Commit 65a1175e authored by GitLab Bot's avatar GitLab Bot

Add latest changes from gitlab-org/gitlab@master

parent 3a52deac
......@@ -94,6 +94,7 @@ class GroupPolicy < BasePolicy
enable :update_cluster
enable :admin_cluster
enable :destroy_deploy_token
enable :read_deploy_token
end
rule { owner }.policy do
......
---
title: Add api endpoint for listing deploy tokens for a group
merge_request: 25219
author:
type: added
---
title: Bump Auto Deploy image to v0.12.1
merge_request: 26336
author:
type: changed
......@@ -490,10 +490,10 @@ Particular attention should be shown to:
1. Configure the `external_url` so that files could be served by GitLab
by proper endpoint access by editing `/etc/gitlab/gitlab.rb`:
You will need to replace `GITLAB_SERVER_URL` with the real URL on which
current GitLab instance is serving:
```ruby
external_url 'GITLAB_SERVER_URL'
```
......
......@@ -741,7 +741,7 @@ To enable the read-only mode:
```sh
# Recycling unused tags
sudo /opt/gitlab/embedded/bin/registry garbage-collect /var/opt/gitlab/registry/config.yml
# Removing unused layers not referenced by manifests
sudo /opt/gitlab/embedded/bin/registry garbage-collect -m /var/opt/gitlab/registry/config.yml
```
......
......@@ -2,6 +2,8 @@
## List all deploy tokens
> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9.
Get a list of all deploy tokens across the GitLab instance. This endpoint requires admin access.
```plaintext
......@@ -37,6 +39,8 @@ Project deploy token API endpoints require project maintainer access or higher.
### List project deploy tokens
> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9.
Get a list of a project's deploy tokens.
```plaintext
......@@ -113,8 +117,49 @@ Example response:
These endpoints require group maintainer access or higher.
### List group deploy deploy tokens
> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9.
Get a list of a group's deploy tokens
```
GET /groups/:id/deploy_tokens
```
Parameters:
| Attribute | Type | Required | Description |
|:---------------|:---------------|:---------|:-----------------------------------------------------------------------------|
| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). |
Example request:
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/deploy_tokens"
```
Example response:
```json
[
{
"id": 1,
"name": "MyToken",
"username": "gitlab+deploy-token-1",
"expires_at": "2020-02-14T00:00:00.000Z",
"scopes": [
"read_repository",
"read_registry"
]
}
]
```
### Delete a group deploy token
> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/21811) in GitLab 12.9.
Removes a deploy token from the group.
```
......
......@@ -7,7 +7,7 @@ type: index, howto
A lot of GitLab users have successfully migrated to GitLab CI/CD from Jenkins. To make this
easier if you're just getting started, we've collected several resources here that you might find useful
before diving in.
before diving in. Think of this page as a "GitLab CI/CD for Jenkins Users" guide.
First of all, our [Quick Start Guide](../quick_start/README.md) contains a good overview of how GitLab CI/CD works.
You may also be interested in [Auto DevOps](../../topics/autodevops/index.md) which can potentially be used to build, test,
......@@ -16,6 +16,9 @@ and deploy your applications with little to no configuration needed at all.
Otherwise, read on for important information that will help you get the ball rolling. Welcome
to GitLab!
If you have questions that are not answered here, the [GitLab community forum](https://forum.gitlab.com/)
can be a great resource.
## Important differences
There are some high level differences between the products worth mentioning:
......@@ -29,6 +32,7 @@ There are some high level differences between the products worth mentioning:
analogous to the declarative Jenkinsfile format.
- GitLab comes with a [container registry](../../user/packages/container_registry/index.md), and we recommend using
container images to set up your build environment.
- Totally stuck and not sure where to turn for advice? The [GitLab community forum](https://forum.gitlab.com/) can be a great resource.
## Groovy vs. YAML
......
