Automatic merge of gitlab-org/gitlab master

e7182260 · 🤖 GitLab Bot 🤖 · db1f94f5 · 31a2e918 · e7182260 · e7182260
Commit e7182260 authored 5 months ago by 🤖 GitLab Bot 🤖
--- a/.gitlab/CODEOWNERS
+++ b/.gitlab/CODEOWNERS
@@ -122,7 +122,6 @@ Dangerfile
 /spec/tooling/
 /scripts/
 /scripts/**/*.rb @gl-quality/eng-prod @gitlab-org/maintainers/rails-backend
-/scripts/**/glfm/**/* @gl-quality/eng-prod @gitlab-org/plan-stage/backend-engineers
 /scripts/**/*.js @gl-quality/eng-prod @gitlab-org/maintainers/frontend
 /scripts/frontend/ @gl-quality/eng-prod @gitlab-org/maintainers/frontend
 /scripts/remote_development/ @gitlab-org/maintainers/workspaces/backend

--- a/.rubocop_todo/layout/empty_line_after_magic_comment.yml
+++ b/.rubocop_todo/layout/empty_line_after_magic_comment.yml
@@ -380,9 +380,6 @@ Layout/EmptyLineAfterMagicComment:
    - 'rubocop/cop/group_public_or_visible_to_user.rb'
    - 'rubocop/cop/migration/add_reference.rb'
    - 'rubocop/cop/migration/prevent_index_creation.rb'
-    - 'scripts/lib/glfm/shared.rb'
-    - 'scripts/lib/glfm/update_example_snapshots.rb'
-    - 'scripts/lib/glfm/update_specification.rb'
    - 'spec/components/layouts/horizontal_section_component_spec.rb'
    - 'spec/components/pajamas/alert_component_spec.rb'
    - 'spec/components/pajamas/avatar_component_spec.rb'
@@ -564,9 +561,6 @@ Layout/EmptyLineAfterMagicComment:
    - 'spec/requests/lfs_http_spec.rb'
    - 'spec/rubocop/cop/migration/complex_indexes_require_name_spec.rb'
    - 'spec/rubocop/cop/migration/refer_to_index_by_name_spec.rb'
-    - 'spec/scripts/lib/glfm/parse_examples_spec.rb'
-    - 'spec/scripts/lib/glfm/shared_spec.rb'
-    - 'spec/scripts/lib/glfm/update_example_snapshots_spec.rb'
    - 'spec/scripts/trigger-build_spec.rb'
    - 'spec/serializers/impersonation_access_token_entity_spec.rb'
    - 'spec/serializers/impersonation_access_token_serializer_spec.rb'

--- a/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml
+++ b/.rubocop_todo/layout/line_end_string_concatenation_indentation.yml
@@ -581,8 +581,6 @@ Layout/LineEndStringConcatenationIndentation:
    - 'scripts/generate_rspec_pipeline.rb'
    - 'scripts/internal_events/cli.rb'
    - 'scripts/internal_events/cli/event_definer.rb'
-    - 'scripts/lib/glfm/update_example_snapshots.rb'
-    - 'scripts/lib/glfm/update_specification.rb'
    - 'scripts/lint-docs-redirects.rb'
    - 'scripts/qa/testcases-check'
    - 'scripts/trigger-build.rb'
@@ -719,7 +717,6 @@ Layout/LineEndStringConcatenationIndentation:
    - 'spec/rubocop/cop/migration/create_table_with_foreign_keys_spec.rb'
    - 'spec/rubocop/cop/rspec/avoid_test_prof_spec.rb'
    - 'spec/scripts/generate_rspec_pipeline_spec.rb'
-    - 'spec/scripts/lib/glfm/update_example_snapshots_spec.rb'
    - 'spec/serializers/integrations/field_entity_spec.rb'
    - 'spec/serializers/profile/event_entity_spec.rb'
    - 'spec/services/alert_management/alerts/update_service_spec.rb'

