Add latest changes from gitlab-org/gitlab@master

5bfb8d1f · GitLab Bot · aaf59610 · 5bfb8d1f · 5bfb8d1f · 5bfb8d1f
Commit 5bfb8d1f authored 4 years ago by GitLab Bot
--- a/.gitlab/ci/rails.gitlab-ci.yml
+++ b/.gitlab/ci/rails.gitlab-ci.yml
@@ -204,8 +204,25 @@ gitlab:setup:
 rspec:coverage:
  extends:
    - .rails-job-base
-    - .rails:rules:ee-and-foss
+    - .rails:rules:ee-only
  stage: post-test
+  # We cannot use needs since it would mean needing 84 jobs (since most are parallelized)
+  # so we use `dependencies` here.
+  dependencies:
+    - setup-test-env
+    - rspec migration pg9
+    - rspec unit pg9
+    - rspec integration pg9
+    - rspec system pg9
+    - rspec-ee migration pg9
+    - rspec-ee unit pg9
+    - rspec-ee integration pg9
+    - rspec-ee system pg9
+    - rspec-ee unit pg9 geo
+    - rspec-ee integration pg9 geo
+    - rspec-ee system pg9 geo
+    - memory-static
+    - memory-on-boot
  variables:
    SETUP_DB: "false"
  cache:

--- a/.gitlab/ci/rules.gitlab-ci.yml
+++ b/.gitlab/ci/rules.gitlab-ci.yml
@@ -291,6 +291,8 @@
 ###############
 .pages:rules:
  rules:
+    - <<: *if-not-ee
+      when: never
    - <<: *if-dot-com-gitlab-org-master
      changes: *code-backstage-qa-patterns
      when: on_success

--- a/.gitlab/issue_templates/Security developer workflow.md
+++ b/.gitlab/issue_templates/Security developer workflow.md
@@ -21,7 +21,7 @@ Set the title to: `Description of the original issue`
 - [ ] Create a merge request targeting `master` on `gitlab.com/gitlab-org/security` and use the [Security Release merge request template].
 - [ ] Follow the same [code review process]: Assign to a reviewer, then to a maintainer.
  
-After your merge request has being approved according to our [approval guidelines], you're ready to prepare the backports
+After your merge request has been approved according to our [approval guidelines], you're ready to prepare the backports
  
 ## Backports
  

--- a/Gemfile
+++ b/Gemfile
@@ -87,7 +87,7 @@ gem 'grape-entity', '~> 0.7.1'
 gem 'rack-cors', '~> 1.0.6', require: 'rack/cors'
  
 # GraphQL API
-gem 'graphql', '~> 1.9.19'
+gem 'graphql', '~> 1.10.5'
 # NOTE: graphiql-rails v1.5+ doesn't work: https://gitlab.com/gitlab-org/gitlab/issues/31771
 # TODO: remove app/views/graphiql/rails/editors/show.html.erb when https://github.com/rmosolgo/graphiql-rails/pull/71 is released:
 # https://gitlab.com/gitlab-org/gitlab/issues/31747

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -456,7 +456,7 @@ GEM
    graphiql-rails (1.4.10)
      railties
      sprockets-rails
-    graphql (1.9.19)
+    graphql (1.10.5)
    graphql-docs (1.6.0)
      commonmarker (~> 0.16)
      escape_utils (~> 1.2)
@@ -1252,7 +1252,7 @@ DEPENDENCIES
  grape-path-helpers (~> 1.2)
  grape_logging (~> 1.7)
  graphiql-rails (~> 1.4.10)
-  graphql (~> 1.9.19)
+  graphql (~> 1.10.5)
  graphql-docs (~> 1.6.0)
  grpc (~> 1.24.0)
  gssapi

--- a/app/models/audit_event.rb
+++ b/app/models/audit_event.rb
@@ -13,11 +13,18 @@ class AuditEvent < ApplicationRecord
  
  scope :by_entity_type, -> (entity_type) { where(entity_type: entity_type) }
  scope :by_entity_id, -> (entity_id) { where(entity_id: entity_id) }
-  scope :order_by_id_desc, -> { order(id: :desc) }
-  scope :order_by_id_asc, -> { order(id: :asc) }
  
  after_initialize :initialize_details
  
+  def self.order_by(method)
+    case method.to_s
+    when 'created_asc'
+      order(id: :asc)
+    else
+      order(id: :desc)
+    end
+  end
+
  def initialize_details
    self.details = {} if details.nil?
  end

--- a/changelogs/unreleased/issue_11391_2.yml
+++ b/changelogs/unreleased/issue_11391_2.yml
+---
+title: Index issues on sent_notifications table
+merge_request: 27034
+author:
+type: performance
--- a/changelogs/unreleased/sh-feature-flag-persisted-process-cache.yml
+++ b/changelogs/unreleased/sh-feature-flag-persisted-process-cache.yml
+---
+title: Move feature flag list into process cache
+merge_request: 27511
+author:
+type: performance
--- a/db/migrate/20181016141739_add_status_to_deployments.rb
+++ b/db/migrate/20181016141739_add_status_to_deployments.rb
@@ -14,14 +14,18 @@ class AddStatusToDeployments < ActiveRecord::Migration[4.2]
  # Ideally, `status` column should not have default value because it should be leveraged by state machine (i.e. application level).
  # However, we have to use the default value for avoiding `NOT NULL` violation during the transition period.
  # The default value should be removed in the future release.
+  # rubocop:disable Migration/AddColumnWithDefault
+  # rubocop:disable Migration/UpdateLargeTable
  def up
-    add_column_with_default(:deployments, # rubocop:disable Migration/AddColumnWithDefault
+    add_column_with_default(:deployments,
      :status,
      :integer,
      limit: 2,
      default: DEPLOYMENT_STATUS_SUCCESS,
      allow_null: false)
  end
+  # rubocop:enable Migration/AddColumnWithDefault
+  # rubocop:enable Migration/UpdateLargeTable
  
  def down
    remove_column(:deployments, :status)

--- a/db/migrate/20190416185130_add_merge_train_enabled_to_ci_cd_settings.rb
+++ b/db/migrate/20190416185130_add_merge_train_enabled_to_ci_cd_settings.rb
@@ -7,10 +7,12 @@ class AddMergeTrainEnabledToCiCdSettings < ActiveRecord::Migration[5.1]
  
  disable_ddl_transaction!
  
+  # rubocop:disable Migration/AddColumnWithDefault
  # rubocop:disable Migration/UpdateLargeTable
  def up
    add_column_with_default :project_ci_cd_settings, :merge_trains_enabled, :boolean, default: false, allow_null: false
  end
+  # rubocop:enable Migration/AddColumnWithDefault
  # rubocop:enable Migration/UpdateLargeTable
  
  def down

--- a/db/migrate/20190416213615_add_variable_type_to_ci_pipeline_variables.rb
+++ b/db/migrate/20190416213615_add_variable_type_to_ci_pipeline_variables.rb
@@ -7,9 +7,13 @@ class AddVariableTypeToCiPipelineVariables < ActiveRecord::Migration[5.0]
  DOWNTIME = false
  ENV_VAR_VARIABLE_TYPE = 1
  
+  # rubocop:disable Migration/AddColumnWithDefault
+  # rubocop:disable Migration/UpdateLargeTable
  def up
-    add_column_with_default(:ci_pipeline_variables, :variable_type, :smallint, default: ENV_VAR_VARIABLE_TYPE) # rubocop:disable Migration/AddColumnWithDefault
+    add_column_with_default(:ci_pipeline_variables, :variable_type, :smallint, default: ENV_VAR_VARIABLE_TYPE)
  end
+  # rubocop:enable Migration/AddColumnWithDefault
+  # rubocop:enable Migration/UpdateLargeTable
  
  def down
    remove_column(:ci_pipeline_variables, :variable_type)

--- a/db/migrate/20190426180107_add_deployment_events_to_services.rb
+++ b/db/migrate/20190426180107_add_deployment_events_to_services.rb
@@ -7,9 +7,13 @@ class AddDeploymentEventsToServices < ActiveRecord::Migration[5.0]
  
  disable_ddl_transaction!
  
+  # rubocop:disable Migration/AddColumnWithDefault
+  # rubocop:disable Migration/UpdateLargeTable
  def up
    add_column_with_default(:services, :deployment_events, :boolean, default: false, allow_null: false)
  end
+  # rubocop:enable Migration/AddColumnWithDefault
+  # rubocop:enable Migration/UpdateLargeTable
  
  def down
    remove_column(:services, :deployment_events)

--- a/db/migrate/20191023093207_add_comment_actions_to_services.rb
+++ b/db/migrate/20191023093207_add_comment_actions_to_services.rb
@@ -7,9 +7,13 @@ class AddCommentActionsToServices < ActiveRecord::Migration[5.2]
  
  disable_ddl_transaction!
  
+  # rubocop:disable Migration/AddColumnWithDefault
+  # rubocop:disable Migration/UpdateLargeTable
  def up
    add_column_with_default(:services, :comment_on_event_enabled, :boolean, default: true)
  end
+  # rubocop:enable Migration/AddColumnWithDefault
+  # rubocop:enable Migration/UpdateLargeTable
  
  def down
    remove_column(:services, :comment_on_event_enabled)

--- a/db/migrate/20200310132654_add_instance_to_services.rb
+++ b/db/migrate/20200310132654_add_instance_to_services.rb
@@ -7,9 +7,13 @@ class AddInstanceToServices < ActiveRecord::Migration[6.0]
  
  disable_ddl_transaction!
  
+  # rubocop:disable Migration/AddColumnWithDefault
+  # rubocop:disable Migration/UpdateLargeTable
  def up
    add_column_with_default(:services, :instance, :boolean, default: false)
  end
+  # rubocop:enable Migration/AddColumnWithDefault
+  # rubocop:enable Migration/UpdateLargeTable
  
  def down
    remove_column(:services, :instance)

--- a/db/post_migrate/20200212052620_readd_template_column_to_services.rb
+++ b/db/post_migrate/20200212052620_readd_template_column_to_services.rb
@@ -7,6 +7,7 @@ class ReaddTemplateColumnToServices < ActiveRecord::Migration[6.0]
  
  disable_ddl_transaction!
  
+  # rubocop:disable Migration/UpdateLargeTable
  def up
    return if column_exists? :services, :template
  
@@ -16,6 +17,7 @@ class ReaddTemplateColumnToServices < ActiveRecord::Migration[6.0]
    # of `template`, we would look for entries with `project_id IS NULL`.
    add_column_with_default :services, :template, :boolean, default: false, allow_null: true
  end
+  # rubocop:enable Migration/UpdateLargeTable
  
  def down
    # NOP since the column is expected to exist

--- a/db/post_migrate/20200311192351_add_index_on_noteable_type_and_noteable_id_to_sent_notifications.rb
+++ b/db/post_migrate/20200311192351_add_index_on_noteable_type_and_noteable_id_to_sent_notifications.rb
+# frozen_string_literal: true
+
+class AddIndexOnNoteableTypeAndNoteableIdToSentNotifications < ActiveRecord::Migration[6.0]
+  include Gitlab::Database::MigrationHelpers
+
+  DOWNTIME = false
+  INDEX_NAME = 'index_sent_notifications_on_noteable_type_noteable_id'
+
+  disable_ddl_transaction!
+
+  def up
+    add_concurrent_index :sent_notifications,
+      [:noteable_id],
+      name: INDEX_NAME,
+      where: "noteable_type = 'Issue'"
+  end
+
+  def down
+    remove_concurrent_index_by_name :sent_notifications, INDEX_NAME
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -3919,6 +3919,7 @@ ActiveRecord::Schema.define(version: 2020_03_13_123934) do
    t.string "note_type"
    t.text "position"
    t.string "in_reply_to_discussion_id"
+    t.index ["noteable_id"], name: "index_sent_notifications_on_noteable_type_noteable_id", where: "((noteable_type)::text = 'Issue'::text)"
    t.index ["reply_key"], name: "index_sent_notifications_on_reply_key", unique: true
  end
  

--- a/doc/ci/variables/predefined_variables.md
+++ b/doc/ci/variables/predefined_variables.md
--- a/doc/development/api_styleguide.md
+++ b/doc/development/api_styleguide.md
@@ -11,6 +11,12 @@ to access them as we do in Rails views), local variables are fine.
  
 Always use an [Entity] to present the endpoint's payload.
  
+## Documentation
+
+API endpoints must come with [documentation](documentation/styleguide.md#api), unless it is internal or behind a feature flag.
+The docs should be in the same merge request, or, if strictly necessary,
+in a follow-up with the same milestone as the original merge request.  
+
 ## Methods and parameters description
  
 Every method must be described using the [Grape DSL](https://github.com/ruby-grape/grape#describing-methods)

--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -7,9 +7,11 @@ type: reference, howto
 GitLab can check your application for security vulnerabilities that may lead to unauthorized access,
 data leaks, denial of services, and more. GitLab reports vulnerabilities in the merge request so you
 can fix them before merging. The [Security Dashboard](security_dashboard/index.md) provides a
-high-level view of vulnerabilities detected in your projects, pipeline, and groups. With the
-information provided, you can immediately begin risk analysis and remediation.
+high-level view of vulnerabilities detected in your projects, pipeline, and groups. The [Threat Monitoring](threat_monitoring/index.md)
+page provides runtime security metrics for application environments. With the information provided,
+you can immediately begin risk analysis and remediation.
  
+<i class="fa fa-youtube-play youtube" aria-hidden="true"></i>
 For an overview of application security with GitLab, see
 [Security Deep Dive](https://www.youtube.com/watch?v=k4vEJnGYy84).