Commit 5b90e9c4 authored by Vasilii Iakliushin's avatar Vasilii Iakliushin

Merge branch 'lower-default-clone-depth' into 'master'

Change default shallow clone depth to 20

See merge request gitlab-org/gitlab!77576
parents 6c7bd464 07ed1b8b
......@@ -3,7 +3,7 @@
class ProjectCiCdSetting < ApplicationRecord
belongs_to :project, inverse_of: :ci_cd_settings
DEFAULT_GIT_DEPTH = 50
DEFAULT_GIT_DEPTH = 20
before_create :set_default_git_depth
......
......@@ -159,7 +159,8 @@ in the `.gitlab-ci.yml` file.
## Limit the number of changes fetched during clone
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/28919) in GitLab 12.0.
> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/28919) in GitLab 12.0.
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/77576) `git depth` value in GitLab 14.7.
You can limit the number of changes that GitLab CI/CD fetches when it clones
a repository.
......@@ -171,8 +172,8 @@ a repository.
The maximum value is `1000`. To disable shallow clone and make GitLab CI/CD
fetch all branches and tags each time, keep the value empty or set to `0`.
In GitLab 12.0 and later, newly created projects automatically have a default
`git depth` value of `50`.
In GitLab versions 14.7 and later, newly created projects have a default `git depth`
value of `20`. GitLab versions 14.6 and earlier have a default `git depth` value of `50`.
This value can be overridden by the [`GIT_DEPTH` variable](../large_repositories/index.md#shallow-cloning)
in the `.gitlab-ci.yml` file.
......
......@@ -370,10 +370,10 @@ For information on this, see the [general Application Security troubleshooting s
### Error: `Couldn't run the gitleaks command: exit status 2`
If a pipeline is triggered from a Merge Request containing 60 commits while the `GIT_DEPTH` variable
is set to 50 (a [project default](../../../ci/pipelines/settings.md#limit-the-number-of-changes-fetched-during-clone)),
the Secret Detection job fails as the clone is not deep enough to contain all of the
relevant commits.
If a pipeline is triggered from a Merge Request containing 60 commits while the `GIT_DEPTH` variable's
value is less than that, the Secret Detection job fails as the clone is not deep enough to contain all of the
relevant commits. For information on the current default value, see the
[pipeline configuration documentation](../../../ci/pipelines/settings.md#limit-the-number-of-changes-fetched-during-clone).
To confirm this as the cause of the error, set the
[logging level](../../application_security/secret_detection/index.md#logging-level) to `debug`, then
......
......@@ -148,6 +148,7 @@ RSpec.describe Gitlab::Ci::Config::SecurityOrchestrationPolicies::Processor do
}
},
variables: {
GIT_DEPTH: '50',
SECURE_ANALYZERS_PREFIX: 'registry.gitlab.com/gitlab-org/security-products/analyzers',
SECRETS_ANALYZER_VERSION: '3',
SECRET_DETECTION_EXCLUDED_PATHS: '',
......
......@@ -39,6 +39,7 @@ RSpec.describe Security::SecurityOrchestrationPolicies::CiConfigurationService d
}
},
variables: {
GIT_DEPTH: '50',
SECURE_ANALYZERS_PREFIX: 'registry.gitlab.com/gitlab-org/security-products/analyzers',
SECRETS_ANALYZER_VERSION: '3',
SECRET_DETECTION_EXCLUDED_PATHS: '',
......
......@@ -14,6 +14,8 @@ variables:
image: "$SECURE_ANALYZERS_PREFIX/secrets:$SECRETS_ANALYZER_VERSION"
services: []
allow_failure: true
variables:
GIT_DEPTH: "50"
# `rules` must be overridden explicitly by each child job
# see https://gitlab.com/gitlab-org/gitlab/-/issues/218444
artifacts:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment