Automatic merge of gitlab-org/gitlab-ce master

be6db81e · GitLab Bot · fa1f3d35 · 43626526 · be6db81e · be6db81e
Commit be6db81e authored Jul 23, 2019 by GitLab Bot
8 changed files
--- a/app/assets/javascripts/behaviors/markdown/render_mermaid.js
+++ b/app/assets/javascripts/behaviors/markdown/render_mermaid.js
@@ -33,6 +33,7 @@ export default function renderMermaid($els) {
        flowchart: {
          htmlLabels: false,
        },
+        securityLevel: 'strict',
      });

      $els.each((i, el) => {

--- a/changelogs/unreleased/64081-override-helm-release-name.yml
+++ b/changelogs/unreleased/64081-override-helm-release-name.yml
+---
+title: Allow multiple Auto DevOps projects to deploy to a single namespace within a k8s cluster
+merge_request: 30360
+author: James Keogh
+type: added
--- a/changelogs/unreleased/sh-update-mermaid.yml
+++ b/changelogs/unreleased/sh-update-mermaid.yml
+---
+title: Update Mermaid to v8.2.3
+merge_request: 30985
+author:
+type: fixed
--- a/doc/topics/autodevops/index.md
+++ b/doc/topics/autodevops/index.md
@@ -764,6 +764,7 @@ also be customized, and you can easily use a [custom buildpack](#custom-buildpac
 | `ROLLOUT_RESOURCE_TYPE`     | From GitLab 11.9, this variable allows specification of the resource type being deployed when using a custom helm chart. Default value is `deployment`. |
 | `ROLLOUT_STATUS_DISABLED`   | From GitLab 12.0, this variable allows to disable rollout status check because it doesn't support all resource types, for example, `cronjob`. |
 | `HELM_UPGRADE_EXTRA_ARGS`   | From GitLab 11.11, this variable allows extra arguments in `helm` commands when deploying the application. Note that using quotes will not prevent word splitting. **Tip:** you can use this variable to [customize the Auto Deploy helm chart](https://docs.gitlab.com/ee/topics/autodevops/index.html#custom-helm-chart) by applying custom override values with `--values my-values.yaml`. |
+| `HELM_RELEASE_NAME`   | From GitLab 12.1, this variable allows the `helm` release name to be overridden, this can be used to assign unique release names when deploying multiple projects to a single namespace  |

 TIP: **Tip:**
 Set up the replica variables using a

--- a/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml
@@ -243,7 +243,8 @@ rollout 100%:

 .deploy_helpers: &deploy_helpers |
  [[ "$TRACE" ]] && set -x
-  auto_database_url=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${CI_ENVIRONMENT_SLUG}-postgres:5432/${POSTGRES_DB}
+  export RELEASE_NAME=${HELM_RELEASE_NAME:-$CI_ENVIRONMENT_SLUG}
+  auto_database_url=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${RELEASE_NAME}-postgres:5432/${POSTGRES_DB}
  export DATABASE_URL=${DATABASE_URL-$auto_database_url}
  export TILLER_NAMESPACE=$KUBE_NAMESPACE

@@ -307,7 +308,7 @@ rollout 100%:
  }

  function deploy_name() {
-    name="$CI_ENVIRONMENT_SLUG"
+    name="$RELEASE_NAME"
    track="${1-stable}"

    if [[ "$track" != "stable" ]]; then
@@ -372,7 +373,7 @@ rollout 100%:
        --set service.enabled="$service_enabled" \
        --set gitlab.app="$CI_PROJECT_PATH_SLUG" \
        --set gitlab.env="$CI_ENVIRONMENT_SLUG" \
-        --set releaseOverride="$CI_ENVIRONMENT_SLUG" \
+        --set releaseOverride="$RELEASE_NAME" \
        --set image.repository="$image_repository" \
        --set image.tag="$image_tag" \
        --set image.pullPolicy=IfNotPresent \
@@ -413,7 +414,7 @@ rollout 100%:
        --set service.enabled="$service_enabled" \
        --set gitlab.app="$CI_PROJECT_PATH_SLUG" \
        --set gitlab.env="$CI_ENVIRONMENT_SLUG" \
-        --set releaseOverride="$CI_ENVIRONMENT_SLUG" \
+        --set releaseOverride="$RELEASE_NAME" \
        --set image.repository="$image_repository" \
        --set image.tag="$image_tag" \
        --set image.pullPolicy=IfNotPresent \

--- a/package.json
+++ b/package.json
@@ -96,7 +96,7 @@
    "jszip-utils": "^0.0.2",
    "katex": "^0.10.0",
    "marked": "^0.3.12",
-    "mermaid": "^8.1.0",
+    "mermaid": "^8.2.3",
    "monaco-editor": "^0.15.6",
    "monaco-editor-webpack-plugin": "^1.7.0",
    "mousetrap": "^1.4.6",

--- a/spec/features/issues/user_comments_on_issue_spec.rb
+++ b/spec/features/issues/user_comments_on_issue_spec.rb
@@ -41,16 +41,17 @@ describe "User comments on issue", :js do
      expect(page.find('pre code').text).to eq code_block_content
    end

-    it "does not render html content in mermaid" do
+    it "renders escaped HTML content in Mermaid" do
      html_content = "<img onerror=location=`javascript\\u003aalert\\u0028document.domain\\u0029` src=x>"
      mermaid_content = "graph LR\n  B-->D(#{html_content});"
+      escaped_content = CGI.escapeHTML(html_content).gsub('=', "&equals;")
      comment = "```mermaid\n#{mermaid_content}\n```"

      add_note(comment)

      wait_for_requests

-      expect(page.find('svg.mermaid')).to have_content html_content
+      expect(page.find('svg.mermaid')).to have_content escaped_content
    end
  end


--- a/yarn.lock
+++ b/yarn.lock