Add latest changes from gitlab-org/gitlab@master

47ebeef9 · GitLab Bot · 06bb4eba · 47ebeef9 · 47ebeef9 · 47ebeef9
Commit 47ebeef9 authored Mar 11, 2020 by GitLab Bot
24 changed files
--- a/app/graphql/gitlab_schema.rb
+++ b/app/graphql/gitlab_schema.rb
@@ -16,6 +16,7 @@ class GitlabSchema < GraphQL::Schema
  use Gitlab::Graphql::CallsGitaly
  use Gitlab::Graphql::Connections
  use Gitlab::Graphql::GenericTracing
+  use Gitlab::Graphql::Timeout, max_seconds: Gitlab.config.gitlab.graphql_timeout
  query_analyzer Gitlab::Graphql::QueryAnalyzers::LoggerAnalyzer.new
  query_analyzer Gitlab::Graphql::QueryAnalyzers::RecursionAnalyzer.new

--- a/app/models/commit.rb
+++ b/app/models/commit.rb
@@ -415,7 +415,7 @@ class Commit
  end
  def has_been_reverted?(current_user, notes_association = nil)
-    ext = all_references(current_user)
+    ext = Gitlab::ReferenceExtractor.new(project, current_user)
    notes_association ||= notes_with_associations
    notes_association.system.each do |note|

--- a/app/models/users_statistics.rb
+++ b/app/models/users_statistics.rb
+# frozen_string_literal: true
+class UsersStatistics < ApplicationRecord
+  STATISTICS_NAMES = [
+    :without_groups_and_projects,
+    :with_highest_role_guest,
+    :with_highest_role_reporter,
+    :with_highest_role_developer,
+    :with_highest_role_maintainer,
+    :with_highest_role_owner,
+    :bots,
+    :blocked
+  ].freeze
+end
--- a/changelogs/unreleased/199197-make-has-been-reverted-check-cheaper.yml
+++ b/changelogs/unreleased/199197-make-has-been-reverted-check-cheaper.yml
+---
+title: Improve performance of the "has this commit been reverted?" check
+merge_request: 26784
+author:
+type: performance
--- a/changelogs/unreleased/208887-optimize-project-counters-mirrored-pipelines.yml
+++ b/changelogs/unreleased/208887-optimize-project-counters-mirrored-pipelines.yml
+---
+title: Optimize Project counters with pipelines enabled counter
+merge_request: 26802
+author:
+type: performance
--- a/changelogs/unreleased/33641-fix_smartcard_param_check_in_user_build.yml
+++ b/changelogs/unreleased/33641-fix_smartcard_param_check_in_user_build.yml
+---
+title: Fix user registration when smartcard authentication is enabled
+merge_request: 26800
+author:
+type: fixed
--- a/changelogs/unreleased/create_users_statistics.yml
+++ b/changelogs/unreleased/create_users_statistics.yml
+---
+title: Introduce db table to store users statistics
+merge_request: 26261
+author:
+type: added
--- a/config/initializers/graphql.rb
+++ b/config/initializers/graphql.rb
@@ -5,7 +5,3 @@ GraphQL::Field.accepts_definitions(authorize: GraphQL::Define.assign_metadata_ke
 GraphQL::Schema::Object.accepts_definition(:authorize)
 GraphQL::Schema::Field.accepts_definition(:authorize)
-GitlabSchema.middleware << GraphQL::Schema::TimeoutMiddleware.new(max_seconds: Gitlab.config.gitlab.graphql_timeout) do |timeout_error, query|
-  Gitlab::GraphqlLogger.error(message: timeout_error.to_s, query: query.query_string, query_variables: query.provided_variables)
-end
--- a/db/migrate/20200221100514_create_users_statistics.rb
+++ b/db/migrate/20200221100514_create_users_statistics.rb
+# frozen_string_literal: true
+class CreateUsersStatistics < ActiveRecord::Migration[6.0]
+  DOWNTIME = false
+  def change
+    create_table :users_statistics do |t|
+      t.timestamps_with_timezone null: false
+      t.integer :without_groups_and_projects, null: false, default: 0
+      t.integer :with_highest_role_guest, null: false, default: 0
+      t.integer :with_highest_role_reporter, null: false, default: 0
+      t.integer :with_highest_role_developer, null: false, default: 0
+      t.integer :with_highest_role_maintainer, null: false, default: 0
+      t.integer :with_highest_role_owner, null: false, default: 0
+      t.integer :bots, null: false, default: 0
+      t.integer :blocked, null: false, default: 0
+    end
+  end
+end
--- a/db/migrate/20200309195209_add_index_on_project_id_and_builds_access_level_to_project_features.rb
+++ b/db/migrate/20200309195209_add_index_on_project_id_and_builds_access_level_to_project_features.rb
+# frozen_string_literal: true
+class AddIndexOnProjectIdAndBuildsAccessLevelToProjectFeatures < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+  DOWNTIME = false
+  INDEX_NAME = 'index_project_features_on_project_id_bal_20'
+  disable_ddl_transaction!
