Commit 62a69cfa authored by GitLab Bot's avatar GitLab Bot

Merge remote-tracking branch 'upstream/master' into ce-to-ee-2018-10-26

# Conflicts:
#	doc/README.md
#	lib/gitlab/checks/change_access.rb

[ci skip]
parents 3d1c2c26 e997b22d
......@@ -30,15 +30,14 @@ class PostReceive
def process_project_changes(post_received)
changes = []
refs = Set.new
post_received.changes_refs do |oldrev, newrev, ref|
@user ||= post_received.identify(newrev)
@user = post_received.identify
unless @user
log("Triggered hook for non-existing user \"#{post_received.identifier}\"")
return false # rubocop:disable Cop/AvoidReturnFromBlocks
return false
end
post_received.changes_refs do |oldrev, newrev, ref|
if Gitlab::Git.tag_ref?(ref)
GitTagPushService.new(post_received.project, @user, oldrev: oldrev, newrev: newrev, ref: ref).execute
elsif Gitlab::Git.branch_ref?(ref)
......
---
title: If user was not found, service hooks won't run on post receive background job
merge_request: 22519
author:
type: fixed
---
title: Upgrade Prometheus to 2.4.3 and Alertmanager to 0.15.2
merge_request: 22600
author:
type: other
......@@ -187,8 +187,11 @@ configuration. Then customize everything from buildpacks to CI/CD.
- [Deployment of Helm, Ingress, and Prometheus on Kubernetes](user/project/clusters/index.md#installing-applications)
- [Protected variables](ci/variables/README.md#protected-variables)
- [Easy creation of Kubernetes clusters on GKE](user/project/clusters/index.md#adding-and-creating-a-new-gke-cluster-via-gitlab)
<<<<<<< HEAD
- [Multiple Kubernetes Clusters](user/project/clusters/index.md#multiple-kubernetes-clusters) **[PREMIUM]**
- [Environment-specific variables](ci/variables/README.md#limiting-environment-scopes-of-variables) **[PREMIUM]**
=======
>>>>>>> upstream/master
- [Executable Runbooks](user/project/clusters/runbooks/index.md)
### Monitor
......
......@@ -69,7 +69,10 @@ module Gitlab
def push_checks
logger.log_timed(LOG_MESSAGES[__method__]) do
unless can_push?
<<<<<<< HEAD
# You are not allowed to push code to this project.
=======
>>>>>>> upstream/master
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:push_code]
end
end
......
......@@ -11,8 +11,8 @@ module Gitlab
@changes = deserialize_changes(changes)
end
def identify(revision)
super(identifier, project, revision)
def identify
super(identifier)
end
def changes_refs
......
# frozen_string_literal: true
# Detect user based on identifier like
# key-13 or user-36 or last commit
# key-13 or user-36
module Gitlab
module Identifier
def identify(identifier, project = nil, newrev = nil)
if identifier.blank?
identify_using_commit(project, newrev)
elsif identifier =~ /\Auser-\d+\Z/
def identify(identifier)
if identifier =~ /\Auser-\d+\Z/
# git push over http
identify_using_user(identifier)
elsif identifier =~ /\Akey-\d+\Z/
......@@ -16,19 +14,6 @@ module Gitlab
end
end
# Tries to identify a user based on a commit SHA.
def identify_using_commit(project, ref)
return if project.nil? && ref.nil?
commit = project.commit(ref)
return if !commit || !commit.author_email
identify_with_cache(:email, commit.author_email) do
commit.author
end
end
# Tries to identify a user based on a user identifier (e.g. "user-123").
# rubocop: disable CodeReuse/ActiveRecord
def identify_using_user(identifier)
......
......@@ -11,11 +11,8 @@ describe Gitlab::Identifier do
describe '#identify' do
context 'without an identifier' do
it 'identifies the user using a commit' do
expect(identifier).to receive(:identify_using_commit)
.with(project, '123')
identifier.identify('', project, '123')
it 'returns nil' do
expect(identifier.identify('')).to be nil
end
end
......@@ -24,7 +21,7 @@ describe Gitlab::Identifier do
expect(identifier).to receive(:identify_using_user)
.with("user-#{user.id}")
identifier.identify("user-#{user.id}", project, '123')
identifier.identify("user-#{user.id}")
end
end
......@@ -33,46 +30,8 @@ describe Gitlab::Identifier do
expect(identifier).to receive(:identify_using_ssh_key)
.with("key-#{key.id}")
identifier.identify("key-#{key.id}", project, '123')
end
end
identifier.identify("key-#{key.id}")
end
describe '#identify_using_commit' do
it "returns the User for an existing commit author's Email address" do
commit = double(:commit, author: user, author_email: user.email)
expect(project).to receive(:commit).with('123').and_return(commit)
expect(identifier.identify_using_commit(project, '123')).to eq(user)
end
it 'returns nil when no user could be found' do
allow(project).to receive(:commit).with('123').and_return(nil)
expect(identifier.identify_using_commit(project, '123')).to be_nil
end
it 'returns nil when the commit does not have an author Email' do
commit = double(:commit, author_email: nil)
expect(project).to receive(:commit).with('123').and_return(commit)
expect(identifier.identify_using_commit(project, '123')).to be_nil
end
it 'caches the found users per Email' do
commit = double(:commit, author: user, author_email: user.email)
expect(project).to receive(:commit).with('123').twice.and_return(commit)
2.times do
expect(identifier.identify_using_commit(project, '123')).to eq(user)
end
end
it 'returns nil if the project & ref are not present' do
expect(identifier.identify_using_commit(nil, nil)).to be_nil
end
end
......
......@@ -6,7 +6,7 @@ describe PostReceive do
let(:base64_changes) { Base64.encode64(wrongly_encoded_changes) }
let(:gl_repository) { "project-#{project.id}" }
let(:key) { create(:key, user: project.owner) }
let(:key_id) { key.shell_id }
let!(:key_id) { key.shell_id }
let(:project) do
create(:project, :repository, auto_cancel_pending_pipelines: 'disabled')
......@@ -31,6 +31,28 @@ describe PostReceive do
end
describe "#process_project_changes" do
context 'empty changes' do
it "does not call any PushService but runs after project hooks" do
expect(GitPushService).not_to receive(:new)
expect(GitTagPushService).not_to receive(:new)
expect_next_instance_of(SystemHooksService) { |service| expect(service).to receive(:execute_hooks) }
described_class.new.perform(gl_repository, key_id, "")
end
end
context 'unidentified user' do
let!(:key_id) { "" }
it 'returns false' do
expect(GitPushService).not_to receive(:new)
expect(GitTagPushService).not_to receive(:new)
expect(described_class.new.perform(gl_repository, key_id, base64_changes)).to be false
end
end
context 'with changes' do
before do
allow_any_instance_of(Gitlab::GitPostReceive).to receive(:identify).and_return(project.owner)
end
......@@ -38,7 +60,7 @@ describe PostReceive do
context "branches" do
let(:changes) { "123456 789012 refs/heads/tést" }
it "calls GitTagPushService" do
it "calls GitPushService" do
expect_any_instance_of(GitPushService).to receive(:execute).and_return(true)
expect_any_instance_of(GitTagPushService).not_to receive(:execute)
described_class.new.perform(gl_repository, key_id, base64_changes)
......@@ -113,6 +135,7 @@ describe PostReceive do
end
end
end
end
describe '#process_wiki_changes' do
let(:gl_repository) { "wiki-#{project.id}" }
......
alertmanager:
enabled: false
image:
tag: v0.15.2
kubeStateMetrics:
enabled: true
......@@ -16,7 +18,7 @@ rbac:
server:
fullnameOverride: "prometheus-prometheus-server"
image:
tag: v2.1.0
tag: v2.4.3
serverFiles:
alerts: {}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment