: 'form-control'
.form-actions
= submit_tag 'List Your Gitea Repositories', class: 'btn btn-create'
- page_title "Gitea Import"
- header_title "Projects", root_path
%h3.page-title
= custom_icon('go_logo')
Import Projects from Gitea
= render 'import/githubish_status', provider: 'gitea'
- page_title "GitHub import" - page_title "GitHub Import"
- header_title "Projects", root_path - header_title "Projects", root_path
%h3.page-title %h3.page-title
%i.fa.fa-github = icon 'github', text: 'Import Projects from GitHub'
Import projects from GitHub
%p.light = render 'import/githubish_status', provider: 'github'
Select projects you want to import.
%hr
%p
= button_tag class: "btn btn-import btn-success js-import-all" do
Import all projects
= icon("spinner spin", class: "loading-icon")
.table-responsive
%table.table.import-jobs
%colgroup.import-jobs-from-col
%colgroup.import-jobs-to-col
%colgroup.import-jobs-status-col
%thead
%tr
%th From GitHub
%th To GitLab
%th Status
%tbody
- @already_added_projects.each do |project|
%tr{id: "project_#{project.id}", class: "#{project_status_css_class(project.import_status)}"}
%td
= github_project_link(project.import_source)
%td
= link_to project.path_with_namespace, [project.namespace.becomes(Namespace), project]
%td.job-status
- if project.import_status == 'finished'
%span
%i.fa.fa-check
done
- elsif project.import_status == 'started'
%i.fa.fa-spinner.fa-spin
started
- else
= project.human_import_status_name
- @repos.each do |repo|
%tr{id: "repo_#{repo.id}"}
%td
= github_project_link(repo.full_name)
%td.import-target
%fieldset.row
.input-group
.project-path.input-group-btn
- if current_user.can_select_namespace?
- selected = params[:namespace_id] || :current_user
- opts = current_user.can_create_group? ? { extra_group: Group.new(name: repo.owner.login, path: repo.owner.login) } : {}
= select_tag :namespace_id, namespaces_options(selected, opts.merge({ display_path: true })), { class: 'select2 js-select-namespace', tabindex: 1 }
- else
= text_field_tag :path, current_user.namespace_path, class: "input-large form-control", tabindex: 1, disabled: true
%span.input-group-addon /
= text_field_tag :path, repo.name, class: "input-mini form-control", tabindex: 2, autofocus: true, required: true
%td.import-actions.job-status
= button_tag class: "btn btn-import js-add-to-import" do
Import
= icon("spinner spin", class: "loading-icon")
.js-importer-status{ data: { jobs_import_path: "#{jobs_import_github_path}", import_path: "#{import_github_path}" } }
- if environment.has_terminals? && can?(current_user, :admin_environment, @project)
= link_to terminal_namespace_project_environment_path(@project.namespace, @project, environment), class: 'btn terminal-button' do
= icon('terminal')
...@@ -4,10 +4,6 @@ ...@@ -4,10 +4,6 @@
- content_for :page_specific_javascripts do - content_for :page_specific_javascripts do
= page_specific_javascript_tag("environments/environments_bundle.js") = page_specific_javascript_tag("environments/environments_bundle.js")
.commit-icon-svg.hidden
= custom_icon("icon_commit")
.play-icon-svg.hidden
= custom_icon("icon_play")
#environments-list-view{ data: { environments_data: environments_list_data, #environments-list-view{ data: { environments_data: environments_list_data,
"can-create-deployment" => can?(current_user, :create_deployment, @project).to_s, "can-create-deployment" => can?(current_user, :create_deployment, @project).to_s,
...@@ -19,4 +15,5 @@ ...@@ -19,4 +15,5 @@
"help-page-path" => help_page_path("ci/environments"), "help-page-path" => help_page_path("ci/environments"),
"css-class" => container_class, "css-class" => container_class,
"commit-icon-svg" => custom_icon("icon_commit"), "commit-icon-svg" => custom_icon("icon_commit"),
"terminal-icon-svg" => custom_icon("icon_terminal"),
"play-icon-svg" => custom_icon("icon_play")}} "play-icon-svg" => custom_icon("icon_play")}}
...@@ -8,6 +8,7 @@ ...@@ -8,6 +8,7 @@
%h3.page-title= @environment.name.capitalize %h3.page-title= @environment.name.capitalize
.col-md-3 .col-md-3
.nav-controls .nav-controls
= render 'projects/environments/terminal_button', environment: @environment
= render 'projects/environments/external_url', environment: @environment = render 'projects/environments/external_url', environment: @environment
- if can?(current_user, :update_environment, @environment) - if can?(current_user, :update_environment, @environment)
= link_to 'Edit', edit_namespace_project_environment_path(@project.namespace, @project, @environment), class: 'btn' = link_to 'Edit', edit_namespace_project_environment_path(@project.namespace, @project, @environment), class: 'btn'
......
- @no_container = true
- page_title "Terminal for environment", @environment.name
= render "projects/pipelines/head"
- content_for :page_specific_javascripts do
= stylesheet_link_tag "xterm/xterm"
= page_specific_javascript_tag("terminal/terminal_bundle.js")
%div{class: container_class}
.top-area
.row
.col-sm-6
%h3.page-title
Terminal for environment
= @environment.name
.col-sm-6
.nav-controls
= render 'projects/deployments/actions', deployment: @environment.last_deployment
.terminal-container{class: container_class}
#terminal{data:{project_path: "#{terminal_namespace_project_environment_path(@project.namespace, @project, @environment)}.ws"}}
...@@ -68,6 +68,11 @@ ...@@ -68,6 +68,11 @@
- if fogbugz_import_enabled? - if fogbugz_import_enabled?
= link_to new_import_fogbugz_path, class: 'btn import_fogbugz' do = link_to new_import_fogbugz_path, class: 'btn import_fogbugz' do
= icon('bug', text: 'Fogbugz') = icon('bug', text: 'Fogbugz')
%div
- if gitea_import_enabled?
= link_to new_import_gitea_url, class: 'btn import_gitea' do
= custom_icon('go_logo')
Gitea
%div %div
- if git_import_enabled? - if git_import_enabled?
= link_to "#", class: 'btn js-toggle-button import_git' do = link_to "#", class: 'btn js-toggle-button import_git' do
......
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
= render 'shared/empty_states/icons/issues.svg' = render 'shared/empty_states/icons/issues.svg'
.col-xs-12{ class: "#{'col-sm-6' if has_button}" } .col-xs-12{ class: "#{'col-sm-6' if has_button}" }
.text-content .text-content
- if has_button - if has_button && current_user
%h4 %h4
The Issue Tracker is a good place to add things that need to be improved or solved in a project! The Issue Tracker is a good place to add things that need to be improved or solved in a project!
%p %p
......
<svg xmlns="http://www.w3.org/2000/svg" width="<%= size %>" height="<%= size %>" viewBox="0 0 16 16"><g fill-rule="evenodd" transform="translate(0 1)"><path d="m14 15.01h1v-8.02c0-3.862-3.134-6.991-7-6.991-3.858 0-7 3.13-7 6.991v8.02h1v-8.02c0-3.306 2.691-5.991 6-5.991 3.314 0 6 2.682 6 5.991v8.02m-10.52-13.354c-.366-.402-.894-.655-1.48-.655-1.105 0-2 .895-2 2 0 .868.552 1.606 1.325 1.883.102-.321.226-.631.371-.93-.403-.129-.695-.507-.695-.953 0-.552.448-1 1-1 .306 0 .58.138.764.354.222-.25.461-.483.717-.699m9.04-.002c.366-.401.893-.653 1.479-.653 1.105 0 2 .895 2 2 0 .867-.552 1.606-1.324 1.883-.101-.321-.225-.632-.37-.931.403-.129.694-.507.694-.952 0-.552-.448-1-1-1-.305 0-.579.137-.762.353-.222-.25-.461-.483-.717-.699"/><path d="m5.726 7.04h1.557v.124c0 .283-.033.534-.1.752-.065.202-.175.391-.33.566-.35.394-.795.591-1.335.591-.527 0-.979-.19-1.355-.571-.376-.382-.564-.841-.564-1.377 0-.547.191-1.01.574-1.391.382-.382.848-.574 1.396-.574.295 0 .57.06.825.181.244.12.484.316.72.586l-.405.388c-.309-.412-.686-.618-1.13-.618-.399 0-.733.138-1 .413-.27.27-.405.609-.405 1.015 0 .42.151.766.452 1.037.282.252.587.378.915.378.28 0 .531-.094.754-.283.223-.19.347-.418.373-.683h-.94v-.535m2.884.061c0-.53.194-.986.583-1.367.387-.381.853-.571 1.396-.571.537 0 .998.192 1.382.576.386.384.578.845.578 1.384 0 .542-.194 1-.581 1.379-.389.379-.858.569-1.408.569-.487 0-.923-.168-1.311-.505-.426-.373-.64-.861-.64-1.465m.574.007c0 .417.14.759.42 1.028.278.269.6.403.964.403.395 0 .729-.137 1-.41.272-.277.408-.613.408-1.01 0-.402-.134-.739-.403-1.01-.267-.273-.597-.41-.991-.41-.392 0-.723.137-.993.41-.27.27-.405.604-.405 1m-.184 3.918c.525.026.812.063.812.063.271.025.324-.096.116-.273 0 0-.775-.813-1.933-.813-1.159 0-1.923.813-1.923.813-.211.174-.153.3.12.273 0 0 .286-.037.81-.063v.477c0 .268.224.5.5.5.268 0 .5-.223.5-.498v-.252.25c0 .268.224.5.5.5.268 0 .5-.223.5-.498v-.478m-1-1.023c.552 0 1-.224 1-.5 0-.276-.448-.5-1-.5-.552 0-1 .224-1 .5 0 .276.448.5 1 .5"/></g></svg>
<svg width="19" height="14" viewBox="0 0 19 14" xmlns="http://www.w3.org/2000/svg"><rect fill="#848484" x="7.2" y="9.25" width="6.46" height="1.5" rx=".5"/><path d="M5.851 7.016L3.81 9.103a.503.503 0 0 0 .017.709l.35.334c.207.198.524.191.717-.006l2.687-2.748a.493.493 0 0 0 .137-.376.493.493 0 0 0-.137-.376L4.894 3.892a.507.507 0 0 0-.717-.006l-.35.334a.503.503 0 0 0-.017.709L5.85 7.016z"/><path d="M1.25 11.497c0 .691.562 1.253 1.253 1.253h13.994c.694 0 1.253-.56 1.253-1.253V2.503c0-.691-.562-1.253-1.253-1.253H2.503c-.694 0-1.253.56-1.253 1.253v8.994zM2.503 0h13.994A2.504 2.504 0 0 1 19 2.503v8.994A2.501 2.501 0 0 1 16.497 14H2.503A2.504 2.504 0 0 1 0 11.497V2.503A2.501 2.501 0 0 1 2.503 0z"/></svg>
...@@ -2,8 +2,6 @@ class AuthorizedProjectsWorker ...@@ -2,8 +2,6 @@ class AuthorizedProjectsWorker
include Sidekiq::Worker include Sidekiq::Worker
include DedicatedSidekiqQueue include DedicatedSidekiqQueue
LEASE_TIMEOUT = 1.minute.to_i
def self.bulk_perform_async(args_list) def self.bulk_perform_async(args_list)
Sidekiq::Client.push_bulk('class' => self, 'args' => args_list) Sidekiq::Client.push_bulk('class' => self, 'args' => args_list)
end end
...@@ -11,24 +9,6 @@ class AuthorizedProjectsWorker ...@@ -11,24 +9,6 @@ class AuthorizedProjectsWorker
def perform(user_id) def perform(user_id)
user = User.find_by(id: user_id) user = User.find_by(id: user_id)
refresh(user) if user user.refresh_authorized_projects if user
end
def refresh(user)
lease_key = "refresh_authorized_projects:#{user.id}"
lease = Gitlab::ExclusiveLease.new(lease_key, timeout: LEASE_TIMEOUT)
until uuid = lease.try_obtain
# Keep trying until we obtain the lease. If we don't do so we may end up
# not updating the list of authorized projects properly. To prevent
# hammering Redis too much we'll wait for a bit between retries.
sleep(1)
end
begin
user.refresh_authorized_projects
ensure
Gitlab::ExclusiveLease.cancel(lease_key, uuid)
end
end end
end end
class ReactiveCachingWorker
include Sidekiq::Worker
include DedicatedSidekiqQueue
def perform(class_name, id)
klass = begin
Kernel.const_get(class_name)
rescue NameError
nil
end
return unless klass
klass.find_by(id: id).try(:exclusively_update_reactive_cache!)
end
end
...@@ -84,12 +84,15 @@ class ChangelogEntry ...@@ -84,12 +84,15 @@ class ChangelogEntry
end end
end end
private
def contents def contents
YAML.dump( yaml_content = YAML.dump(
'title' => title, 'title' => title,
'merge_request' => options.merge_request, 'merge_request' => options.merge_request,
'author' => options.author 'author' => options.author
) )
remove_trailing_whitespace(yaml_content)
end end
def write def write
...@@ -101,8 +104,6 @@ class ChangelogEntry ...@@ -101,8 +104,6 @@ class ChangelogEntry
exec("git commit --amend") exec("git commit --amend")
end end
private
def fail_with(message) def fail_with(message)
$stderr.puts "\e[31merror\e[0m #{message}" $stderr.puts "\e[31merror\e[0m #{message}"
exit 1 exit 1
...@@ -160,6 +161,10 @@ class ChangelogEntry ...@@ -160,6 +161,10 @@ class ChangelogEntry
def branch_name def branch_name
@branch_name ||= %x{git symbolic-ref --short HEAD}.strip @branch_name ||= %x{git symbolic-ref --short HEAD}.strip
end end
def remove_trailing_whitespace(yaml_content)
yaml_content.gsub(/ +$/, '')
end
end end
if $0 == __FILE__ if $0 == __FILE__
......
---
title: New Gitea importer
merge_request: 8116
author:
---
title: Hides new issue button for non loggedin user
merge_request: 8175
author:
---
title: remove build_user
merge_request: 8162
author: Arsenev Vladislav
--- ---
title: Allow public access to some Project API endpoints title: Allow unauthenticated access to some Project API GET endpoints
merge_request: 7843 merge_request: 7843
author: author:
---
title: Allow unauthenticated access to Repositories Files API GET endpoints
merge_request:
author:
---
title: Allow unauthenticated access to Repositories API GET endpoints
merge_request: 8148
author:
---
title: Milestoneish SQL performance partially improved and memoized
merge_request: 8146
author:
---
title: Add online terminal support for Kubernetes
merge_request: 7690
author:
---
title: Remove trailing whitespace when generating changelog entry
merge_request: 7948
author:
...@@ -89,6 +89,7 @@ module Gitlab ...@@ -89,6 +89,7 @@ module Gitlab
config.assets.precompile << "mailers/*.css" config.assets.precompile << "mailers/*.css"
config.assets.precompile << "katex.css" config.assets.precompile << "katex.css"
config.assets.precompile << "katex.js" config.assets.precompile << "katex.js"
config.assets.precompile << "xterm/xterm.css"
config.assets.precompile << "graphs/graphs_bundle.js" config.assets.precompile << "graphs/graphs_bundle.js"
config.assets.precompile << "users/users_bundle.js" config.assets.precompile << "users/users_bundle.js"
config.assets.precompile << "network/network_bundle.js" config.assets.precompile << "network/network_bundle.js"
...@@ -102,6 +103,7 @@ module Gitlab ...@@ -102,6 +103,7 @@ module Gitlab
config.assets.precompile << "environments/environments_bundle.js" config.assets.precompile << "environments/environments_bundle.js"
config.assets.precompile << "blob_edit/blob_edit_bundle.js" config.assets.precompile << "blob_edit/blob_edit_bundle.js"
config.assets.precompile << "snippet/snippet_bundle.js" config.assets.precompile << "snippet/snippet_bundle.js"
config.assets.precompile << "terminal/terminal_bundle.js"
config.assets.precompile << "lib/utils/*.js" config.assets.precompile << "lib/utils/*.js"
config.assets.precompile << "lib/*.js" config.assets.precompile << "lib/*.js"
config.assets.precompile << "u2f.js" config.assets.precompile << "u2f.js"
......
...@@ -213,7 +213,7 @@ Settings.gitlab.default_projects_features['builds'] = true if Settin ...@@ -213,7 +213,7 @@ Settings.gitlab.default_projects_features['builds'] = true if Settin
Settings.gitlab.default_projects_features['container_registry'] = true if Settings.gitlab.default_projects_features['container_registry'].nil? Settings.gitlab.default_projects_features['container_registry'] = true if Settings.gitlab.default_projects_features['container_registry'].nil?
Settings.gitlab.default_projects_features['visibility_level'] = Settings.send(:verify_constant, Gitlab::VisibilityLevel, Settings.gitlab.default_projects_features['visibility_level'], Gitlab::VisibilityLevel::PRIVATE) Settings.gitlab.default_projects_features['visibility_level'] = Settings.send(:verify_constant, Gitlab::VisibilityLevel, Settings.gitlab.default_projects_features['visibility_level'], Gitlab::VisibilityLevel::PRIVATE)
Settings.gitlab['domain_whitelist'] ||= [] Settings.gitlab['domain_whitelist'] ||= []
Settings.gitlab['import_sources'] ||= %w[github bitbucket gitlab google_code fogbugz git gitlab_project] Settings.gitlab['import_sources'] ||= %w[github bitbucket gitlab google_code fogbugz git gitlab_project gitea]
Settings.gitlab['trusted_proxies'] ||= [] Settings.gitlab['trusted_proxies'] ||= []
Settings.gitlab['no_todos_messages'] ||= YAML.load_file(Rails.root.join('config', 'no_todos_messages.yml')) Settings.gitlab['no_todos_messages'] ||= YAML.load_file(Rails.root.join('config', 'no_todos_messages.yml'))
......
...@@ -6,6 +6,12 @@ namespace :import do ...@@ -6,6 +6,12 @@ namespace :import do
get :jobs get :jobs
end end
resource :gitea, only: [:create, :new], controller: :gitea do
post :personal_access_token
get :status
get :jobs
end
resource :gitlab, only: [:create], controller: :gitlab do resource :gitlab, only: [:create], controller: :gitlab do
get :status get :status
get :callback get :callback
......
...@@ -150,6 +150,8 @@ constraints(ProjectUrlConstrainer.new) do ...@@ -150,6 +150,8 @@ constraints(ProjectUrlConstrainer.new) do
resources :environments, except: [:destroy] do resources :environments, except: [:destroy] do
member do member do
post :stop post :stop
get :terminal
get '/terminal.ws/authorize', to: 'environments#terminal_websocket_authorize', constraints: { format: nil }
end end
end end
......
...@@ -46,5 +46,6 @@ ...@@ -46,5 +46,6 @@
- [repository_check, 1] - [repository_check, 1]
- [system_hook, 1] - [system_hook, 1]
- [git_garbage_collect, 1] - [git_garbage_collect, 1]
- [reactive_caching, 1]
- [cronjob, 1] - [cronjob, 1]
- [default, 1] - [default, 1]
...@@ -34,6 +34,7 @@ ...@@ -34,6 +34,7 @@
- [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter. - [Integration](integration/README.md) How to integrate with systems such as JIRA, Redmine, Twitter.
- [Issue closing pattern](administration/issue_closing_pattern.md) Customize how to close an issue from commit messages. - [Issue closing pattern](administration/issue_closing_pattern.md) Customize how to close an issue from commit messages.
- [Koding](administration/integration/koding.md) Set up Koding to use with GitLab. - [Koding](administration/integration/koding.md) Set up Koding to use with GitLab.
- [Online terminals](administration/integration/terminal.md) Provide terminal access to environments from within GitLab.
- [Libravatar](customization/libravatar.md) Use Libravatar instead of Gravatar for user avatars. - [Libravatar](customization/libravatar.md) Use Libravatar instead of Gravatar for user avatars.
- [Log system](administration/logs.md) Log system. - [Log system](administration/logs.md) Log system.
- [Environment Variables](administration/environment_variables.md) to configure GitLab. - [Environment Variables](administration/environment_variables.md) to configure GitLab.
......
...@@ -10,11 +10,11 @@ you need to use with GitLab. ...@@ -10,11 +10,11 @@ you need to use with GitLab.
## Basic ports ## Basic ports
| LB Port | Backend Port | Protocol | | LB Port | Backend Port | Protocol |
| ------- | ------------ | -------- | | ------- | ------------ | --------------- |
| 80 | 80 | HTTP | | 80 | 80 | HTTP [^1] |
| 443 | 443 | HTTPS [^1] | | 443 | 443 | HTTPS [^1] [^2] |
| 22 | 22 | TCP | | 22 | 22 | TCP |
## GitLab Pages Ports ## GitLab Pages Ports
...@@ -25,8 +25,8 @@ GitLab Pages requires a separate VIP. Configure DNS to point the ...@@ -25,8 +25,8 @@ GitLab Pages requires a separate VIP. Configure DNS to point the
| LB Port | Backend Port | Protocol | | LB Port | Backend Port | Protocol |
| ------- | ------------ | -------- | | ------- | ------------ | -------- |
| 80 | Varies [^2] | HTTP | | 80 | Varies [^3] | HTTP |
| 443 | Varies [^2] | TCP [^3] | | 443 | Varies [^3] | TCP [^4] |
## Alternate SSH Port ## Alternate SSH Port
...@@ -50,13 +50,19 @@ Read more on high-availability configuration: ...@@ -50,13 +50,19 @@ Read more on high-availability configuration:
1. [Configure NFS](nfs.md) 1. [Configure NFS](nfs.md)
1. [Configure the GitLab application servers](gitlab.md) 1. [Configure the GitLab application servers](gitlab.md)
[^1]: When using HTTPS protocol for port 443, you will need to add an SSL [^1]: [Terminal support](../../ci/environments.md#terminal-support) requires
your load balancer to correctly handle WebSocket connections. When using
HTTP or HTTPS proxying, this means your load balancer must be configured
to pass through the `Connection` and `Upgrade` hop-by-hop headers. See the
[online terminal](../integration/terminal.md) integration guide for
more details.
[^2]: When using HTTPS protocol for port 443, you will need to add an SSL
certificate to the load balancers. If you wish to terminate SSL at the certificate to the load balancers. If you wish to terminate SSL at the
GitLab application server instead, use TCP protocol. GitLab application server instead, use TCP protocol.
[^2]: The backend port for GitLab Pages depends on the [^3]: The backend port for GitLab Pages depends on the
`gitlab_pages['external_http']` and `gitlab_pages['external_https']` `gitlab_pages['external_http']` and `gitlab_pages['external_https']`
setting. See [GitLab Pages documentation][gitlab-pages] for more details. setting. See [GitLab Pages documentation][gitlab-pages] for more details.
[^3]: Port 443 for GitLab Pages should always use the TCP protocol. Users can [^4]: Port 443 for GitLab Pages should always use the TCP protocol. Users can
configure custom domains with custom SSL, which would not be possible configure custom domains with custom SSL, which would not be possible
if SSL was terminated at the load balancer. if SSL was terminated at the load balancer.
......
# Online terminals
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7690)
in GitLab 8.15. Only project masters and owners can access online terminals.
With the introduction of the [Kubernetes](../../project_services/kubernetes.md)
project service, GitLab gained the ability to store and use credentials for a
Kubernetes cluster. One of the things it uses these credentials for is providing
access to [online terminals](../../ci/environments.html#online-terminals)
for environments.
## How it works
A detailed overview of the architecture of online terminals and how they work
can be found in [this document](https://gitlab.com/gitlab-org/gitlab-workhorse/blob/master/doc/terminal.md).
In brief:
* GitLab relies on the user to provide their own Kubernetes credentials, and to
appropriately label the pods they create when deploying.
* When a user navigates to the terminal page for an environment, they are served
a JavaScript application that opens a WebSocket connection back to GitLab.
* The WebSocket is handled in [Workhorse](https://gitlab.com/gitlab-org/gitlab-workhorse),
rather than the Rails application server.
* Workhorse queries Rails for connection details and user permissions; Rails
queries Kubernetes for them in the background, using [Sidekiq](../troubleshooting/sidekiq.md)
* Workhorse acts as a proxy server between the user's browser and the Kubernetes
API, passing WebSocket frames between the two.
* Workhorse regularly polls Rails, terminating the WebSocket connection if the
user no longer has permission to access the terminal, or if the connection
details have changed.
## Enabling and disabling terminal support
As online terminals use WebSockets, every HTTP/HTTPS reverse proxy in front of
Workhorse needs to be configured to pass the `Connection` and `Upgrade` headers
through to the next one in the chain. If you installed Gitlab using Omnibus, or
from source, starting with GitLab 8.15, this should be done by the default
configuration, so there's no need for you to do anything.
However, if you run a [load balancer](../high_availability/load_balancer.md) in
front of GitLab, you may need to make some changes to your configuration. These
guides document the necessary steps for a selection of popular reverse proxies:
* [Apache](https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html)
* [NGINX](https://www.nginx.com/blog/websocket-nginx/)
* [HAProxy](http://blog.haproxy.com/2012/11/07/websockets-load-balancing-with-haproxy/)
* [Varnish](https://www.varnish-cache.org/docs/4.1/users-guide/vcl-example-websockets.html)
Workhorse won't let WebSocket requests through to non-WebSocket endpoints, so
it's safe to enable support for these headers globally. If you'd rather had a
narrower set of rules, you can restrict it to URLs ending with `/terminal.ws`
(although this may still have a few false positives).
If you installed from source, or have made any configuration changes to your
Omnibus installation before upgrading to 8.15, you may need to make some
changes to your configuration. See the [8.14 to 8.15 upgrade](../../update/8.14-to-8.15.md#nginx-configuration)
document for more details.
If you'd like to disable online terminal support in GitLab, just stop passing
the `Connection` and `Upgrade` hop-by-hop headers in the *first* HTTP reverse
proxy in the chain. For most users, this will be the NGINX server bundled with
Omnibus Gitlab, in which case, you need to:
* Find the `nginx['proxy_set_headers']` section of your `gitlab.rb` file
* Ensure the whole block is uncommented, and then comment out or remove the
`Connection` and `Upgrade` lines.
For your own load balancer, just reverse the configuration changes recommended
by the above guides.
When these headers are not passed through, Workhorse will return a
`400 Bad Request` response to users attempting to use an online terminal. In
turn, they will receive a `Connection failed` message.
...@@ -2,7 +2,8 @@ ...@@ -2,7 +2,8 @@
## List repository tree ## List repository tree
Get a list of repository files and directories in a project. Get a list of repository files and directories in a project. This endpoint can
be accessed without authentication if the repository is publicly accessible.
``` ```
GET /projects/:id/repository/tree GET /projects/:id/repository/tree
...@@ -71,7 +72,8 @@ Parameters: ...@@ -71,7 +72,8 @@ Parameters:
## Raw file content ## Raw file content
Get the raw file contents for a file by commit SHA and path. Get the raw file contents for a file by commit SHA and path. This endpoint can
be accessed without authentication if the repository is publicly accessible.
``` ```
GET /projects/:id/repository/blobs/:sha GET /projects/:id/repository/blobs/:sha
...@@ -85,7 +87,8 @@ Parameters: ...@@ -85,7 +87,8 @@ Parameters:
## Raw blob content ## Raw blob content
Get the raw file contents for a blob by blob SHA. Get the raw file contents for a blob by blob SHA. This endpoint can be accessed
without authentication if the repository is publicly accessible.
``` ```
GET /projects/:id/repository/raw_blobs/:sha GET /projects/:id/repository/raw_blobs/:sha
...@@ -98,7 +101,8 @@ Parameters: ...@@ -98,7 +101,8 @@ Parameters:
## Get file archive ## Get file archive
Get an archive of the repository Get an archive of the repository. This endpoint can be accessed without
authentication if the repository is publicly accessible.
``` ```
GET /projects/:id/repository/archive GET /projects/:id/repository/archive
...@@ -111,6 +115,9 @@ Parameters: ...@@ -111,6 +115,9 @@ Parameters:
## Compare branches, tags or commits ## Compare branches, tags or commits
This endpoint can be accessed without authentication if the repository is
publicly accessible.
``` ```
GET /projects/:id/repository/compare GET /projects/:id/repository/compare
``` ```
...@@ -163,7 +170,8 @@ Response: ...@@ -163,7 +170,8 @@ Response:
## Contributors ## Contributors
Get repository contributors list Get repository contributors list. This endpoint can be accessed without
authentication if the repository is publicly accessible.
``` ```
GET /projects/:id/repository/contributors GET /projects/:id/repository/contributors
......
...@@ -6,7 +6,9 @@ ...@@ -6,7 +6,9 @@
## Get file from repository ## Get file from repository
Allows you to receive information about file in repository like name, size, content. Note that file content is Base64 encoded. Allows you to receive information about file in repository like name, size,
content. Note that file content is Base64 encoded. This endpoint can be accessed
without authentication if the repository is publicly accessible.
``` ```
GET /projects/:id/repository/files GET /projects/:id/repository/files
......
...@@ -25,7 +25,9 @@ Environments are like tags for your CI jobs, describing where code gets deployed ...@@ -25,7 +25,9 @@ Environments are like tags for your CI jobs, describing where code gets deployed
Deployments are created when [jobs] deploy versions of code to environments, Deployments are created when [jobs] deploy versions of code to environments,
so every environment can have one or more deployments. GitLab keeps track of so every environment can have one or more deployments. GitLab keeps track of
your deployments, so you always know what is currently being deployed on your your deployments, so you always know what is currently being deployed on your
servers. servers. If you have a deployment service such as [Kubernetes][kubernetes-service]
enabled for your project, you can use it to assist with your deployments, and
can even access a terminal for your environment from within GitLab!
To better understand how environments and deployments work, let's consider an To better understand how environments and deployments work, let's consider an
example. We assume that you have already created a project in GitLab and set up example. We assume that you have already created a project in GitLab and set up
...@@ -233,6 +235,46 @@ Remember that if your environment's name is `production` (all lowercase), then ...@@ -233,6 +235,46 @@ Remember that if your environment's name is `production` (all lowercase), then
it will get recorded in [Cycle Analytics](../user/project/cycle_analytics.md). it will get recorded in [Cycle Analytics](../user/project/cycle_analytics.md).
Double the benefit! Double the benefit!
## Terminal support
>**Note:**
Terminal support was added in GitLab 8.15 and is only available to project
masters and owners.
If you deploy to your environments with the help of a deployment service (e.g.,
the [Kubernetes](../project_services/kubernetes.md) service), GitLab can open
a terminal session to your environment! This is a very powerful feature that
allows you to debug issues without leaving the comfort of your web browser. To
enable it, just follow the instructions given in the service documentation.
Once enabled, your environments will gain a "terminal" button:
![Terminal button on environment index](img/environments_terminal_button_on_index.png)
You can also access the terminal button from the page for a specific environment:
![Terminal button for an environment](img/environments_terminal_button_on_show.png)
Wherever you find it, clicking the button will take you to a separate page to
establish the terminal session:
![Terminal page](img/environments_terminal_page.png)
This works just like any other terminal - you'll be in the container created
by your deployment, so you can run shell commands and get responses in real
time, check the logs, try out configuration or code tweaks, etc. You can open
multiple terminals to the same environment - they each get their own shell
session - and even a multiplexer like `screen` or `tmux`!
>**Note:**
Container-based deployments often lack basic tools (like an editor), and may
be stopped or restarted at any time. If this happens, you will lose all your
changes! Treat this as a debugging tool, not a comprehensive online IDE. You
can use [Koding](../administration/integration/koding.md) for online
development.
---
While this is fine for deploying to some stable environments like staging or While this is fine for deploying to some stable environments like staging or
production, what happens for branches? So far we haven't defined anything production, what happens for branches? So far we haven't defined anything
regarding deployments for branches other than `master`. Dynamic environments regarding deployments for branches other than `master`. Dynamic environments
...@@ -524,6 +566,7 @@ Below are some links you may find interesting: ...@@ -524,6 +566,7 @@ Below are some links you may find interesting:
[Pipelines]: pipelines.md [Pipelines]: pipelines.md
[jobs]: yaml/README.md#jobs [jobs]: yaml/README.md#jobs
[yaml]: yaml/README.md [yaml]: yaml/README.md
[kubernetes-service]: ../project_services/kubernetes.md]
[environments]: #environments [environments]: #environments
[deployments]: #deployments [deployments]: #deployments
[permissions]: ../user/permissions.md [permissions]: ../user/permissions.md
......
...@@ -36,6 +36,37 @@ Clicking on a pipeline will show the builds that were run for that pipeline. ...@@ -36,6 +36,37 @@ Clicking on a pipeline will show the builds that were run for that pipeline.
Clicking on an individual build will show you its build trace, and allow you to Clicking on an individual build will show you its build trace, and allow you to
cancel the build, retry it, or erase the build trace. cancel the build, retry it, or erase the build trace.
## How the pipeline duration is calculated
Total running time for a given pipeline would exclude retries and pending
(queue) time. We could reduce this problem down to finding the union of
periods.
So each job would be represented as a `Period`, which consists of
`Period#first` as when the job started and `Period#last` as when the
job was finished. A simple example here would be:
* A (1, 3)
* B (2, 4)
* C (6, 7)
Here A begins from 1, and ends to 3. B begins from 2, and ends to 4.
C begins from 6, and ends to 7. Visually it could be viewed as:
```
0 1 2 3 4 5 6 7
AAAAAAA
BBBBBBB
CCCC
```
The union of A, B, and C would be (1, 4) and (6, 7), therefore the
total running time should be:
```
(4 - 1) + (7 - 6) => 4
```
## Badges ## Badges
Build status and test coverage report badges are available. You can find their Build status and test coverage report badges are available. You can find their
......
...@@ -47,3 +47,17 @@ GitLab CI build environment: ...@@ -47,3 +47,17 @@ GitLab CI build environment:
- `KUBE_TOKEN` - `KUBE_TOKEN`
- `KUBE_NAMESPACE` - `KUBE_NAMESPACE`
- `KUBE_CA_PEM` - only if a custom CA bundle was specified - `KUBE_CA_PEM` - only if a custom CA bundle was specified
## Terminal support
>**NOTE:**
Added in GitLab 8.15. You must be the project owner or have `master` permissions
to use terminals. Support is currently limited to the first container in the
first pod of your environment.
When enabled, the Kubernetes service adds online [terminal support](../ci/environments.md#terminal-support)
to your environments. This is based on the `exec` functionality found in
Docker and Kubernetes, so you get a new shell session within your existing
containers. To use this integration, you should deploy to Kubernetes using
the deployment variables above, ensuring any pods you create are labelled with
`app=$CI_ENVIRONMENT_SLUG`.
...@@ -33,6 +33,7 @@ The following table depicts the various user permission levels in a project. ...@@ -33,6 +33,7 @@ The following table depicts the various user permission levels in a project.
| See a container registry | | ✓ | ✓ | ✓ | ✓ | | See a container registry | | ✓ | ✓ | ✓ | ✓ |
| See environments | | ✓ | ✓ | ✓ | ✓ | | See environments | | ✓ | ✓ | ✓ | ✓ |
| Create new environments | | | ✓ | ✓ | ✓ | | Create new environments | | | ✓ | ✓ | ✓ |
| Use environment terminals | | | | ✓ | ✓ |
| Stop environments | | | ✓ | ✓ | ✓ | | Stop environments | | | ✓ | ✓ | ✓ |
| See a list of merge requests | | ✓ | ✓ | ✓ | ✓ | | See a list of merge requests | | ✓ | ✓ | ✓ | ✓ |
| Manage/Accept merge requests | | | ✓ | ✓ | ✓ | | Manage/Accept merge requests | | | ✓ | ✓ | ✓ |
......
...@@ -4,6 +4,7 @@ ...@@ -4,6 +4,7 @@
1. [GitHub](import_projects_from_github.md) 1. [GitHub](import_projects_from_github.md)
1. [GitLab.com](import_projects_from_gitlab_com.md) 1. [GitLab.com](import_projects_from_gitlab_com.md)
1. [FogBugz](import_projects_from_fogbugz.md) 1. [FogBugz](import_projects_from_fogbugz.md)
1. [Gitea](import_projects_from_gitea.md)
1. [SVN](migrating_from_svn.md) 1. [SVN](migrating_from_svn.md)
In addition to the specific migration documentation above, you can import any In addition to the specific migration documentation above, you can import any
...@@ -14,4 +15,3 @@ repository is too large the import can timeout. ...@@ -14,4 +15,3 @@ repository is too large the import can timeout.
You can copy your repos by changing the remote and pushing to the new server; You can copy your repos by changing the remote and pushing to the new server;
but issues and merge requests can't be imported. but issues and merge requests can't be imported.
# Import your project from Gitea to GitLab
Import your projects from Gitea to GitLab with minimal effort.
## Overview
>**Note:**
As of Gitea `v1.0.0`, issue & pull-request comments cannot be imported! This is
a [known issue][issue-401] that should be fixed in a near-future.
- At its current state, Gitea importer can import:
- the repository description (GitLab 8.15+)
- the Git repository data (GitLab 8.15+)
- the issues (GitLab 8.15+)
- the pull requests (GitLab 8.15+)
- the milestones (GitLab 8.15+)
- the labels (GitLab 8.15+)
- Repository public access is retained. If a repository is private in Gitea
it will be created as private in GitLab as well.
## How it works
Since Gitea is currently not an OAuth provider, author/assignee cannot be mapped
to users in your GitLab's instance. This means that the project creator (most of
the times the current user that started the import process) is set as the author,
but a reference on the issue about the original Gitea author is kept.
The importer will create any new namespaces (groups) if they don't exist or in
the case the namespace is taken, the repository will be imported under the user's
namespace that started the import process.
## Importing your Gitea repositories
The importer page is visible when you create a new project.
![New project page on GitLab](img/import_projects_from_new_project_page.png)
Click on the **Gitea** link and the import authorization process will start.
![New Gitea project import](img/import_projects_from_gitea_new_import.png)
### Authorize access to your repositories using a personal access token
With this method, you will perform a one-off authorization with Gitea to grant
GitLab access your repositories:
1. Go to <https://you-gitea-instance/user/settings/applications> (replace
`you-gitea-instance` with the host of your Gitea instance).
1. Click **Generate New Token**.
1. Enter a token description.
1. Click **Generate Token**.
1. Copy the token hash.
1. Go back to GitLab and provide the token to the Gitea importer.
1. Hit the **List Your Gitea Repositories** button and wait while GitLab reads
your repositories' information. Once done, you'll be taken to the importer
page to select the repositories to import.
### Select which repositories to import
After you've authorized access to your Gitea repositories, you will be
redirected to the Gitea importer page.
From there, you can see the import statuses of your Gitea repositories.
- Those that are being imported will show a _started_ status,
- those already successfully imported will be green with a _done_ status,
- whereas those that are not yet imported will have an **Import** button on the
right side of the table.
If you want, you can import all your Gitea projects in one go by hitting
**Import all projects** in the upper left corner.
![Gitea importer page](img/import_projects_from_github_importer.png)
---
You can also choose a different name for the project and a different namespace,
if you have the privileges to do so.
[issue-401]: https://github.com/go-gitea/gitea/issues/401
...@@ -6,8 +6,9 @@ Import your projects from GitHub to GitLab with minimal effort. ...@@ -6,8 +6,9 @@ Import your projects from GitHub to GitLab with minimal effort.
>**Note:** >**Note:**
If you are an administrator you can enable the [GitHub integration][gh-import] If you are an administrator you can enable the [GitHub integration][gh-import]
in your GitLab instance sitewide. This configuration is optional, users will be in your GitLab instance sitewide. This configuration is optional, users will
able import their GitHub repositories with a [personal access token][gh-token]. still be able to import their GitHub repositories with a
[personal access token][gh-token].
- At its current state, GitHub importer can import: - At its current state, GitHub importer can import:
- the repository description (GitLab 7.7+) - the repository description (GitLab 7.7+)
...@@ -85,7 +86,7 @@ authorization with GitHub to grant GitLab access your repositories: ...@@ -85,7 +86,7 @@ authorization with GitHub to grant GitLab access your repositories:
1. Click **Generate token**. 1. Click **Generate token**.
1. Copy the token hash. 1. Copy the token hash.
1. Go back to GitLab and provide the token to the GitHub importer. 1. Go back to GitLab and provide the token to the GitHub importer.
1. Hit the **List your GitHub repositories** button and wait while GitLab reads 1. Hit the **List Your GitHub Repositories** button and wait while GitLab reads
your repositories' information. Once done, you'll be taken to the importer your repositories' information. Once done, you'll be taken to the importer
page to select the repositories to import. page to select the repositories to import.
...@@ -112,7 +113,6 @@ You can also choose a different name for the project and a different namespace, ...@@ -112,7 +113,6 @@ You can also choose a different name for the project and a different namespace,
if you have the privileges to do so. if you have the privileges to do so.
[gh-import]: ../../integration/github.md "GitHub integration" [gh-import]: ../../integration/github.md "GitHub integration"
[new-project]: ../../gitlab-basics/create-project.md "How to create a new project in GitLab"
[gh-integration]: #authorize-access-to-your-repositories-using-the-github-integration [gh-integration]: #authorize-access-to-your-repositories-using-the-github-integration
[gh-token]: #authorize-access-to-your-repositories-using-a-personal-access-token [gh-token]: #authorize-access-to-your-repositories-using-a-personal-access-token
[social sign-in]: ../../profile/account/social_sign_in.md [social sign-in]: ../../profile/account/social_sign_in.md
@admin
Feature: Admin Projects
Background:
Given I sign in as an admin
And there are projects in system
Scenario: I should see non-archived projects in the list
Given archived project "Archive"
When I visit admin projects page
Then I should see all non-archived projects
And I should not see project "Archive"
@javascript
Scenario: I should see all projects in the list
Given archived project "Archive"
When I visit admin projects page
And I select "Show archived projects"
Then I should see all projects
And I should see "archived" label
Scenario: Projects show
When I visit admin projects page
And I click on first project
Then I should see project details
@javascript
Scenario: Transfer project
Given group 'Web'
And I visit admin project page
When I transfer project to group 'Web'
Then I should see project transfered
@javascript
Scenario: Signed in admin should be able to add himself to a project
Given "John Doe" owns private project "Enterprise"
When I visit project "Enterprise" members page
When I select current user as "Developer"
Then I should see current user as "Developer"
@javascript
Scenario: Signed in admin should be able to remove himself from a project
Given "John Doe" owns private project "Enterprise"
And current user is developer of project "Enterprise"
When I visit project "Enterprise" members page
Then I should see current user as "Developer"
When I click on the "Remove User From Project" button for current user
Then I should not see current user as "Developer"
class Spinach::Features::AdminProjects < Spinach::FeatureSteps
include SharedAuthentication
include SharedPaths
include SharedAdmin
include SharedProject
include SharedUser
include Select2Helper
step 'I should see all non-archived projects' do
Project.non_archived.each do |p|
expect(page).to have_content p.name_with_namespace
end
end
step 'I should see all projects' do
Project.all.each do |p|
expect(page).to have_content p.name_with_namespace
end
end
step 'I select "Show archived projects"' do
find(:css, '#sort-projects-dropdown').click
click_link 'Show archived projects'
end
step 'I should see "archived" label' do
expect(page).to have_xpath("//span[@class='label label-warning']", text: 'archived')
end
step 'I click on first project' do
click_link Project.first.name_with_namespace
end
step 'I should see project details' do
project = Project.first
expect(current_path).to eq admin_namespace_project_path(project.namespace, project)
expect(page).to have_content(project.name_with_namespace)
expect(page).to have_content(project.creator.name)
end
step 'I visit admin project page' do
visit admin_namespace_project_path(project.namespace, project)
end
step 'I transfer project to group \'Web\'' do
allow_any_instance_of(Projects::TransferService).
to receive(:move_uploads_to_new_namespace).and_return(true)
click_button 'Search for Namespace'
click_link 'group: web'
click_button 'Transfer'
end
step 'group \'Web\'' do
create(:group, name: 'Web')
end
step 'I should see project transfered' do
expect(page).to have_content 'Web / ' + project.name
expect(page).to have_content 'Namespace: Web'
end
step 'I visit project "Enterprise" members page' do
project = Project.find_by!(name: "Enterprise")
visit namespace_project_project_members_path(project.namespace, project)
end
step 'I select current user as "Developer"' do
page.within ".users-project-form" do
select2(current_user.id, from: "#user_ids", multiple: true)
select "Developer", from: "access_level"
end
click_button "Add to project"
end
step 'I should see current user as "Developer"' do
page.within '.content-list' do
expect(page).to have_content(current_user.name)
expect(page).to have_content('Developer')
end
end
step 'current user is developer of project "Enterprise"' do
project = Project.find_by!(name: "Enterprise")
project.team << [current_user, :developer]
end
step 'I click on the "Remove User From Project" button for current user' do
find(:css, 'li', text: current_user.name).find(:css, 'a.btn-remove').click
# poltergeist always confirms popups.
end
step 'I should not see current_user as "Developer"' do
expect(page).not_to have_selector(:css, '.content-list')
end
def project
@project ||= Project.first
end
def group
Group.find_by(name: 'Web')
end
end
module API module API
# Projects API # Projects API
class Files < Grape::API class Files < Grape::API
before { authenticate! }
helpers do helpers do
def commit_params(attrs) def commit_params(attrs)
{ {
......
...@@ -2,7 +2,6 @@ require 'mime/types' ...@@ -2,7 +2,6 @@ require 'mime/types'
module API module API
class Repositories < Grape::API class Repositories < Grape::API
before { authenticate! }
before { authorize! :download_code, user_project } before { authorize! :download_code, user_project }
params do params do
...@@ -79,8 +78,6 @@ module API ...@@ -79,8 +78,6 @@ module API
optional :format, type: String, desc: 'The archive format' optional :format, type: String, desc: 'The archive format'
end end
get ':id/repository/archive', requirements: { format: Gitlab::Regex.archive_formats_regex } do get ':id/repository/archive', requirements: { format: Gitlab::Regex.archive_formats_regex } do
authorize! :download_code, user_project
begin begin
send_git_archive user_project.repository, ref: params[:sha], format: params[:format] send_git_archive user_project.repository, ref: params[:sha], format: params[:format]
rescue rescue
...@@ -96,7 +93,6 @@ module API ...@@ -96,7 +93,6 @@ module API
requires :to, type: String, desc: 'The commit, branch name, or tag name to stop comparison' requires :to, type: String, desc: 'The commit, branch name, or tag name to stop comparison'
end end
get ':id/repository/compare' do get ':id/repository/compare' do
authorize! :download_code, user_project
compare = Gitlab::Git::Compare.new(user_project.repository.raw_repository, params[:from], params[:to]) compare = Gitlab::Git::Compare.new(user_project.repository.raw_repository, params[:from], params[:to])
present compare, with: Entities::Compare present compare, with: Entities::Compare
end end
...@@ -105,8 +101,6 @@ module API ...@@ -105,8 +101,6 @@ module API
success Entities::Contributor success Entities::Contributor
end end
get ':id/repository/contributors' do get ':id/repository/contributors' do
authorize! :download_code, user_project
begin begin
present user_project.repository.contributors, present user_project.repository.contributors,
with: Entities::Contributor with: Entities::Contributor
......
...@@ -94,7 +94,7 @@ module API ...@@ -94,7 +94,7 @@ module API
identity_attrs = params.slice(:provider, :extern_uid) identity_attrs = params.slice(:provider, :extern_uid)
confirm = params.delete(:confirm) confirm = params.delete(:confirm)
user = User.build_user(declared_params(include_missing: false)) user = User.new(declared_params(include_missing: false))
user.skip_confirmation! unless confirm user.skip_confirmation! unless confirm
if identity_attrs.any? if identity_attrs.any?
......
...@@ -45,7 +45,7 @@ module Gitlab ...@@ -45,7 +45,7 @@ module Gitlab
default_project_visibility: Settings.gitlab.default_projects_features['visibility_level'], default_project_visibility: Settings.gitlab.default_projects_features['visibility_level'],
default_snippet_visibility: Settings.gitlab.default_projects_features['visibility_level'], default_snippet_visibility: Settings.gitlab.default_projects_features['visibility_level'],
domain_whitelist: Settings.gitlab['domain_whitelist'], domain_whitelist: Settings.gitlab['domain_whitelist'],
import_sources: %w[github bitbucket gitlab google_code fogbugz git gitlab_project], import_sources: %w[gitea github bitbucket gitlab google_code fogbugz git gitlab_project],
shared_runners_enabled: Settings.gitlab_ci['shared_runners_enabled'], shared_runners_enabled: Settings.gitlab_ci['shared_runners_enabled'],
max_artifacts_size: Settings.artifacts['max_size'], max_artifacts_size: Settings.artifacts['max_size'],
require_two_factor_authentication: false, require_two_factor_authentication: false,
......
...@@ -15,6 +15,10 @@ module Gitlab ...@@ -15,6 +15,10 @@ module Gitlab
end end
end end
def url
raw_data.url || ''
end
private private
def gitlab_user_id(github_id) def gitlab_user_id(github_id)
......
...@@ -4,10 +4,12 @@ module Gitlab ...@@ -4,10 +4,12 @@ module Gitlab
GITHUB_SAFE_REMAINING_REQUESTS = 100 GITHUB_SAFE_REMAINING_REQUESTS = 100
GITHUB_SAFE_SLEEP_TIME = 500 GITHUB_SAFE_SLEEP_TIME = 500
attr_reader :access_token attr_reader :access_token, :host, :api_version
def initialize(access_token) def initialize(access_token, host: nil, api_version: 'v3')
@access_token = access_token @access_token = access_token
@host = host.to_s.sub(%r{/+\z}, '')
@api_version = api_version
if access_token if access_token
::Octokit.auto_paginate = false ::Octokit.auto_paginate = false
...@@ -17,7 +19,7 @@ module Gitlab ...@@ -17,7 +19,7 @@ module Gitlab
def api def api
@api ||= ::Octokit::Client.new( @api ||= ::Octokit::Client.new(
access_token: access_token, access_token: access_token,
api_endpoint: github_options[:site], api_endpoint: api_endpoint,
# If there is no config, we're connecting to github.com and we # If there is no config, we're connecting to github.com and we
# should verify ssl. # should verify ssl.
connection_options: { connection_options: {
...@@ -64,6 +66,14 @@ module Gitlab ...@@ -64,6 +66,14 @@ module Gitlab
private private
def api_endpoint
if host.present? && api_version.present?
"#{host}/api/#{api_version}"
else
github_options[:site]
end
end
def config def config
Gitlab.config.omniauth.providers.find { |provider| provider.name == "github" } Gitlab.config.omniauth.providers.find { |provider| provider.name == "github" }
end end
......
...@@ -3,7 +3,7 @@ module Gitlab ...@@ -3,7 +3,7 @@ module Gitlab
class Importer class Importer
include Gitlab::ShellAdapter include Gitlab::ShellAdapter
attr_reader :client, :errors, :project, :repo, :repo_url attr_reader :errors, :project, :repo, :repo_url
def initialize(project) def initialize(project)
@project = project @project = project
...@@ -11,12 +11,27 @@ module Gitlab ...@@ -11,12 +11,27 @@ module Gitlab
@repo_url = project.import_url @repo_url = project.import_url
@errors = [] @errors = []
@labels = {} @labels = {}
end
def client
return @client if defined?(@client)
unless credentials
raise Projects::ImportService::Error,
"Unable to find project import data credentials for project ID: #{@project.id}"
end
if credentials opts = {}
@client = Client.new(credentials[:user]) # Gitea plan to be GitHub compliant
else if project.gitea_import?
raise Projects::ImportService::Error, "Unable to find project import data credentials for project ID: #{@project.id}" uri = URI.parse(project.import_url)
host = "#{uri.scheme}://#{uri.host}:#{uri.port}#{uri.path}".sub(%r{/?[\w-]+/[\w-]+\.git\z}, '')
opts = {
host: host,
api_version: 'v1'
}
end end
@client = Client.new(credentials[:user], opts)
end end
def execute def execute
...@@ -35,7 +50,13 @@ module Gitlab ...@@ -35,7 +50,13 @@ module Gitlab
import_comments(:issues) import_comments(:issues)
import_comments(:pull_requests) import_comments(:pull_requests)
import_wiki import_wiki
import_releases
# Gitea doesn't have a Release API yet
# See https://github.com/go-gitea/gitea/issues/330
unless project.gitea_import?
import_releases
end
handle_errors handle_errors
true true
...@@ -44,7 +65,9 @@ module Gitlab ...@@ -44,7 +65,9 @@ module Gitlab
private private
def credentials def credentials
@credentials ||= project.import_data.credentials if project.import_data return @credentials if defined?(@credentials)
@credentials = project.import_data ? project.import_data.credentials : nil
end end
def handle_errors def handle_errors
...@@ -60,9 +83,10 @@ module Gitlab ...@@ -60,9 +83,10 @@ module Gitlab
fetch_resources(:labels, repo, per_page: 100) do |labels| fetch_resources(:labels, repo, per_page: 100) do |labels|
labels.each do |raw| labels.each do |raw|
begin begin
LabelFormatter.new(project, raw).create! gh_label = LabelFormatter.new(project, raw)
gh_label.create!
rescue => e rescue => e
errors << { type: :label, url: Gitlab::UrlSanitizer.sanitize(raw.url), errors: e.message } errors << { type: :label, url: Gitlab::UrlSanitizer.sanitize(gh_label.url), errors: e.message }
end end
end end
end end
...@@ -74,9 +98,10 @@ module Gitlab ...@@ -74,9 +98,10 @@ module Gitlab
fetch_resources(:milestones, repo, state: :all, per_page: 100) do |milestones| fetch_resources(:milestones, repo, state: :all, per_page: 100) do |milestones|
milestones.each do |raw| milestones.each do |raw|
begin begin
MilestoneFormatter.new(project, raw).create! gh_milestone = MilestoneFormatter.new(project, raw)
gh_milestone.create!