......@@ -3,12 +3,12 @@
When there's a clear benefit to separating state management from components (e.g. due to state complexity) we recommend using [Vuex][vuex-docs] over any other Flux pattern. Otherwise, feel free to manage state within the components.
Vuex should be strongly considered when:
- You expect multiple parts of the application to react to state changes
- There's a need to share data between multiple components
- There are complex interactions with Backend, e.g. multiple API calls
- The app involves interacting with backend via both traditional REST API and GraphQL (especially when moving the REST API over to GraphQL is a pending backend task)
_Note:_ All of the below is explained in more detail in the official [Vuex documentation][vuex-docs].
## Separation of concerns
......
......@@ -639,7 +639,8 @@ as it will be attempting to fetch the image using
#### Kubernetes 1.16+
> [Introduced](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/merge_requests/51) in GitLab 12.8.
> - [Introduced](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/merge_requests/51) in GitLab 12.8.
> - Support for deploying a PostgreSQL version that supports Kubernetes 1.16+ was [introduced](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/merge_requests/49) in GitLab 12.9.
CAUTION: **Deprecation**
The default value of `extensions/v1beta1` for the `deploymentApiVersion` setting is
......@@ -657,9 +658,13 @@ To use Auto Deploy on a Kubernetes 1.16+ cluster, you must:
deploymentApiVersion: apps/v1
```
1. Set the `POSTGRES_ENABLED` variable to `false`. This will disable Auto Deploy's deployment of PostgreSQL.
Support for enabling Auto Deploy's deployment of PostgreSQL in a Kubernetes 1.16+ cluster
is [planned](https://gitlab.com/gitlab-org/charts/auto-deploy-app/issues/28).
1. Set the:
- `AUTO_DEVOPS_POSTGRES_CHANNEL` variable to `2`.
- `POSTGRES_VERSION` variable to `9.6.16` or higher.
This will opt-in to using a version of the PostgreSQL chart that supports Kubernetes
1.16 and higher.
#### Migrations
......
......@@ -64,7 +64,6 @@ Another example of GitLab as a company would be the following:
---
When performing actions such as transferring or importing a project between
subgroups, the behavior is the same as when performing these actions at the
`group/project` level.
......
......@@ -2,11 +2,10 @@
GitLab allows users to easily deploy AWS Lambda functions and create rich serverless applications.
GitLab supports deployment of functions to AWS Lambda using a combination of:
GitLab supports deployment of AWS Lambda functions through GitLab CI/CD using the following Serverless frameworks:
- [Serverless Framework with AWS](#serverless-framework)
- [AWS' Serverless Application Model (SAM)](#aws-serverless-application-model)
- GitLab CI/CD
## Serverless Framework
......@@ -362,7 +361,7 @@ sam init -h
### Setting up your AWS credentials with your GitLab account
In order to interact with your AWS account, the GitLab CI/CD pipelines require both
In order to interact with your AWS account, the GitLab CI/CD pipelines require both
`AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to be set in the project's CI/CD
variables.
......
......@@ -35,7 +35,7 @@ const moduleNameMapper = {
'^ee_else_ce(/.*)$': '<rootDir>/app/assets/javascripts$1',
'^helpers(/.*)$': '<rootDir>/spec/frontend/helpers$1',
'^vendor(/.*)$': '<rootDir>/vendor/assets/javascripts$1',
'\\.(jpg|jpeg|png|svg)$': '<rootDir>/spec/frontend/__mocks__/file_mock.js',
'\\.(jpg|jpeg|png|svg|css)$': '<rootDir>/spec/frontend/__mocks__/file_mock.js',
'emojis(/.*).json': '<rootDir>/fixtures/emojis$1.json',
'^spec/test_constants$': '<rootDir>/spec/frontend/helpers/test_constants',
'^jest/(.*)$': '<rootDir>/spec/frontend/$1',
......@@ -82,7 +82,7 @@ module.exports = {
'^.+\\.js$': 'babel-jest',
'^.+\\.vue$': 'vue-jest',
},
transformIgnorePatterns: ['node_modules/(?!(@gitlab/ui|bootstrap-vue|three)/)'],
transformIgnorePatterns: ['node_modules/(?!(@gitlab/ui|bootstrap-vue|three|monaco-editor)/)'],
timers: 'fake',
testEnvironment: '<rootDir>/spec/frontend/environment.js',
testEnvironmentOptions: {
......
......@@ -23,6 +23,8 @@ module API
use :pagination
end
get 'deploy_tokens' do
service_unavailable! unless Feature.enabled?(:deploy_tokens_api, default_enabled: true)
authenticated_as_admin!
present paginate(DeployToken.all), with: Entities::DeployToken
......@@ -32,6 +34,10 @@ module API
requires :id, type: Integer, desc: 'The ID of a project'
end
resource :projects, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
before do
service_unavailable! unless Feature.enabled?(:deploy_tokens_api, user_project, default_enabled: true)
end
params do
use :pagination
end
......@@ -71,6 +77,23 @@ module API
requires :id, type: Integer, desc: 'The ID of a group'
end
resource :groups, requirements: API::NAMESPACE_OR_PROJECT_REQUIREMENTS do
before do
service_unavailable! unless Feature.enabled?(:deploy_tokens_api, user_group, default_enabled: true)
end
params do
use :pagination
end
desc 'List deploy tokens for a group' do
detail 'This feature was introduced in GitLab 12.9'
success Entities::DeployToken
end
get ':id/deploy_tokens' do
authorize!(:read_deploy_token, user_group)
present paginate(user_group.deploy_tokens), with: Entities::DeployToken
end
desc 'Delete a group deploy token' do
detail 'This feature was introduced in GitLab 12.9'
end
......
.auto-deploy:
image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.10.0"
image: "registry.gitlab.com/gitlab-org/cluster-integration/auto-deploy-image:v0.12.1"
review:
extends: .auto-deploy
......
source 'https://rubygems.org'
gem 'gitlab-qa'
gem 'activesupport', '5.2.3' # This should stay in sync with the root's Gemfile
gem 'activesupport', '6.0.2' # This should stay in sync with the root's Gemfile
gem 'capybara', '~> 3.29.0'
gem 'capybara-screenshot', '~> 1.0.23'
gem 'rake', '~> 12.3.0'
......
GEM
remote: https://rubygems.org/
specs:
activesupport (5.2.3)
activesupport (6.0.2)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
zeitwerk (~> 2.2)
addressable (2.7.0)
public_suffix (>= 2.0.2, < 5.0)
airborne (0.2.13)
......@@ -28,7 +29,7 @@ GEM
launchy
childprocess (3.0.0)
coderay (1.1.2)
concurrent-ruby (1.1.5)
concurrent-ruby (1.1.6)
debase (0.2.4.1)
debase-ruby_core_source (>= 0.10.2)
debase-ruby_core_source (0.10.6)
......@@ -40,7 +41,7 @@ GEM
gitlab-qa (4.0.0)
http-cookie (1.0.3)
domain_name (~> 0.5)
i18n (1.6.0)
i18n (1.8.2)
concurrent-ruby (~> 1.0)
knapsack (1.17.1)
rake
......@@ -52,7 +53,7 @@ GEM
mime-types-data (3.2016.0521)
mini_mime (1.0.2)
mini_portile2 (2.4.0)
minitest (5.11.3)
minitest (5.14.0)
netrc (0.11.0)
nokogiri (1.10.5)
mini_portile2 (~> 2.4.0)
......@@ -100,19 +101,20 @@ GEM
rubyzip (>= 1.2.2)
thread_safe (0.3.6)
timecop (0.9.1)
tzinfo (1.2.5)
tzinfo (1.2.6)
thread_safe (~> 0.1)
unf (0.1.4)
unf_ext
unf_ext (0.0.7.4)
xpath (3.2.0)
nokogiri (~> 1.8)
zeitwerk (2.3.0)
PLATFORMS
ruby
DEPENDENCIES
activesupport (= 5.2.3)
activesupport (= 6.0.2)
airborne (~> 0.2.13)
capybara (~> 3.29.0)
capybara-screenshot (~> 1.0.23)
......
......@@ -48,7 +48,7 @@ then
exit 1
fi
MD_DOC_PATH=${MD_DOC_PATH:-doc/**/*.md}
MD_DOC_PATH=${MD_DOC_PATH:-doc}
function run_locally_or_in_docker() {
local cmd=$1
......
// NOTE:
// These imports are pulled from 'monaco-editor/esm/vs/editor/editor.main.js'
// We don't want to include 'monaco-editor/esm/vs/editor/edcore' because it causes
// lots of compatability issues with Jest
// Issue: https://gitlab.com/gitlab-org/gitlab/-/issues/209863
import 'monaco-editor/esm/vs/language/typescript/monaco.contribution';
import 'monaco-editor/esm/vs/language/css/monaco.contribution';
import 'monaco-editor/esm/vs/language/json/monaco.contribution';
import 'monaco-editor/esm/vs/language/html/monaco.contribution';
import 'monaco-editor/esm/vs/basic-languages/monaco.contribution';
export * from 'monaco-editor/esm/vs/editor/editor.api';
export default global.monaco;
......@@ -10,12 +10,24 @@ describe API::DeployTokens do
let!(:deploy_token) { create(:deploy_token, projects: [project]) }
let!(:group_deploy_token) { create(:deploy_token, :group, groups: [group]) }
shared_examples 'with feature flag disabled' do
context 'disabled feature flag' do
before do
stub_feature_flags(deploy_tokens_api: false)
end
it { is_expected.to have_gitlab_http_status(:service_unavailable) }
end
end
describe 'GET /deploy_tokens' do
subject do
get api('/deploy_tokens', user)
response
end
it_behaves_like 'with feature flag disabled'
context 'when unauthenticated' do
let(:user) { nil }
......@@ -69,6 +81,8 @@ describe API::DeployTokens do
project.add_maintainer(user)
end
it_behaves_like 'with feature flag disabled'
it { is_expected.to have_gitlab_http_status(:ok) }
it 'returns all deploy tokens for the project' do
......@@ -87,6 +101,53 @@ describe API::DeployTokens do
end
end
describe 'GET /groups/:id/deploy_tokens' do
subject do
get api("/groups/#{group.id}/deploy_tokens", user)
response
end
context 'when unauthenticated' do
let(:user) { nil }
it { is_expected.to have_gitlab_http_status(:forbidden) }
end
context 'when authenticated as non-admin user' do
before do
group.add_developer(user)
end
it { is_expected.to have_gitlab_http_status(:forbidden) }
end
context 'when authenticated as maintainer' do
let!(:other_deploy_token) { create(:deploy_token, :group) }
before do
group.add_maintainer(user)
end
it_behaves_like 'with feature flag disabled'
it { is_expected.to have_gitlab_http_status(:ok) }
it 'returns all deploy tokens for the group' do
subject
expect(response).to include_pagination_headers
expect(response).to match_response_schema('public_api/v4/deploy_tokens')
end
it 'does not return deploy tokens for other groups' do
subject
token_ids = json_response.map { |token| token['id'] }
expect(token_ids).not_to include(other_deploy_token.id)
end
end
end
describe 'DELETE /groups/:id/deploy_tokens/:token_id' do
subject do
delete api("/groups/#{group.id}/deploy_tokens/#{group_deploy_token.id}", user)
......@@ -119,10 +180,10 @@ describe API::DeployTokens do
end
context 'invalid request' do
it 'returns bad request with invalid group id' do
it 'returns not found with invalid group id' do
delete api("/groups/bad_id/deploy_tokens/#{group_deploy_token.id}", user)
expect(response).to have_gitlab_http_status(:bad_request)
expect(response).to have_gitlab_http_status(:not_found)
end
it 'returns not found with invalid deploy token id' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment