Add latest changes from gitlab-org/gitlab@master

f8d15ca6 · GitLab Bot · 3ab4feda · f8d15ca6 · f8d15ca6 · f8d15ca6
Commit f8d15ca6 authored 5 years ago by GitLab Bot
--- a/.gitlab/ci/docs.gitlab-ci.yml
+++ b/.gitlab/ci/docs.gitlab-ci.yml
@@ -16,6 +16,7 @@
    name: review-docs/$DOCS_GITLAB_REPO_SUFFIX-$CI_MERGE_REQUEST_IID
    # DOCS_REVIEW_APPS_DOMAIN and DOCS_GITLAB_REPO_SUFFIX are CI variables
    # Discussion: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/14236/diffs#note_40140693
+    auto_stop_in: 2 weeks
    url: http://docs-preview-$DOCS_GITLAB_REPO_SUFFIX-$CI_MERGE_REQUEST_IID.$DOCS_REVIEW_APPS_DOMAIN/$DOCS_GITLAB_REPO_SUFFIX
    on_stop: review-docs-cleanup
  before_script:

--- a/app/assets/javascripts/boards/stores/boards_store.js
+++ b/app/assets/javascripts/boards/stores/boards_store.js
@@ -337,7 +337,8 @@ const boardsStore = {
    return (
      (listTo.type !== 'label' && listFrom.type === 'assignee') ||
      (listTo.type !== 'assignee' && listFrom.type === 'label') ||
-      listFrom.type === 'backlog'
+      listFrom.type === 'backlog' ||
+      listFrom.type === 'closed'
    );
  },
  moveIssueInList(list, issue, oldIndex, newIndex, idArray) {

--- a/app/assets/javascripts/groups/constants.js
+++ b/app/assets/javascripts/groups/constants.js
@@ -39,7 +39,9 @@ export const GROUP_VISIBILITY_TYPE = {
 export const PROJECT_VISIBILITY_TYPE = {
  public: __('Public - The project can be accessed without any authentication.'),
  internal: __('Internal - The project can be accessed by any logged in user.'),
-  private: __('Private - Project access must be granted explicitly to each user.'),
+  private: __(
+    'Private - Project access must be granted explicitly to each user. If this project is part of a group, access will be granted to members of the group.',
+  ),
 };
  
 export const VISIBILITY_TYPE_ICON = {

--- a/app/helpers/system_note_helper.rb
+++ b/app/helpers/system_note_helper.rb
@@ -2,7 +2,7 @@
  
 module SystemNoteHelper
  ICON_NAMES_BY_ACTION = {
-    'cherry_pick' => 'link',
+    'cherry_pick' => 'cherry-pick-commit',
    'commit' => 'commit',
    'description' => 'pencil-square',
    'merge' => 'git-merge',

--- a/app/helpers/visibility_level_helper.rb
+++ b/app/helpers/visibility_level_helper.rb
@@ -31,7 +31,7 @@ module VisibilityLevelHelper
  def project_visibility_level_description(level)
    case level
    when Gitlab::VisibilityLevel::PRIVATE
-      _("Project access must be granted explicitly to each user.")
+      _("Project access must be granted explicitly to each user. If this project is part of a group, access will be granted to members of the group.")
    when Gitlab::VisibilityLevel::INTERNAL
      _("The project can be accessed by any logged in user.")
    when Gitlab::VisibilityLevel::PUBLIC

--- a/app/models/clusters/applications/knative.rb
+++ b/app/models/clusters/applications/knative.rb
@@ -33,6 +33,12 @@ module Clusters
              FETCH_IP_ADDRESS_DELAY, application.name, application.id)
          end
        end
+
+        after_transition any => [:installed, :updated] do |application|
+          application.run_after_commit do
+            ClusterConfigureIstioWorker.perform_async(application.cluster_id)
+          end
+        end
      end
  
      default_value_for :version, VERSION
@@ -41,6 +47,8 @@ module Clusters
  
      scope :for_cluster, -> (cluster) { where(cluster: cluster) }
  
+      has_one :pages_domain, through: :serverless_domain_cluster
+
      def chart
        'knative/knative'
      end
@@ -49,6 +57,14 @@ module Clusters
        { "domain" => hostname }.to_yaml
      end
  
+      def available_domains
+        PagesDomain.instance_serverless
+      end
+
+      def find_available_domain(pages_domain_id)
+        available_domains.find_by(id: pages_domain_id)
+      end
+
      def allowed_to_uninstall?
        !pre_installed?
      end

--- a/app/serializers/cluster_application_entity.rb
+++ b/app/serializers/cluster_application_entity.rb
@@ -13,4 +13,6 @@ class ClusterApplicationEntity < Grape::Entity
  expose :modsecurity_enabled, if: -> (e, _) { e.respond_to?(:modsecurity_enabled) }
  expose :update_available?, as: :update_available, if: -> (e, _) { e.respond_to?(:update_available?) }
  expose :can_uninstall?, as: :can_uninstall
+  expose :available_domains, using: Serverless::DomainEntity, if: -> (e, _) { e.respond_to?(:available_domains) }
+  expose :pages_domain, using: Serverless::DomainEntity, if: -> (e, _) { e.respond_to?(:pages_domain) }
 end
--- a/app/serializers/merge_request_widget_entity.rb
+++ b/app/serializers/merge_request_widget_entity.rb
@@ -94,7 +94,8 @@ class MergeRequestWidgetEntity < Grape::Entity
    merge_request.source_project&.uses_default_ci_config? &&
      merge_request.all_pipelines.none? &&
      merge_request.commits_count.positive? &&
-      can?(current_user, :push_code, merge_request.source_project)
+      can?(current_user, :read_build, merge_request.source_project) &&
+      can?(current_user, :create_pipeline, merge_request.source_project)
  end
 end
  

--- a/app/serializers/serverless/domain_entity.rb
+++ b/app/serializers/serverless/domain_entity.rb
+# frozen_string_literal: true
+
+module Serverless
+  class DomainEntity < Grape::Entity
+    expose :id
+    expose :domain
+  end
+end
--- a/app/services/clusters/applications/base_service.rb
+++ b/app/services/clusters/applications/base_service.rb
@@ -35,6 +35,12 @@ module Clusters
            application.oauth_application = create_oauth_application(application, request)
          end
  
+          if application.instance_of?(Knative)
+            Serverless::AssociateDomainService
+              .new(application, pages_domain_id: params[:pages_domain_id], creator: current_user)
+              .execute
+          end
+
          worker = worker_class(application)
  
          application.make_scheduled!

--- a/app/services/clusters/kubernetes/configure_istio_ingress_service.rb
+++ b/app/services/clusters/kubernetes/configure_istio_ingress_service.rb
@@ -27,6 +27,10 @@ module Clusters
        return configure_certificates if serverless_domain_cluster
  
        configure_passthrough
+      rescue Kubeclient::HttpError => e
+        knative.make_errored!(_('Kubernetes error: %{error_code}') % { error_code: e.error_code })
+      rescue StandardError
+        knative.make_errored!(_('Failed to update.'))
      end
  
      private

--- a/app/services/serverless/associate_domain_service.rb
+++ b/app/services/serverless/associate_domain_service.rb
+# frozen_string_literal: true
+
+module Serverless
+  class AssociateDomainService
+    PLACEHOLDER_HOSTNAME = 'example.com'.freeze
+
+    def initialize(knative, pages_domain_id:, creator:)
+      @knative = knative
+      @pages_domain_id = pages_domain_id
+      @creator = creator
+    end
+
+    def execute
+      return if unchanged?
+
+      knative.hostname ||= PLACEHOLDER_HOSTNAME
+
+      knative.pages_domain = knative.find_available_domain(pages_domain_id)
+      knative.serverless_domain_cluster.update(creator: creator) if knative.pages_domain
+    end
+
+    private
+
+    attr_reader :knative, :pages_domain_id, :creator
+
+    def unchanged?
+      knative.pages_domain&.id == pages_domain_id
+    end
+  end
+end
--- a/changelogs/unreleased/25550-there-is-a-drag-and-drop-bug-in-boards.yml
+++ b/changelogs/unreleased/25550-there-is-a-drag-and-drop-bug-in-boards.yml
+---
+title: Resolves the disappearance of a ticket when it was moved from the closed list.
+merge_request:
+author: Gwen_
+type: fixed
--- a/changelogs/unreleased/27300-add-filepath-to-release-links-api.yml
+++ b/changelogs/unreleased/27300-add-filepath-to-release-links-api.yml
+---
+title: Add filepath to release links API
+merge_request: 25533
+author:
+type: added
--- a/changelogs/unreleased/fj-fix-internal-api-return-code.yml
+++ b/changelogs/unreleased/fj-fix-internal-api-return-code.yml
+---
+title: Change back internal api return code
+merge_request: 26063
+author:
+type: fixed
--- a/changelogs/unreleased/update-private-project-wording.yml
+++ b/changelogs/unreleased/update-private-project-wording.yml
+---
+title: Clarify private visibility for projects.
+merge_request: 25852
+author:
+type: other
--- a/lib/api/entities/releases/link.rb
+++ b/lib/api/entities/releases/link.rb
@@ -7,7 +7,17 @@ module API
        expose :id
        expose :name
        expose :url
+        expose :direct_asset_url
        expose :external?, as: :external
+
+        def direct_asset_url
+          return object.url unless object.filepath
+
+          release = object.release
+          project = release.project
+
+          Gitlab::Routing.url_helpers.project_release_url(project, release) << object.filepath
+        end
      end
    end
  end

--- a/lib/api/internal/base.rb
+++ b/lib/api/internal/base.rb
@@ -50,7 +50,11 @@ module API
                           @project ||= access_checker.project
                           result
                         rescue Gitlab::GitAccess::ForbiddenError => e
-                           return response_with_status(code: 403, success: false, message: e.message)
+                           # The return code needs to be 401. If we return 403
+                           # the custom message we return won't be shown to the user
+                           # and, instead, the default message 'GitLab: API is not accessible'
+                           # will be displayed
+                           return response_with_status(code: 401, success: false, message: e.message)
                         rescue Gitlab::GitAccess::TimeoutError => e
                           return response_with_status(code: 503, success: false, message: e.message)
                         rescue Gitlab::GitAccess::NotFoundError => e

--- a/lib/api/release/links.rb
+++ b/lib/api/release/links.rb
@@ -39,6 +39,7 @@ module API
            params do
              requires :name, type: String, desc: 'The name of the link'
              requires :url, type: String, desc: 'The URL of the link'
+              optional :filepath, type: String, desc: 'The filepath of the link'
            end
            post 'links' do
              authorize! :create_release, release
@@ -73,6 +74,7 @@ module API
              params do
                optional :name, type: String, desc: 'The name of the link'
                optional :url, type: String, desc: 'The URL of the link'
+                optional :filepath, type: String, desc: 'The filepath of the link'
                at_least_one_of :name, :url
              end
              put do

--- a/lib/gitlab/checks/snippet_check.rb
+++ b/lib/gitlab/checks/snippet_check.rb
+# frozen_string_literal: true
+
+module Gitlab
+  module Checks
+    class SnippetCheck < BaseChecker
+      ERROR_MESSAGES = {
+        create_delete_branch: 'You can not create or delete branches.'
+      }.freeze
+
+      ATTRIBUTES = %i[oldrev newrev ref branch_name tag_name logger].freeze
+      attr_reader(*ATTRIBUTES)
+
+      def initialize(change, logger:)
+        @oldrev, @newrev, @ref = change.values_at(:oldrev, :newrev, :ref)
+        @branch_name = Gitlab::Git.branch_name(@ref)
+        @tag_name = Gitlab::Git.tag_name(@ref)
+
+        @logger = logger
+        @logger.append_message("Running checks for ref: #{@branch_name || @tag_name}")
+      end
+
+      def exec
+        if creation? || deletion?
+          raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:create_delete_branch]
+        end
+
+        # TODO: https://gitlab.com/gitlab-org/gitlab/issues/205628
+        # Check operation will not result in more than one file in the repository
+
+        true
+      end
+    end
+  end
+end