rescue => e rescue => e
errors << { type: :milestone, url: Gitlab::UrlSanitizer.sanitize(raw.url), errors: e.message } errors << { type: :milestone, url: Gitlab::UrlSanitizer.sanitize(gh_milestone.url), errors: e.message }
end end
end end
end end
...@@ -97,7 +122,7 @@ module Gitlab ...@@ -97,7 +122,7 @@ module Gitlab
apply_labels(issuable, raw) apply_labels(issuable, raw)
rescue => e rescue => e
errors << { type: :issue, url: Gitlab::UrlSanitizer.sanitize(raw.url), errors: e.message } errors << { type: :issue, url: Gitlab::UrlSanitizer.sanitize(gh_issue.url), errors: e.message }
end end
end end
end end
...@@ -106,18 +131,23 @@ module Gitlab ...@@ -106,18 +131,23 @@ module Gitlab
def import_pull_requests def import_pull_requests
fetch_resources(:pull_requests, repo, state: :all, sort: :created, direction: :asc, per_page: 100) do |pull_requests| fetch_resources(:pull_requests, repo, state: :all, sort: :created, direction: :asc, per_page: 100) do |pull_requests|
pull_requests.each do |raw| pull_requests.each do |raw|
pull_request = PullRequestFormatter.new(project, raw) gh_pull_request = PullRequestFormatter.new(project, raw)
next unless pull_request.valid? next unless gh_pull_request.valid?
begin begin
restore_source_branch(pull_request) unless pull_request.source_branch_exists? restore_source_branch(gh_pull_request) unless gh_pull_request.source_branch_exists?
restore_target_branch(pull_request) unless pull_request.target_branch_exists? restore_target_branch(gh_pull_request) unless gh_pull_request.target_branch_exists?
merge_request = gh_pull_request.create!
pull_request.create! # Gitea doesn't return PR in the Issue API endpoint, so labels must be assigned at this stage
if project.gitea_import?
apply_labels(merge_request, raw)
end
rescue => e rescue => e
errors << { type: :pull_request, url: Gitlab::UrlSanitizer.sanitize(pull_request.url), errors: e.message } errors << { type: :pull_request, url: Gitlab::UrlSanitizer.sanitize(gh_pull_request.url), errors: e.message }
ensure ensure
clean_up_restored_branches(pull_request) clean_up_restored_branches(gh_pull_request)
end end
end end
end end
...@@ -233,7 +263,7 @@ module Gitlab ...@@ -233,7 +263,7 @@ module Gitlab
gh_release = ReleaseFormatter.new(project, raw) gh_release = ReleaseFormatter.new(project, raw)
gh_release.create! if gh_release.valid? gh_release.create! if gh_release.valid?
rescue => e rescue => e
errors << { type: :release, url: Gitlab::UrlSanitizer.sanitize(raw.url), errors: e.message } errors << { type: :release, url: Gitlab::UrlSanitizer.sanitize(gh_release.url), errors: e.message }
end end
end end
end end
......
module Gitlab
module GithubImport
class IssuableFormatter < BaseFormatter
def project_association
raise NotImplementedError
end
def number
raw_data.number
end
def find_condition
{ iid: number }
end
private
def state
raw_data.state == 'closed' ? 'closed' : 'opened'
end
def assigned?
raw_data.assignee.present?
end
def assignee_id
if assigned?
gitlab_user_id(raw_data.assignee.id)
end
end
def author
raw_data.user.login
end
def author_id
gitlab_author_id || project.creator_id
end
def body
raw_data.body || ""
end
def description
if gitlab_author_id
body
else
formatter.author_line(author) + body
end
end
def milestone
if raw_data.milestone.present?
milestone = MilestoneFormatter.new(project, raw_data.milestone)
project.milestones.find_by(milestone.find_condition)
end
end
end
end
end
module Gitlab module Gitlab
module GithubImport module GithubImport
class IssueFormatter < BaseFormatter class IssueFormatter < IssuableFormatter
def attributes def attributes
{ {
iid: number, iid: number,
...@@ -24,59 +24,9 @@ module Gitlab ...@@ -24,59 +24,9 @@ module Gitlab
:issues :issues
end end
def find_condition
{ iid: number }
end
def number
raw_data.number
end
def pull_request? def pull_request?
raw_data.pull_request.present? raw_data.pull_request.present?
end end
private
def assigned?
raw_data.assignee.present?
end
def assignee_id
if assigned?
gitlab_user_id(raw_data.assignee.id)
end
end
def author
raw_data.user.login
end
def author_id
gitlab_author_id || project.creator_id
end
def body
raw_data.body || ""
end
def description
if gitlab_author_id
body
else
formatter.author_line(author) + body
end
end
def milestone
if raw_data.milestone.present?
project.milestones.find_by(iid: raw_data.milestone.number)
end
end
def state
raw_data.state == 'closed' ? 'closed' : 'opened'
end
end end
end end
end end
...@@ -3,7 +3,7 @@ module Gitlab ...@@ -3,7 +3,7 @@ module Gitlab
class MilestoneFormatter < BaseFormatter class MilestoneFormatter < BaseFormatter
def attributes def attributes
{ {
iid: raw_data.number, iid: number,
project: project, project: project,
title: raw_data.title, title: raw_data.title,
description: raw_data.description, description: raw_data.description,
...@@ -19,7 +19,15 @@ module Gitlab ...@@ -19,7 +19,15 @@ module Gitlab
end end
def find_condition def find_condition
{ iid: raw_data.number } { iid: number }
end
def number
if project.gitea_import?
raw_data.id
else
raw_data.number
end
end end
private private
......
module Gitlab module Gitlab
module GithubImport module GithubImport
class ProjectCreator class ProjectCreator
attr_reader :repo, :name, :namespace, :current_user, :session_data attr_reader :repo, :name, :namespace, :current_user, :session_data, :type
def initialize(repo, name, namespace, current_user, session_data) def initialize(repo, name, namespace, current_user, session_data, type: 'github')
@repo = repo @repo = repo
@name = name @name = name
@namespace = namespace @namespace = namespace
@current_user = current_user @current_user = current_user
@session_data = session_data @session_data = session_data
@type = type
end end
def execute def execute
...@@ -19,7 +20,7 @@ module Gitlab ...@@ -19,7 +20,7 @@ module Gitlab
description: repo.description, description: repo.description,
namespace_id: namespace.id, namespace_id: namespace.id,
visibility_level: visibility_level, visibility_level: visibility_level,
import_type: "github", import_type: type,
import_source: repo.full_name, import_source: repo.full_name,
import_url: import_url, import_url: import_url,
skip_wiki: skip_wiki skip_wiki: skip_wiki
...@@ -29,7 +30,7 @@ module Gitlab ...@@ -29,7 +30,7 @@ module Gitlab
private private
def import_url def import_url
repo.clone_url.sub('https://', "https://#{session_data[:github_access_token]}@") repo.clone_url.sub('://', "://#{session_data[:github_access_token]}@")
end end
def visibility_level def visibility_level
......
module Gitlab module Gitlab
module GithubImport module GithubImport
class PullRequestFormatter < BaseFormatter class PullRequestFormatter < IssuableFormatter
delegate :exists?, :project, :ref, :repo, :sha, to: :source_branch, prefix: true delegate :exists?, :project, :ref, :repo, :sha, to: :source_branch, prefix: true
delegate :exists?, :project, :ref, :repo, :sha, to: :target_branch, prefix: true delegate :exists?, :project, :ref, :repo, :sha, to: :target_branch, prefix: true
...@@ -28,14 +28,6 @@ module Gitlab ...@@ -28,14 +28,6 @@ module Gitlab
:merge_requests :merge_requests
end end
def find_condition
{ iid: number }
end
def number
raw_data.number
end
def valid? def valid?
source_branch.valid? && target_branch.valid? source_branch.valid? && target_branch.valid?
end end
...@@ -60,57 +52,15 @@ module Gitlab ...@@ -60,57 +52,15 @@ module Gitlab
end end
end end
def url
raw_data.url
end
private private
def assigned? def state
raw_data.assignee.present? if raw_data.state == 'closed' && raw_data.merged_at.present?
end 'merged'
def assignee_id
if assigned?
gitlab_user_id(raw_data.assignee.id)
end
end
def author
raw_data.user.login
end
def author_id
gitlab_author_id || project.creator_id
end
def body
raw_data.body || ""
end
def description
if gitlab_author_id
body
else else
formatter.author_line(author) + body super
end end
end end
def milestone
if raw_data.milestone.present?
project.milestones.find_by(iid: raw_data.milestone.number)
end
end
def state
@state ||= if raw_data.state == 'closed' && raw_data.merged_at.present?
'merged'
elsif raw_data.state == 'closed'
'closed'
else
'opened'
end
end
end end
end end
end end
...@@ -7,21 +7,38 @@ module Gitlab ...@@ -7,21 +7,38 @@ module Gitlab
module ImportSources module ImportSources
extend CurrentSettings extend CurrentSettings
ImportSource = Struct.new(:name, :title, :importer)
ImportTable = [
ImportSource.new('github', 'GitHub', Gitlab::GithubImport::Importer),
ImportSource.new('bitbucket', 'Bitbucket', Gitlab::BitbucketImport::Importer),
ImportSource.new('gitlab', 'GitLab.com', Gitlab::GitlabImport::Importer),
ImportSource.new('google_code', 'Google Code', Gitlab::GoogleCodeImport::Importer),
ImportSource.new('fogbugz', 'FogBugz', Gitlab::FogbugzImport::Importer),
ImportSource.new('git', 'Repo by URL', nil),
ImportSource.new('gitlab_project', 'GitLab export', Gitlab::ImportExport::Importer),
ImportSource.new('gitea', 'Gitea', Gitlab::GithubImport::Importer)
].freeze
class << self class << self
def options
@options ||= Hash[ImportTable.map { |importer| [importer.title, importer.name] }]
end
def values def values
options.values @values ||= ImportTable.map(&:name)
end end
def options def importer_names
{ @importer_names ||= ImportTable.select(&:importer).map(&:name)
'GitHub' => 'github', end
'Bitbucket' => 'bitbucket',
'GitLab.com' => 'gitlab', def importer(name)
'Google Code' => 'google_code', ImportTable.find { |import_source| import_source.name == name }.importer
'FogBugz' => 'fogbugz', end
'Repo by URL' => 'git',
'GitLab export' => 'gitlab_project' def title(name)
} options.key(name)
end end
end end
end end
......
