Add latest changes from gitlab-org/gitlab@master

1ce6af4a · GitLab Bot · 24256212 · 1ce6af4a · 1ce6af4a · 1ce6af4a
Commit 1ce6af4a authored 5 years ago by GitLab Bot
--- a/app/controllers/import/base_controller.rb
+++ b/app/controllers/import/base_controller.rb
 # frozen_string_literal: true
  
 class Import::BaseController < ApplicationController
+  before_action :import_rate_limit, only: [:create]
+
  private
  
  # rubocop: disable CodeReuse/ActiveRecord
@@ -37,4 +39,18 @@ class Import::BaseController < ApplicationController
  def project_save_error(project)
    project.errors.full_messages.join(', ')
  end
+
+  def import_rate_limit
+    key = "project_import".to_sym
+
+    if rate_limiter.throttled?(key, scope: [current_user, key])
+      rate_limiter.log_request(request, "#{key}_request_limit".to_sym, current_user)
+
+      redirect_back_or_default(options: { alert: _('This endpoint has been requested too many times. Try again later.') })
+    end
+  end
+
+  def rate_limiter
+    ::Gitlab::ApplicationRateLimiter
+  end
 end
--- a/app/models/clusters/applications/runner.rb
+++ b/app/models/clusters/applications/runner.rb
@@ -3,7 +3,7 @@
 module Clusters
  module Applications
    class Runner < ApplicationRecord
-      VERSION = '0.12.0'
+      VERSION = '0.13.0'
  
      self.table_name = 'clusters_applications_runners'
  

--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -76,6 +76,7 @@ class Event < ApplicationRecord
  # Scopes
  scope :recent, -> { reorder(id: :desc) }
  scope :code_push, -> { where(action: PUSHED) }
+  scope :merged, -> { where(action: MERGED) }
  
  scope :with_associations, -> do
    # We're using preload for "push_event_payload" as otherwise the association

--- a/changelogs/unreleased/196777-add-account-creation-and-sign-in-ip-to-api.yml
+++ b/changelogs/unreleased/196777-add-account-creation-and-sign-in-ip-to-api.yml
+---
+title: Expose current and last IPs to /users endpoint
+merge_request: 19781
+author:
+type: added
--- a/changelogs/unreleased/fix-smime-scope.yml
+++ b/changelogs/unreleased/fix-smime-scope.yml
+---
+title: Remove the OpenSSL include within SMIME email signing
+merge_request: 23642
+author: Roger Meier
+type: fixed
--- a/changelogs/unreleased/rate-limit-imports.yml
+++ b/changelogs/unreleased/rate-limit-imports.yml
+---
+title: Add rate limiter to Project Imports
+merge_request: 22644
+author:
+type: other
--- a/changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-13-0.yml
+++ b/changelogs/unreleased/update-gitlab-runner-helm-chart-to-0-13-0.yml
+---
+title: Update GitLab Runner Helm Chart to 0.13.0/12.7.0
+merge_request: 23308
+author:
+type: other
--- a/config/initializers/lograge.rb
+++ b/config/initializers/lograge.rb
@@ -35,6 +35,7 @@ unless Gitlab::Runtime.sidekiq?
      ::Gitlab::InstrumentationHelper.add_instrumentation_data(payload)
  
      payload[:response] = event.payload[:response] if event.payload[:response]
+      payload[:etag_route] = event.payload[:etag_route] if event.payload[:etag_route]
      payload[Labkit::Correlation::CorrelationId::LOG_KEY] = Labkit::Correlation::CorrelationId.current_id
  
      if cpu_s = Gitlab::Metrics::System.thread_cpu_duration(::Gitlab::RequestContext.instance.start_thread_cpu_time)

--- a/doc/administration/auth/how_to_configure_ldap_gitlab_ce/index.md
+++ b/doc/administration/auth/how_to_configure_ldap_gitlab_ce/index.md
@@ -8,7 +8,7 @@ Managing a large number of users in GitLab can become a burden for system admini
  
 In this guide we will focus on configuring GitLab with Active Directory. [Active Directory](https://en.wikipedia.org/wiki/Active_Directory) is a popular LDAP compatible directory service provided by Microsoft, included in all modern Windows Server operating systems.
  
-GitLab has supported LDAP integration since [version 2.2](https://about.gitlab.com/blog/2012/02/22/gitlab-version-2-2/). With GitLab LDAP [group syncing](../how_to_configure_ldap_gitlab_ee/index.html#group-sync) being added to GitLab Enterprise Edition in [version 6.0](https://about.gitlab.com/blog/2013/08/20/gitlab-6-dot-0-released/). LDAP integration has become one of the most popular features in GitLab.
+GitLab has supported LDAP integration since [version 2.2](https://about.gitlab.com/releases/2012/02/22/gitlab-version-2-2/). With GitLab LDAP [group syncing](../how_to_configure_ldap_gitlab_ee/index.md#group-sync) being added to GitLab Enterprise Edition in [version 6.0](https://about.gitlab.com/releases/2013/08/20/gitlab-6-dot-0-released/). LDAP integration has become one of the most popular features in GitLab.
  
 ## Getting started
  

--- a/doc/api/users.md
+++ b/doc/api/users.md
@@ -111,7 +111,9 @@ GET /users
    "can_create_project": true,
    "two_factor_enabled": true,
    "external": false,
-    "private_profile": false
+    "private_profile": false,
+    "current_sign_in_ip": "196.165.1.102",
+    "last_sign_in_ip": "172.127.2.22"
  },
  {
    "id": 2,
@@ -142,7 +144,9 @@ GET /users
    "can_create_project": true,
    "two_factor_enabled": true,
    "external": false,
-    "private_profile": false
+    "private_profile": false,
+    "current_sign_in_ip": "10.165.1.102",
+    "last_sign_in_ip": "172.127.2.22"
  }
 ]
 ```
@@ -294,7 +298,9 @@ Example Responses:
  "can_create_project": true,
  "two_factor_enabled": true,
  "external": false,
-  "private_profile": false
+  "private_profile": false,
+  "current_sign_in_ip": "196.165.1.102",
+  "last_sign_in_ip": "172.127.2.22"
 }
 ```
  
@@ -534,7 +540,9 @@ GET /user
  "can_create_project": true,
  "two_factor_enabled": true,
  "external": false,
-  "private_profile": false
+  "private_profile": false,
+  "current_sign_in_ip": "196.165.1.102",
+  "last_sign_in_ip": "172.127.2.22"
 }
 ```
  

--- a/doc/ci/examples/end_to_end_testing_webdriverio/index.md
+++ b/doc/ci/examples/end_to_end_testing_webdriverio/index.md
@@ -147,7 +147,7 @@ need to do for this:
  
 For the scope of this article, we've defined an additional [CI/CD stage](../../yaml/README.md#stages)
 `confidence-check` that is executed _after_ the stage that deploys the review app. It uses the `node:latest` [Docker
-image](../../docker/using_docker_images.html). However, WebdriverIO fires up actual browsers
+image](../../docker/using_docker_images.md). However, WebdriverIO fires up actual browsers
 to interact with your application, so we need to install and run them.
 Furthermore, WebdriverIO uses Selenium as a common interface to control different browsers,
 so we need to install and run Selenium as well. Luckily, the Selenium project provides the Docker images
@@ -187,7 +187,7 @@ option as an argument to `npm run confidence-check` on the command line.
 However, we still need to tell WebdriverIO which browser is available for it to use.
  
 [GitLab CI/CD makes
-a number of variables available](../../variables/README.html#predefined-environment-variables)
+a number of variables available](../../variables/README.md#predefined-environment-variables)
 with information about the current CI job. We can use this information to dynamically set
 up our WebdriverIO configuration according to the job that is running. More specifically, we can
 tell WebdriverIO what browser to execute the test on depending on the name of the currently running

--- a/doc/ci/jenkins/index.md
+++ b/doc/ci/jenkins/index.md
@@ -62,7 +62,7 @@ rspec:
  
 Artifacts may work a bit differently than you've used them with Jenkins. In GitLab, any job can define
 a set of artifacts to be saved by using the `artifacts:` keyword. This can be configured to point to a file
-or set of files that can then be persisted from job to job. Read more on our detailed [artifacts documentation](../../user/project/pipelines/job_artifacts.html)
+or set of files that can then be persisted from job to job. Read more on our detailed [artifacts documentation](../../user/project/pipelines/job_artifacts.md)
  
 ```yaml
 pdf:
@@ -129,7 +129,7 @@ stages:
  - test
  - deploy
  - after_pipeline
-```  
+```
  
 Setting a step to be performed before and after any job can be done via the [`before_script` and `after_script` keywords](../yaml/README.md#before_script-and-after_script).
  

--- a/doc/ci/yaml/README.md
+++ b/doc/ci/yaml/README.md
@@ -736,7 +736,7 @@ This means the `only:changes` policy is useful for pipelines where:
 - `$CI_PIPELINE_SOURCE == 'external_pull_request_event'`
  
 If there is no Git push event, such as for pipelines with
-[sources other than the three above](../variables/predefined_variables.html#variables-reference),
+[sources other than the three above](../variables/predefined_variables.md#variables-reference),
 `changes` cannot determine if a given file is new or old, and will always
 return true.
  

--- a/doc/development/documentation/index.md
+++ b/doc/development/documentation/index.md
@@ -196,13 +196,12 @@ Every GitLab instance includes the documentation, which is available at `/help`
 There are [plans](https://gitlab.com/groups/gitlab-org/-/epics/693) to end this
 practice and instead link out from the GitLab application to <https://docs.gitlab.com> URLs.
  
-The documentation available online on <https://docs.gitlab.com> is continuously
-deployed every hour from the `master` branch of GitLab, Omnibus, and Runner. Therefore,
-once a merge request gets merged, it will be available online on the same day.
-However, they will be shipped (and available on `/help`) within the milestone assigned
+The documentation available online on <https://docs.gitlab.com> is deployed every four hours from the `master` branch of GitLab, Omnibus, and Runner. Therefore,
+after a merge request gets merged, it will be available online on the same day.
+However, it will be shipped (and available on `/help`) within the milestone assigned
 to the MR.
  
-For instance, let's say your merge request has a milestone set to 11.3, which
+For example, let's say your merge request has a milestone set to 11.3, which
 will be released on 2018-09-22. If it gets merged on 2018-09-15, it will be
 available online on 2018-09-15, but, as the feature freeze date has passed, if
 the MR does not have a "pick into 11.3" label, the milestone has to be changed

--- a/doc/development/documentation/styleguide.md
+++ b/doc/development/documentation/styleguide.md
@@ -769,6 +769,74 @@ nicely on different mobile devices.
 - [Syntax highlighting for code blocks](https://github.com/rouge-ruby/rouge/wiki/List-of-supported-languages-and-lexers) is available for many languages.
 - For a complete reference on code blocks, check the [Kramdown guide](https://about.gitlab.com/handbook/product/technical-writing/markdown-guide/#code-blocks).
  
+## GitLab SVG icons
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab-docs/issues/384) in GitLab 12.7.
+
+You can use icons from the [GitLab SVG library](https://gitlab-org.gitlab.io/gitlab-svgs/) directly
+in the documentation.
+
+This way, you can achieve a consistent look when writing about interacting with GitLab UI elements.
+
+Usage examples:
+
+- Icon with default size (16px): `**{icon-name}**`
+
+  Example: `**{tanuki}**` renders as: **{tanuki}**.
+- Icon with custom size: `**{icon-name, size}**`
+
+  Available sizes (in px): 8, 10, 12, 14, 16, 18, 24, 32, 48, and 72
+
+  Example: `**{tanuki, 24}**` renders as: **{tanuki, 24}**.
+- Icon with custom size and class: `**{icon-name, size, class-name}**`.
+
+  You can access any class available to this element in GitLab docs CSS.
+
+  Example with `float-right`, a
+  [Bootstrap utility class](https://getbootstrap.com/docs/4.4/utilities/float/):
+  `**{tanuki, 32, float-right}**` renders as: **{tanuki, 32, float-right}**
+
+### Using GitLab SVGs to describe UI elements
+
+When using GitLab SVGs to describe screen elements, also include the name or tooltip of the element as text.
+
+For example, for references to the Admin Area:
+
+- Correct: `**{admin}** **Admin Area > Settings**` (**{admin}** **Admin Area > Settings**)
+- Incorrect: `**{admin}** **> Settings**` (**{admin}** **> Settings**)
+
+This will ensure that the source Markdown remains readable and should help with accessibility.
+
+The following are examples of source Markdown for menu items with their published output:
+
+```md
+1. Go to **{home}** **Project overview > Details**
+1. Go to **{doc-text}** **Repository > Branches**
+1. Go to **{issues}** **Issues > List**
+1. Go to **{merge-request}** **Merge Requests**
+1. Go to **{rocket}** **CI/CD > Pipelines**
+1. Go to **{shield}** **Security & Compliance > Configuration**
+1. Go to **{cloud-gear}** **Operations > Metrics**
+1. Go to **{package}** **Packages > Container Registry**
+1. Go to **{chart}** **Project Analytics > Code Review**
+1. Go to **{book}** **Wiki**
+1. Go to **{snippet}** **Snippets**
+1. Go to **{users}** **Members**
+```
+
+1. Go to **{home}** **Project overview > Details**
+1. Go to **{doc-text}** **Repository > Branches**
+1. Go to **{issues}** **Issues > List**
+1. Go to **{merge-request}** **Merge Requests**
+1. Go to **{rocket}** **CI/CD > Pipelines**
+1. Go to **{shield}** **Security & Compliance > Configuration**
+1. Go to **{cloud-gear}** **Operations > Metrics**
+1. Go to **{package}** **Packages > Container Registry**
+1. Go to **{chart}** **Project Analytics > Code Review**
+1. Go to **{book}** **Wiki**
+1. Go to **{snippet}** **Snippets**
+1. Go to **{users}** **Members**
+
 ## Alert boxes
  
 Whenever you need to call special attention to particular sentences,

--- a/doc/development/i18n/externalization.md
+++ b/doc/development/i18n/externalization.md
@@ -77,6 +77,24 @@ Or:
 hello = _("Hello world!")
 ```
  
+Be careful when translating strings at the class or module level since these would only be
+evaluated once at class load time.
+
+For example:
+
+```ruby
+validates :group_id, uniqueness: { scope: [:project_id], message: _("already shared with this group") }
+```
+
+This would be translated when the class is loaded and result in the error message
+always being in the default locale.
+
+Active Record's `:message` option accepts a `Proc`, so we can do this instead:
+
+```ruby
+validates :group_id, uniqueness: { scope: [:project_id], message: -> (object, data) { _("already shared with this group") } }
+```
+
 NOTE: **Note:** Messages in the API (`lib/api/` or `app/graphql`) do
 not need to be externalised.
  

--- a/doc/integration/github.md
+++ b/doc/integration/github.md
@@ -59,7 +59,7 @@ Follow these steps to incorporate the GitHub OAuth 2 app in your GitLab server:
  
   **Replace `https://github.example.com/` with your GitHub URL.**
  
-1. Save the file and [reconfigure](../administration/restart_gitlab.html#omnibus-gitlab-reconfigure) GitLab for the changes to take effect.
+1. Save the file and [reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab for the changes to take effect.
  
 ---
  
@@ -86,7 +86,7 @@ Follow these steps to incorporate the GitHub OAuth 2 app in your GitLab server:
  
   **Replace `https://github.example.com/` with your GitHub URL.**
  
-1. Save the file and [restart](../administration/restart_gitlab.html#installations-from-source) GitLab for the changes to take effect.
+1. Save the file and [restart](../administration/restart_gitlab.md#installations-from-source) GitLab for the changes to take effect.
  
 ---
  

--- a/doc/integration/saml.md
+++ b/doc/integration/saml.md
@@ -549,7 +549,7 @@ GitLab will sign the request with the provided private key. GitLab will include
  
 If you need to troubleshoot, [a complete GitLab+SAML testing environment using Docker compose](https://gitlab.com/gitlab-com/support/toolbox/replication/tree/master/compose_files) is available.
  
-If you only need a SAML provider for testing, a [quick start guide to start a Docker container](../administration/troubleshooting/test_environments.html#saml) with a plug and play SAML 2.0 Identity Provider (IdP) is available.
+If you only need a SAML provider for testing, a [quick start guide to start a Docker container](../administration/troubleshooting/test_environments.md#saml) with a plug and play SAML 2.0 Identity Provider (IdP) is available.
  
 ### 500 error after login
  

--- a/doc/user/admin_area/activating_deactivating_users.md
+++ b/doc/user/admin_area/activating_deactivating_users.md
@@ -38,7 +38,7 @@ Please note that for the deactivation option to be visible to an admin, the user
 - Must be currently active.
 - Should not have any activity in the last 180 days.
  
-Users can also be deactivated using the [GitLab API](../../api/users.html#deactivate-user).
+Users can also be deactivated using the [GitLab API](../../api/users.md#deactivate-user).
  
 NOTE: **Note:**
 A deactivated user does not consume a [seat](../../subscriptions/index.md#managing-subscriptions).
@@ -56,7 +56,7 @@ To do this:
 1. Select a user.
 1. Under the **Account** tab, click **Activate user**.
  
-Users can also be activated using the [GitLab API](../../api/users.html#activate-user).
+Users can also be activated using the [GitLab API](../../api/users.md#activate-user).
  
 NOTE: **Note:**
 Activating a user will change the user's state to active and it consumes a

--- a/doc/user/admin_area/blocking_unblocking_users.md
+++ b/doc/user/admin_area/blocking_unblocking_users.md
@@ -27,7 +27,7 @@ A blocked user:
  
 Personal projects, and group and user history of the blocked user will be left intact.
  
-Users can also be blocked using the [GitLab API](../../api/users.html#block-user).
+Users can also be blocked using the [GitLab API](../../api/users.md#block-user).
  
 NOTE: **Note:**
 A blocked user does not consume a [seat](../../subscriptions/index.md#managing-subscriptions).
@@ -41,7 +41,7 @@ A blocked user can be unblocked from the Admin Area. To do this:
 1. Select a user.
 1. Under the **Account** tab, click **Unblock user**.
  
-Users can also be unblocked using the [GitLab API](../../api/users.html#unblock-user).
+Users can also be unblocked using the [GitLab API](../../api/users.md#unblock-user).
  
 NOTE: **Note:**
 Unblocking a user will change the user's state to active and it consumes a