Add latest changes from gitlab-org/gitlab@master

77d15aff · GitLab Bot · 8b5c2a45 · 77d15aff · 77d15aff · 77d15aff
Commit 77d15aff authored Mar 19, 2020 by GitLab Bot
30 changed files
--- a/Gemfile
+++ b/Gemfile
@@ -475,7 +475,7 @@ gem 'lograge', '~> 0.5'
 gem 'grape_logging', '~> 1.7'
 # DNS Lookup
-gem 'gitlab-net-dns', '~> 0.9.1', require: 'net/dns'
+gem 'gitlab-net-dns', '~> 0.9.1'
 # Countries list
 gem 'countries', '~> 3.0'

--- a/app/controllers/concerns/authenticates_2fa_for_admin_mode.rb
+++ b/app/controllers/concerns/authenticates_2fa_for_admin_mode.rb
--- a/app/models/user_highest_role.rb
+++ b/app/models/user_highest_role.rb
@@ -4,4 +4,6 @@ class UserHighestRole < ApplicationRecord
  belongs_to :user, optional: false
  validates :highest_access_level, allow_nil: true, inclusion: { in: Gitlab::Access.all_values }
+  scope :with_highest_access_level, -> (highest_access_level) { where(highest_access_level: highest_access_level) }
 end
--- a/app/models/users_statistics.rb
+++ b/app/models/users_statistics.rb
@@ -11,4 +11,22 @@ class UsersStatistics < ApplicationRecord
    :bots,
    :blocked
  ].freeze
+  private
+  def highest_role_stats
+    return unless Feature.enabled?(:users_statistics)
+    {
+      owner: batch_count_for_access_level(Gitlab::Access::OWNER),
+      maintainer: batch_count_for_access_level(Gitlab::Access::MAINTAINER),
+      developer: batch_count_for_access_level(Gitlab::Access::DEVELOPER),
+      reporter: batch_count_for_access_level(Gitlab::Access::REPORTER),
+      guest: batch_count_for_access_level(Gitlab::Access::GUEST)
+    }
+  end
+  def batch_count_for_access_level(access_level)
+    Gitlab::Database::BatchCount.batch_count(UserHighestRole.with_highest_access_level(access_level))
+  end
 end
--- a/app/workers/error_tracking_issue_link_worker.rb
+++ b/app/workers/error_tracking_issue_link_worker.rb
@@ -63,6 +63,10 @@ class ErrorTrackingIssueLinkWorker # rubocop:disable Scalability/IdempotentWorke
    sentry_client
      .repos(organization_slug)
      .find { |repo| repo.project_id == issue.project_id && repo.status == 'active' }
+  rescue Sentry::Client::Error => e
+    logger.info("Unable to retrieve Sentry repo for organization #{organization_slug}, id #{sentry_issue_id}, with error: #{e.message}")
+    nil
  end
  def organization_slug

--- a/changelogs/unreleased/user-creation-count.yml
+++ b/changelogs/unreleased/user-creation-count.yml
+---
+title: Add metric to derive new users count
+merge_request: 27351
+author:
+type: added
--- a/config/application.rb
+++ b/config/application.rb
@@ -32,8 +32,6 @@ module Gitlab
    config.active_record.sqlite3.represent_boolean_as_integer = true
-    config.autoloader = :zeitwerk
    # Sidekiq uses eager loading, but directories not in the standard Rails
    # directories must be added to the eager load paths:
    # https://github.com/mperham/sidekiq/wiki/FAQ#why-doesnt-sidekiq-autoload-my-rails-application-code

--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -42,7 +42,7 @@ Rails.application.configure do
  config.action_mailer.raise_delivery_errors = true
  # Don't make a mess when bootstrapping a development environment
  config.action_mailer.perform_deliveries = (ENV['BOOTSTRAP'] != '1')
-  config.action_mailer.preview_path = Rails.root.join('app', 'mailers', 'previews')
+  config.action_mailer.preview_path = 'app/mailers/previews'
  config.eager_load = false

--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -43,7 +43,7 @@ Rails.application.configure do
  # Print deprecation notices to the stderr
  config.active_support.deprecation = :stderr
-  config.eager_load = false
+  config.eager_load = true
  config.cache_store = :null_store

--- a/config/initializers/2_gitlab.rb
+++ b/config/initializers/2_gitlab.rb
+require_dependency 'gitlab'
--- a/config/initializers_before_autoloader/002_zeitwerk.rb
+++ b/config/initializers_before_autoloader/002_zeitwerk.rb
-# frozen_string_literal: true
-Rails.autoloaders.each do |autoloader|
-  # We need to ignore these since these are non-Ruby files
-  # that do not define Ruby classes / modules
-  autoloader.ignore(Rails.root.join('lib/support'))
-  # Ignore generators since these are loaded manually by Rails
-  autoloader.ignore(Rails.root.join('lib/generators'))
-  autoloader.ignore(Rails.root.join('ee/lib/generators')) if Gitlab.ee?
-  # Mailer previews are also loaded manually by Rails
-  autoloader.ignore(Rails.root.join('app/mailers/previews'))
-  autoloader.ignore(Rails.root.join('ee/app/mailers/previews')) if Gitlab.ee?
-  # Ignore these files because these are only used in Rake tasks
-  # and are not available in production
-  autoloader.ignore(Rails.root.join('lib/gitlab/graphql/docs'))
-  autoloader.inflector.inflect(
-    'authenticates_2fa_for_admin_mode' => 'Authenticates2FAForAdminMode',
-    'api' => 'API',
-    'api_guard' => 'APIGuard',
-    'group_api_compatibility' => 'GroupAPICompatibility',
-    'project_api_compatibility' => 'ProjectAPICompatibility',
-    'cte' => 'CTE',
-    'recursive_cte' => 'RecursiveCTE',
-    'cidr' => 'CIDR',
-    'cli' => 'CLI',
-    'dn' => 'DN',
-    'hmac_token' => 'HMACToken',
-    'html' => 'HTML',
-    'html_parser' => 'HTMLParser',
-    'html_gitlab' => 'HTMLGitlab',
-    'http' => 'HTTP',
-    'http_connection_adapter' => 'HTTPConnectionAdapter',
-    'http_clone_enabled_check' => 'HTTPCloneEnabledCheck',
-    'chunked_io' => 'ChunkedIO',
-    'http_io' => 'HttpIO',
-    'json' => 'JSON',
-    'json_formatter' => 'JSONFormatter',
-    'json_web_token' => 'JSONWebToken',
-    'as_json' => 'AsJSON',
-    'ldap_key' => 'LDAPKey',
-    'mr_note' => 'MRNote',
-    'pdf' => 'PDF',
-    'rsa_token' => 'RSAToken',
-    'san_extension' => 'SANExtension',
-    'sca' => 'SCA',
-    'spdx' => 'SPDX',
-    'sql' => 'SQL',
-    'ssh_key' => 'SSHKey',
-    'ssh_key_with_user' => 'SSHKeyWithUser',
-    'ssh_public_key' => 'SSHPublicKey',
-    'git_push_ssh_proxy' => 'GitPushSSHProxy',
-    'git_user_default_ssh_config_check' => 'GitUserDefaultSSHConfigCheck',
-    'binary_stl' => 'BinarySTL',
-    'text_stl' => 'TextSTL',
-    'svg' => 'SVG',
-    'function_uri' => 'FunctionURI'
-  )
-end
--- a/config/settings.rb
+++ b/config/settings.rb
@@ -3,6 +3,12 @@
 require 'settingslogic'
 require 'digest/md5'
+# We can not use `Rails.root` here, as this file might be loaded without the
+# full Rails environment being loaded. We can not use `require_relative` either,
+# as Rails uses `load` for `require_dependency` (used when loading the Rails
+# environment). This could then lead to this file being loaded twice.
+require_dependency File.expand_path('../lib/gitlab', __dir__)
 class Settings < Settingslogic
  source ENV.fetch('GITLAB_CONFIG') { Pathname.new(File.expand_path('..', __dir__)).join('config/gitlab.yml') }
  namespace ENV.fetch('GITLAB_ENV') { Rails.env }

--- a/doc/administration/auth/smartcard.md
+++ b/doc/administration/auth/smartcard.md
@@ -49,7 +49,7 @@ Certificate:
        Subject: CN=Gitlab User, emailAddress=gitlab-user@example.com
 ```
-### Authentication against a local database with X.509 certificates and SAN extensions **(PREMIUM ONLY)**
+### Authentication against a local database with X.509 certificates and SAN extension
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/8605) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3.
@@ -135,6 +135,12 @@ attribute. As a prerequisite, you must use an LDAP server that:
     listen *:3444 ssl;
     ```
+   - It can also be configured to run on a different hostname:
+     ```plaintext
+     listen smartcard.example.com:443 ssl;
+     ```
   - The additional NGINX server context must be configured to require the client
     side certificate:
@@ -156,7 +162,7 @@ attribute. As a prerequisite, you must use an LDAP server that:
   ```plaintext
   server {
-       listen *:3444 ssl;
+       listen smartcard.example.com:3443 ssl;
       # certificate for configuring SSL
       ssl_certificate /path/to/example.com.crt;
@@ -195,10 +201,16 @@ attribute. As a prerequisite, you must use an LDAP server that:
     # Path to a file containing a CA certificate
     ca_file: '/etc/ssl/certs/CA.pem'
-     # Port where the client side certificate is requested by NGINX
+     # Host and port where the client side certificate is requested by the
-     client_certificate_required_port: 3444
+     # webserver (NGINX/Apache)
+     client_certificate_required_host: smartcard.example.com
+     client_certificate_required_port: 3443
   ```
+   NOTE: **Note**
+   Assign a value to at least one of the following variables:
+   `client_certificate_required_host` or `client_certificate_required_port`.
 1. Save the file and [restart](../restart_gitlab.md#installations-from-source)
   GitLab for the changes to take effect.

--- a/doc/user/admin_area/settings/usage_statistics.md
+++ b/doc/user/admin_area/settings/usage_statistics.md
@@ -402,6 +402,7 @@ but commented out to help encourage others to add to it in the future. -->
 |groups|usage_activity_by_stage|manage|
 |ldap_keys|usage_activity_by_stage|manage|
 |ldap_users: 0|usage_activity_by_stage|manage|
+|users_created|usage_activity_by_stage|manage|
 |clusters|usage_activity_by_stage|monitor|
 |clusters_applications_prometheus|usage_activity_by_stage|monitor|
 |operations_dashboard_default_dashboard|usage_activity_by_stage|monitor|

--- a/doc/user/group/epics/index.md
+++ b/doc/user/group/epics/index.md
@@ -350,6 +350,14 @@ You can [award an emoji](../../award_emojis.md) to that epic or its comments.
 You can [turn on notifications](../../profile/notifications.md) to be alerted about epic events.
+## Limits
+This section gives an overview of limits of Epics and an overview of their background.
+### Description and comment length
+See [Issues: Description and comment length](../../project/issues/index.md#description-and-comment-length)
 <!-- ## Troubleshooting
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues

--- a/doc/user/project/issues/index.md
+++ b/doc/user/project/issues/index.md
@@ -4,7 +4,8 @@ Issues are the fundamental medium for collaborating on ideas and planning work i
 ## Overview
-The GitLab issue tracker is an advanced tool for collaboratively developing ideas, solving problems, and planning work.
+The GitLab issue tracker is an advanced tool for collaboratively developing ideas, solving problems,
+and planning work.
 Issues can allow sharing and discussion of proposals before, and during,
 their implementation between:
@@ -116,8 +117,8 @@ You can sort a list of issues in several ways, for example by issue creation dat
 ![Issue board](img/issue_board.png)
-[Issue boards](../issue_board.md) are Kanban boards with columns that display issues based on their labels
+[Issue boards](../issue_board.md) are Kanban boards with columns that display issues based on their
-or their assignees**(PREMIUM)**. They offer the flexibility to manage issues using
+labels or their assignees**(PREMIUM)**. They offer the flexibility to manage issues using
 highly customizable workflows.
 You can reorder issues within a column. If you drag an issue card to another column, its
@@ -200,3 +201,18 @@ Feature.enable(:save_issuable_health_status)
 - [Issues API](../../../api/issues.md)
 - Configure an [external issue tracker](../../../integration/external-issue-tracker.md)
  such as Jira, Redmine, or Bugzilla.
+## Limits
+This section gives an overview of limits of Issues and an overview of their background.
+### Description and comment length
+> Introduced in [GitLab 12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/61974).
+Descriptions and comments on [issuable](../../../development/issuable-like-models.md) can be no
+longer than 1 million characters.
+Previously, there was no limit to issuable description size, which created a
+[possibility of a DoS attack](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/61974) by allowing
+very long descriptions. It's possible that we will set this limit to a lower number in the future.
--- a/doc/user/project/merge_requests/index.md
+++ b/doc/user/project/merge_requests/index.md
@@ -10,12 +10,12 @@ to source code that exist as commits on a given Git branch.
 ![Merge request view](img/merge_request.png)
 A Merge Request (**MR**) is the basis of GitLab as a code collaboration and version
-control platform. It is as simple as the name implies: a _request_ to _merge_ one
+control platform. It's exactly as the name implies: a _request_ to _merge_ one
 branch into another.
 ## Use cases
-A. Consider you are a software developer working in a team:
+A. Consider you're a software developer working in a team:
 1. You checkout a new branch, and submit your changes through a merge request
 1. You gather feedback from your team
@@ -61,7 +61,7 @@ So far, the navigation tabs present in merge requests to display **Discussion**,
 widget.
 To facilitate this navigation without having to scroll up and down through the page
-to find these tabs, based on user feedback, we are experimenting with a new positioning
+to find these tabs, based on user feedback, we're experimenting with a new positioning
 of these tabs. They are now located at the top of the merge request, with a new
 **Overview** tab, containing the description of the merge request followed by the
 widget. Next to **Overview**, you can find **Pipelines**, **Commits**, and **Changes**.
@@ -124,3 +124,11 @@ There are two main ways to have a merge request flow with GitLab:
 1. Working with forks of an authoritative project
 [Learn more about the authorization for merge requests.](authorization_for_merge_requests.md)
+## Limits
+This section gives an overview of limits of Merge Requests and an overview of their background.
+### Description and comment length
+See [Issues: Description and comment length](../issues/index.md#description-and-comment-length)
--- a/lib/gitlab/graphql/docs/helper.rb
+++ b/lib/gitlab/graphql/docs/helper.rb
 # frozen_string_literal: true
+return if Rails.env.production?
 module Gitlab
  module Graphql
    module Docs

--- a/lib/gitlab/graphql/docs/renderer.rb
+++ b/lib/gitlab/graphql/docs/renderer.rb
 # frozen_string_literal: true
-require 'gitlab/graphql/docs/helper'
+return if Rails.env.production?
 module Gitlab
  module Graphql

--- a/lib/gitlab/metrics/exporter/base_exporter.rb
+++ b/lib/gitlab/metrics/exporter/base_exporter.rb
 # frozen_string_literal: true
-require 'webrick'
-require 'prometheus/client/rack/exporter'
 module Gitlab
  module Metrics
    module Exporter

--- a/lib/tasks/gitlab/graphql.rake
+++ b/lib/tasks/gitlab/graphql.rake
@@ -3,7 +3,6 @@
 return if Rails.env.production?
 require 'graphql/rake_task'
-require 'gitlab/graphql/docs/renderer'
 namespace :gitlab do
  OUTPUT_DIR = Rails.root.join("doc/api/graphql/reference")

--- a/scripts/static-analysis
+++ b/scripts/static-analysis
 #!/usr/bin/env ruby
 # We don't have auto-loading here
+require_relative '../lib/gitlab'
 require_relative '../lib/gitlab/popen'
 require_relative '../lib/gitlab/popen/runner'

--- a/spec/factories/user_highest_roles.rb
+++ b/spec/factories/user_highest_roles.rb
@@ -3,5 +3,13 @@
 FactoryBot.define do
  factory :user_highest_role do
    user
+    trait :maintainer do
+      highest_access_level { Gitlab::Access::MAINTAINER }
+    end
+    trait :developer do
+      highest_access_level { Gitlab::Access::DEVELOPER }
+    end
  end
 end
--- a/spec/fast_spec_helper.rb
+++ b/spec/fast_spec_helper.rb
@@ -11,9 +11,6 @@ require_relative '../config/settings'
 require_relative 'support/rspec'
 require 'active_support/all'
-unless ActiveSupport::Dependencies.autoload_paths.frozen?
+ActiveSupport::Dependencies.autoload_paths << 'lib'
-  ActiveSupport::Dependencies.autoload_paths << 'lib'
+ActiveSupport::Dependencies.autoload_paths << 'ee/lib'
-  ActiveSupport::Dependencies.autoload_paths << 'ee/lib'
-end
 ActiveSupport::XmlMini.backend = 'Nokogiri'
--- a/spec/lib/gitlab/fogbugz_import/importer_spec.rb
+++ b/spec/lib/gitlab/fogbugz_import/importer_spec.rb
 # frozen_string_literal: true
 require 'spec_helper'
-require 'fogbugz'
 describe Gitlab::FogbugzImport::Importer do
  let(:project) { create(:project_empty_repo) }

--- a/spec/lib/gitlab/graphql/docs/renderer_spec.rb
+++ b/spec/lib/gitlab/graphql/docs/renderer_spec.rb
 # frozen_string_literal: true
 require 'spec_helper'
-require 'gitlab/graphql/docs/renderer'
 describe Gitlab::Graphql::Docs::Renderer do
  describe '#contents' do

--- a/spec/models/user_highest_role_spec.rb
+++ b/spec/models/user_highest_role_spec.rb
@@ -10,4 +10,20 @@ describe UserHighestRole do
  describe 'validations' do
    it { is_expected.to validate_inclusion_of(:highest_access_level).in_array([nil, *Gitlab::Access.all_values]) }
  end
+  describe 'scopes' do
+    describe '.with_highest_access_level' do
+      let(:developer_access_level) { Gitlab::Access::DEVELOPER }
+      let!(:developer) { create(:user_highest_role, :developer) }
+      let!(:another_developer) { create(:user_highest_role, :developer) }
+      let!(:maintainer) { create(:user_highest_role, :maintainer) }
+      it 'only returns entry for developer access level' do
+        expect(described_class.with_highest_access_level(developer_access_level)).to contain_exactly(
+          developer,
+          another_developer
+        )
+      end
+    end
+  end
 end
--- a/spec/services/service_response_spec.rb
+++ b/spec/services/service_response_spec.rb
 # frozen_string_literal: true
 require 'fast_spec_helper'
-require_relative '../../app/services/service_response'
+ActiveSupport::Dependencies.autoload_paths << 'app/services'
 describe ServiceResponse do
  describe '.success' do

--- a/spec/workers/error_tracking_issue_link_worker_spec.rb
+++ b/spec/workers/error_tracking_issue_link_worker_spec.rb
@@ -95,5 +95,19 @@ describe ErrorTrackingIssueLinkWorker do
      it_behaves_like 'attempts to create a link via plugin'
    end
+    context 'when Sentry repos request errors' do
+      it 'falls back to creating a link via plugin' do
+        expect_next_instance_of(Sentry::Client) do |client|
+          expect(client).to receive(:repos).with('sentry-org').and_raise(Sentry::Client::Error)
+          expect(client)
+            .to receive(:create_issue_link)
+            .with(nil, sentry_issue.sentry_issue_identifier, issue)
+            .and_return(true)
+        end
+        expect(subject).to be true
+      end
+    end
  end
 end
--- a/vendor/project_templates/gatsby.tar.gz
+++ b/vendor/project_templates/gatsby.tar.gz