RepositoryRemoveRemoteWorker's logic has been removed in 14.2 but
the worker itself needs to stay until 15.0 to drain the job queue.
It can be removed now.

This fix ensures tags that are associated with a release (whether they
have a backslash in their name or not) will link to that single release
page instead of the releases index page, since releases are paginated
and therefore any older releases will often have a broken link as they
end up on a different page.

Eduardo Sanz-Garcia authored 2 years ago and Marc Shaw committed 2 years ago

Because of the possible risk introduce in this MR, we are going to
conditional turn on/off this feature using the flag: `access_token_ajax`

See: https://gitlab.com/gitlab-org/gitlab/-/issues/359956
Complete plan: https://gitlab.com/gitlab-org/gitlab/-/issues/357848

As the usages where already removed

Manoj M J authored 2 years ago and Bob Van Landuyt :neckbeard: committed 2 years ago

Introduce new method to refresh authorizations
on group member

Extract ServicePing payload computation and persistance
out of SubmitService into GitlabServicePingWorker
in order to pre compute SerivcePing data for preview
for instance admins even if those instances does not submit
this data later on to GitLab

Changelog: performance

Uses the application settings value stored into
the `pipeline_limit_per_project_user_sha` column
to control the pipelines creation rate limit.

To enable the rate limit the value needs to be
greater than zero and the feature flag
`ci_enforce_throttle_pipelines_creation` has to be enabled.
Otherwise the rate limit will only log the pipelines that
are over the limit without preventing them from being created.

Changelog: other

Remove redundant namespaces from a base query when searching for
descendants.

João Pereira authored 2 years ago and David Fernandez committed 2 years ago

Adds a new container_registry_migration_phase2_capacity_40
feature flag to enable a capacity of 40 concurrent migrations.

Add support for SAML Group Sync in self-managed installations.
This feature builds on existing support for Group SAML Group Sync.

Changelog: added
EE: true

Unifies queue_duration_s calculation
and pushes it upper in middlewares stack
so it doesn't include any DB queries

Contributes to https://gitlab.com/gitlab-org/gitlab/-/issues/362263

**Problem**

The worker executes many read SQL queries to the primary database. We
prefer to send them to replica instead.

**Solution**

Use `sticky` data consistency for the worker

Tim Zallmann authored 2 years ago and Robert May committed 2 years ago

Changelog: added

- Address N+1s
- Modify test to use authorisations table properly
- Add faster_owner_access feature flag

This change moves out the loose foreign key cron scheduling from EE so
it will run also on CE.

Changelog: fixed

alex pooley authored 2 years ago and Luke Duncalfe committed 2 years ago

https://gitlab.com/gitlab-org/gitlab/-/issues/321947
https://gitlab.com/gitlab-org/gitlab/-/issues/323312

Changelog: added

Adds initial support for configuring internal IP ranges in
addition to the custom IP lists at group level. For now this
is added as an environment variable but in future would likely
be an application setting to configure the in-use internal
network IP ranges.

Changelog: fixed

Katrin Leinweber authored 2 years ago and Fabio Pitino committed 2 years ago

Sorting projects with most CI minutes to the top of the list,
seems more sensible for a "quota" tab than sorting by project ID.
This may help customers find possibly inefficient CI scripts.

Co-authored-by: Firdaws Farukh <ffarukh@gitlab.com>

Changelog: changed
EE: true

Changelog: other
EE: true

When consolidated storage or IAM instance profiles are in use for S3,
Workhorse uses its own S3 client and handles multipart uploads without
needing the pre-generated values from Rails. The problem is that these
pre-generated multipart URLs were never completed or aborted if the S3
client were in use, leaving a trail of many unterminated uploads.

This feature flag is enabled by default since this change only affects
AWS S3 users. This should reduce the number of incomplete multipart
uploads created by GitLab.

We previously tried to omit the multipart URLs in
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/49482, but had
to revert this in
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52561 since
Workhorse would only use this client if the region were
specified. However, with
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59932 a default
region will always be sent to Workhorse.

Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/342136

- better scoping
- allows us to re-use free user cap as a module/namespace name
  elsewhere like components.

Changelog: other

- ci_expose_running_job_token_for_artifacts
- ci_authenticate_running_job_token_for_artifacts

Changelog: changed

MR: gitlab.com/gitlab-org/gitlab/-/merge_requests/86612
Issue: gitlab.com/gitlab-org/gitlab/-/issues/358237

This will use a git clone for the first sync for a
repository instead of git fetch.

Changelog: other
EE: true

This used to only process member invite email failures but we want to
use this webhook to track other email delivery failures too

Changelog: changed

This change will default enable the feature flag
`automated_email_provision`. Behind this feature flag are two banners
for Offline Cloud Licensing that will be displayed in the Admin area
on the dashboard (`/admin`) and on the subscription page
(`/admin/subscription`).

Changelog: added
EE: true

Added spec for offline route

Setup for precompiling offline.css

Updated to latest logo

Updated offline with some variables

Updated Spec + offline text

Removed execute from forgery

Removed protect from forgery in PWA controller

Updates offline description

Updated offline page with error layout

Removed Icons for Manifest MR

Internationalized offline page text

Using errors layout for offline page

Regenerated text for offline page

Remove offline precompilation

Apply 1 suggestion(s) to 1 file(s)

With 4aba970e (gitaly_client: Allow filtering quarantined commits by
existence, 2022-05-03), we have introduced code that enables us to use
the repo's quarantine directory in order to enumerate commits in access
checks. This can lead to a significant speedup when enumerating commits
in repositories which have a lot of references because the previous way
of enumerating commits would require us to walk each of the preexisting
refs so that we can find the commits that really are new.

We have rolled the accompanying feature flag without any observed issues
so far, so let's default-enable the feature flag.

Changelog: changed

Lukas Eipert authored 3 years ago and Matthias Käppler committed 2 years ago

When you currently provide a custom CSP config in gitlab.yml, the
directives (if set) completely overwrite the default directives. This
makes it hard to change _one_ directive. Most meaningful example would
be setting `report-uri` if one only wants CSP to be set in report mode.

A lot of logic is added to the default CSP directives as well, so
keeping own settings up to date with the default_directives will be a
menial task.

With this change, someone could just change the directives they want.
For example in order to disable the default `connect-src` directive
_and_ enabling the `report-uri` directive, while keeping all the other
default directives, one would just simple ste the following:

```yaml
content_security_policy:
  enabled: true
  report_only: true
  directives:
    connect_src: false
    report_uri: "http://example.org"
```

Changelog: changed

Changelog: added

Eugenia Grieff authored 2 years ago and Charlie Ablett committed 2 years ago

Update docs

Changelog: added

Instead of the sidebar on merge requests being globally attached
to the right of the screen, this changes that by moving it
into the overview tab.

Changelog: removed