--- a/.rubocop_todo/lint/assignment_in_condition.yml
+++ b/.rubocop_todo/lint/assignment_in_condition.yml
@@ -215,8 +215,6 @@ Lint/AssignmentInCondition:
    - 'rubocop/cop/migration/background_migration_missing_active_concern.rb'
    - 'rubocop/cop/prefer_class_methods_over_module.rb'
    - 'rubocop/cop/rspec/httparty_basic_auth.rb'
-    - 'scripts/lib/glfm/render_static_html.rb'
-    - 'scripts/lib/glfm/update_example_snapshots.rb'
    - 'scripts/lint-docs-blueprints.rb'
    - 'spec/factories/ci/processable.rb'
    - 'spec/lib/gitlab/background_migration/backfill_root_storage_statistics_fork_storage_sizes_spec.rb'
@@ -226,5 +224,4 @@ Lint/AssignmentInCondition:
    - 'spec/services/members/invitation_reminder_email_service_spec.rb'
    - 'spec/support/helpers/graphql_helpers.rb'
    - 'spec/support/matchers/request_urgency_matcher.rb'
-    - 'spec/support/shared_contexts/glfm/api_markdown_snapshot_shared_context.rb'
    - 'tooling/danger/database.rb'
--- a/.rubocop_todo/lint/empty_block.yml
+++ b/.rubocop_todo/lint/empty_block.yml
@@ -47,8 +47,6 @@ Lint/EmptyBlock:
    - 'qa/spec/specs/helpers/context_selector_spec.rb'
    - 'qa/spec/specs/helpers/feature_flag_spec.rb'
    - 'qa/spec/specs/helpers/quarantine_spec.rb'
-    - 'scripts/lib/glfm/update_example_snapshots.rb'
-    - 'scripts/lib/glfm/update_specification.rb'
    - 'spec/controllers/application_controller_spec.rb'
    - 'spec/controllers/projects/artifacts_controller_spec.rb'
    - 'spec/controllers/projects/feature_flags_controller_spec.rb'

--- a/.rubocop_todo/performance/regexp_match.yml
+++ b/.rubocop_todo/performance/regexp_match.yml
@@ -26,8 +26,6 @@ Performance/RegexpMatch:
    - 'qa/qa/service/cluster_provider/k3d.rb'
    - 'qa/qa/tools/ci/ff_changes.rb'
    - 'scripts/failed_tests.rb'
-    - 'scripts/lib/glfm/parse_examples.rb'
-    - 'scripts/lib/glfm/update_specification.rb'
    - 'scripts/lint-docs-blueprints.rb'
    - 'scripts/perf/query_limiting_report.rb'
    - 'scripts/qa/testcases-check'

--- a/.rubocop_todo/rspec/feature_category.yml
+++ b/.rubocop_todo/rspec/feature_category.yml
@@ -4025,7 +4025,6 @@ RSpec/FeatureCategory:
    - 'spec/rubocop/qa_helpers_spec.rb'
    - 'spec/rubocop/todo_dir_spec.rb'
    - 'spec/scripts/failed_tests_spec.rb'
-    - 'spec/scripts/lib/glfm/parse_examples_spec.rb'
    - 'spec/serializers/access_token_entity_base_spec.rb'
    - 'spec/serializers/accessibility_error_entity_spec.rb'
    - 'spec/serializers/accessibility_reports_comparer_entity_spec.rb'

--- a/.rubocop_todo/rspec/named_subject.yml
+++ b/.rubocop_todo/rspec/named_subject.yml
@@ -2827,9 +2827,6 @@ RSpec/NamedSubject:
    - 'spec/scripts/failed_tests_spec.rb'
    - 'spec/scripts/generate_message_to_run_e2e_pipeline_spec.rb'
    - 'spec/scripts/generate_rspec_pipeline_spec.rb'
-    - 'spec/scripts/lib/glfm/parse_examples_spec.rb'
-    - 'spec/scripts/lib/glfm/update_example_snapshots_spec.rb'
-    - 'spec/scripts/lib/glfm/update_specification_spec.rb'
    - 'spec/scripts/pipeline/average_reports_spec.rb'
    - 'spec/scripts/pipeline_test_report_builder_spec.rb'
    - 'spec/scripts/review_apps/automated_cleanup_spec.rb'

--- a/.rubocop_todo/style/inline_disable_annotation.yml
+++ b/.rubocop_todo/style/inline_disable_annotation.yml
@@ -2467,8 +2467,6 @@ Style/InlineDisableAnnotation:
    - 'scripts/insert-rspec-profiling-data'
    - 'scripts/internal_events/monitor.rb'
    - 'scripts/lib/gitlab.rb'
-    - 'scripts/lib/glfm/parse_examples.rb'
-    - 'scripts/lib/glfm/update_example_snapshots.rb'
    - 'scripts/perf/gc/print_gc_stats.rb'
    - 'scripts/rubocop-parse'
    - 'scripts/security-harness'
@@ -2729,8 +2727,6 @@ Style/InlineDisableAnnotation:
    - 'spec/scripts/api/create_merge_request_discussion_spec.rb'
    - 'spec/scripts/api/create_merge_request_note_spec.rb'
    - 'spec/scripts/generate_message_to_run_e2e_pipeline_spec.rb'
-    - 'spec/scripts/lib/glfm/update_example_snapshots_spec.rb'
-    - 'spec/scripts/lib/glfm/update_specification_spec.rb'
    - 'spec/scripts/pipeline/average_reports_spec.rb'
    - 'spec/scripts/review_apps/automated_cleanup_spec.rb'
    - 'spec/scripts/trigger-build_spec.rb'

--- a/.rubocop_todo/style/mutable_constant.yml
+++ b/.rubocop_todo/style/mutable_constant.yml
@@ -33,7 +33,6 @@ Style/MutableConstant:
    - 'lib/gitlab/sidekiq_signals.rb'
    - 'lib/gitlab/web_hooks/recursion_detection/uuid.rb'
    - 'lib/tasks/gitlab/backup.rake'
-    - 'scripts/lib/glfm/constants.rb'
    - 'scripts/lint-docs-blueprints.rb'
    - 'scripts/perf/gc/collect_gc_stats.rb'
    - 'spec/support/helpers/jira_integration_helpers.rb'

--- a/app/models/protected_branch.rb
+++ b/app/models/protected_branch.rb
@@ -52,23 +52,7 @@ def self.protected?(project, ref_name)
  end

  def self.allow_force_push?(project, ref_name)
-    if allow_protected_branches_for_group?(project.group)
-      protected_branches = project.all_protected_branches.matching(ref_name)
-
-      project_protected_branches, group_protected_branches = protected_branches.partition(&:project_id)
-
-      # Group owner can be able to enforce the settings
-      return group_protected_branches.any?(&:allow_force_push) if group_protected_branches.present?
-      return project_protected_branches.any?(&:allow_force_push) if project_protected_branches.present?
-
-      false
-    else
-      project.protected_branches.allowing_force_push.matching(ref_name).any?
-    end
-  end
-
-  def self.allow_protected_branches_for_group?(group)
-    Feature.enabled?(:group_protected_branches, group) || Feature.enabled?(:allow_protected_branches_for_group, group)
+    project.all_protected_branches.allowing_force_push.matching(ref_name).any?
  end

  def self.any_protected?(project, ref_names)

--- a/doc/development/gitlab_flavored_markdown/specification_guide/index.md
+++ b/doc/development/gitlab_flavored_markdown/specification_guide/index.md
---
-stage: Plan
-group: Knowledge
-info: Any user with at least the Maintainer role can merge updates to this content. For details, see https://docs.gitlab.com/ee/development/development_processes.html#development-guidelines-review.
-description: "Specification guide for GitLab Flavored Markdown (GLFM)."
-remove_date: '2024-11-14'
-redirect_to: '../index.md'
---
-
-
-# GitLab Flavored Markdown (GLFM) Specification Guide (removed)
-
-This page was [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/162743) in 17.4.
--- a/ee/app/assets/javascripts/pages/groups/analytics/dashboards/value_streams_dashboard/index.js
+++ b/ee/app/assets/javascripts/pages/groups/analytics/dashboards/value_streams_dashboard/index.js
-import initApp from 'ee/analytics/analytics_dashboards';
-
-initApp();
--- a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/action/action_section.vue
+++ b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/action/action_section.vue
 <script>
 import { parseCustomFileConfiguration } from 'ee/security_orchestration/components/policy_editor/utils';
 import getProjectId from 'ee/security_orchestration/graphql/queries/get_project_id.query.graphql';
+import { SUFFIX_ON_CONFLICT } from 'ee/security_orchestration/components/policy_editor/pipeline_execution/constants';
 import CodeBlockFilePath from './code_block_file_path.vue';

 export default {
@@ -21,6 +22,11 @@ export default {
      type: String,
      required: true,
    },
+    suffix: {
+      type: String,
+      required: false,
+      default: SUFFIX_ON_CONFLICT,
+    },
  },
  data() {
    return {
@@ -88,6 +94,9 @@ export default {
    updatedFilePath(path) {
      this.setCiConfigurationPath({ ...this.ciConfigurationPath, file: path });
    },
+    updateSuffix(suffix) {
+      this.$emit('changed', 'suffix', suffix);
+    },
    setCiConfigurationPath(pathConfig) {
      this.$emit('changed', 'content', { include: [pathConfig] });
    },
@@ -102,9 +111,11 @@ export default {
    :selected-ref="selectedRef"
    :selected-project="selectedProject"
    :does-file-exist="doesFileExist"
+    :suffix="suffix"
    @select-strategy="setStrategy"
    @select-ref="setSelectedRef"
    @select-project="setSelectedProject"
    @update-file-path="updatedFilePath"
+    @update-suffix="updateSuffix"
  />
 </template>
--- a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/action/code_block_file_path.vue
+++ b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/action/code_block_file_path.vue
@@ -16,7 +16,8 @@ import glFeatureFlagMixin from '~/vue_shared/mixins/gl_feature_flags_mixin';
 import RefSelector from '~/ref/components/ref_selector.vue';
 import GroupProjectsDropdown from 'ee/security_orchestration/components/shared/group_projects_dropdown.vue';
 import { isGroup } from 'ee/security_orchestration/components/utils';
-import { INJECT, OVERRIDE } from '../constants';
+import { INJECT, OVERRIDE, SUFFIX_ON_CONFLICT } from '../constants';
+import SuffixSelector from '../suffix_selector.vue';
 import { validateStrategyValues } from './utils';
 import CodeBlockStrategySelector from './code_block_strategy_selector.vue';

@@ -66,6 +67,7 @@ export default {
    GlTruncate,
    GroupProjectsDropdown,
    RefSelector,
+    SuffixSelector,
  },
  directives: { GlTooltip: GlTooltipDirective },
  mixins: [glFeatureFlagMixin()],
@@ -97,6 +99,11 @@ export default {
      required: false,
      default: null,
    },
+    suffix: {
+      type: String,
+      required: false,
+      default: SUFFIX_ON_CONFLICT,
+    },
  },
  computed: {
    fileBlockMessage() {
@@ -160,6 +167,9 @@ export default {
    setSelectedRef(ref) {
      this.$emit('select-ref', ref);
    },
+    updateSuffix(suffix) {
+      this.$emit('update-suffix', suffix);
+    },
    triggerTooltip(state) {
      const EVENT = state ? BV_SHOW_TOOLTIP : BV_HIDE_TOOLTIP;
      this.$root.$emit(EVENT, this.$options.SELECTED_PROJECT_TOOLTIP);
@@ -285,5 +295,7 @@ export default {
        </template>
      </gl-sprintf>
    </div>
+
+    <suffix-selector :suffix="suffix" @update="updateSuffix" />
  </div>
 </template>
--- a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/constants.js
+++ b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/constants.js
@@ -48,3 +48,16 @@ export const CUSTOM_STRATEGY_OPTIONS_KEYS = Object.keys(CUSTOM_STRATEGY_OPTIONS)
 export const CUSTOM_STRATEGY_OPTIONS_LISTBOX_ITEMS = Object.entries(CUSTOM_STRATEGY_OPTIONS).map(
  ([value, text]) => ({ value, text }),
 );
+
+export const SUFFIX_ON_CONFLICT = 'on_conflict';
+export const SUFFIX_NEVER = 'never';
+
+export const SUFFIX_ITEMS = {
+  [SUFFIX_ON_CONFLICT]: s__('SecurityOrchestration|On conflict'),
+  [SUFFIX_NEVER]: s__('SecurityOrchestration|Never'),
+};
+
+export const SUFFIX_LIST_BOX_ITEMS = Object.keys(SUFFIX_ITEMS).map((key) => ({
+  value: key,
+  text: SUFFIX_ITEMS[key],
+}));
--- a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/editor_component.vue
+++ b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/editor_component.vue
@@ -286,6 +286,7 @@ export default {
          :action="policy.content"
          :does-file-exist="!disableSubmit"
          :strategy="strategy"
+          :suffix="policy.suffix"
          @changed="handleUpdateProperty"
        />
      </dim-disable-container>

--- a/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/suffix_selector.vue
+++ b/ee/app/assets/javascripts/security_orchestration/components/policy_editor/pipeline_execution/suffix_selector.vue
+<script>
+import { GlCollapsibleListbox, GlSprintf, GlIcon, GlTooltipDirective } from '@gitlab/ui';
+import { s__ } from '~/locale';
+import { SUFFIX_LIST_BOX_ITEMS, SUFFIX_ITEMS, SUFFIX_ON_CONFLICT } from './constants';
+
+export default {
+  SUFFIX_LIST_BOX_ITEMS,
+  i18n: {
+    suffixLabel: s__('SecurityOrchestration|Add job name suffix %{suffixEditor} %{suffixIcon}'),
+    suffixPlaceholder: s__('SecurityOrchestration|Select suffix'),
+    suffixInfoText: s__('SecurityOrchestration|Add a numeric suffix to ensure unique job names.'),
+  },
+  name: 'SuffixSelector',
+  directives: { GlTooltip: GlTooltipDirective },
+  components: {
+    GlCollapsibleListbox,
+    GlIcon,
+    GlSprintf,
+  },
+  props: {
+    suffix: {
+      type: String,
+      required: false,
+      default: SUFFIX_ON_CONFLICT,
+    },
+  },
+  computed: {
+    toggleText() {
+      return SUFFIX_ITEMS[this.suffix] || this.$options.i18n.suffixPlaceholder;
+    },
+  },
+  methods: {
+    updateSuffix(value) {
+      this.$emit('update', value);
+    },
+  },
+};
+</script>
+
+<template>
+  <div
+    class="security-policies-bg-gray-10 gl-flex gl-flex-col gl-items-center gl-gap-3 gl-rounded-base lg:gl-flex-row"
+  >
+    <gl-sprintf :message="$options.i18n.suffixLabel">
+      <template #suffixEditor>
+        <gl-collapsible-listbox
+          :selected="suffix"
+          :items="$options.SUFFIX_LIST_BOX_ITEMS"
+          :toggle-text="toggleText"
+          @select="updateSuffix"
+        />
+      </template>
+
+      <template #suffixIcon>
+        <gl-icon v-gl-tooltip name="information-o" :title="$options.i18n.suffixInfoText" />
+      </template>
+    </gl-sprintf>
+  </div>
+</template>
--- a/ee/app/assets/javascripts/vue_shared/license_compliance/store/getters.js
+++ b/ee/app/assets/javascripts/vue_shared/license_compliance/store/getters.js
@@ -95,13 +95,13 @@ export const summaryTextWithoutLicenseCheck = (_, getters) => {
  if (!getters.baseReportHasLicenses) {
    return getters.reportContainsDeniedLicense
      ? n__(
-          'LicenseCompliance|License Compliance detected %d license and policy violation for the source branch only',
-          'LicenseCompliance|License Compliance detected %d licenses and policy violations for the source branch only',
+          'LicenseCompliance|License Compliance detected %d license and policy violation',
+          'LicenseCompliance|License Compliance detected %d licenses and policy violations',
          getters.licenseReportLength,
        )
      : n__(
-          'LicenseCompliance|License Compliance detected %d license for the source branch only',
-          'LicenseCompliance|License Compliance detected %d licenses for the source branch only',
+          'LicenseCompliance|License Compliance detected %d license',
+          'LicenseCompliance|License Compliance detected %d licenses',
          getters.licenseReportLength,
        );
  }

--- a/ee/app/models/security/orchestration_policy_configuration.rb
+++ b/ee/app/models/security/orchestration_policy_configuration.rb
@@ -24,7 +24,7 @@ class OrchestrationPolicyConfiguration < ApplicationRecord
    # json_schemer computes an $id fallback property for schemas lacking one.
    # But this schema is kept anonymous on purpose, so the $id is stripped.
    POLICY_SCHEMA_JSON = POLICY_SCHEMA.value.except('$id')
-    AVAILABLE_POLICY_TYPES = (%i[scan_execution_policy pipeline_execution_policy] +
+    AVAILABLE_POLICY_TYPES = (%i[scan_execution_policy pipeline_execution_policy vulnerability_management_policy] +
      Security::ScanResultPolicy::SCAN_RESULT_POLICY_TYPES).freeze
    JSON_SCHEMA_VALIDATION_TIMEOUT = 5.seconds