Add latest changes from gitlab-org/gitlab@master

db/post_migrate/20180306164012_add_path_index_to_redirect_routes.rb

@@ -16,8 +16,6 @@ class AddPathIndexToRedirectRoutes < ActiveRecord::Migration[4.2]
   # This same index is also added in the `ReworkRedirectRoutesIndexes` so this
   # is a no-op in most cases.
   def up
-    return unless Gitlab::Database.postgresql?
-
     disable_statement_timeout do
       unless index_exists_by_name?(:redirect_routes, INDEX_NAME)
         execute("CREATE UNIQUE INDEX CONCURRENTLY #{INDEX_NAME} ON redirect_routes (lower(path) varchar_pattern_ops);")

db/post_migrate/20180706223200_populate_site_statistics.rb

@@ -7,13 +7,13 @@ class PopulateSiteStatistics < ActiveRecord::Migration[4.2]
   def up
     transaction do
-      execute('SET LOCAL statement_timeout TO 0') if Gitlab::Database.postgresql? # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
+      execute('SET LOCAL statement_timeout TO 0') # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
       execute("UPDATE site_statistics SET repositories_count = (SELECT COUNT(*) FROM projects)")
     end
     transaction do
-      execute('SET LOCAL statement_timeout TO 0') if Gitlab::Database.postgresql? # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
+      execute('SET LOCAL statement_timeout TO 0') # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
       execute("UPDATE site_statistics SET wikis_count = (SELECT COUNT(*) FROM project_features WHERE wiki_access_level != 0)")
     end

db/post_migrate/20180809195358_migrate_null_wiki_access_levels.rb

@@ -20,7 +20,7 @@ class MigrateNullWikiAccessLevels < ActiveRecord::Migration[4.2]
     # We need to re-count wikis as previous attempt was not considering the NULLs.
     transaction do
-      execute('SET LOCAL statement_timeout TO 0') if Gitlab::Database.postgresql? # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
+      execute('SET LOCAL statement_timeout TO 0') # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
       execute("UPDATE site_statistics SET wikis_count = (SELECT COUNT(*) FROM project_features WHERE wiki_access_level != 0)")
     end

db/post_migrate/20180826111825_recalculate_site_statistics.rb

@@ -9,13 +9,13 @@ class RecalculateSiteStatistics < ActiveRecord::Migration[4.2]
   def up
     transaction do
-      execute('SET LOCAL statement_timeout TO 0') if Gitlab::Database.postgresql? # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
+      execute('SET LOCAL statement_timeout TO 0') # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
       execute("UPDATE site_statistics SET repositories_count = (SELECT COUNT(*) FROM projects)")
     end
     transaction do
-      execute('SET LOCAL statement_timeout TO 0') if Gitlab::Database.postgresql? # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
+      execute('SET LOCAL statement_timeout TO 0') # see https://gitlab.com/gitlab-org/gitlab-foss/issues/48967
       execute("UPDATE site_statistics SET wikis_count = (SELECT COUNT(*) FROM project_features WHERE wiki_access_level != 0)")
     end

db/schema.rb

@@ -573,6 +573,7 @@ ActiveRecord::Schema.define(version: 2019_11_25_140458) do
     t.string "font"
     t.text "message_html", null: false
     t.integer "cached_markdown_version"
+    t.string "target_path", limit: 255
     t.index ["starts_at", "ends_at", "id"], name: "index_broadcast_messages_on_starts_at_and_ends_at_and_id"
   end

doc/administration/packages/container_registry.md

@@ -457,36 +457,40 @@ If Registry is enabled in your GitLab instance, but you don't need it for your
 project, you can disable it from your project's settings. Read the user guide
 on how to achieve that.
-## Disable Container Registry but use GitLab as an auth endpoint
+## Use an external container registry with GitLab as an auth endpoint
 **Omnibus GitLab**
-You can use GitLab as an auth endpoint and use a non-bundled Container Registry.
+You can use GitLab as an auth endpoint with an external container registry.
 1. Open `/etc/gitlab/gitlab.rb` and set necessary configurations:
    ```ruby
    gitlab_rails['registry_enabled'] = true
-   gitlab_rails['registry_host'] = "registry.gitlab.example.com"
-   gitlab_rails['registry_port'] = "5005"
    gitlab_rails['registry_api_url'] = "http://localhost:5000"
-   gitlab_rails['registry_path'] = "/var/opt/gitlab/gitlab-rails/shared/registry"
    gitlab_rails['registry_issuer'] = "omnibus-gitlab-issuer"
    ```
-1. A certificate keypair is required for GitLab and the Container Registry to
-   communicate securely.  By default Omnibus GitLab will generate one keypair,
-   which is saved to `/var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key`.
-   When using a non-bundled Container Registry, you will need to supply a
-   custom certificate key. To do that, add the following to
-   `/etc/gitlab/gitlab.rb`
+   NOTE: **Note:**
+   `gitlab_rails['registry_enabled'] = true` is needed to enable GitLab's
+   Container Registry features and authentication endpoint. GitLab's bundled
+   Container Registry service will not be started even with this enabled.
+
+1. A certificate-key pair is required for GitLab and the external container
+   registry to communicate securely. You will need to create a certificate-key
+   pair, configuring the external container registry with the public
+   certificate and configuring GitLab with the private key. To do that, add
+   the following to `/etc/gitlab/gitlab.rb`:
    ```ruby
-   gitlab_rails['registry_key_path'] = "/custom/path/to/registry-key.key"
    # registry['internal_key'] should contain the contents of the custom key
    # file. Line breaks in the key file should be marked using `\n` character
    # Example:
    registry['internal_key'] = "---BEGIN RSA PRIVATE KEY---\nMIIEpQIBAA\n"
+
+   # Optionally define a custom file for Omnibus GitLab to write the contents
+   # of registry['internal_key'] to.
+   gitlab_rails['registry_key_path'] = "/custom/path/to/registry-key.key"
    ```
    NOTE: **Note:**
@@ -496,7 +500,16 @@ You can use GitLab as an auth endpoint and use a non-bundled Container Registry.
    `/var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key` and will populate
    it.
-1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect.
+1. To change the container registry URL displayed in the GitLab Container
+   Registry pages, set the following configurations:
+
+   ```ruby
+   gitlab_rails['registry_host'] = "registry.gitlab.example.com"
+   gitlab_rails['registry_port'] = "5005"
+   ```
+
+1. Save the file and [reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure)
+   for the changes to take effect.
 **Installations from source**

doc/development/sql.md

@@ -108,15 +108,11 @@ class AddUsersLowerUsernameEmailIndexes < ActiveRecord::Migration[4.2]
   disable_ddl_transaction!
   def up
-    return unless Gitlab::Database.postgresql?
-
     execute 'CREATE INDEX CONCURRENTLY index_on_users_lower_username ON users (LOWER(username));'
     execute 'CREATE INDEX CONCURRENTLY index_on_users_lower_email ON users (LOWER(email));'
   end
   def down
-    return unless Gitlab::Database.postgresql?
-
     remove_index :users, :index_on_users_lower_username
     remove_index :users, :index_on_users_lower_email
   end

doc/development/verifying_database_capabilities.md

@@ -6,22 +6,16 @@ necessary to add database (version) specific behaviour.
 To facilitate this we have the following methods that you can use:
-- `Gitlab::Database.postgresql?`: returns `true` if PostgreSQL is being used.
-  You can normally just assume this is the case.
 - `Gitlab::Database.version`: returns the PostgreSQL version number as a string
   in the format `X.Y.Z`.
 This allows you to write code such as:
 ```ruby
-if Gitlab::Database.postgresql?
-  if Gitlab::Database.version.to_f >= 9.6
-    run_really_fast_query
-  else
-    run_fast_query
-  end
+if Gitlab::Database.version.to_f >= 9.6
+  run_really_fast_query
 else
-  run_query
+  run_fast_query
 end
 ```

doc/integration/github.md

@@ -166,3 +166,36 @@ via Omnibus, or [restart GitLab] if you installed from source.
 [reconfigure GitLab]: ../administration/restart_gitlab.md#omnibus-gitlab-reconfigure
 [restart GitLab]: ../administration/restart_gitlab.md#installations-from-source
+
+## Troubleshooting
+
+### Error 500 when trying to sign in to GitLab via GitHub Enterprise
+
+Check the [`production.log`](../administration/logs.md#productionlog)
+on your GitLab server to obtain further details. If you are getting the error like
+`Faraday::ConnectionFailed (execution expired)` in the log, there may be a connectivity issue
+between your GitLab instance and GitHub Enterprise. To verify it, [start the rails console](https://docs.gitlab.com/omnibus/maintenance/#starting-a-rails-console-session)
+and run the commands below replacing <github_url> with the URL of your GitHub Enterprise instance:
+
+```ruby
+uri = URI.parse("https://<github_url>") # replace `GitHub-URL` with the real one here
+http = Net::HTTP.new(uri.host, uri.port)
+http.use_ssl = true
+http.verify_mode = 1
+response = http.request(Net::HTTP::Get.new(uri.request_uri))
+```
+
+If you are getting a similar `execution expired` error, it confirms the theory about the
+network connectivity. In that case, make sure that the GitLab server is able to reach your
+GitHub enterprise instance.
+
+### Signing in using your GitHub account without a pre-existing GitLab account is not allowed
+
+If you're getting the message `Signing in using your GitHub account without a pre-existing
+GitLab account is not allowed. Create a GitLab account first, and then connect it to your
+GitHub account` when signing in, in GitLab:
+
+1. Go to your **Profile > Account**.
+1. Under the "Social sign-in" section, click **Connect** near the GitHub icon.
+
+After that, you should be able to sign in via GitHub successfully.

doc/user/admin_area/broadcast_messages.md

@@ -22,6 +22,7 @@ To add a broadcast message:
 1. Navigate to the **Admin Area > Messages** page.
 1. Add the text for the message to the **Message** field. Markdown and emoji are supported.
 1. If required, click the **Customize colors** link to edit the background color and font color of the message.
+1. If required, add a **Target Path** to only show the broadcast message on URLs matching that path. You can use the wildcard character `*` to match multiple URLs, for example `/users/*/issues`.
 1. Select a date for the message to start and end.
 1. Click the **Add broadcast message** button.

lib/gitlab/background_migration/migrate_legacy_artifacts.rb

@@ -123,8 +123,6 @@ module Gitlab
       end
       def add_missing_db_timezone
-        return '' unless Gitlab::Database.postgresql?
-
         'at time zone \'UTC\''
       end
     end

locale/gitlab.pot

@@ -9650,6 +9650,9 @@ msgstr ""
 msgid "Issue"
 msgstr ""
+msgid "Issue %{issue_reference} has already been added to epic %{epic_reference}."
+msgstr ""
+
 msgid "Issue Boards"
 msgstr ""
@@ -12263,6 +12266,9 @@ msgstr ""
 msgid "Path:"
 msgstr ""
+msgid "Paths can contain wildcards, like */welcome"
+msgstr ""
+
 msgid "Pause"
 msgstr ""
@@ -16836,7 +16842,7 @@ msgstr ""
 msgid "Subscriptions"
 msgstr ""
-msgid "Subscriptions allow successfully completed pipelines on the %{default_branch_docs} of the subscribed project to trigger a new pipeline on thee default branch of this project."
+msgid "Subscriptions allow successfully completed pipelines on the %{default_branch_docs} of the subscribed project to trigger a new pipeline on the default branch of this project."
 msgstr ""
 msgid "Subtracted"
@@ -17109,6 +17115,9 @@ msgstr ""
 msgid "Target Branch"
 msgstr ""
+msgid "Target Path"
+msgstr ""
+
 msgid "Target branch"
 msgstr ""

spec/controllers/admin/identities_controller_spec.rb

@@ -13,7 +13,7 @@ describe Admin::IdentitiesController do
     let(:user) { create(:omniauth_user, provider: 'ldapmain', extern_uid: 'uid=myuser,ou=people,dc=example,dc=com') }
     it 'repairs ldap blocks' do
-      expect_next_instance_of(RepairLdapBlockedUserService) do |instance|
+      expect_next_instance_of(::Users::RepairLdapBlockedService) do |instance|
         expect(instance).to receive(:execute)
       end
@@ -25,7 +25,7 @@ describe Admin::IdentitiesController do
     let(:user) { create(:omniauth_user, provider: 'ldapmain', extern_uid: 'uid=myuser,ou=people,dc=example,dc=com') }
     it 'repairs ldap blocks' do
-      expect_next_instance_of(RepairLdapBlockedUserService) do |instance|
+      expect_next_instance_of(::Users::RepairLdapBlockedService) do |instance|
         expect(instance).to receive(:execute)
       end

spec/factories/merge_request_diff_commits.rb

+# frozen_string_literal: true
+
+FactoryBot.define do
+  factory :merge_request_diff_commit do
+    association :merge_request_diff
+
+    sha { Digest::SHA1.hexdigest(SecureRandom.hex) }
+    relative_order { 0 }
+  end
+end

spec/features/admin/admin_broadcast_messages_spec.rb

@@ -16,12 +16,14 @@ describe 'Admin Broadcast Messages' do
   it 'Create a customized broadcast message' do
     fill_in 'broadcast_message_message', with: 'Application update from **4:00 CST to 5:00 CST**'
     fill_in 'broadcast_message_color', with: '#f2dede'
+    fill_in 'broadcast_message_target_path', with: '*/user_onboarded'
     fill_in 'broadcast_message_font', with: '#b94a48'
     select Date.today.next_year.year, from: 'broadcast_message_ends_at_1i'
     click_button 'Add broadcast message'
     expect(current_path).to eq admin_broadcast_messages_path
     expect(page).to have_content 'Application update from 4:00 CST to 5:00 CST'
+    expect(page).to have_content '*/user_onboarded'
     expect(page).to have_selector 'strong', text: '4:00 CST to 5:00 CST'
     expect(page).to have_selector %(div[style="background-color: #f2dede; color: #b94a48"])
   end

spec/lib/gitlab/import_export/project_tree_restorer_spec.rb

@@ -635,43 +635,39 @@ describe Gitlab::ImportExport::ProjectTreeRestorer do
   end
   context 'JSON with invalid records' do
+    subject(:restored_project_json) { project_tree_restorer.restore }
+
     let(:user) { create(:user) }
     let!(:project) { create(:project, :builds_disabled, :issues_disabled, name: 'project', path: 'project') }
     let(:project_tree_restorer) { described_class.new(user: user, shared: shared, project: project) }
-    let(:restored_project_json) { project_tree_restorer.restore }
-
-    context 'when some failures occur' do
-      context 'because a relation fails to be processed' do
-        let(:correlation_id) { 'my-correlation-id' }
-        before do
-          setup_import_export_config('with_invalid_records')
-          Labkit::Correlation::CorrelationId.use_id(correlation_id) do
-            expect(restored_project_json).to eq(true)
-          end
-        end
-        it_behaves_like 'restores project successfully',
-          issues: 0,
-          labels: 0,
-          label_with_priorities: nil,
-          milestones: 1,
-          first_issue_labels: 0,
-          services: 0,
-          import_failures: 1
-
-        it 'records the failures in the database' do
-          import_failure = ImportFailure.last
-
-          expect(import_failure.project_id).to eq(project.id)
-          expect(import_failure.relation_key).to eq('milestones')
-          expect(import_failure.relation_index).to be_present
-          expect(import_failure.exception_class).to eq('ActiveRecord::RecordInvalid')
-          expect(import_failure.exception_message).to be_present
-          expect(import_failure.correlation_id_value).to eq('my-correlation-id')
-          expect(import_failure.created_at).to be_present
-        end
+    let(:correlation_id) { 'my-correlation-id' }
+    before do
+      setup_import_export_config('with_invalid_records')
+      Labkit::Correlation::CorrelationId.use_id(correlation_id) { subject }
+    end
+    context 'when failures occur because a relation fails to be processed' do
+      it_behaves_like 'restores project successfully',
+        issues: 0,
+        labels: 0,
+        label_with_priorities: nil,
+        milestones: 1,
+        first_issue_labels: 0,
+        services: 0,
+        import_failures: 1
+
+      it 'records the failures in the database' do
+        import_failure = ImportFailure.last
+
+        expect(import_failure.project_id).to eq(project.id)
+        expect(import_failure.relation_key).to eq('milestones')
+        expect(import_failure.relation_index).to be_present
+        expect(import_failure.exception_class).to eq('ActiveRecord::RecordInvalid')
+        expect(import_failure.exception_message).to be_present
+        expect(import_failure.correlation_id_value).to eq('my-correlation-id')
+        expect(import_failure.created_at).to be_present
       end
     end
   end

spec/models/broadcast_message_spec.rb

@@ -88,6 +88,42 @@ describe BroadcastMessage do
       expect(Rails.cache).not_to receive(:delete).with(described_class::CACHE_KEY)
       expect(described_class.current.length).to eq(0)
     end
+
+    it 'returns message if it matches the target path' do
+      message = create(:broadcast_message, target_path: "*/onboarding_completed")
+
+      expect(described_class.current('/users/onboarding_completed')).to include(message)
+    end
+
+    it 'returns message if part of the target path matches' do
+      create(:broadcast_message, target_path: "/users/*/issues")
+
+      expect(described_class.current('/users/name/issues').length).to eq(1)
+    end
+
+    it 'returns the message for empty target path' do
+      create(:broadcast_message, target_path: "")
+
+      expect(described_class.current('/users/name/issues').length).to eq(1)
+    end
+
+    it 'returns the message if target path is nil' do
+      create(:broadcast_message, target_path: nil)
+
+      expect(described_class.current('/users/name/issues').length).to eq(1)
+    end
+
+    it 'does not return message if target path does not match' do
+      create(:broadcast_message, target_path: "/onboarding_completed")
+
+      expect(described_class.current('/welcome').length).to eq(0)
+    end
+
+    it 'does not return message if target path does not match when using wildcard' do
+      create(:broadcast_message, target_path: "/users/*/issues")
+
+      expect(described_class.current('/group/groupname/issues').length).to eq(0)
+    end
   end
   describe '#attributes' do

spec/models/merge_request/pipelines_spec.rb

@@ -75,7 +75,9 @@ describe MergeRequest::Pipelines do
       let(:shas) { project.repository.commits(source_ref, limit: 2).map(&:id) }
       before do
-        allow(merge_request).to receive(:all_commit_shas) { shas }
+        create(:merge_request_diff_commit,
+          merge_request_diff: merge_request.merge_request_diff,
+          sha: shas.second, relative_order: 1)
       end
       it 'returns merge request pipeline first' do
@@ -119,7 +121,11 @@ describe MergeRequest::Pipelines do
         end
         before do
-          allow(merge_request_2).to receive(:all_commit_shas) { shas }
+          shas.each.with_index do |sha, index|
+            create(:merge_request_diff_commit,
+              merge_request_diff: merge_request_2.merge_request_diff,
+              sha: sha, relative_order: index)
+          end
         end
         it 'returns only related merge request pipelines' do

spec/services/repair_ldap_blocked_user_service_spec.rb → spec/services/users/repair_ldap_blocked_service_spec.rb

@@ -2,7 +2,7 @@
 require 'spec_helper'
-describe RepairLdapBlockedUserService do
+describe Users::RepairLdapBlockedService do
   let(:user) { create(:omniauth_user, provider: 'ldapmain', state: 'ldap_blocked') }
   let(:identity) { user.ldap_identity }
   subject(:service) { described_class.new(user) }