Add latest changes from gitlab-org/gitlab@master

9671f019 · GitLab Bot · 5e7ed643 · 9671f019 · 9671f019 · 9671f019
Commit 9671f019 authored Jan 04, 2020 by GitLab Bot
7 changed files
--- a/.gitlab/merge_request_templates/Security Release.md
+++ b/.gitlab/merge_request_templates/Security Release.md
@@ -14,7 +14,7 @@ See [the general developer security release guidelines](https://gitlab.com/gitla

 - [ ] Link this MR in the `links` section of the related issue on [GitLab Security].
 - [ ] Merge request targets `master`, or `X-Y-stable` for backports.
- [ ] Milestone is set for the version this merge request applies to.
+- [ ] Milestone is set for the version this merge request applies to. A closed milestone can be assigned via [quick actions].
 - [ ] Title of this merge request is the same as for all backports.
 - [ ] A [CHANGELOG entry](https://docs.gitlab.com/ee/development/changelog.html) is added without a `merge_request` value, with `type` set to `security`
 - [ ] Assign to a reviewer and maintainer, per our [Code Review process].
@@ -33,3 +33,4 @@ See [the general developer security release guidelines](https://gitlab.com/gitla
 [GitLab Security]: https://gitlab.com/gitlab-org/security/gitlab
 [approval guidelines]: https://docs.gitlab.com/ee/development/code_review.html#approval-guidelines
 [Code Review process]: https://docs.gitlab.com/ee/development/code_review.html
+[quick actions]: https://docs.gitlab.com/ee/user/project/quick_actions.html#quick-actions-for-issues-merge-requests-and-epics
--- a/danger/changelog/Dangerfile
+++ b/danger/changelog/Dangerfile
@@ -26,7 +26,7 @@ def check_changelog(path)
  fail "`title` should be set, in #{gitlab.html_link(path)}! #{SEE_DOC}" if yaml["title"].nil?
  fail "`type` should be set, in #{gitlab.html_link(path)}! #{SEE_DOC}" if yaml["type"].nil?

-  if yaml["merge_request"].nil?
+  if yaml["merge_request"].nil? && !helper.security_mr?
    message "Consider setting `merge_request` to #{gitlab.mr_json["iid"]} in #{gitlab.html_link(path)}. #{SEE_DOC}"
  elsif yaml["merge_request"] != gitlab.mr_json["iid"] && !changelog.ce_port_changelog?(path)
    fail "Merge request ID was not set to #{gitlab.mr_json["iid"]}! #{SEE_DOC}"

--- a/danger/metadata/Dangerfile
+++ b/danger/metadata/Dangerfile
@@ -32,7 +32,7 @@ end

 has_pick_into_stable_label = gitlab.mr_labels.find { |label| label.start_with?('Pick into') }

-if gitlab.branch_for_base != "master" && !has_pick_into_stable_label
+if gitlab.branch_for_base != "master" && !has_pick_into_stable_label && !helper.security_mr?
  warn "Most of the time, merge requests should target `master`. Otherwise, please set the relevant `Pick into X.Y` label."
 end


--- a/doc/administration/plugins.md
+++ b/doc/administration/plugins.md
@@ -24,7 +24,7 @@ see the [system hooks] documentation.

 The plugins must be placed directly into the `plugins` directory, subdirectories
 will be ignored. There is an
-[`example` directory inside `plugins`](https://gitlab.com/gitlab-org/gitlab-foss/tree/master/plugins/examples)
+[`example` directory inside `plugins`](https://gitlab.com/gitlab-org/gitlab/tree/master/plugins/examples)
 where you can find some basic examples.

 Follow the steps below to set up a custom hook:

--- a/lib/gitlab/danger/helper.rb
+++ b/lib/gitlab/danger/helper.rb
@@ -174,6 +174,12 @@ module Gitlab
        labels - current_mr_labels
      end

+      def security_mr?
+        return false unless gitlab_helper
+
+        gitlab_helper.mr_json['web_url'].include?('/gitlab-org/security/')
+      end
+
      private

      def has_database_scoped_labels?(current_mr_labels)

--- a/spec/lib/gitlab/danger/changelog_spec.rb
+++ b/spec/lib/gitlab/danger/changelog_spec.rb
@@ -34,6 +34,7 @@ describe Gitlab::Danger::Changelog do
      { docs: nil, none: nil }
    ].each do |categories|
      let(:changes_by_category) { categories }
+
      it "is falsy when categories don't require a changelog" do
        is_expected.to be_falsy
      end

--- a/spec/lib/gitlab/danger/helper_spec.rb
+++ b/spec/lib/gitlab/danger/helper_spec.rb
@@ -312,4 +312,26 @@ describe Gitlab::Danger::Helper do
      it { is_expected.to match_array(['database', 'database::review pending']) }
    end
  end
+
+  describe '#security_mr?' do
+    it 'returns false when `gitlab_helper` is unavailable' do
+      expect(helper).to receive(:gitlab_helper).and_return(nil)
+
+      expect(helper).not_to be_security_mr
+    end
+
+    it 'returns false when on a normal merge request' do
+      expect(fake_gitlab).to receive(:mr_json)
+        .and_return('web_url' => 'https://gitlab.com/gitlab-org/gitlab/merge_requests/1')
+
+      expect(helper).not_to be_security_mr
+    end
+
+    it 'returns true when on a security merge request' do
+      expect(fake_gitlab).to receive(:mr_json)
+        .and_return('web_url' => 'https://gitlab.com/gitlab-org/security/gitlab/merge_requests/1')
+
+      expect(helper).to be_security_mr
+    end
+  end
 end