+  def up
+    add_concurrent_index :project_features, :project_id, where: 'builds_access_level = 20', name: INDEX_NAME
+  end
+  def down
+    remove_concurrent_index_by_name :project_features, INDEX_NAME
+  end
+end
--- a/db/migrate/20200309195710_add_index_on_mirror_and_creator_id_and_created_at_to_projects.rb
+++ b/db/migrate/20200309195710_add_index_on_mirror_and_creator_id_and_created_at_to_projects.rb
+# frozen_string_literal: true
+class AddIndexOnMirrorAndCreatorIdAndCreatedAtToProjects < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+  DOWNTIME = false
+  INDEX_NAME = 'index_projects_on_mirror_creator_id_created_at'
+  disable_ddl_transaction!
+  def up
+    add_concurrent_index :projects, [:creator_id, :created_at], where: 'mirror = true and mirror_trigger_builds = true', name: INDEX_NAME
+  end
+  def down
+    remove_concurrent_index_by_name :projects, INDEX_NAME
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 2020_03_06_170531) do
+ActiveRecord::Schema.define(version: 2020_03_09_195710) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "pg_trgm"
@@ -3264,6 +3264,7 @@ ActiveRecord::Schema.define(version: 2020_03_06_170531) do
    t.integer "pages_access_level", null: false
    t.integer "forking_access_level"
    t.index ["project_id"], name: "index_project_features_on_project_id", unique: true
+    t.index ["project_id"], name: "index_project_features_on_project_id_bal_20", where: "(builds_access_level = 20)"
  end
  create_table "project_group_links", id: :serial, force: :cascade do |t|
@@ -3465,6 +3466,7 @@ ActiveRecord::Schema.define(version: 2020_03_06_170531) do
    t.index ["created_at", "id"], name: "index_projects_api_created_at_id_desc", order: { id: :desc }
    t.index ["created_at", "id"], name: "index_projects_api_vis20_created_at", where: "(visibility_level = 20)"
    t.index ["created_at", "id"], name: "index_projects_on_created_at_and_id"
+    t.index ["creator_id", "created_at"], name: "index_projects_on_mirror_creator_id_created_at", where: "((mirror = true) AND (mirror_trigger_builds = true))"
    t.index ["creator_id"], name: "index_projects_on_creator_id"
    t.index ["description"], name: "index_projects_on_description_trigram", opclass: :gin_trgm_ops, using: :gin
    t.index ["id", "repository_storage", "last_repository_updated_at"], name: "idx_projects_on_repository_storage_last_repository_updated_at"
@@ -4421,6 +4423,19 @@ ActiveRecord::Schema.define(version: 2020_03_06_170531) do
    t.index ["user_id", "project_id"], name: "index_users_star_projects_on_user_id_and_project_id", unique: true
  end
+  create_table "users_statistics", force: :cascade do |t|
+    t.datetime_with_timezone "created_at", null: false
+    t.datetime_with_timezone "updated_at", null: false
+    t.integer "without_groups_and_projects", default: 0, null: false
+    t.integer "with_highest_role_guest", default: 0, null: false
+    t.integer "with_highest_role_reporter", default: 0, null: false
+    t.integer "with_highest_role_developer", default: 0, null: false
+    t.integer "with_highest_role_maintainer", default: 0, null: false
+    t.integer "with_highest_role_owner", default: 0, null: false
+    t.integer "bots", default: 0, null: false
+    t.integer "blocked", default: 0, null: false
+  end
  create_table "vulnerabilities", force: :cascade do |t|
    t.bigint "milestone_id"
    t.bigint "epic_id"

--- a/doc/administration/geo/replication/datatypes.md
+++ b/doc/administration/geo/replication/datatypes.md
@@ -124,28 +124,29 @@ replicating data from those features will cause the data to be **lost**.
