Commit f32a580a authored by 🤖 GitLab Bot 🤖's avatar 🤖 GitLab Bot 🤖

Add latest changes from gitlab-org/[email protected]

parent a5ab3467
......@@ -258,7 +258,7 @@ class MergeRequest < ApplicationRecord
alias_method :issuing_parent, :target_project
delegate :active?, to: :head_pipeline, prefix: true, allow_nil: true
delegate :success?, to: :actual_head_pipeline, prefix: true, allow_nil: true
delegate :success?, :active?, to: :actual_head_pipeline, prefix: true, allow_nil: true
RebaseLockTimeout = Class.new(StandardError)
......
---
title: Merge a merge request immediately when passing merge when pipeline succeeds
to the merge API when the head pipeline already succeeded
merge_request: 22777
author:
type: fixed
---
title: Fix private objects exposure when using Project Import functionality
merge_request:
author:
type: security
---
title: Users without projects use a license seat in a non-premium license
merge_request: 20664
author:
type: fixed
......@@ -18,3 +18,19 @@ added so that the history of events is not lost, but user-submitted comments
will fail.
- **Max limit:** 5.000 comments
## Number of pipelines per Git push
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/51401) in GitLab 11.10.
The number of pipelines that can be created in a single push is 4.
This is to prevent the accidental creation of pipelines when `git push --all`
or `git push --mirror` is used.
Read more in the [CI documentation](../ci/yaml/README.md#processing-git-pushes).
## Retention of activity history
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/21164) in GitLab 8.12.
Activity history for projects and individuals' profiles was limited to one year until [GitLab 11.4](https://gitlab.com/gitlab-org/gitlab-foss/issues/52246) when it was extended to two years, and in [GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/issues/33840) to three years.
......@@ -7,7 +7,7 @@ type: reference, howto
> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/22323) in GitLab 9.0
[Vault](https://www.vaultproject.io/) is a secrets management application offered by HashiCorp.
It allows you to store and manage sensitive information such secret environment variables, encryption keys, and authentication tokens.
It allows you to store and manage sensitive information such as secret environment variables, encryption keys, and authentication tokens.
Vault offers Identity-based Access, which means Vault users can authenticate through several of their preferred cloud providers.
In this document, we'll explain how Vault users can authenticate themselves through GitLab by utilizing our OpenID authentication feature.
......
......@@ -264,7 +264,7 @@ This feature:
For example:
```sh
kubectl -n gitlab-managed-apps exec -it $(kubectl get pods -n gitlab-managed-apps | grep 'ingress-controller' | awk '{print $1}') -- tail -f /var/log/modsec/audit.log
kubectl logs -n gitlab-managed-apps $(kubectl get pod -n gitlab-managed-apps -l app=nginx-ingress,component=controller --no-headers=true -o custom-columns=:metadata.name) modsecurity-log -f
```
To enable ModSecurity, check the **Enable Web Application Firewall** checkbox
......
......@@ -68,8 +68,17 @@ module API
end
end
def not_automatically_mergeable?(merge_when_pipeline_succeeds, merge_request)
merge_when_pipeline_succeeds && !merge_request.head_pipeline_active? && !merge_request.actual_head_pipeline_success?
def automatically_mergeable?(merge_when_pipeline_succeeds, merge_request)
pipeline_active = merge_request.head_pipeline_active? || merge_request.actual_head_pipeline_active?
merge_when_pipeline_succeeds && merge_request.mergeable_state?(skip_ci_check: true) && pipeline_active
end
def immediately_mergeable?(merge_when_pipeline_succeeds, merge_request)
if merge_when_pipeline_succeeds
merge_request.actual_head_pipeline_success?
else
merge_request.mergeable_state?
end
end
def serializer_options_for(merge_requests)
......@@ -393,16 +402,18 @@ module API
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-foss/issues/42317')
merge_request = find_project_merge_request(params[:merge_request_iid])
merge_when_pipeline_succeeds = to_boolean(params[:merge_when_pipeline_succeeds])
not_automatically_mergeable = not_automatically_mergeable?(merge_when_pipeline_succeeds, merge_request)
# Merge request can not be merged
# because user dont have permissions to push into target branch
unauthorized! unless merge_request.can_be_merged_by?(current_user)
not_allowed! if !merge_request.mergeable_state?(skip_ci_check: merge_when_pipeline_succeeds) || not_automatically_mergeable
merge_when_pipeline_succeeds = to_boolean(params[:merge_when_pipeline_succeeds])
automatically_mergeable = automatically_mergeable?(merge_when_pipeline_succeeds, merge_request)
immediately_mergeable = immediately_mergeable?(merge_when_pipeline_succeeds, merge_request)
not_allowed! if !immediately_mergeable && !automatically_mergeable
render_api_error!('Branch cannot be merged', 406) unless merge_request.mergeable?(skip_ci_check: merge_when_pipeline_succeeds)
render_api_error!('Branch cannot be merged', 406) unless merge_request.mergeable?(skip_ci_check: automatically_mergeable)
check_sha_param!(params, merge_request)
......@@ -415,13 +426,13 @@ module API
sha: params[:sha] || merge_request.diff_head_sha
)
if merge_when_pipeline_succeeds
AutoMergeService.new(merge_request.target_project, current_user, merge_params)
.execute(merge_request, AutoMergeService::STRATEGY_MERGE_WHEN_PIPELINE_SUCCEEDS)
else
if immediately_mergeable
::MergeRequests::MergeService
.new(merge_request.target_project, current_user, merge_params)
.execute(merge_request)
elsif automatically_mergeable
AutoMergeService.new(merge_request.target_project, current_user, merge_params)
.execute(merge_request, AutoMergeService::STRATEGY_MERGE_WHEN_PIPELINE_SUCCEEDS)
end
present merge_request, with: Entities::MergeRequest, current_user: current_user, project: user_project
......
......@@ -3,8 +3,8 @@
module Gitlab
module ImportExport
class AttributeCleaner
ALLOWED_REFERENCES = RelationFactory::PROJECT_REFERENCES + RelationFactory::USER_REFERENCES + %w[group_id commit_id discussion_id]
PROHIBITED_REFERENCES = Regexp.union(/\Acached_markdown_version\Z/, /_id\Z/, /_ids\Z/, /_html\Z/).freeze
ALLOWED_REFERENCES = RelationFactory::PROJECT_REFERENCES + RelationFactory::USER_REFERENCES + %w[group_id commit_id discussion_id custom_attributes]
PROHIBITED_REFERENCES = Regexp.union(/\Acached_markdown_version\Z/, /_id\Z/, /_ids\Z/, /_html\Z/, /attributes/).freeze
def self.clean(*args)
new(*args).clean
......
......@@ -10,6 +10,7 @@ module QA
end
view 'app/views/projects/issues/_issue.html.haml' do
element :issue
element :issue_link, 'link_to issue.title' # rubocop:disable QA/ElementWithPattern
end
......@@ -38,7 +39,7 @@ module QA
end
def has_issue?(issue)
has_element? :issue, issue_title: issue.to_s
has_element? :issue, issue_title: issue.title
end
end
end
......
......@@ -38,10 +38,6 @@ module QA
end
end
def to_s
@title
end
def api_get_path
"/projects/#{project.id}/issues/#{id}"
end
......
......@@ -25,11 +25,21 @@ describe Gitlab::ImportExport::AttributeCleaner do
'legit_html' => '<p>legit html</p>',
'_html' => '<p>perfectly ordinary html</p>',
'cached_markdown_version' => 12345,
'custom_attributes' => 'whatever',
'some_attributes_metadata' => 'whatever',
'group_id' => 99,
'commit_id' => 99,
'issue_ids' => [1, 2, 3],
'merge_request_ids' => [1, 2, 3],
'note_ids' => [1, 2, 3]
'note_ids' => [1, 2, 3],
'attributes' => {
'issue_ids' => [1, 2, 3],
'merge_request_ids' => [1, 2, 3],
'note_ids' => [1, 2, 3]
},
'variables_attributes' => {
'id' => 1
}
}
end
......@@ -40,7 +50,8 @@ describe Gitlab::ImportExport::AttributeCleaner do
'random_id_in_the_middle' => 99,
'notid' => 99,
'group_id' => 99,
'commit_id' => 99
'commit_id' => 99,
'custom_attributes' => 'whatever'
}
end
......
......@@ -2214,6 +2214,16 @@ describe MergeRequest do
end
end
describe "#actual_head_pipeline_active? " do
it do
is_expected
.to delegate_method(:active?)
.to(:actual_head_pipeline)
.with_prefix
.with_arguments(allow_nil: true)
end
end
describe '#mergeable_ci_state?' do
let(:project) { create(:project, only_allow_merge_if_pipeline_succeeds: true) }
let(:pipeline) { create(:ci_empty_pipeline) }
......
......@@ -1549,7 +1549,7 @@ describe API::MergeRequests do
end
end
describe "PUT /projects/:id/merge_requests/:merge_request_iid/merge" do
describe "PUT /projects/:id/merge_requests/:merge_request_iid/merge", :clean_gitlab_redis_cache do
let(:pipeline) { create(:ci_pipeline) }
it "returns merge_request in case of success" do
......@@ -1637,6 +1637,15 @@ describe API::MergeRequests do
expect(merge_request.reload.state).to eq('opened')
end
it 'merges if the head pipeline already succeeded and `merge_when_pipeline_succeeds` is passed' do
create(:ci_pipeline, :success, sha: merge_request.diff_head_sha, merge_requests_as_head_pipeline: [merge_request])
put api("/projects/#{project.id}/merge_requests/#{merge_request.iid}/merge", user), params: { merge_when_pipeline_succeeds: true }
expect(response).to have_gitlab_http_status(200)
expect(json_response['state']).to eq('merged')
end
it "enables merge when pipeline succeeds if the pipeline is active" do
allow_any_instance_of(MergeRequest).to receive_messages(head_pipeline: pipeline, actual_head_pipeline: pipeline)
allow(pipeline).to receive(:active?).and_return(true)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment