Add latest changes from gitlab-org/gitlab@master

cd52759e · GitLab Bot · 18f78289 · cd52759e · cd52759e · cd52759e
Commit cd52759e authored 4 years ago by GitLab Bot
--- a/.gitlab/ci/memory.gitlab-ci.yml
+++ b/.gitlab/ci/memory.gitlab-ci.yml
@@ -54,8 +54,7 @@ memory-on-boot:
    # we override the max_old_space_size to prevent OOM errors
    NODE_OPTIONS: --max_old_space_size=3584
  script:
-    # Both bootsnap and derailed monkey-patch Kernel#require, which leads to circular dependency
-    - ENABLE_BOOTSNAP=false PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> 'tmp/memory_on_boot.txt'
+    - PATH_TO_HIT="/users/sign_in" CUT_OFF=0.3 bundle exec derailed exec perf:mem >> 'tmp/memory_on_boot.txt'
    - scripts/generate-memory-metrics-on-boot tmp/memory_on_boot.txt >> 'tmp/memory_on_boot_metrics.txt'
  artifacts:
    paths:

--- a/Gemfile
+++ b/Gemfile
@@ -319,7 +319,7 @@ gem 'peek', '~> 1.1'
 gem 'snowplow-tracker', '~> 0.6.1'
  
 # Memory benchmarks
-gem 'derailed_benchmarks', require: false
+gem 'gitlab-derailed_benchmarks', require: false
  
 # Metrics
 group :metrics do

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -211,15 +211,6 @@ GEM
    declarative-option (0.1.0)
    default_value_for (3.3.0)
      activerecord (>= 3.2.0, < 6.1)
-    derailed_benchmarks (1.4.2)
-      benchmark-ips (~> 2)
-      get_process_mem (~> 0)
-      heapy (~> 0)
-      memory_profiler (~> 0)
-      rack (>= 1)
-      rake (> 10, < 14)
-      ruby-statistics (>= 2.1)
-      thor (~> 0.19)
    descendants_tracker (0.0.4)
      thread_safe (~> 0.3, >= 0.3.1)
    device_detector (1.0.0)
@@ -380,6 +371,15 @@ GEM
    github-markup (1.7.0)
    gitlab-chronic (0.10.5)
      numerizer (~> 0.2)
+    gitlab-derailed_benchmarks (1.6.1)
+      benchmark-ips (~> 2)
+      get_process_mem (~> 0)
+      heapy (~> 0)
+      memory_profiler (~> 0)
+      rack (>= 1)
+      rake (> 10, < 14)
+      ruby-statistics (>= 2.1)
+      thor (>= 0.19, < 2)
    gitlab-labkit (0.11.0)
      actionpack (>= 5.0.0, < 6.1.0)
      activesupport (>= 5.0.0, < 6.1.0)
@@ -955,7 +955,7 @@ GEM
    ruby-progressbar (1.10.1)
    ruby-saml (1.7.2)
      nokogiri (>= 1.5.10)
-    ruby-statistics (2.1.1)
+    ruby-statistics (2.1.2)
    ruby_dep (1.5.0)
    ruby_parser (3.13.1)
      sexp_processor (~> 4.9)
@@ -1189,7 +1189,6 @@ DEPENDENCIES
  database_cleaner (~> 1.7.0)
  deckar01-task_list (= 2.3.1)
  default_value_for (~> 3.3.0)
-  derailed_benchmarks
  device_detector
  devise (~> 4.6)
  devise-two-factor (~> 3.1.0)
@@ -1232,6 +1231,7 @@ DEPENDENCIES
  gitaly (~> 1.86.0)
  github-markup (~> 1.7.0)
  gitlab-chronic (~> 0.10.5)
+  gitlab-derailed_benchmarks
  gitlab-labkit (= 0.11.0)
  gitlab-license (~> 1.0)
  gitlab-mail_room (~> 0.0.3)

--- a/app/assets/javascripts/snippets/components/snippet_title.vue
+++ b/app/assets/javascripts/snippets/components/snippet_title.vue
@@ -21,7 +21,7 @@ export default {
      {{ snippet.title }}
    </h2>
    <div v-if="snippet.description" class="description" data-qa-selector="snippet_description">
-      <div class="md">{{ snippet.description }}</div>
+      <div class="md js-snippet-description" v-html="snippet.descriptionHtml"></div>
    </div>
  
    <small v-if="snippet.updatedAt !== snippet.createdAt" class="edited-text">

--- a/app/assets/javascripts/snippets/fragments/snippetBase.fragment.graphql
+++ b/app/assets/javascripts/snippets/fragments/snippetBase.fragment.graphql
@@ -2,6 +2,7 @@ fragment SnippetBase on Snippet {
  id
  title
  description
+  descriptionHtml
  createdAt
  updatedAt
  visibilityLevel

--- a/app/models/key.rb
+++ b/app/models/key.rb
@@ -30,10 +30,10 @@ class Key < ApplicationRecord
  
  delegate :name, :email, to: :user, prefix: true
  
-  after_commit :add_to_shell, on: :create
+  after_commit :add_to_authorized_keys, on: :create
  after_create :post_create_hook
  after_create :refresh_user_cache
-  after_commit :remove_from_shell, on: :destroy
+  after_commit :remove_from_authorized_keys, on: :destroy
  after_destroy :post_destroy_hook
  after_destroy :refresh_user_cache
  
@@ -79,12 +79,10 @@ class Key < ApplicationRecord
  end
  # rubocop: enable CodeReuse/ServiceClass
  
-  def add_to_shell
-    GitlabShellWorker.perform_async(
-      :add_key,
-      shell_id,
-      key
-    )
+  def add_to_authorized_keys
+    return unless Gitlab::CurrentSettings.authorized_keys_enabled?
+
+    AuthorizedKeysWorker.perform_async(:add_key, shell_id, key)
  end
  
  # rubocop: disable CodeReuse/ServiceClass
@@ -93,11 +91,10 @@ class Key < ApplicationRecord
  end
  # rubocop: enable CodeReuse/ServiceClass
  
-  def remove_from_shell
-    GitlabShellWorker.perform_async(
-      :remove_key,
-      shell_id
-    )
+  def remove_from_authorized_keys
+    return unless Gitlab::CurrentSettings.authorized_keys_enabled?
+
+    AuthorizedKeysWorker.perform_async(:remove_key, shell_id)
  end
  
  # rubocop: disable CodeReuse/ServiceClass

--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -315,6 +315,7 @@ class ProjectPolicy < BasePolicy
    enable :read_deploy_token
    enable :create_deploy_token
    enable :read_pod_logs
+    enable :destroy_deploy_token
  end
  
  rule { (mirror_available & can?(:admin_project)) | admin }.enable :admin_remote_mirror

--- a/app/workers/all_queues.yml
+++ b/app/workers/all_queues.yml
@@ -843,6 +843,13 @@
  :resource_boundary: :unknown
  :weight: 1
  :idempotent: 
+- :name: authorized_keys
+  :feature_category: :source_code_management
+  :has_external_dependencies: 
+  :urgency: :high
+  :resource_boundary: :unknown
+  :weight: 2
+  :idempotent: true
 - :name: authorized_projects
  :feature_category: :authentication_and_authorization
  :has_external_dependencies: 

--- a/app/workers/authorized_keys_worker.rb
+++ b/app/workers/authorized_keys_worker.rb
+# frozen_string_literal: true
+
+class AuthorizedKeysWorker
+  include ApplicationWorker
+
+  PERMITTED_ACTIONS = [:add_key, :remove_key].freeze
+
+  feature_category :source_code_management
+  urgency :high
+  weight 2
+  idempotent!
+
+  def perform(action, *args)
+    return unless Gitlab::CurrentSettings.authorized_keys_enabled?
+
+    case action
+    when :add_key
+      authorized_keys.add_key(*args)
+    when :remove_key
+      authorized_keys.remove_key(*args)
+    end
+  end
+
+  private
+
+  def authorized_keys
+    @authorized_keys ||= Gitlab::AuthorizedKeys.new
+  end
+end
--- a/app/workers/gitlab_shell_worker.rb
+++ b/app/workers/gitlab_shell_worker.rb
@@ -9,6 +9,16 @@ class GitlabShellWorker # rubocop:disable Scalability/IdempotentWorker
  weight 2
  
  def perform(action, *arg)
+    # Gitlab::Shell is being removed but we need to continue to process jobs
+    # enqueued in the previous release, so handle them here.
+    #
+    # See https://gitlab.com/gitlab-org/gitlab/-/issues/25095 for more details
+    if AuthorizedKeysWorker::PERMITTED_ACTIONS.include?(action)
+      AuthorizedKeysWorker.new.perform(action, *arg)
+
+      return
+    end
+
    Gitlab::GitalyClient::NamespaceService.allow do
      gitlab_shell.__send__(action, *arg) # rubocop:disable GitlabSecurity/PublicSend
    end

--- a/changelogs/unreleased/198338-migrate-mr-mentions-to-db-table.yml
+++ b/changelogs/unreleased/198338-migrate-mr-mentions-to-db-table.yml
+---
+title: Migrate mentions for merge requests to DB table
+merge_request: 25826
+author:
+type: changed
--- a/changelogs/unreleased/198391-add-user-plan-and-trial-status-to-api.yml
+++ b/changelogs/unreleased/198391-add-user-plan-and-trial-status-to-api.yml
+---
+title: Expose `plan` and `trial` to `/users/:id` endpoint
+merge_request: 25151
+author:
+type: added
--- a/changelogs/unreleased/21811-project-delete-deploy-token.yml
+++ b/changelogs/unreleased/21811-project-delete-deploy-token.yml
+---
+title: Add API endpoint for deleting project deploy tokens
+merge_request: 25220
+author:
+type: added
--- a/changelogs/unreleased/25095-remove-gitlab-shell-indirection-for-authorized-keys.yml
+++ b/changelogs/unreleased/25095-remove-gitlab-shell-indirection-for-authorized-keys.yml
+---
+title: Move authorized_keys operations into their own Sidekiq queue
+merge_request: 26913
+author:
+type: changed
--- a/changelogs/unreleased/32882-render-special-references-for-releases.yml
+++ b/changelogs/unreleased/32882-render-special-references-for-releases.yml
+---
+title: Render special references for releases
+merge_request: 26554
+author:
+type: fixed
--- a/config/sidekiq_queues.yml
+++ b/config/sidekiq_queues.yml
@@ -30,6 +30,8 @@
  - 1
 - - analytics_code_review_metrics
  - 1
+- - authorized_keys
+  - 2
 - - authorized_projects
  - 2
 - - auto_devops

--- a/db/fixtures/development/11_keys.rb
+++ b/db/fixtures/development/11_keys.rb
@@ -5,9 +5,9 @@ require './spec/support/sidekiq_middleware'
 # gitlab-shell path set (yet) we need to disable this for these fixtures.
 Sidekiq::Testing.disable! do
  Gitlab::Seeder.quiet do
-    # We want to run `add_to_shell` immediately instead of after the commit, so
+    # We want to run `add_to_authorized_keys` immediately instead of after the commit, so
    # that it falls under `Sidekiq::Testing.disable!`.
-    Key.skip_callback(:commit, :after, :add_to_shell)
+    Key.skip_callback(:commit, :after, :add_to_authorized_keys)
  
    User.not_mass_generated.first(10).each do |user|
      key = "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt#{user.id + 100}6k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0="
@@ -18,7 +18,7 @@ Sidekiq::Testing.disable! do
      )
  
      Sidekiq::Worker.skipping_transaction_check do
-        key.add_to_shell
+        key.add_to_authorized_keys
      end
  
      print '.'

--- a/db/migrate/20200203025400_default_lock_version_to_zero_for_merge_requests.rb
+++ b/db/migrate/20200203025400_default_lock_version_to_zero_for_merge_requests.rb
@@ -9,9 +9,15 @@ class DefaultLockVersionToZeroForMergeRequests < ActiveRecord::Migration[6.0]
  # Set this constant to true if this migration requires downtime.
  DOWNTIME = false
  
-  def change
+  def up
    with_lock_retries do
      change_column_default :merge_requests, :lock_version, from: nil, to: 0
    end
  end
+
+  def down
+    with_lock_retries do
+      change_column_default :merge_requests, :lock_version, from: 0, to: nil
+    end
+  end
 end
--- a/db/migrate/20200203025602_default_lock_version_to_zero_for_issues.rb
+++ b/db/migrate/20200203025602_default_lock_version_to_zero_for_issues.rb
@@ -9,9 +9,15 @@ class DefaultLockVersionToZeroForIssues < ActiveRecord::Migration[6.0]
  # Set this constant to true if this migration requires downtime.
  DOWNTIME = false
  
-  def change
+  def up
    with_lock_retries do
      change_column_default :issues, :lock_version, from: nil, to: 0
    end
  end
+
+  def down
+    with_lock_retries do
+      change_column_default :issues, :lock_version, from: 0, to: nil
+    end
+  end
 end
--- a/db/migrate/20200203025619_default_lock_version_to_zero_for_epics.rb
+++ b/db/migrate/20200203025619_default_lock_version_to_zero_for_epics.rb
@@ -9,9 +9,15 @@ class DefaultLockVersionToZeroForEpics < ActiveRecord::Migration[6.0]
  # Set this constant to true if this migration requires downtime.
  DOWNTIME = false
  
-  def change
+  def up
    with_lock_retries do
      change_column_default :epics, :lock_version, from: nil, to: 0
    end
  end
+
+  def down
+    with_lock_retries do
+      change_column_default :epics, :lock_version, from: 0, to: nil
+    end
+  end
 end