GitLab issueshttps://gitlab.com/gitlab-org/gitlab/-/issues2024-03-20T00:06:17Zhttps://gitlab.com/gitlab-org/gitlab/-/issues/10694Security templates pull in latest analyzers, ignoring major2024-03-20T00:06:17ZLucas Charleslcharles@gitlab.comSecurity templates pull in latest analyzers, ignoring major### Problem to solve
Our security templates are currently configured to pass `SAST_ANALYZER_IMAGE_TAG` if defined. This does not appear to work correctly however as it's overriding the predefined `SAST_ANALYZER_IMAGE_TAG` configuration ...### Problem to solve
Our security templates are currently configured to pass `SAST_ANALYZER_IMAGE_TAG` if defined. This does not appear to work correctly however as it's overriding the predefined `SAST_ANALYZER_IMAGE_TAG` configuration defined within our wrapper project pipelines: https://gitlab.com/gitlab-org/security-products/sast/blob/master/.gitlab-ci.yml#L101.
This effectively means that our templates are running off `master` instead of our major releases
### Expected behavior (pulls `gosec:2`)
```
❯ docker run \
> --interactive --tty --rm \
> --volume "$PWD":/code \
> --volume /var/run/docker.sock:/var/run/docker.sock \
> registry.gitlab.com/gitlab-org/security-products/sast:${VERSION:-latest} /app/bin/run /code
2019/03/26 17:29:07 Copy project directory to containers
2019/03/26 17:29:07 [bandit] Detect project using plugin
2019/03/26 17:29:07 [bandit] Project not compatible
2019/03/26 17:29:07 [brakeman] Detect project using plugin
2019/03/26 17:29:07 [brakeman] Project not compatible
2019/03/26 17:29:07 [eslint] Detect project using plugin
2019/03/26 17:29:07 [eslint] Project not compatible
2019/03/26 17:29:07 [find-sec-bugs] Detect project using plugin
2019/03/26 17:29:07 [find-sec-bugs] Project not compatible
2019/03/26 17:29:07 [find-sec-bugs-gradle] Detect project using plugin
2019/03/26 17:29:07 [find-sec-bugs-gradle] Project not compatible
2019/03/26 17:29:07 [find-sec-bugs-groovy] Detect project using plugin
2019/03/26 17:29:07 [find-sec-bugs-groovy] Project not compatible
2019/03/26 17:29:07 [find-sec-bugs-sbt] Detect project using plugin
2019/03/26 17:29:07 [find-sec-bugs-sbt] Project not compatible
2019/03/26 17:29:07 [flawfinder] Detect project using plugin
2019/03/26 17:29:07 [flawfinder] Project not compatible
2019/03/26 17:29:07 [gosec] Detect project using plugin
2019/03/26 17:29:07 [gosec] Project is compatible
2019/03/26 17:29:07 [gosec] Starting analyzer...
2: Pulling from gitlab-org/security-products/analyzers/gosec
Digest: sha256:b88d41c7254428b7917baa8bbda2a4f5edb01407a711383117e49d94cad749d7
Status: Image is up to date for registry.gitlab.com/gitlab-org/security-products/analyzers/gosec:2
...
```
### Unexpected template behavior (pulls `gosec:latest`)
https://gitlab.com/gitlab-org/gitlab-ee/blob/11-9-stable-ee/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml#L18
```
❯ docker run \
> --env SAST_ANALYZER_IMAGES \
> --env SAST_ANALYZER_IMAGE_PREFIX \
> --env SAST_ANALYZER_IMAGE_TAG \
> --env SAST_DEFAULT_ANALYZERS \
> --env SAST_BRAKEMAN_LEVEL \
> --env SAST_GOSEC_LEVEL \
> --env SAST_FLAWFINDER_LEVEL \
> --env SAST_DOCKER_CLIENT_NEGOTIATION_TIMEOUT \
> --env SAST_PULL_ANALYZER_IMAGE_TIMEOUT \
> --env SAST_RUN_ANALYZER_TIMEOUT \
> --volume "$PWD:/code" \
> --volume /var/run/docker.sock:/var/run/docker.sock \
> "registry.gitlab.com/gitlab-org/security-products/sast:$SAST_VERSION" /app/bin/run /code
2019/03/26 17:30:53 Copy project directory to containers
2019/03/26 17:30:53 [bandit] Detect project using plugin
2019/03/26 17:30:53 [bandit] Project not compatible
2019/03/26 17:30:53 [brakeman] Detect project using plugin
2019/03/26 17:30:53 [brakeman] Project not compatible
2019/03/26 17:30:53 [eslint] Detect project using plugin
2019/03/26 17:30:53 [eslint] Project not compatible
2019/03/26 17:30:53 [flawfinder] Detect project using plugin
2019/03/26 17:30:53 [flawfinder] Project not compatible
2019/03/26 17:30:53 [gosec] Detect project using plugin
2019/03/26 17:30:53 [gosec] Project is compatible
2019/03/26 17:30:53 [gosec] Starting analyzer...
latest: Pulling from gitlab-org/security-products/analyzers/gosec
Digest: sha256:b88d41c7254428b7917baa8bbda2a4f5edb01407a711383117e49d94cad749d7
Status: Downloaded newer image for registry.gitlab.com/gitlab-org/security-products/analyzers/gosec:latest
...
```
The expected behavior can be achieved by dropping `--env SAST_ANALYZER_IMAGE_TAG` from the templated configuration
### Intended users
~"Persona: Software developer"
### Further details
<!-- Include use cases, benefits, and/or goals (contributes to our vision?) -->
### Proposal
<!-- How are we going to solve the problem? Try to include the user journey! https://about.gitlab.com/handbook/journeys/#user-journey -->
### Permissions and Security
No permission changes
### Documentation
<!-- See the Feature Change Documentation Workflow https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html
Add all known Documentation Requirements here, per https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html#documentation-requirements -->
### What does success look like, and how can we measure that?
Our templated jobs should be pinned to `$MAJOR` tool versions but respect overriding of `SAST_ANALYZER_IMAGE_TAG`
### What is the type of buyer?
~"GitLab Ultimate"
### Links / references
### Execution
- [x] Fix the resetting of Dockerfile env vars in CI vendored template SAST
- [x] Fix the resetting of Dockerfile env vars in CI vendored template Dependency Scanning
11.11Victor ZagorodnyVictor Zagorodnyhttps://gitlab.com/gitlab-org/gitlab/-/issues/10763Track clicks on "uninstall" button for kubernetes implementation2024-02-07T17:38:00ZDaniel GruessoTrack clicks on "uninstall" button for kubernetes implementation### Problem to solve
To better understand user activity, we should track uninstall activity on the kubernetes integration page
### Intended users
product managers
### Further details
GitLab tracks events using Snowplow's `trackStruc...### Problem to solve
To better understand user activity, we should track uninstall activity on the kubernetes integration page
### Intended users
product managers
### Further details
GitLab tracks events using Snowplow's `trackStructEvent` function. You can read more about it in the [Snowplow documentation](https://github.com/snowplow/snowplow/wiki/2-Specific-event-tracking-with-the-Javascript-tracker#custom-structured-events).
`snowplow_name_here('trackStructEvent', 'category', 'action', 'label', 'property', 'value');`
See https://gitlab.com/gitlab-org/gitlab-ee/issues/7424 for context on how to track events. You can see our existing Snowplow header implementation in `_snowplow.html.haml` in `app/views/layouts`.
### Proposal
Record an event when `Uninstall` button is clicked for each of the applications
* Uninstall Helm: `('trackStructEvent','k8s_cluster','uninstall','helm','','')`
* Uninstall Cert-Manager: `('trackStructEvent','k8s_cluster','uninstall','cert_manager','','')`
* Uninstall Prometheus: `('trackStructEvent','k8s_cluster','uninstall','prometheus','','')`
* Uninstall Runner: `('trackStructEvent','k8s_cluster','uninstall','runner','','')`
* Uninstall JupyterHub: `('trackStructEvent','k8s_cluster','uninstall','jupyterhub','','')`
* Uninstall Knative: `('trackStructEvent','k8s_cluster','uninstall','knative','','')`
### Permissions and Security
<!-- What permissions are required to perform the described actions? Are they consistent with the existing permissions as documented for users, groups, and projects as appropriate? Is the proposed behavior consistent between the UI, API, and other access methods (e.g. email replies)? -->
### Documentation
<!-- See the Feature Change Documentation Workflow https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html
Add all known Documentation Requirements here, per https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html#documentation-requirements -->
### What does success look like, and how can we measure that?
<!-- Define both the success metrics and acceptance criteria. Note that success metrics indicate the desired business outcomes, while acceptance criteria indicate when the solution is working correctly. If there is no way to measure success, link to an issue that will implement a way to measure this. -->
### Links / references11.11Enrique Alcántaraealcantara@gitlab.comEnrique Alcántaraealcantara@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/10856Slack Application slash command help shows run option twice2024-02-07T17:37:52ZJames FargherSlack Application slash command help shows run option twice### Description
When running `/gitlab <project alias> help` the message shows the `run` command twice:
![Screen_Shot_2019-04-03_at_9.50.21_AM](/uploads/8f416aa2766d234481ec9a8d66e087a9/Screen_Shot_2019-04-03_at_9.50.21_AM.png)### Description
When running `/gitlab <project alias> help` the message shows the `run` command twice:
![Screen_Shot_2019-04-03_at_9.50.21_AM](/uploads/8f416aa2766d234481ec9a8d66e087a9/Screen_Shot_2019-04-03_at_9.50.21_AM.png)11.11James FargherJames Fargherhttps://gitlab.com/gitlab-org/gitlab/-/issues/6538Extract EE specific files/lines for spec/features/issues2023-11-07T01:36:10ZLin Jen-ShinExtract EE specific files/lines for spec/features/issuesWe have the following files containing EE specific code. We should move them to ee/
<details>
<summary>spec/features/issues/filtered_search/dropdown_hint_spec.rb</summary>
```diff
diff --git a/spec/features/issues/filtered_search/dropd...We have the following files containing EE specific code. We should move them to ee/
<details>
<summary>spec/features/issues/filtered_search/dropdown_hint_spec.rb</summary>
```diff
diff --git a/spec/features/issues/filtered_search/dropdown_hint_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/filtered_search/dropdown_hint_spec.rb
index 0e296ab2109..096756f19cc 100644
--- a/spec/features/issues/filtered_search/dropdown_hint_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/filtered_search/dropdown_hint_spec.rb
@@ -66,7 +66,7 @@ describe 'Dropdown hint', :js do
it 'filters with text' do
filtered_search.set('a')
- expect(find(js_dropdown_hint)).to have_selector('.filter-dropdown .filter-dropdown-item', count: 4)
+ expect(find(js_dropdown_hint)).to have_selector('.filter-dropdown .filter-dropdown-item', count: 5)
end
end
@@ -119,6 +119,15 @@ describe 'Dropdown hint', :js do
expect_tokens([{ name: 'my-reaction' }])
expect_filtered_search_input_empty
end
+
+ it 'opens the yes-no dropdown when you click on confidential' do
+ click_hint('confidential')
+
+ expect(page).to have_css(js_dropdown_hint, visible: false)
+ expect(page).to have_css('#js-dropdown-confidential', visible: true)
+ expect_tokens([{ name: 'confidential' }])
+ expect_filtered_search_input_empty
+ end
end
describe 'selecting from dropdown with some input' do
```
</details>
<details>
<summary>spec/features/issues/filtered_search/search_bar_spec.rb</summary>
```diff
diff --git a/spec/features/issues/filtered_search/search_bar_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/filtered_search/search_bar_spec.rb
index 891ef884682..c4468922883 100644
--- a/spec/features/issues/filtered_search/search_bar_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/filtered_search/search_bar_spec.rb
@@ -86,7 +86,7 @@ describe 'Search bar', :js do
expect(find('#js-dropdown-hint')).to have_selector('.filter-dropdown .filter-dropdown-item', count: original_size)
end
- it 'resets the dropdown filters', :quarantine do
+ it 'resets the dropdown filters' do
filtered_search.click
hint_offset = get_left_style(find('#js-dropdown-hint')['style'])
@@ -100,7 +100,7 @@ describe 'Search bar', :js do
find('.filtered-search-box .clear-search').click
filtered_search.click
- expect(find('#js-dropdown-hint')).to have_selector('.filter-dropdown .filter-dropdown-item', count: 5)
+ expect(find('#js-dropdown-hint')).to have_selector('.filter-dropdown .filter-dropdown-item', count: 6)
expect(get_left_style(find('#js-dropdown-hint')['style'])).to eq(hint_offset)
end
end
```
</details>
<details>
<summary>spec/features/issues/filtered_search/visual_tokens_spec.rb</summary>
```diff
diff --git a/spec/features/issues/filtered_search/visual_tokens_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/filtered_search/visual_tokens_spec.rb
index 9fd661d80ae..a4c34ce85f0 100644
--- a/spec/features/issues/filtered_search/visual_tokens_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/filtered_search/visual_tokens_spec.rb
@@ -59,6 +59,13 @@ describe 'Visual tokens', :js do
expect(page).to have_css('#js-dropdown-author', visible: false)
end
+ it 'ends editing mode when scroll container is clicked' do
+ find('.scroll-container').click
+
+ expect_filtered_search_input_empty
+ expect(page).to have_css('#js-dropdown-author', visible: false)
+ end
+
describe 'selecting different author from dropdown' do
before do
filter_author_dropdown.find('.filter-dropdown-item .dropdown-light-content', text: "@#{user_rock.username}").click
@@ -102,6 +109,13 @@ describe 'Visual tokens', :js do
expect(page).to have_css('#js-dropdown-assignee', visible: false)
end
+ it 'ends editing mode when scroll container is clicked' do
+ find('.scroll-container').click
+
+ expect_filtered_search_input_empty
+ expect(page).to have_css('#js-dropdown-assignee', visible: false)
+ end
+
describe 'selecting static option from dropdown' do
before do
find("#js-dropdown-assignee").find('.filter-dropdown-item', text: 'None').click
@@ -153,6 +167,13 @@ describe 'Visual tokens', :js do
expect_filtered_search_input_empty
expect(page).to have_css('#js-dropdown-milestone', visible: false)
end
+
+ it 'ends editing mode when scroll container is clicked' do
+ find('.scroll-container').click
+
+ expect_filtered_search_input_empty
+ expect(page).to have_css('#js-dropdown-milestone', visible: false)
+ end
end
describe 'editing label token' do
```
</details>
<details>
<summary>spec/features/issues/form_spec.rb</summary>
```diff
diff --git a/spec/features/issues/form_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/form_spec.rb
index f2e4c5779df..2fe4256037f 100644
--- a/spec/features/issues/form_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/form_spec.rb
@@ -13,6 +13,8 @@ describe 'New/edit issue', :js do
let!(:issue) { create(:issue, project: project, assignees: [user], milestone: milestone) }
before do
+ stub_licensed_features(multiple_issue_assignees: false, issue_weights: false)
+
project.add_maintainer(user)
project.add_maintainer(user2)
sign_in(user)
@@ -30,8 +32,8 @@ describe 'New/edit issue', :js do
# the original method, resulting in infinite recursion when called.
# This is likely a bug with helper modules included into dynamically generated view classes.
# To work around this, we have to hold on to and call to the original implementation manually.
- original_issue_dropdown_options = FormHelper.instance_method(:issue_assignees_dropdown_options)
- allow_any_instance_of(FormHelper).to receive(:issue_assignees_dropdown_options).and_wrap_original do |original, *args|
+ original_issue_dropdown_options = EE::FormHelper.instance_method(:issue_assignees_dropdown_options)
+ allow_any_instance_of(EE::FormHelper).to receive(:issue_assignees_dropdown_options).and_wrap_original do |original, *args|
options = original_issue_dropdown_options.bind(original.receiver).call(*args)
options[:data][:per_page] = 2
```
</details>
<details>
<summary>spec/features/issues/gfm_autocomplete_spec.rb</summary>
```diff
diff --git a/spec/features/issues/gfm_autocomplete_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/gfm_autocomplete_spec.rb
index c22ad0d20ef..986f3823275 100644
--- a/spec/features/issues/gfm_autocomplete_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/gfm_autocomplete_spec.rb
@@ -278,7 +278,7 @@ describe 'GFM autocomplete', :js do
end
end
- # This context has jsut one example in each contexts in order to improve spec performance.
+ # This context has just one example in each contexts in order to improve spec performance.
context 'labels', :quarantine do
let!(:backend) { create(:label, project: project, title: 'backend') }
let!(:bug) { create(:label, project: project, title: 'bug') }
```
</details>
<details>
<summary>spec/features/issues/user_uses_quick_actions_spec.rb</summary>
```diff
diff --git a/spec/features/issues/user_uses_quick_actions_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/user_uses_quick_actions_spec.rb
index 27cffdc5f8b..6a7a7f00fe4 100644
--- a/spec/features/issues/user_uses_quick_actions_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/issues/user_uses_quick_actions_spec.rb
@@ -117,6 +117,80 @@ describe 'Issues > User uses quick actions', :js do
end
end
+ describe 'adding a weight from a note' do
+ let(:issue) { create(:issue, project: project) }
+
+ context 'when the user can update the weight' do
+ it 'does not create a note, and sets the weight accordingly' do
+ add_note("/weight 5")
+
+ expect(page).not_to have_content '/weight 5'
+ expect(page).to have_content 'Commands applied'
+
+ issue.reload
+
+ expect(issue.weight).to eq(5)
+ end
+ end
+
+ context 'when the current user cannot update the weight' do
+ let(:guest) { create(:user) }
+ before do
+ project.add_guest(guest)
+ gitlab_sign_out
+ sign_in(guest)
+ visit project_issue_path(project, issue)
+ end
+
+ it 'does not create a note or set the weight' do
+ add_note("/weight 5")
+
+ expect(page).not_to have_content 'Commands applied'
+
+ issue.reload
+
+ expect(issue.weight).not_to eq(5)
+ end
+ end
+ end
+
+ describe 'removing weight from a note' do
+ let(:issue) { create(:issue, project: project, weight: 1) }
+
+ context 'when the user can update the weight' do
+ it 'does not create a note, and removes the weight accordingly' do
+ add_note("/clear_weight")
+
+ expect(page).not_to have_content '/clear_weight'
+ expect(page).to have_content 'Commands applied'
+
+ issue.reload
+
+ expect(issue.weight).to eq(nil)
+ end
+ end
+
+ context 'when the current user cannot update the weight' do
+ let(:guest) { create(:user) }
+ before do
+ project.add_guest(guest)
+ gitlab_sign_out
+ sign_in(guest)
+ visit project_issue_path(project, issue)
+ end
+
+ it 'does create a note or set the weight' do
+ add_note("/clear_weight")
+
+ expect(page).not_to have_content 'Commands applied'
+
+ issue.reload
+
+ expect(issue.weight).to eq(1)
+ end
+ end
+ end
+
describe 'mark issue as duplicate' do
let(:issue) { create(:issue, project: project) }
let(:original_issue) { create(:issue, project: project) }
```
</details>11.11Felipe ArturFelipe Arturhttps://gitlab.com/gitlab-org/gitlab/-/issues/6726Ignore some directories not working when analyzer scans the full repo2023-04-21T19:29:13ZOlivier GonzalezIgnore some directories not working when analyzer scans the full repo### Description
Due to how they work, some analyzers have an `AnalyzeAll` property set to true that allows scanning the full repo when a compatible file has been found in any subtree.
While the ignored dirs are taken into account when ...### Description
Due to how they work, some analyzers have an `AnalyzeAll` property set to true that allows scanning the full repo when a compatible file has been found in any subtree.
While the ignored dirs are taken into account when searching, if there is a compatible file found anywhere else, the analyzer will run on the full repo tree, including the ignored dirs.
### Proposal
1. filter out any issue found in a file contained in an ignored dir: this is generic and easy to implement but not optimized. The scanner may unnecessary analyze all the content of `vendor` or `node_module` just to filter out the results.
2. pass the ignored dirs to the scanner command: this is efficient but unfortunately, we can't ensure all scanner provide such option (we could fallback to proposal 1. for those ones)
3. ?
### Related Issues
https://gitlab.com/gitlab-org/security-products/sast/issues/4711.11Fabien Catteaufcatteau@gitlab.comFabien Catteaufcatteau@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/6713Dependency Scanning fails to build Python apps because of missing tools and d...2023-04-21T19:29:09ZGeorge GaálDependency Scanning fails to build Python apps because of missing tools and dependenciesI am investigating the possibilities of dependency check and switching to Enterprise version of Gitlab.
I found that dependency check for python projects is based on analysis of `requirements.txt` file. If it contains common entries lik...I am investigating the possibilities of dependency check and switching to Enterprise version of Gitlab.
I found that dependency check for python projects is based on analysis of `requirements.txt` file. If it contains common entries like 'Werkzeug==0.12.1', 'numpy==1.13.3' and so on, all is fine. But if there are next entries in `requirements.txt`:
```
cx-Oracle==5.3
psycopg2==2.6.2
pymssql==2.1.3
```
the dependency check fails and exits. It is blocking factor for switching to enterprise version, because dependency check is broken by design.
```
docker run --interactive --tty --rm --volume "$PWD":/code --volume /var/run/docker.sock:/var/run/docker.sock registry.gitlab.com/gitlab-org/security-products/dependency-scanning:10-8-stable /code
EXECUTE: mkdir -p /app/bin
curl https://gitlab.com/gitlab-org/security-products/binaries/raw/master/gemnasium-client/gemnasium-client-1.0.1 --output /app/bin/gemnasium
chmod a+rx /app/bin/gemnasium
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 6949k 100 6949k 0 0 586k 0 0:00:11 0:00:11 --:--:-- 292k
EXECUTE: [ ! -z "$(/app/bin/gemnasium search .)" ]
EXECUTE: /app/bin/gemnasium alerts . > /code/gl-sast-gemnasium.json
latest: Pulling from gitlab-org/security-products/binaries/gemnasium-client-python-generator
Digest: sha256:c33ab2878c3776e291353e4078adcf6684d844e2bc25153ee5f02be22752446a
Status: Image is up to date for registry.gitlab.com/gitlab-org/security-products/binaries/gemnasium-client-python-generator:latest
-----> Installing python-3.6.4
-----> Installing pip
-----> Installing requirements with pip
Collecting airflow==1.8.0 (from -r /tmp/app/./requirements.txt (line 1))
Downloading https://files.pythonhosted.org/packages/e7/ac/5f1ec362fc0695167d29b3c7b6f28d79898f1221e5a32ab1c6e651a55564/airflow-1.8.0.tar.gz (8.4MB)
Collecting alembic==0.9.1 (from -r /tmp/app/./requirements.txt (line 2))
Downloading https://files.pythonhosted.org/packages/97/00/3e6797a2e4209db69d23b223ae3148d5f3605dafba6a332670de7a12c147/alembic-0.9.1.tar.gz (999kB)
Collecting amqp==2.1.4 (from -r /tmp/app/./requirements.txt (line 3))
Downloading https://files.pythonhosted.org/packages/7e/4b/ac7afb11b57f237e3c1c64b5408c5d229bf5d4b42af6cb6e683c7690ca4f/amqp-2.1.4-py2.py3-none-any.whl (49kB)
Collecting anyjson==0.3.3 (from -r /tmp/app/./requirements.txt (line 4))
Downloading https://files.pythonhosted.org/packages/c3/4d/d4089e1a3dd25b46bebdb55a992b0797cff657b4477bc32ce28038fdecbc/anyjson-0.3.3.tar.gz
Collecting appdirs==1.4.3 (from -r /tmp/app/./requirements.txt (line 5))
Downloading https://files.pythonhosted.org/packages/56/eb/810e700ed1349edde4cbdc1b2a21e28cdf115f9faf263f6bbf8447c1abf3/appdirs-1.4.3-py2.py3-none-any.whl
Collecting Babel==1.3 (from -r /tmp/app/./requirements.txt (line 6))
Downloading https://files.pythonhosted.org/packages/33/27/e3978243a03a76398c384c83f7ca879bc6e8f1511233a621fcada135606e/Babel-1.3.tar.gz (3.4MB)
Collecting bcrypt==3.1.2 (from -r /tmp/app/./requirements.txt (line 7))
Downloading https://files.pythonhosted.org/packages/3f/72/980f6e49da4ee3b168b20551e76142ad44af12318ed7e2d42ac0fd134b95/bcrypt-3.1.2-cp36-cp36m-manylinux1_x86_64.whl (53kB)
Collecting billiard==3.5.0.2 (from -r /tmp/app/./requirements.txt (line 8))
Downloading https://files.pythonhosted.org/packages/af/56/90fd158263e324742fb0ac82f9e2650dbbc7f93a233d9e254021e5d35880/billiard-3.5.0.2-py3-none-any.whl (102kB)
Collecting celery==3.1.23 (from -r /tmp/app/./requirements.txt (line 9))
Downloading https://files.pythonhosted.org/packages/de/df/59f5df67082ef46b86bc754b82f8cf187b835eea8a56ea8907813e75ad6d/celery-3.1.23-py2.py3-none-any.whl (520kB)
Collecting cffi==1.9.1 (from -r /tmp/app/./requirements.txt (line 10))
Downloading https://files.pythonhosted.org/packages/f0/47/2b967857a94b01127742dec3ed5595a596358cfbb170be6e3e89efd6786d/cffi-1.9.1-cp36-cp36m-manylinux1_x86_64.whl (398kB)
Collecting chartkick==0.4.2 (from -r /tmp/app/./requirements.txt (line 11))
Downloading https://files.pythonhosted.org/packages/2f/ce/b3d286e42fe5becc242e1c0e1f5a2365fa08546dd28155493571babf56fd/chartkick-0.4.2.tar.gz
Collecting click==6.7 (from -r /tmp/app/./requirements.txt (line 12))
Downloading https://files.pythonhosted.org/packages/34/c1/8806f99713ddb993c5366c362b2f908f18269f8d792aff1abfd700775a77/click-6.7-py2.py3-none-any.whl (71kB)
Collecting configparser==3.5.0 (from -r /tmp/app/./requirements.txt (line 13))
Downloading https://files.pythonhosted.org/packages/7c/69/c2ce7e91c89dc073eb1aa74c0621c3eefbffe8216b3f9af9d3885265c01c/configparser-3.5.0.tar.gz
Collecting croniter==0.3.16 (from -r /tmp/app/./requirements.txt (line 14))
Downloading https://files.pythonhosted.org/packages/58/2a/17d003f2a9a0188cf9365d63b3351c6522b7d83996b70270c65c789e35b9/croniter-0.3.16.tar.gz
Collecting cryptography==1.7.1 (from -r /tmp/app/./requirements.txt (line 15))
Downloading https://files.pythonhosted.org/packages/82/f7/d6dfd7595910a20a563a83a762bf79a253c4df71759c3b228accb3d7e5e4/cryptography-1.7.1.tar.gz (420kB)
Collecting cx-Oracle==5.3 (from -r /tmp/app/./requirements.txt (line 16))
Downloading https://files.pythonhosted.org/packages/14/05/4d492fb049eeee24ff8b5fdf23c6240b81ef168d4039dfbf6629e022ba6b/cx_Oracle-5.3.tar.gz (129kB)
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-install-wff2m3v5/cx-Oracle/setup.py", line 174, in <module>
raise DistutilsSetupError("cannot locate an Oracle software " \
distutils.errors.DistutilsSetupError: cannot locate an Oracle software installation
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-install-wff2m3v5/cx-Oracle/
Could not install python packages for the repository at .
FATA[0063] Container exited with non zero exit code: 1
/usr/local/lib/ruby/2.3.0/json/common.rb:156:in `initialize': A JSON text must at least contain two octets! (JSON::ParserError)
from /usr/local/lib/ruby/2.3.0/json/common.rb:156:in `new'
from /usr/local/lib/ruby/2.3.0/json/common.rb:156:in `parse'
from /app/lib/analyzers/gemnasium.rb:58:in `block in analyze'
from /app/lib/analyzers/gemnasium.rb:53:in `chdir'
from /app/lib/analyzers/gemnasium.rb:53:in `analyze'
from /app/lib/analyzers/gemnasium.rb:37:in `execute'
from /app/lib/analyze.rb:22:in `issues'
from /app/lib/run.rb:10:in `initialize'
from /app/bin/run:7:in `new'
from /app/bin/run:7:in `<main>'
```11.11Lucas Charleslcharles@gitlab.comLucas Charleslcharles@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/10030Exclude dirs from SAST, Dependency Scanning analysis2023-04-21T19:27:52ZThiago PresaExclude dirs from SAST, Dependency Scanning analysis### Problem to solve
Currently there is no way to exclude a dir from a repo from analysis. This has the implication that there will be vulnerabilities found that are not interesting for the development team
### Target audience
- Delan...### Problem to solve
Currently there is no way to exclude a dir from a repo from analysis. This has the implication that there will be vulnerabilities found that are not interesting for the development team
### Target audience
- Delaney, Development Team Lead, https://design.gitlab.com/research/personas#persona-delaney
- Sasha, Software Developer, https://design.gitlab.com/research/personas#persona-sasha
### Proposal
Introduce new variables `SAST_EXCLUDED_PATHS` and `DS_EXCLUDED_PATHS`
to set a list of excluded paths in SAST and Dependency Scanning, respectively.
When generating a report, SAST, DS and their analyzers automatically remove all the vulnerabilities
for which the location matches one of excluded paths.
The filter uses the `.location.path` key of the vulnerability.
`SAST_EXCLUDED_PATHS` and `DS_EXCLUDED_PATHS` act as a **post-filter**:
it doesn't prevent the scanning of the excluded path
but instead removes the excluded path from the generated output.
It would be more efficient to filter out the excluded paths when scanning the repo
but this is way more complex given the diversity of the tools SAST relies on.
The post-filter is the easiest way to achieve consistency across all the analyzers.
`SAST_EXCLUDED_PATHS` and `DS_EXCLUDED_PATHS` are a comma-separated list of patterns.
Patterns can be globs, file or folder paths. Parent directories will also match patterns.
It's important that the filter is implemented in both SAST/DS and their analyzers.
This way it will benefit to customers who use the analyzer Docker images directly
(e.g. without relying on the main `sast` or `dependency-scanning` image).
**Out of scope**: If possible the analyzer/wrapper may leverage `SAST_EXCLUDED_PATHS` and pass it to the command line program it relies on to remove excluded paths from the scanning. In that case the environment variable would be used both as a pre-filter and a post-filter. But consistency matters and analyzers should not reuse this environment variable unless they implement the exact pattern matching.
### TODO
- [x] specify the pattern of excluded path AKA glob syntax
- See https://gitlab.com/gitlab-org/gitlab-ee/issues/10030#note_163363781
- [x] implement in common library
- parsing of comma-separated of excluded path
- matching function to tell whether a path is excluded
- filtering of excluded path in analyzer
- filtering of excluded path in orchestrator (SAST itself)
- ~~discuss default value, if any~~
- [x] update job definition
- [x] update documentation
- update SAST doc
- update DS doc
### Links / references
ZD https://gitlab.zendesk.com/agent/tickets/114449
A sample python project can be found at https://gitlab.com/televi/sast-issue-114449
What happens:
* SAST identifies issues in the tests directory as well as in the hello_world directory
What should happen:
* SAST should only report issues in the hello_world directory since the tests directory is part of the default set of ignored directories11.11Fabien Catteaufcatteau@gitlab.comFabien Catteaufcatteau@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/10440Add links to the template files to CI examples on security products Vendored ...2023-04-21T19:27:46ZVictor ZagorodnyAdd links to the template files to CI examples on security products Vendored Templates### Problem to solve
Documentation for CI examples on security products Vendored Templates lacks links to the exact template files under [Security templates dir](https://gitlab.com/gitlab-org/gitlab-ee/tree/master/lib/gitlab/ci/template...### Problem to solve
Documentation for CI examples on security products Vendored Templates lacks links to the exact template files under [Security templates dir](https://gitlab.com/gitlab-org/gitlab-ee/tree/master/lib/gitlab/ci/templates/Security).
### Further details
Having these links in the docs would help the users who want to contribute to locate it, and make sure the “manual” definition in the doc is still accurate.
### Proposal / Execution
Add links to the relevant vendored template CI example doc per each of the security products:
- [x] [SAST](https://docs.gitlab.com/ee/ci/examples/sast.html) `->` [SAST template](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml)
- [x] [DAST](https://docs.gitlab.com/ee/ci/examples/dast.html) `->` [DAST template](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/lib/gitlab/ci/templates/Security/DAST.gitlab-ci.yml)
- [x] [Dependency Scanning](https://docs.gitlab.com/ee/ci/examples/dependency_scanning.html) `->` [Dependency Scanning
template](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml)
- [x] [Container Scanning](https://docs.gitlab.com/ee/ci/examples/container_scanning.html) `->` [Container Scanning template](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml)
- [x] [License Management](https://docs.gitlab.com/ee/ci/examples/license_management.html) `->` [License Management template](https://gitlab.com/gitlab-org/gitlab-ee/blob/master/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml)
### Who can address the issue
~Secure team
### Other links/references11.11Victor ZagorodnyVictor Zagorodnyhttps://gitlab.com/gitlab-org/gitlab/-/issues/10929Update process for Dependency Scanning vulnerabilities (Python)2023-04-21T19:27:32ZFabio BusattoUpdate process for Dependency Scanning vulnerabilities (Python)#### Description
This issue is to ensure we have updated Dependency Scanning vulnerabilities for Python, and to automate this process where possible.
#### Tasks
- [ ] Document current status
- [ ] Update vulnerability database
- [ ] Co...#### Description
This issue is to ensure we have updated Dependency Scanning vulnerabilities for Python, and to automate this process where possible.
#### Tasks
- [ ] Document current status
- [ ] Update vulnerability database
- [ ] Consider improvements
- [ ] Consider automation11.11Fabio BusattoFabio Busattohttps://gitlab.com/gitlab-org/gitlab/-/issues/9123Improve support of Geo secondaries behind a load balancer2023-01-18T21:59:05ZMichael Kozonomkozono@gitlab.comImprove support of Geo secondaries behind a load balancer- [ ] Follow up from https://gitlab.com/gitlab-org/gitlab-ee/issues/6306#note_130326757:
> I'll open another issue for those items. It makes sense to address only the main blocker (secondary authentication) here. These items are increme...- [ ] Follow up from https://gitlab.com/gitlab-org/gitlab-ee/issues/6306#note_130326757:
> I'll open another issue for those items. It makes sense to address only the main blocker (secondary authentication) here. These items are incremental improvements on top of that.
---------------------------
~~A customer wants to run all Geo Nodes behind a location aware load balancer so their users don't need knowledge of Geo. This is not currently possible. Other than https://gitlab.com/gitlab-org/gitlab-ee/issues/6306, they also need the following items addressed.~~ => [Support putting the primary behind a Geo node load balancer](https://gitlab.com/gitlab-org/gitlab-ee/issues/10888)
- ~~Use Alternate URL in Git clone HTTP host and SSH destination https://gitlab.com/gitlab-org/gitlab-ee/issues/9123#note_153104896~~
- ~~The Edit button URL for Geo nodes should be relative, not absolute using the external URL.~~
Scope has been cut to include only secondaries behind a load balancer. No primary yet.
- [x] Don't hard-code `gitlab-ctl replicate` DB name to `gitlabhq_...`. => https://gitlab.com/gitlab-org/omnibus-gitlab/merge_requests/3124
- [x] Remove Alternate URL => https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/10609
- [x] Decouple node identity from External URL, so External URL can be used with more flexibility. See https://gitlab.com/gitlab-org/gitlab-ee/issues/9123#note_156172347, copied below:
>>>
### Perhaps a way to clean up Geo
Don't reuse `external_url` as a unique identifier for "which GeoNode am I?".
E.g.:
* Add `gitlab_rails['geo_node_name']` to `gitlab.rb` and default it to `external_url`.
* Rename GeoNode#url to GeoNode#name. It will be expected to match `gitlab_rails['geo_node_name']`.
* Whereever we use GeoNode#url as an identifier, use GeoNode#name
* Whereever we use GeoNode#url as a URL that something needs to actually contact, instead use `external_url` (or `internal_url`, which is being introduced in https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/9634).
* Profit???
| | UK (primary) | USA (secondary 1) | China (secondary 2) |
|--|--------------|-------------------|---------------------|
| gitlab.rb external_url | https://gitlab.com | https://secondary.gitlab.com | https://secondary.gitlab.com |
| gitlab.rb geo_node_name | uk.gitlab.com | us.gitlab.com | cn.gitlab.com |
| GeoNode name | uk.gitlab.com | us.gitlab.com | cn.gitlab.com |
| GeoNode internal_url | https://uk.gitlab.com (or let it default to external_url) | | |
>>>
- Customer ticket: https://gitlab.zendesk.com/agent/tickets/106018 (internal use)
- Slack discussion during customer call: https://gitlab.slack.com/archives/C32LCGC1H/p1540571721004700 (internal use)11.11Michael Kozonomkozono@gitlab.comMichael Kozonomkozono@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/10871Copy LFS objects when a repository is pull mirrored2023-01-09T09:37:18ZJames Ramsay (ex-GitLab)Copy LFS objects when a repository is pull mirrored### Problem to solve
Projects can be mirrored from or to another repository. When activated, we mirror branches, tags, and commits. However, we do not mirror the LFS objects if the repository uses LFS. This is documented in a few places...### Problem to solve
Projects can be mirrored from or to another repository. When activated, we mirror branches, tags, and commits. However, we do not mirror the LFS objects if the repository uses LFS. This is documented in a few places but is certainly not an expected or obvious behaviour and makes mirroring unusable for repositories containing LFS objects.
We should add support for pull mirroring LFS objects.
### Intended users
<!-- Who will use this feature? If known, include any of the following: types of users (e.g. Developer), personas, or specific company roles (e.g. Release Manager). It's okay to write "Unknown" and fill this field in later.
Personas can be found at https://about.gitlab.com/handbook/marketing/product-marketing/roles-personas/ -->
### Further details
<!-- Include use cases, benefits, and/or goals (contributes to our vision?) -->
### Proposal
- Mirror LFS objects for pull mirroring
### Documentation
<!-- See the Feature Change Documentation Workflow https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html
Add all known Documentation Requirements here, per https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html#documentation-requirements -->
- Update documentation explaining to explain that LFS object mirroring is now supported for pull mirroring.
### What does success look like, and how can we measure that?
This is removing a technical limitation of an existing feature, and is not expected to significantly increase usage of mirroring. GitLab's ultimate strategy is remove the need for Git LFS and implement native support for large files. However, in the mean time it is important that we support our existing customers who use LFS and mirroring.
### Links / references
<!-- triage-serverless v3 PLEASE DO NOT REMOVE THIS SECTION -->
*This page may contain information related to upcoming products, features and functionality.
It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes.
Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.*
<!-- triage-serverless v3 PLEASE DO NOT REMOVE THIS SECTION -->11.11Francisco Javier López (ex-Gitlab)Francisco Javier López (ex-Gitlab)https://gitlab.com/gitlab-org/gitlab/-/issues/11235Quick actions do not work when issues are opened from alerts2022-06-10T03:09:52ZJoshua LambertQuick actions do not work when issues are opened from alertsIt looks like quick actions do not apply when issues are opened from alerts.
My template includes `/label ~incident`, but when the issue is created it is not applied:
![image](/uploads/b95b4028e5c56787e092710d6c3cc45e/image.png)
This ...It looks like quick actions do not apply when issues are opened from alerts.
My template includes `/label ~incident`, but when the issue is created it is not applied:
![image](/uploads/b95b4028e5c56787e092710d6c3cc45e/image.png)
This may be due to some affect with how quick actions are handled in descriptions. My understanding is that they only apply on initial creation and not further edits: https://gitlab.com/gitlab-org/gitlab-ce/issues/21505
We may be impacted by the method we are using to save the issue, is not triggering the quick action logic.11.11Peter Leitzenpleitzen@gitlab.comPeter Leitzenpleitzen@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/6574Extract EE specific files/lines for spec/features/merge_request2022-05-19T18:08:54ZLin Jen-ShinExtract EE specific files/lines for spec/features/merge_requestWe have the following files containing EE specific code. We should move them to ee/
<details>
<summary>spec/features/merge_request/user_creates_merge_request_spec.rb</summary>
```diff
diff --git a/spec/features/merge_request/user_creat...We have the following files containing EE specific code. We should move them to ee/
<details>
<summary>spec/features/merge_request/user_creates_merge_request_spec.rb</summary>
```diff
diff --git a/spec/features/merge_request/user_creates_merge_request_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/merge_request/user_creates_merge_request_spec.rb
index ea2bb1503bb..061a4c4f633 100644
--- a/spec/features/merge_request/user_creates_merge_request_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/merge_request/user_creates_merge_request_spec.rb
@@ -3,19 +3,33 @@ require "spec_helper"
describe "User creates a merge request", :js do
include ProjectForksHelper
+ let(:approver) { create(:user) }
+ let(:project) do
+ create(:project,
+ :repository,
+ approvals_before_merge: 1,
+ merge_requests_template: template_text)
+ end
+ let(:template_text) { "This merge request should contain the following." }
let(:title) { "Some feature" }
- let(:project) { create(:project, :repository) }
let(:user) { create(:user) }
+ let(:user2) { create(:user) }
before do
stub_feature_flags(approval_rules: false)
project.add_maintainer(user)
+ project.add_maintainer(user2)
+ project.add_maintainer(approver)
sign_in(user)
+
+ project.approvers.create(user_id: approver.id)
+
+ visit(project_new_merge_request_path(project))
end
it "creates a merge request" do
- visit(project_new_merge_request_path(project))
+ allow_any_instance_of(Gitlab::AuthorityAnalyzer).to receive(:calculate).and_return([user2])
find(".js-source-branch").click
click_link("fix")
@@ -25,12 +39,38 @@ describe "User creates a merge request", :js do
click_button("Compare branches")
+ expect(find_field("merge_request_description").value).to eq(template_text)
+
+ # Approvers
+ page.within("ul .unsaved-approvers") do
+ expect(page).to have_content(approver.name)
+ end
+
+ page.within(".suggested-approvers") do
+ expect(page).to have_content(user2.name)
+ end
+
+ click_link(user2.name)
+
+ page.within("ul.approver-list") do
+ expect(page).to have_content(user2.name)
+ end
+ # End of approvers
+
fill_in("Title", with: title)
click_button("Submit merge request")
page.within(".merge-request") do
expect(page).to have_content(title)
end
+
+ page.within(".js-issuable-actions") do
+ click_link("Edit", match: :first)
+ end
+
+ page.within("ul.approver-list") do
+ expect(page).to have_content(user2.name)
+ end
end
context "to a forked project" do
```
</details>
<details>
<summary>spec/features/merge_request/user_sees_closing_issues_message_spec.rb</summary>
```diff
diff --git a/spec/features/merge_request/user_sees_closing_issues_message_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/merge_request/user_sees_closing_issues_message_spec.rb
index d7c784b14c5..4bea8656033 100644
--- a/spec/features/merge_request/user_sees_closing_issues_message_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/merge_request/user_sees_closing_issues_message_spec.rb
@@ -73,4 +73,18 @@ describe 'Merge request > User sees closing issues message', :js do
expect(page).to have_content("Mentions #{issue_2.to_reference}")
end
end
+
+ context 'approvals are enabled while closing issues', :js do
+ before do
+ project.add_developer(user)
+ end
+
+ let(:project) { create(:project, :public, :repository, approvals_before_merge: 1) }
+ let(:merge_request_description) { "Description\n\nclosing #{issue_1.to_reference}, #{issue_2.to_reference}" }
+
+ it 'displays closing issue message exactly one time' do
+ wait_for_requests
+ expect(page).to have_content("Closes #{issue_1.to_reference} and #{issue_2.to_reference}", count: 1)
+ end
+ end
end
```
</details>
<details>
<summary>spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb</summary>
```diff
diff --git a/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb
index ae41cf90576..63c083328e3 100644
--- a/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/merge_request/user_selects_branches_for_new_mr_spec.rb
@@ -86,6 +86,27 @@ describe 'Merge request > User selects branches for new MR', :js do
expect(target_items.count).to be > 1
end
+ context 'when approvals are enabled for the target project' do
+ before do
+ project.update(approvals_before_merge: 1)
+
+ visit project_new_merge_request_path(project, merge_request: { target_branch: 'master', source_branch: 'feature_conflict' })
+ end
+
+ it 'shows approval settings' do
+ expect(page).to have_content('Approvers')
+ end
+
+ context 'saving the MR' do
+ it 'shows the saved MR' do
+ fill_in 'merge_request_title', with: 'Test'
+ click_button 'Submit merge request'
+
+ expect(page).to have_link('Close merge request')
+ end
+ end
+ end
+
context 'when target project cannot be viewed by the current user' do
it 'does not leak the private project name & namespace' do
private_project = create(:project, :private, :repository)
```
</details>11.11Heinrich Lee Yuheinrich@gitlab.comHeinrich Lee Yuheinrich@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/6120Extract EE specific files/lines for spec/services/merge_requests2022-05-19T18:04:46ZLin Jen-ShinExtract EE specific files/lines for spec/services/merge_requestsWe have the following files containing EE specific code. We should move them to ee/
<details>
<summary>spec/services/merge_requests/refresh_service_spec.rb</summary>
```diff
diff --git a/spec/services/merge_requests/refresh_service_spe...We have the following files containing EE specific code. We should move them to ee/
<details>
<summary>spec/services/merge_requests/refresh_service_spec.rb</summary>
```diff
diff --git a/spec/services/merge_requests/refresh_service_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/services/merge_requests/refresh_service_spec.rb
index 9e9dc5a576c..ab199c42477 100644
--- a/spec/services/merge_requests/refresh_service_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/services/merge_requests/refresh_service_spec.rb
@@ -13,7 +13,7 @@ describe MergeRequests::RefreshService do
group = create(:group)
group.add_owner(@user)
- @project = create(:project, :repository, namespace: group)
+ @project = create(:project, :repository, namespace: group, approvals_before_merge: 1, reset_approvals_on_push: true)
@fork_project = fork_project(@project, @user, repository: true)
@merge_request = create(:merge_request,
@@ -38,6 +38,9 @@ describe MergeRequests::RefreshService do
target_branch: 'feature',
target_project: @project)
+ @merge_request.approvals.create(user_id: user.id)
+ @fork_merge_request.approvals.create(user_id: user.id)
+
@build_failed_todo = create(:todo,
:build_failed,
user: @user,
@@ -87,6 +90,9 @@ describe MergeRequests::RefreshService do
expect(@fork_merge_request.notes).to be_empty
expect(@build_failed_todo).to be_done
expect(@fork_build_failed_todo).to be_done
+ # EE-only
+ expect(@merge_request.approvals).to be_empty
+ expect(@fork_merge_request.approvals).not_to be_empty
end
it 'reloads source branch MRs memoization' do
@@ -229,7 +235,7 @@ describe MergeRequests::RefreshService do
let(:notification_service) { spy('notification_service') }
before do
- @merge_request.update(state: :reopened)
+ @merge_request.update(state: :opened)
allow(refresh_service).to receive(:execute_hooks)
allow(NotificationService).to receive(:new) { notification_service }
@@ -270,6 +276,9 @@ describe MergeRequests::RefreshService do
expect(@fork_merge_request.notes.last.note).to include('merged')
expect(@build_failed_todo).to be_done
expect(@fork_build_failed_todo).to be_done
+ # EE-only
+ expect(@merge_request.approvals).not_to be_empty
+ expect(@fork_merge_request.approvals).not_to be_empty
end
end
@@ -346,6 +355,9 @@ describe MergeRequests::RefreshService do
expect(@fork_merge_request).to be_open
expect(@build_failed_todo).to be_pending
expect(@fork_build_failed_todo).to be_pending
+ # EE-only
+ expect(@merge_request.approvals).not_to be_empty
+ expect(@fork_merge_request.approvals).to be_empty
end
end
@@ -368,6 +380,9 @@ describe MergeRequests::RefreshService do
expect(@fork_merge_request).to be_closed
expect(@build_failed_todo).to be_pending
expect(@fork_build_failed_todo).to be_pending
+ # EE-only
+ expect(@merge_request.approvals).not_to be_empty
+ expect(@fork_merge_request.approvals).to be_empty
end
end
end
@@ -386,6 +401,9 @@ describe MergeRequests::RefreshService do
expect(@fork_merge_request).to be_open
expect(@build_failed_todo).to be_pending
expect(@fork_build_failed_todo).to be_pending
+ # EE-only
+ expect(@merge_request.approvals).not_to be_empty
+ expect(@fork_merge_request.approvals).not_to be_empty
end
end
@@ -472,6 +490,82 @@ describe MergeRequests::RefreshService do
expect(@fork_merge_request.notes).to be_empty
expect(@build_failed_todo).to be_done
expect(@fork_build_failed_todo).to be_done
+ # EE-only
+ expect(@merge_request.approvals).not_to be_empty
+ expect(@fork_merge_request.approvals).not_to be_empty
+ end
+ end
+
+ context 'resetting approvals if they are enabled' do
+ context 'when approvals_before_merge is disabled' do
+ before do
+ @project.update(approvals_before_merge: 0)
+ refresh_service = service.new(@project, @user)
+ allow(refresh_service).to receive(:execute_hooks)
+ refresh_service.execute(@oldrev, @newrev, 'refs/heads/master')
+ reload_mrs
+ end
+
+ it 'resets approvals' do
+ expect(@merge_request.approvals).to be_empty
+ end
+ end
+
+ context 'when reset_approvals_on_push is disabled' do
+ before do
+ @project.update(reset_approvals_on_push: false)
+ refresh_service = service.new(@project, @user)
+ allow(refresh_service).to receive(:execute_hooks)
+ refresh_service.execute(@oldrev, @newrev, 'refs/heads/master')
+ reload_mrs
+ end
+
+ it 'does not reset approvals' do
+ expect(@merge_request.approvals).not_to be_empty
+ end
+ end
+
+ context 'when the rebase_commit_sha on the MR matches the pushed SHA' do
+ before do
+ @merge_request.update(rebase_commit_sha: @newrev)
+ refresh_service = service.new(@project, @user)
+ allow(refresh_service).to receive(:execute_hooks)
+ refresh_service.execute(@oldrev, @newrev, 'refs/heads/master')
+ reload_mrs
+ end
+
+ it 'does not reset approvals' do
+ expect(@merge_request.approvals).not_to be_empty
+ end
+ end
+
+ context 'when there are approvals' do
+ context 'closed merge request' do
+ before do
+ @merge_request.close!
+ refresh_service = service.new(@project, @user)
+ allow(refresh_service).to receive(:execute_hooks)
+ refresh_service.execute(@oldrev, @newrev, 'refs/heads/master')
+ reload_mrs
+ end
+
+ it 'resets the approvals' do
+ expect(@merge_request.approvals).to be_empty
+ end
+ end
+
+ context 'opened merge request' do
+ before do
+ refresh_service = service.new(@project, @user)
+ allow(refresh_service).to receive(:execute_hooks)
+ refresh_service.execute(@oldrev, @newrev, 'refs/heads/master')
+ reload_mrs
+ end
+
+ it 'resets the approvals' do
+ expect(@merge_request.approvals).to be_empty
+ end
+ end
end
end
```
</details>
<details>
<summary>spec/services/merge_requests/update_service_spec.rb</summary>
```diff
diff --git a/spec/services/merge_requests/update_service_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/services/merge_requests/update_service_spec.rb
index 20580bf14b9..5c8906289e9 100644
--- a/spec/services/merge_requests/update_service_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/services/merge_requests/update_service_spec.rb
@@ -405,7 +405,7 @@ describe MergeRequests::UpdateService, :mailer do
end
end
- context 'when the issue is relabeled' do
+ context 'when the merge request is relabeled' do
let!(:non_subscriber) { create(:user) }
let!(:subscriber) { create(:user) { |u| label.toggle_subscription(u, project) } }
```
</details>11.11Heinrich Lee Yuheinrich@gitlab.comHeinrich Lee Yuheinrich@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/6573Extract EE specific files/lines for spec/features/boards2022-05-19T17:26:55ZLin Jen-ShinExtract EE specific files/lines for spec/features/boardsWe have the following files containing EE specific code. We should move them to ee/
<details>
<summary>spec/features/boards/add_issues_modal_spec.rb</summary>
```diff
diff --git a/spec/features/boards/add_issues_modal_spec.rb b/home/yo...We have the following files containing EE specific code. We should move them to ee/
<details>
<summary>spec/features/boards/add_issues_modal_spec.rb</summary>
```diff
diff --git a/spec/features/boards/add_issues_modal_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/boards/add_issues_modal_spec.rb
index 030993462b5..de26fde6e3d 100644
--- a/spec/features/boards/add_issues_modal_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/boards/add_issues_modal_spec.rb
@@ -34,6 +34,14 @@ describe 'Issue Boards add issue modal', :js do
end
end
+ it 'shows weight filter' do
+ click_button('Add issues')
+ wait_for_requests
+ find('.add-issues-search .filtered-search').click
+
+ expect(page.find('.filter-dropdown')).to have_content 'weight'
+ end
+
context 'modal interaction' do
it 'opens modal' do
click_button('Add issues')
```
</details>
<details>
<summary>spec/features/boards/boards_spec.rb</summary>
```diff
diff --git a/spec/features/boards/boards_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/boards/boards_spec.rb
index ea69ec0319b..d12fd34d9d9 100644
--- a/spec/features/boards/boards_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/boards/boards_spec.rb
@@ -6,7 +6,9 @@ describe 'Issue Boards', :js do
let(:group) { create(:group, :nested) }
let(:project) { create(:project, :public, namespace: group) }
- let(:board) { create(:board, project: project) }
+ let(:milestone) { create(:milestone, title: "v2.2", project: project) }
+ let!(:board) { create(:board, project: project) }
+ let!(:board_with_milestone) { create(:board, project: project, milestone: milestone) }
let(:user) { create(:user) }
let!(:user2) { create(:user) }
@@ -21,7 +23,7 @@ describe 'Issue Boards', :js do
context 'no lists' do
before do
- visit project_board_path(project, board)
+ visit project_boards_path(project)
wait_for_requests
expect(page).to have_selector('.board', count: 3)
end
@@ -87,7 +89,7 @@ describe 'Issue Boards', :js do
let!(:issue10) { create(:labeled_issue, project: project, title: 'issue +', description: 'A+ great issue', labels: [a_plus]) }
before do
- visit project_board_path(project, board)
+ visit project_boards_path(project)
wait_for_requests
@@ -166,7 +168,7 @@ describe 'Issue Boards', :js do
create(:labeled_issue, project: project, labels: [planning])
end
- visit project_board_path(project, board)
+ visit project_boards_path(project)
wait_for_requests
page.within(find('.board:nth-child(2)')) do
@@ -526,9 +528,25 @@ describe 'Issue Boards', :js do
end
end
+ context 'locked milestone' do
+ before do
+ visit project_board_path(project, board_with_milestone)
+ wait_for_requests
+ end
+
+ it 'should not have remove button' do
+ expect(page).to have_selector('.js-visual-token .remove-token', count: 0)
+ end
+
+ it 'should not be able to be backspaced' do
+ find('.input-token .filtered-search').native.send_key(:backspace)
+ expect(page).to have_selector('.js-visual-token', count: 1)
+ end
+ end
+
context 'keyboard shortcuts' do
before do
- visit project_board_path(project, board)
+ visit project_boards_path(project)
wait_for_requests
end
```
</details>
<details>
<summary>spec/features/boards/sidebar_spec.rb</summary>
```diff
diff --git a/spec/features/boards/sidebar_spec.rb b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/boards/sidebar_spec.rb
index ee38e756f9e..99351e28a6a 100644
--- a/spec/features/boards/sidebar_spec.rb
+++ b/home/yorickpeterse/Projects/gitlab/gdk-ee/gitlab/spec/features/boards/sidebar_spec.rb
@@ -22,6 +22,7 @@ describe 'Issue Boards', :js do
end
before do
+ stub_licensed_features(multiple_issue_assignees: false)
project.add_maintainer(user)
sign_in(user)
```
</details>
Corresponding CE merge request: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/2711011.11charlie ablettcablett@gitlab.comcharlie ablettcablett@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/11229abuse_reports_spec.js fails on master (timeout)2022-05-19T17:12:14ZInactive Accountabuse_reports_spec.js fails on master (timeout)```
FAIL spec/frontend/pages/admin/abuse_reports/abuse_reports_spec.js
● Abuse Reports › should not truncate short messages
Test took too long (355ms > 300ms)!
19 | const elapsedTimeInMs = Date.now() - testStartTime;
...```
FAIL spec/frontend/pages/admin/abuse_reports/abuse_reports_spec.js
● Abuse Reports › should not truncate short messages
Test took too long (355ms > 300ms)!
19 | const elapsedTimeInMs = Date.now() - testStartTime;
20 | if (elapsedTimeInMs > testTimeoutInMs) {
> 21 | throw new Error(`Test took too long (${elapsedTimeInMs}ms > ${testTimeoutInMs}ms)!`);
| ^
22 | }
23 | });
24 | };
at Object.<anonymous> (spec/frontend/helpers/timeout.js:21:13)
```
(https://gitlab.com/gitlab-org/gitlab-ee/-/jobs/199101177)11.11Inactive AccountInactive Accounthttps://gitlab.com/gitlab-org/gitlab/-/issues/4681Auto-save of epic description to local storage2022-05-19T16:41:15ZVictor Wuvictor@gitlab.comAuto-save of epic description to local storage~"internal customer" since JamesR and other folks at GitLab have said that they lose data when typing the description in an epic and there's a problem and the tab closes and the data is lost.
---
- Content in an epic description is no...~"internal customer" since JamesR and other folks at GitLab have said that they lose data when typing the description in an epic and there's a problem and the tab closes and the data is lost.
---
- Content in an epic description is not saved to local storage currently.
- In other places in GitLab (issue/mr descriptions, comment textboxes), this is currently supported. So would be nice to get parity here.11.11Rajat JainRajat Jainhttps://gitlab.com/gitlab-org/gitlab/-/issues/6105Move EE differences for `app/views/groups/group_members/index.html.haml`2022-05-19T16:30:37ZLin Jen-ShinMove EE differences for `app/views/groups/group_members/index.html.haml`Move EE differences for `app/views/groups/group_members/index.html.haml`Move EE differences for `app/views/groups/group_members/index.html.haml`11.11Donald Cookdcook@gitlab.comDonald Cookdcook@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/6361Move EE differences for app/views/repository_check_mailer/notify.text.haml2022-05-19T16:29:15ZLin Jen-ShinMove EE differences for app/views/repository_check_mailer/notify.text.hamlMove EE differences for app/views/repository_check_mailer/notify.text.haml
https://leipert-projects.gitlab.io/is-gitlab-pretty-yet/diff/?search=app%2Fviews%2Frepository_check_mailer%2Fnotify.text.hamlMove EE differences for app/views/repository_check_mailer/notify.text.haml
https://leipert-projects.gitlab.io/is-gitlab-pretty-yet/diff/?search=app%2Fviews%2Frepository_check_mailer%2Fnotify.text.haml11.11Donald Cookdcook@gitlab.comDonald Cookdcook@gitlab.comhttps://gitlab.com/gitlab-org/gitlab/-/issues/6352Move EE differences for app/views/projects/issues/show.html.haml2022-05-19T16:29:15ZLin Jen-ShinMove EE differences for app/views/projects/issues/show.html.hamlMove EE differences for app/views/projects/issues/show.html.haml
https://leipert-projects.gitlab.io/is-gitlab-pretty-yet/diff/?search=app%2Fviews%2Fprojects%2Fissues%2Fshow.html.hamlMove EE differences for app/views/projects/issues/show.html.haml
https://leipert-projects.gitlab.io/is-gitlab-pretty-yet/diff/?search=app%2Fviews%2Fprojects%2Fissues%2Fshow.html.haml11.11Donald Cookdcook@gitlab.comDonald Cookdcook@gitlab.com