 If you wish to use those features on a **secondary** node, or to execute a failover
 successfully, you must replicate their data using some other means.
-| Feature                                             | Replicated               | Verified                    | Notes                                       |
+| Feature                                             | Replicated                      | Verified                    | Notes                                       |
-|-----------------------------------------------------|--------------------------|-----------------------------|---------------------------------------------|
+|-----------------------------------------------------|--------------------------       |-----------------------------|---------------------------------------------|
-| Application data in PostgreSQL                      | **Yes**                  | **Yes**                     |                                             |
+| Application data in PostgreSQL                      | **Yes**                         | **Yes**                     |                                             |
-| Project repository                                  | **Yes**                  | **Yes**                     |                                             |
+| Project repository                                  | **Yes**                         | **Yes**                     |                                             |
-| Project wiki repository                             | **Yes**                  | **Yes**                     |                                             |
+| Project wiki repository                             | **Yes**                         | **Yes**                     |                                             |
-| Project designs repository                          | **Yes**                  | [No][design-verification]   |                                             |
+| Project designs repository                          | **Yes**                         | [No][design-verification]   |                                             |
-| Uploads                                             | **Yes**                  | [No][upload-verification]   | Verified only on transfer, or manually (*1*)|
+| Uploads                                             | **Yes**                         | [No][upload-verification]   | Verified only on transfer, or manually (*1*)|
-| LFS objects                                         | **Yes**                  | [No][lfs-verification]      | Verified only on transfer, or manually (*1*). Unavailable for new LFS objects in 11.11.x and 12.0.x (*2*). |
+| LFS objects                                         | **Yes**                         | [No][lfs-verification]      | Verified only on transfer, or manually (*1*). Unavailable for new LFS objects in 11.11.x and 12.0.x (*2*). |
-| CI job artifacts (other than traces)                | **Yes**                  | [No][artifact-verification] | Verified only manually (*1*)                |
+| CI job artifacts (other than traces)                | **Yes**                         | [No][artifact-verification] | Verified only manually (*1*)                |
-| Archived traces                                     | **Yes**                  | [No][artifact-verification] | Verified only on transfer, or manually (*1*)|
+| Archived traces                                     | **Yes**                         | [No][artifact-verification] | Verified only on transfer, or manually (*1*)|
-| Personal snippets                                   | **Yes**                  | **Yes**                     |                                             |
+| Personal snippets                                   | **Yes**                         | **Yes**                     |                                             |
-| Project snippets                                    | **Yes**                  | **Yes**                     |                                             |
+| Project snippets                                    | **Yes**                         | **Yes**                     |                                             |
-| Object pools for forked project deduplication       | **Yes**                  | No                          |                                             |
+| Object pools for forked project deduplication       | **Yes**                         | No                          |                                             |
-| [Server-side Git Hooks][custom-hooks]               | No                       | No                          |                                             |
+| [Server-side Git Hooks][custom-hooks]               | No                              | No                          |                                             |
-| [Elasticsearch integration][elasticsearch]          | No                       | No                          |                                             |
+| [Elasticsearch integration][elasticsearch]          | [No][elasticsearch-replication] | No                          |                                             |
-| [GitLab Pages][gitlab-pages]                        | [No][pages-replication]  | No                          |                                             |
+| [GitLab Pages][gitlab-pages]                        | [No][pages-replication]         | No                          |                                             |
-| [Container Registry][container-registry]            | **Yes**                  | No                          |                                             |
+| [Container Registry][container-registry]            | **Yes**                         | No                          |                                             |
-| [NPM Registry][npm-registry]                        | No                       | No                          |                                             |
+| [NPM Registry][npm-registry]                        | [No][packages-replication]      | No                          |                                             |
-| [Maven Repository][maven-repository]                | No                       | No                          |                                             |
+| [Maven Repository][maven-repository]                | [No][packages-replication]      | No                          |                                             |
-| [Conan Repository][conan-repository]                | No                       | No                          |                                             |
+| [Conan Repository][conan-repository]                | [No][packages-replication]      | No                          |                                             |
-| [External merge request diffs][merge-request-diffs] | [No][diffs-replication]  | No                          |                                             |
+| [NuGet Repository][nuget-repository]                | [No][packages-replication]      | No                          |                                             |
-| Content in object storage                           | **Yes**                  | No                          |                                             |
+| [External merge request diffs][merge-request-diffs] | [No][diffs-replication]         | No                          |                                             |
+| Content in object storage                           | **Yes**                         | No                          |                                             |
 - (*1*): The integrity can be verified manually using
  [Integrity Check Rake Task](../../raketasks/check.md) on both nodes and comparing
@@ -160,6 +161,8 @@ successfully, you must replicate their data using some other means.
 [artifact-verification]: https://gitlab.com/gitlab-org/gitlab/issues/8923
 [diffs-replication]: https://gitlab.com/gitlab-org/gitlab/issues/33817
 [pages-replication]: https://gitlab.com/groups/gitlab-org/-/epics/589
+[packages-replication]: https://gitlab.com/groups/gitlab-org/-/epics/2346
+[elasticsearch-replication]: https://gitlab.com/gitlab-org/gitlab/-/issues/1186
 [custom-hooks]: ../../custom_hooks.md
 [elasticsearch]: ../../../integration/elasticsearch.md
@@ -168,4 +171,5 @@ successfully, you must replicate their data using some other means.
 [npm-registry]: ../../../user/packages/npm_registry/index.md
 [maven-repository]: ../../../user/packages/maven_repository/index.md
 [conan-repository]: ../../../user/packages/conan_repository/index.md
+[nuget-repository]: ../../../user/packages/nuget_repository/index.md
 [merge-request-diffs]: ../../merge_request_diffs.md
--- a/doc/integration/img/jira_dev_panel_setup_com_1.png
+++ b/doc/integration/img/jira_dev_panel_setup_com_1.png
--- a/doc/integration/img/jira_dev_panel_setup_com_2.png
+++ b/doc/integration/img/jira_dev_panel_setup_com_2.png
--- a/doc/integration/img/jira_dev_panel_setup_com_3.png
+++ b/doc/integration/img/jira_dev_panel_setup_com_3.png
--- a/doc/integration/jira_development_panel.md
+++ b/doc/integration/jira_development_panel.md
@@ -67,6 +67,8 @@ There are no special requirements if you are using GitLab.com.
 ## Jira Configuration
+### GitLab self-managed
 1. In Jira, go to **Jira Settings > Applications > DVCS accounts**, then click **Link GitHub Enterprise account** to start creating a new integration.
   (We are pretending to be GitHub in this integration until there is further platform support from Jira.)
@@ -110,7 +112,45 @@ There are no special requirements if you are using GitLab.com.
 To connect additional GitLab projects from other GitLab top-level groups (or personal namespaces), repeat the above
 steps with additional Jira DVCS accounts.
-You may now refer any Jira issue by its ID in branch names, commit messages and  merge request names on GitLab's side,
+### GitLab.com
+You can integrate GitLab.com and Jira Cloud using the **GitLab for Jira** App in the [Atlassian Marketplace](https://marketplace.atlassian.com/apps/1221011/gitlab-for-jira).
+GitLab and Jira can also be integrated using the DVCS connector as described in the [GitLab self-managed section](#gitlab-self-managed). The [GitLab for Jira App](https://marketplace.atlassian.com/apps/1221011/gitlab-for-jira) is recommended when using GitLab.com and Jira Cloud because data is synchronized in real time, while the DVCS connector updates data only once per hour.
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
+For a walkthrough of the integration with GitLab for Jira, watch [Configure GitLab Jira Integration using Marketplace App](https://youtu.be/SwR-g1s1zTo) on YouTube.
+NOTE: **Note:**
+The **GitLab for Jira** App is only compatible with GitLab.com **and** Jira Cloud.
+1. Go to **Jira Settings > Apps > Find new apps**, then search for GitLab.
+1. Click **GitLab for Jira**, then click **Get it now**. Or go the [App in the marketplace directly](https://marketplace.atlassian.com/apps/1221011/gitlab-for-jira)
+   ![Install GitLab App on Jira](img/jira_dev_panel_setup_com_1.png)
+1. After installing, click **Get started** to go to the configurations page. This page is always available under **Jira Settings > Apps > Manage apps**.
+   ![Start GitLab App configuration on Jira](img/jira_dev_panel_setup_com_2.png)
+1. Enter the group or personal namespace in the **Namespace** field and click **Link namespace to Jira**.   Make sure you are logged in on GitLab.com and the namespace has a Silver or above license. The user setting up _GitLab for Jira_ must have **Maintainer** access to the GitLab namespace.
+NOTE: **Note:**
+The GitLab user only needs access when adding a new namespace. For syncing with Jira, we do not depend on the user's token.
+   ![Confure namespace on GitLab Jira App](img/jira_dev_panel_setup_com_3.png)
+After a namespace is added, all future commits, branches and merge requests of all projects under that namespace will be synced to Jira. Past data cannot be synced at the moment.
+#### Troubleshooting GitLab for Jira
+The GitLab for Jira App uses an iframe to add namespaces on the settings page. Some browsers block cross-site cookies which can lead to a message saying that the user needs to log in on GitLab.com even though the user is already logged in.
+> "You need to sign in or sign up before continuing."
+In this case, enable cross-site cookies in your browser.
+## Usage
+Once the integration is set up on GitLab and Jira you may refer any Jira issue by its ID in branch names, commit messages and  merge request titles on GitLab's side,
 and you will be able to see the linked `branches`, `commits`, and `merge requests` when entering a Jira issue
 (inside the Jira issue, merge requests will be called "pull requests").

--- a/doc/user/group/subgroups/index.md
+++ b/doc/user/group/subgroups/index.md
@@ -6,7 +6,7 @@ type: reference, howto, concepts
 > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/2772) in GitLab 9.0.
-Subgroups, also known as nested groups or hierarchical groups, allow you to have up to 20
+GitLab supports up to 20 levels of subgroups, also known as nested groups or hierarchical groups.
 levels of groups.
 By using subgroups you can do the following:
@@ -64,8 +64,6 @@ Another example of GitLab as a company would be the following:
 ---
-The maximum subgroups a group can have, including the first one in the
-hierarchy, is 21.
 When performing actions such as transferring or importing a project between
 subgroups, the behavior is the same as when performing these actions at the

--- a/lib/gitlab/graphql/timeout.rb
+++ b/lib/gitlab/graphql/timeout.rb
+# frozen_string_literal: true
+module Gitlab
+  module Graphql
+    class Timeout < GraphQL::Schema::Timeout
+      def handle_timeout(error, query)
+        Gitlab::GraphqlLogger.error(message: error.message, query: query.query_string, query_variables: query.provided_variables)
+      end
+    end
+  end
+end
--- a/qa/qa/specs/features/browser_ui/3_create/snippet/create_snippet_spec.rb
+++ b/qa/qa/specs/features/browser_ui/3_create/snippet/create_snippet_spec.rb
 # frozen_string_literal: true
 module QA
-  context 'Create', :smoke do
+  context 'Create', :smoke, quarantine: { issue: 'https://gitlab.com/gitlab-org/gitlab/issues/209928', type: :bug } do
    describe 'Snippet creation' do
      it 'User creates a snippet' do
        Flow::Login.sign_in

--- a/spec/lib/gitlab/graphql/timeout_spec.rb
+++ b/spec/lib/gitlab/graphql/timeout_spec.rb
+# frozen_string_literal: true
+require 'spec_helper'
+describe Gitlab::Graphql::Timeout do
+  it 'inherits from ' do
+    expect(described_class.superclass).to eq GraphQL::Schema::Timeout
+  end
+  it 'sends the error to our GraphQL logger' do
+    parent_type = double(graphql_name: 'parent_type')
+    field = double(graphql_name: 'field')
+    query = double(query_string: 'query_string', provided_variables: 'provided_variables')
+    error = GraphQL::Schema::Timeout::TimeoutError.new(parent_type, field)
+    expect(Gitlab::GraphqlLogger)
+      .to receive(:error)
+      .with(message: 'Timeout on parent_type.field', query: 'query_string', query_variables: 'provided_variables')
+    timeout = described_class.new(max_seconds: 30)
+    timeout.handle_timeout(error, query)
+  end
+end
--- a/spec/models/commit_range_spec.rb
+++ b/spec/models/commit_range_spec.rb
@@ -137,29 +137,4 @@ describe CommitRange do
      end
    end
  end
-  describe '#has_been_reverted?' do
-    let(:user) { create(:user) }
-    let(:issue) { create(:issue, author: user, project: project) }
-    it 'returns true if the commit has been reverted' do
-      create(:note_on_issue,
-             noteable: issue,
-             system: true,
-             note: commit1.revert_description(user),
-             project: issue.project)
-      expect_next_instance_of(Commit) do |commit|
-        expect(commit).to receive(:reverts_commit?)
-          .with(commit1, user)
-          .and_return(true)
-      end
-      expect(commit1.has_been_reverted?(user, issue.notes_with_associations)).to eq(true)
-    end
-    it 'returns false if the commit has not been reverted' do
-      expect(commit1.has_been_reverted?(user, issue.notes_with_associations)).to eq(false)
-    end
-  end
 end
--- a/spec/models/commit_spec.rb
+++ b/spec/models/commit_spec.rb
@@ -821,4 +821,29 @@ eos
      expect(commit.has_signature?).to be_falsey
    end
  end
+  describe '#has_been_reverted?' do
+    let(:user) { create(:user) }
+    let(:issue) { create(:issue, author: user, project: project) }
+    it 'returns true if the commit has been reverted' do
+      create(:note_on_issue,
+             noteable: issue,
+             system: true,
+             note: commit.revert_description(user),
+             project: issue.project)
+      expect_next_instance_of(Commit) do |revert_commit|
+        expect(revert_commit).to receive(:reverts_commit?)
+          .with(commit, user)
+          .and_return(true)
+      end
+      expect(commit.has_been_reverted?(user, issue.notes_with_associations)).to eq(true)
+    end
+    it 'returns false if the commit has not been reverted' do
+      expect(commit.has_been_reverted?(user, issue.notes_with_associations)).to eq(false)
+    end
+  end
 end
--- a/spec/requests/api/graphql/gitlab_schema_spec.rb
+++ b/spec/requests/api/graphql/gitlab_schema_spec.rb
@@ -11,11 +11,11 @@ describe 'GitlabSchema configurations' do
    describe 'timeouts' do
      context 'when timeout is reached' do
        it 'shows an error' do
-          Timecop.scale(50000000) do # ludicrously large number because the timeout has to happen before the query even begins
+          allow_any_instance_of(Gitlab::Graphql::Timeout).to receive(:max_seconds).and_return(0)
-            subject
-            expect_graphql_errors_to_include /Timeout/
+          subject
-          end
+          expect_graphql_errors_to_include /Timeout/
        end
      end
    end
@@ -140,7 +140,7 @@ describe 'GitlabSchema configurations' do
    end
    it_behaves_like 'imposing query limits' do
-      it "fails all queries when only one of the queries is too complex" do
+      it 'fails all queries when only one of the queries is too complex' do
        # The `project` query above has a complexity of 5
        allow(GitlabSchema).to receive(:max_query_complexity).and_return 4