Skip to content

G
gitlab-ce
Commit aa2bedca authored by GitLab Bot's avatar GitLab Bot
Browse files
Options

Automatic merge of gitlab-org/gitlab master

parents 8f2c7308 58f8d735
Hide whitespace changes
Inline Side-by-side
Showing with 100 additions and 44 deletions
GITALY_SERVER_VERSION
View file @ aa2bedca
b84ba4f096da54ebb6a85c14ab736474c72f1a2a
d12fb69a841d91d843f392a124865f6d47d3bc22
app/controllers/admin/application_settings_controller.rb
View file @ aa2bedca
......@@ -27,7 +27,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
feature_category :source_code_management, [:repository, :clear_repository_check_states]
feature_category :continuous_integration, [:ci_cd, :reset_registration_token]
feature_category :usage_ping, [:usage_data]
feature_category :service_ping, [:usage_data]
feature_category :integrations, [:integrations]
feature_category :pages, [:lets_encrypt_terms_of_service]
......
app/controllers/projects/service_ping_controller.rb
View file @ aa2bedca
......@@ -3,7 +3,7 @@
class Projects::ServicePingController < Projects::ApplicationController
before_action :authenticate_user!
feature_category :usage_ping
feature_category :service_ping
def web_ide_clientside_preview
return render_404 unless Gitlab::CurrentSettings.web_ide_clientside_preview_enabled?
......
app/workers/all_queues.yml
View file @ aa2bedca
......@@ -267,7 +267,7 @@
:tags: []
- :name: cronjob:gitlab_usage_ping
:worker_name: GitlabUsagePingWorker
:feature_category: :usage_ping
:feature_category: :service_ping
:has_external_dependencies:
:urgency: :low
:resource_boundary: :unknown
......
app/workers/gitlab_usage_ping_worker.rb
View file @ aa2bedca
......@@ -8,7 +8,7 @@ class GitlabUsagePingWorker # rubocop:disable Scalability/IdempotentWorker
include CronjobQueue # rubocop:disable Scalability/CronWorkerContext
include Gitlab::ExclusiveLeaseHelpers
feature_category :usage_ping
feature_category :service_ping
sidekiq_options retry: 3, dead: false
sidekiq_retry_in { |count| (count + 1) * 8.hours.to_i }
......
doc/user/clusters/agent/ci_cd_tunnel.md
View file @ aa2bedca
......@@ -30,30 +30,29 @@ To create the Tunnel:
.kubectl_config: &kubectl_config
- |
cat << EOF > "$HOME/agent_config.yaml"
cat << EOF > "$CI_PROJECT_DIR/.kubeconfig.agent.yaml"
apiVersion: v1
kind: Config
clusters:
- cluster:
server: https://kas.gitlab.com/k8s-proxy
server: https://kas.gitlab.com/k8s-proxy
name: agent
users:
- name: agent
user:
token: "ci:$AGENT_ID:$CI_JOB_TOKEN"
token: "ci:$AGENT_ID:$CI_JOB_TOKEN"
contexts:
- context:
cluster: agent
user: agent
name: agent
user: agent
name: agent
current-context: agent
EOF
- export KUBECONFIG="$KUBECONFIG:$HOME/agent_config.yaml"
deploy:
script:
- *kubectl_config
- kubectl get pods
- kubectl --kubeconfig="$CI_PROJECT_DIR/.kubeconfig.agent.yaml" get pods
```
1. Execute `kubectl` commands directly against your cluster with this CI/CD job you just created.
......
doc/user/project/repository/repository_mirroring.md
View file @ aa2bedca
......@@ -320,8 +320,9 @@ For more information, see [Start the pull mirroring process for a Project](../..
> - Moved to GitLab Premium in 13.9.
Based on the mirror direction that you choose, you can opt to mirror only the
[protected branches](../protected_branches.md) from/to your remote repository.
For pull mirroring, non-protected branches are not mirrored and can diverge.
[protected branches](../protected_branches.md) in the mirroring project,
either from or to your remote repository. For pull mirroring, non-protected branches in
the mirroring project are not mirrored and can diverge.
To use this option, check the **Only mirror protected branches** box when
creating a repository mirror. **(PREMIUM)**
......
ee/app/assets/javascripts/dependencies/store/modules/list/state.js
View file @ aa2bedca
......@@ -16,5 +16,5 @@ export default () => ({
},
filter: FILTER.all,
sortField: 'severity',
sortOrder: SORT_ORDER.ascending,
sortOrder: SORT_ORDER.descending,
});
ee/app/helpers/trial_status_widget_helper.rb
View file @ aa2bedca
......@@ -21,7 +21,7 @@ module TrialStatusWidgetHelper
base_attrs.merge(
group_name: group.name,
purchase_href: ultimate_subscription_path_for_group(group),
start_initially_shown: force_popover_to_be_shown?(group.trial_days_remaining),
start_initially_shown: in_forced_popover_experiment?(group) && force_popover_to_be_shown?(group.trial_days_remaining),
target_id: base_attrs[:container_id],
trial_end_date: group.trial_ends_on
)
......@@ -64,4 +64,8 @@ module TrialStatusWidgetHelper
def ultimate_subscription_path_for_group(group)
new_subscriptions_path(namespace_id: group.id, plan_id: ZUORA_ULTIMATE_PLAN_ID)
end
def in_forced_popover_experiment?(group)
experiment(:forcibly_show_trial_status_popover, group: group).variant.group == :experiment
end
end
ee/app/services/security/dependency_list_service.rb
View file @ aa2bedca
......@@ -51,25 +51,33 @@ module Security
end
def sort(collection)
default_sort_order = 'asc'
case params[:sort_by]
when 'packager'
collection.sort_by! { |a| a[:packager] }
when 'severity'
default_sort_order = 'desc'
sort_dependency_vulnerabilities_by_severity!(collection)
sort_dependencies_by_severity!(collection)
else
collection.sort_by! { |a| a[:name] }
end
collection.reverse! if params[:sort] == 'desc'
if params[:sort] && params[:sort] != default_sort_order
collection.reverse!
end
collection
end
def compare_severity_levels(level1, level2)
# level2 appears before level1 because we want the default sort order to be in descending
# order of severity level, for example "critical, high, medium, low"
::Enums::Vulnerability.severity_levels[level2] <=> ::Enums::Vulnerability.severity_levels[level1]
end
# sort dependency vulnerabilities in descending order by severity level
def sort_dependency_vulnerabilities_by_severity!(collection)
collection.each do |dependency|
dependency[:vulnerabilities].sort! do |vulnerability1, vulnerability2|
......@@ -78,8 +86,8 @@ module Security
end
end
# vulnerabilities are already sorted by severity level so we can assume that first vulnerability in
# vulnerabilities array will have highest severity
# vulnerabilities are already sorted in descending order by severity level so we can assume that
# first vulnerability in the vulnerabilities array will have the highest severity
def sort_dependencies_by_severity!(collection)
collection.sort! do |dep_i, dep_j|
level_i = dep_i.dig(:vulnerabilities, 0, :severity) || :info
......
ee/config/feature_flags/experiment/forcibly_show_trial_status_popover.yml 0 → 100644
View file @ aa2bedca
---
name: forcibly_show_trial_status_popover
introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65283
rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/335043
milestone: '14.1'
type: experiment
group: group::conversion
default_enabled: false
ee/spec/frontend/dependencies/components/__snapshots__/dependencies_actions_spec.js.snap
View file @ aa2bedca
......@@ -93,7 +93,7 @@ exports[`DependenciesActions component matches the snapshot 1`] = `
variant="default"
>
<gl-icon-stub
name="sort-lowest"
name="sort-highest"
size="16"
/>
</gl-button-stub>
......
ee/spec/helpers/trial_status_widget_helper_spec.rb
View file @ aa2bedca
......@@ -33,6 +33,7 @@ RSpec.describe TrialStatusWidgetHelper do
before do
travel_to today_for_specs
stub_experiments(forcibly_show_trial_status_popover: :candidate)
end
describe '#trial_status_popover_data_attrs' do
......@@ -97,6 +98,18 @@ RSpec.describe TrialStatusWidgetHelper do
include_examples 'returned data attributes'
end
end
context 'when not part of the experiment' do
before do
stub_experiments(forcibly_show_trial_status_popover: :control)
end
where trial_days_remaining: [2, 5, 9, 14, 20]
with_them do
include_examples 'returned data attributes', shown: false
end
end
end
describe '#trial_status_widget_data_attrs' do
......
ee/spec/services/security/dependency_list_service_spec.rb
View file @ aa2bedca
......@@ -97,38 +97,61 @@ RSpec.describe Security::DependencyListService do
end
end
# this test ensures the dependency list severity sort order is `info, unknown, low, medium, high, critical`
# which is asending severity order, however, the UI label for this sort order is currently `desc`.
# TODO: change the UI label to use `asc` for this sort order and use `desc` for the default sort order
# of `critical, high, medium, low, unknown, info`
# See https://gitlab.com/gitlab-org/gitlab/-/issues/332653
context 'sorted by asc severity' do
context 'sorted by severity' do
let(:params) do
{
sort: 'desc',
sort_by: 'severity'
}
end
it 'returns array of data sorted by package severity level in ascending order' do
dependencies = subject.last(2).map do |dependency|
{
name: dependency[:name],
vulnerabilities: dependency[:vulnerabilities].map do |vulnerability|
vulnerability[:severity]
end
}
context 'in descending order' do
before do
params[:sort] = 'desc'
end
it 'returns array of data sorted by package severity level in descending order' do
dependencies = subject.first(2).map do |dependency|
{
name: dependency[:name],
vulnerabilities: dependency[:vulnerabilities].pluck(:severity)
}
end
expect(dependencies).to eq([{ name: "saml2-js", vulnerabilities: %w(critical medium unknown) },
{ name: "nokogiri", vulnerabilities: ["high"] }])
end
expect(dependencies).to eq([{ name: "nokogiri", vulnerabilities: ["high"] },
{ name: "saml2-js", vulnerabilities: %w(critical medium unknown) }])
it 'returns array of data with package vulnerabilities sorted in descending order' do
saml2js_dependency = subject.find { |dep| dep[:name] == 'saml2-js' }
saml2js_severities = saml2js_dependency[:vulnerabilities].map {|v| v[:severity] }
expect(saml2js_severities).to eq(%w(critical medium unknown))
end
end
it 'returns array of data with package vulnerabilities sorted in descending order' do
saml2js_dependency = subject.find { |dep| dep[:name] == 'saml2-js' }
saml2js_severities = saml2js_dependency[:vulnerabilities].map {|v| v[:severity] }
context 'in ascending order' do
before do
params[:sort] = 'asc'
end
it 'returns array of data sorted by package severity level in ascending order' do
dependencies = subject.last(2).map do |dependency|
{
name: dependency[:name],
vulnerabilities: dependency[:vulnerabilities].pluck(:severity)
}
end
expect(dependencies).to eq([{ name: "nokogiri", vulnerabilities: ["high"] },
{ name: "saml2-js", vulnerabilities: %w(critical medium unknown) }])
end
it 'returns array of data with package vulnerabilities sorted in descending order' do
saml2js_dependency = subject.find { |dep| dep[:name] == 'saml2-js' }
saml2js_severities = saml2js_dependency[:vulnerabilities].map {|v| v[:severity] }
expect(saml2js_severities).to eq(%w(critical medium unknown))
expect(saml2js_severities).to eq(%w(critical medium unknown))
end
end
end
end
......
lib/api/usage_data.rb
View file @ aa2bedca
......@@ -4,7 +4,7 @@ module API
class UsageData < ::API::Base
before { authenticate_non_get! }
feature_category :usage_ping
feature_category :service_ping
namespace 'usage_data' do
before do
......
lib/api/usage_data_non_sql_metrics.rb
View file @ aa2bedca
......@@ -4,7 +4,7 @@ module API
class UsageDataNonSqlMetrics < ::API::Base
before { authenticated_as_admin! }
feature_category :usage_ping
feature_category :service_ping
namespace 'usage_data' do
before do
......
lib/api/usage_data_queries.rb
View file @ aa2bedca
......@@ -4,7 +4,7 @@ module API
class UsageDataQueries < ::API::Base
before { authenticated_as_admin! }
feature_category :usage_ping
feature_category :service_ping
namespace 'usage_data' do
before do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7