module Gitlab
# Helper methods to do with Kubernetes network services & resources
module Kubernetes
# This is the comand that is run to start a terminal session. Kubernetes
# expects `command=foo&command=bar, not `command[]=foo&command[]=bar`
EXEC_COMMAND = URI.encode_www_form(
['sh', '-c', 'bash || sh'].map { |value| ['command', value] }
)
# Filters an array of pods (as returned by the kubernetes API) by their labels
def filter_pods(pods, labels = {})
pods.select do |pod|
metadata = pod.fetch("metadata", {})
pod_labels = metadata.fetch("labels", nil)
next unless pod_labels
labels.all? { |k, v| pod_labels[k.to_s] == v }
end
end
# Converts a pod (as returned by the kubernetes API) into a terminal
def terminals_for_pod(api_url, namespace, pod)
metadata = pod.fetch("metadata", {})
status = pod.fetch("status", {})
spec = pod.fetch("spec", {})
containers = spec["containers"]
pod_name = metadata["name"]
phase = status["phase"]
return unless containers.present? && pod_name.present? && phase == "Running"
created_at = DateTime.parse(metadata["creationTimestamp"]) rescue nil
containers.map do |container|
{
selectors: { pod: pod_name, container: container["name"] },
url: container_exec_url(api_url, namespace, pod_name, container["name"]),
subprotocols: ['channel.k8s.io'],
headers: Hash.new { |h, k| h[k] = [] },
created_at: created_at,
}
end
end
def add_terminal_auth(terminal, token, ca_pem = nil)
terminal[:headers]['Authorization'] << "Bearer #{token}"
terminal[:ca_pem] = ca_pem if ca_pem.present?
terminal
end
def container_exec_url(api_url, namespace, pod_name, container_name)
url = URI.parse(api_url)
url.path = [
url.path.sub(%r{/+\z}, ''),
'api', 'v1',
'namespaces', ERB::Util.url_encode(namespace),
'pods', ERB::Util.url_encode(pod_name),
'exec'
].join('/')
url.query = {
container: container_name,
tty: true,
stdin: true,
stdout: true,
stderr: true,
}.to_query + '&' + EXEC_COMMAND
case url.scheme
when 'http'
url.scheme = 'ws'
when 'https'
url.scheme = 'wss'
end
url.to_s
end
end
end
...@@ -95,6 +95,19 @@ module Gitlab ...@@ -95,6 +95,19 @@ module Gitlab
] ]
end end
def terminal_websocket(terminal)
details = {
'Terminal' => {
'Subprotocols' => terminal[:subprotocols],
'Url' => terminal[:url],
'Header' => terminal[:headers]
}
}
details['Terminal']['CAPem'] = terminal[:ca_pem] if terminal.has_key?(:ca_pem)
details
end
def version def version
path = Rails.root.join(VERSION_FILE) path = Rails.root.join(VERSION_FILE)
path.readable? ? path.read.chomp : 'unknown' path.readable? ? path.read.chomp : 'unknown'
......
require 'spec_helper'
describe Import::GiteaController do
include ImportSpecHelper
let(:provider) { :gitea }
let(:host_url) { 'https://try.gitea.io' }
include_context 'a GitHub-ish import controller'
def assign_host_url
session[:gitea_host_url] = host_url
end
describe "GET new" do
it_behaves_like 'a GitHub-ish import controller: GET new' do
before do
assign_host_url
end
end
end
describe "POST personal_access_token" do
it_behaves_like 'a GitHub-ish import controller: POST personal_access_token'
end
describe "GET status" do
it_behaves_like 'a GitHub-ish import controller: GET status' do
before do
assign_host_url
end
let(:extra_assign_expectations) { { gitea_host_url: host_url } }
end
end
describe 'POST create' do
it_behaves_like 'a GitHub-ish import controller: POST create' do
before do
assign_host_url
end
end
end
end
...@@ -3,34 +3,18 @@ require 'spec_helper' ...@@ -3,34 +3,18 @@ require 'spec_helper'
describe Import::GithubController do describe Import::GithubController do
include ImportSpecHelper include ImportSpecHelper
let(:user) { create(:user) } let(:provider) { :github }
let(:token) { "asdasd12345" }
let(:access_params) { { github_access_token: token } }
def assign_session_token include_context 'a GitHub-ish import controller'
session[:github_access_token] = token
end
before do
sign_in(user)
allow(controller).to receive(:github_import_enabled?).and_return(true)
end
describe "GET new" do describe "GET new" do
it "redirects to GitHub for an access token if logged in with GitHub" do it_behaves_like 'a GitHub-ish import controller: GET new'
allow(controller).to receive(:logged_in_with_github?).and_return(true)
expect(controller).to receive(:go_to_github_for_permissions)
get :new it "redirects to GitHub for an access token if logged in with GitHub" do
end allow(controller).to receive(:logged_in_with_provider?).and_return(true)
expect(controller).to receive(:go_to_provider_for_permissions)
it "redirects to status if we already have a token" do
assign_session_token
allow(controller).to receive(:logged_in_with_github?).and_return(false)
get :new get :new
expect(controller).to redirect_to(status_import_github_url)
end end
end end
...@@ -51,196 +35,14 @@ describe Import::GithubController do ...@@ -51,196 +35,14 @@ describe Import::GithubController do
end end
describe "POST personal_access_token" do describe "POST personal_access_token" do
it "updates access token" do it_behaves_like 'a GitHub-ish import controller: POST personal_access_token'
token = "asdfasdf9876"
allow_any_instance_of(Gitlab::GithubImport::Client).
to receive(:user).and_return(true)
post :personal_access_token, personal_access_token: token
expect(session[:github_access_token]).to eq(token)
expect(controller).to redirect_to(status_import_github_url)
end
end end
describe "GET status" do describe "GET status" do
before do it_behaves_like 'a GitHub-ish import controller: GET status'
@repo = OpenStruct.new(login: 'vim', full_name: 'asd/vim')
@org = OpenStruct.new(login: 'company')
@org_repo = OpenStruct.new(login: 'company', full_name: 'company/repo')
assign_session_token
end
it "assigns variables" do
@project = create(:project, import_type: 'github', creator_id: user.id)
stub_client(repos: [@repo, @org_repo], orgs: [@org], org_repos: [@org_repo])
get :status
expect(assigns(:already_added_projects)).to eq([@project])
expect(assigns(:repos)).to eq([@repo, @org_repo])
end
it "does not show already added project" do
@project = create(:project, import_type: 'github', creator_id: user.id, import_source: 'asd/vim')
stub_client(repos: [@repo], orgs: [])
get :status
expect(assigns(:already_added_projects)).to eq([@project])
expect(assigns(:repos)).to eq([])
end
it "handles an invalid access token" do
allow_any_instance_of(Gitlab::GithubImport::Client).
to receive(:repos).and_raise(Octokit::Unauthorized)
get :status
expect(session[:github_access_token]).to eq(nil)
expect(controller).to redirect_to(new_import_github_url)
expect(flash[:alert]).to eq('Access denied to your GitHub account.')
end
end end
describe "POST create" do describe "POST create" do
let(:github_username) { user.username } it_behaves_like 'a GitHub-ish import controller: POST create'
let(:github_user) { OpenStruct.new(login: github_username) }
let(:github_repo) do
OpenStruct.new(
name: 'vim',
full_name: "#{github_username}/vim",
owner: OpenStruct.new(login: github_username)
)
end
before do
stub_client(user: github_user, repo: github_repo)
assign_session_token
end
context "when the repository owner is the GitHub user" do
context "when the GitHub user and GitLab user's usernames match" do
it "takes the current user's namespace" do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).with(github_repo, github_repo.name, user.namespace, user, access_params).
and_return(double(execute: true))
post :create, format: :js
end
end
context "when the GitHub user and GitLab user's usernames don't match" do
let(:github_username) { "someone_else" }
it "takes the current user's namespace" do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).with(github_repo, github_repo.name, user.namespace, user, access_params).
and_return(double(execute: true))
post :create, format: :js
end
end
end
context "when the repository owner is not the GitHub user" do
let(:other_username) { "someone_else" }
before do
github_repo.owner = OpenStruct.new(login: other_username)
assign_session_token
end
context "when a namespace with the GitHub user's username already exists" do
let!(:existing_namespace) { create(:namespace, name: other_username, owner: user) }
context "when the namespace is owned by the GitLab user" do
it "takes the existing namespace" do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).with(github_repo, github_repo.name, existing_namespace, user, access_params).
and_return(double(execute: true))
post :create, format: :js
end
end
context "when the namespace is not owned by the GitLab user" do
before do
existing_namespace.owner = create(:user)
existing_namespace.save
end
it "creates a project using user's namespace" do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).with(github_repo, github_repo.name, user.namespace, user, access_params).
and_return(double(execute: true))
post :create, format: :js
end
end
end
context "when a namespace with the GitHub user's username doesn't exist" do
context "when current user can create namespaces" do
it "creates the namespace" do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).and_return(double(execute: true))
expect { post :create, target_namespace: github_repo.name, format: :js }.to change(Namespace, :count).by(1)
end
it "takes the new namespace" do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).with(github_repo, github_repo.name, an_instance_of(Group), user, access_params).
and_return(double(execute: true))
post :create, target_namespace: github_repo.name, format: :js
end
end
context "when current user can't create namespaces" do
before do
user.update_attribute(:can_create_group, false)
end
it "doesn't create the namespace" do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).and_return(double(execute: true))
expect { post :create, format: :js }.not_to change(Namespace, :count)
end
it "takes the current user's namespace" do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).with(github_repo, github_repo.name, user.namespace, user, access_params).
and_return(double(execute: true))
post :create, format: :js
end
end
end
context 'user has chosen a namespace and name for the project' do
let(:test_namespace) { create(:namespace, name: 'test_namespace', owner: user) }
let(:test_name) { 'test_name' }
it 'takes the selected namespace and name' do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).with(github_repo, test_name, test_namespace, user, access_params).
and_return(double(execute: true))
post :create, { target_namespace: test_namespace.name, new_name: test_name, format: :js }
end
it 'takes the selected name and default namespace' do
expect(Gitlab::GithubImport::ProjectCreator).
to receive(:new).with(github_repo, test_name, user.namespace, user, access_params).
and_return(double(execute: true))
post :create, { new_name: test_name, format: :js }
end
end
end
end end
end end
...@@ -71,6 +71,75 @@ describe Projects::EnvironmentsController do ...@@ -71,6 +71,75 @@ describe Projects::EnvironmentsController do
end end
end end
describe 'GET #terminal' do
context 'with valid id' do
it 'responds with a status code 200' do
get :terminal, environment_params
expect(response).to have_http_status(200)
end
it 'loads the terminals for the enviroment' do
expect_any_instance_of(Environment).to receive(:terminals)
get :terminal, environment_params
end
end
context 'with invalid id' do
it 'responds with a status code 404' do
get :terminal, environment_params(id: 666)
expect(response).to have_http_status(404)
end
end
end
describe 'GET #terminal_websocket_authorize' do
context 'with valid workhorse signature' do
before do
allow(Gitlab::Workhorse).to receive(:verify_api_request!).and_return(nil)
end
context 'and valid id' do
it 'returns the first terminal for the environment' do
expect_any_instance_of(Environment).
to receive(:terminals).
and_return([:fake_terminal])
expect(Gitlab::Workhorse).
to receive(:terminal_websocket).
with(:fake_terminal).
and_return(workhorse: :response)
get :terminal_websocket_authorize, environment_params
expect(response).to have_http_status(200)
expect(response.headers["Content-Type"]).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE)
expect(response.body).to eq('{"workhorse":"response"}')
end
end
context 'and invalid id' do
it 'returns 404' do
get :terminal_websocket_authorize, environment_params(id: 666)
expect(response).to have_http_status(404)
end
end
end
context 'with invalid workhorse signature' do
it 'aborts with an exception' do
allow(Gitlab::Workhorse).to receive(:verify_api_request!).and_raise(JWT::DecodeError)
expect { get :terminal_websocket_authorize, environment_params }.to raise_error(JWT::DecodeError)
# controller tests don't set the response status correctly. It's enough
# to check that the action raised an exception
end
end
end
def environment_params(opts = {}) def environment_params(opts = {})
opts.reverse_merge(namespace_id: project.namespace, opts.reverse_merge(namespace_id: project.namespace,
project_id: project, project_id: project,
......
...@@ -42,6 +42,12 @@ FactoryGirl.define do ...@@ -42,6 +42,12 @@ FactoryGirl.define do
end end
end end
trait :test_repo do
after :create do |project|
TestEnv.copy_repo(project)
end
end
# Nest Project Feature attributes # Nest Project Feature attributes
transient do transient do
wiki_access_level ProjectFeature::ENABLED wiki_access_level ProjectFeature::ENABLED
...@@ -91,9 +97,7 @@ FactoryGirl.define do ...@@ -91,9 +97,7 @@ FactoryGirl.define do
factory :project, parent: :empty_project do factory :project, parent: :empty_project do
path { 'gitlabhq' } path { 'gitlabhq' }
after :create do |project| test_repo
TestEnv.copy_repo(project)
end
end end
factory :forked_project_with_submodules, parent: :empty_project do factory :forked_project_with_submodules, parent: :empty_project do
...@@ -140,7 +144,7 @@ FactoryGirl.define do ...@@ -140,7 +144,7 @@ FactoryGirl.define do
active: true, active: true,
properties: { properties: {
namespace: project.path, namespace: project.path,
api_url: 'https://kubernetes.example.com/api', api_url: 'https://kubernetes.example.com',
token: 'a' * 40, token: 'a' * 40,
} }
) )
......
require 'spec_helper' require 'spec_helper'
describe "Admin::Projects", feature: true do describe "Admin::Projects", feature: true do
before do include Select2Helper
@project = create(:project)
let(:user) { create :user }
let!(:project) { create(:project) }
let!(:current_user) do
login_as :admin login_as :admin
end end
describe "GET /admin/projects" do describe "GET /admin/projects" do
let!(:archived_project) { create :project, :public, archived: true }
before do before do
visit admin_projects_path visit admin_projects_path
end end
...@@ -15,20 +20,98 @@ describe "Admin::Projects", feature: true do ...@@ -15,20 +20,98 @@ describe "Admin::Projects", feature: true do
expect(current_path).to eq(admin_projects_path) expect(current_path).to eq(admin_projects_path)
end end
it "has projects list" do it 'renders projects list without archived project' do
expect(page).to have_content(@project.name) expect(page).to have_content(project.name)
expect(page).not_to have_content(archived_project.name)
end
it 'renders all projects', js: true do
find(:css, '#sort-projects-dropdown').click
click_link 'Show archived projects'
expect(page).to have_content(project.name)
expect(page).to have_content(archived_project.name)
expect(page).to have_xpath("//span[@class='label label-warning']", text: 'archived')
end end
end end
describe "GET /admin/projects/:id" do describe "GET /admin/projects/:namespace_id/:id" do
before do before do
visit admin_projects_path visit admin_projects_path
click_link "#{@project.name}" click_link "#{project.name}"
end
it do
expect(current_path).to eq admin_namespace_project_path(project.namespace, project)
end end
it "has project info" do it "has project info" do
expect(page).to have_content(@project.path) expect(page).to have_content(project.path)
expect(page).to have_content(@project.name) expect(page).to have_content(project.name)
expect(page).to have_content(project.name_with_namespace)
expect(page).to have_content(project.creator.name)
end
end
describe 'transfer project' do
before do
create(:group, name: 'Web')
allow_any_instance_of(Projects::TransferService).
to receive(:move_uploads_to_new_namespace).and_return(true)
end
it 'transfers project to group web', js: true do
visit admin_namespace_project_path(project.namespace, project)
click_button 'Search for Namespace'
click_link 'group: web'
click_button 'Transfer'
expect(page).to have_content("Web / #{project.name}")
expect(page).to have_content('Namespace: Web')
end
end
describe 'add admin himself to a project' do
before do
project.team << [user, :master]
end
it 'adds admin a to a project as developer', js: true do
visit namespace_project_project_members_path(project.namespace, project)
page.within '.users-project-form' do
select2(current_user.id, from: '#user_ids', multiple: true)
select 'Developer', from: 'access_level'
end
click_button 'Add to project'
page.within '.content-list' do
expect(page).to have_content(current_user.name)
expect(page).to have_content('Developer')
end
end
end
describe 'admin remove himself from a project' do
before do
project.team << [user, :master]
project.team << [current_user, :developer]
end
it 'removes admin from the project' do
visit namespace_project_project_members_path(project.namespace, project)
page.within '.content-list' do
expect(page).to have_content(current_user.name)
expect(page).to have_content('Developer')
end
find(:css, 'li', text: current_user.name).find(:css, 'a.btn-remove').click
expect(page).not_to have_selector(:css, '.content-list')
end end
end end
end end
...@@ -38,6 +38,10 @@ feature 'Environment', :feature do ...@@ -38,6 +38,10 @@ feature 'Environment', :feature do
scenario 'does not show a re-deploy button for deployment without build' do scenario 'does not show a re-deploy button for deployment without build' do
expect(page).not_to have_link('Re-deploy') expect(page).not_to have_link('Re-deploy')
end end
scenario 'does not show terminal button' do
expect(page).not_to have_terminal_button
end
end end
context 'with related deployable present' do context 'with related deployable present' do
...@@ -60,6 +64,10 @@ feature 'Environment', :feature do ...@@ -60,6 +64,10 @@ feature 'Environment', :feature do
expect(page).not_to have_link('Stop') expect(page).not_to have_link('Stop')
end end
scenario 'does not show terminal button' do
expect(page).not_to have_terminal_button
end
context 'with manual action' do context 'with manual action' do
given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'deploy to production') } given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'deploy to production') }
...@@ -84,6 +92,26 @@ feature 'Environment', :feature do ...@@ -84,6 +92,26 @@ feature 'Environment', :feature do
end end
end end
context 'with terminal' do
let(:project) { create(:kubernetes_project, :test_repo) }
context 'for project master' do
let(:role) { :master }
scenario 'it shows the terminal button' do
expect(page).to have_terminal_button
end
end
context 'for developer' do
let(:role) { :developer }
scenario 'does not show terminal button' do
expect(page).not_to have_terminal_button
end
end
end
context 'with stop action' do context 'with stop action' do
given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'close_app') } given(:manual) { create(:ci_build, :manual, pipeline: pipeline, name: 'close_app') }
given(:deployment) { create(:deployment, environment: environment, deployable: build, on_stop: 'close_app') } given(:deployment) { create(:deployment, environment: environment, deployable: build, on_stop: 'close_app') }
...@@ -158,4 +186,8 @@ feature 'Environment', :feature do ...@@ -158,4 +186,8 @@ feature 'Environment', :feature do
environment.project, environment.project,
environment) environment)
end end
def have_terminal_button
have_link(nil, href: terminal_namespace_project_environment_path(project.namespace, project, environment))
end
end end
...@@ -113,6 +113,10 @@ feature 'Environments page', :feature, :js do ...@@ -113,6 +113,10 @@ feature 'Environments page', :feature, :js do
expect(page).not_to have_css('external-url') expect(page).not_to have_css('external-url')
end end
scenario 'does not show terminal button' do
expect(page).not_to have_terminal_button
end
context 'with external_url' do context 'with external_url' do
given(:environment) { create(:environment, project: project, external_url: 'https://git.gitlab.com') } given(:environment) { create(:environment, project: project, external_url: 'https://git.gitlab.com') }
given(:build) { create(:ci_build, pipeline: pipeline) } given(:build) { create(:ci_build, pipeline: pipeline) }
...@@ -145,6 +149,26 @@ feature 'Environments page', :feature, :js do ...@@ -145,6 +149,26 @@ feature 'Environments page', :feature, :js do
end end
end end
end end
context 'with terminal' do
let(:project) { create(:kubernetes_project, :test_repo) }
context 'for project master' do
let(:role) { :master }
scenario 'it shows the terminal button' do
expect(page).to have_terminal_button
end
end
context 'for developer' do
let(:role) { :developer }
scenario 'does not show terminal button' do
expect(page).not_to have_terminal_button
end
end
end
end end
end end
end end
...@@ -195,6 +219,10 @@ feature 'Environments page', :feature, :js do ...@@ -195,6 +219,10 @@ feature 'Environments page', :feature, :js do
end end
end end
def have_terminal_button
have_link(nil, href: terminal_namespace_project_environment_path(project.namespace, project, environment))
end
def visit_environments(project) def visit_environments(project)
visit namespace_project_environments_path(project.namespace, project) visit namespace_project_environments_path(project.namespace, project)
end end
......
...@@ -24,7 +24,7 @@ feature 'Projects > Members > Master adds member with expiration date', feature: ...@@ -24,7 +24,7 @@ feature 'Projects > Members > Master adds member with expiration date', feature:
click_on 'Add to project' click_on 'Add to project'
end end
page.within '.project_member:first-child' do page.within "#project_member_#{new_member.project_members.first.id}" do
expect(page).to have_content('Expires in 4 days') expect(page).to have_content('Expires in 4 days')
end end
end end
...@@ -35,7 +35,7 @@ feature 'Projects > Members > Master adds member with expiration date', feature: ...@@ -35,7 +35,7 @@ feature 'Projects > Members > Master adds member with expiration date', feature:
project.team.add_users([new_member.id], :developer, expires_at: '2016-09-06') project.team.add_users([new_member.id], :developer, expires_at: '2016-09-06')
visit namespace_project_project_members_path(project.namespace, project) visit namespace_project_project_members_path(project.namespace, project)
page.within '.project_member:first-child' do page.within "#project_member_#{new_member.project_members.first.id}" do
find('.js-access-expiration-date').set '2016-08-09' find('.js-access-expiration-date').set '2016-08-09'
wait_for_ajax wait_for_ajax
expect(page).to have_content('Expires in 3 days') expect(page).to have_content('Expires in 3 days')
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment