GitLab issueshttps://gitlab.com/gitlab-org/gitlab/-/issues2024-03-28T14:28:37Zhttps://gitlab.com/gitlab-org/gitlab/-/issues/452373[Test] spec/requests/api/graphql/packages/package_spec.rb | package details w...2024-03-28T14:28:37ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/requests/api/graphql/packages/package_spec.rb | package details with authorized user public_package when project is private with access to package registry for everyone returns true### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/package_spec.rb#L342`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/packag...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/package_spec.rb#L342`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/package_spec.rb#L342) |
| Filename | `spec/requests/api/graphql/packages/package_spec.rb` |
| Description | `package details with authorized user public_package when project is private with access to package registry for everyone returns true` |
| Test level | integration |
| Hash | `b9c859233ce5071cd4df4fc4d17cc896080749ac8` |
| Reference duration | 3.24 seconds |
| Expected duration | < 19.2 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/452372[Test] spec/requests/api/graphql/packages/maven_spec.rb | maven package detai...2024-03-28T14:25:11ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/requests/api/graphql/packages/maven_spec.rb | maven package details a maven package with version behaves like correct maven metadata has the correct metadata### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/maven_spec.rb#L28`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/maven_spe...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/maven_spec.rb#L28`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/maven_spec.rb#L28) |
| Filename | `spec/requests/api/graphql/packages/maven_spec.rb` |
| Description | `maven package details a maven package with version behaves like correct maven metadata has the correct metadata` |
| Test level | integration |
| Hash | `a67e1186d1ea7c2a20b0c01c01de94a139b46b95e` |
| Reference duration | 4.3 seconds |
| Expected duration | < 19.2 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/452368Migrate existing package registry application settings into one jsonb column2024-03-28T14:07:08ZMoaz KhalifaMigrate existing package registry application settings into one jsonb column## Context
In https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145887+, a new package registry application setting was introduced. According to the ~documentation [guidelines](https://docs.gitlab.com/ee/development/application_sett...## Context
In https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145887+, a new package registry application setting was introduced. According to the ~documentation [guidelines](https://docs.gitlab.com/ee/development/application_settings.html#add-a-new-application-setting), any new setting should be added to an existing `jsonb` column or a new `jsonb` column.
Since the new `package_registry` `jsonb` column was introduced in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145887, we need to investigate the possibility of migrating all existing package registry related application settings into this column.
## Concerns
We should investigate if migrating the cascading settings would still play nicely with [the cascading settings framework](https://docs.gitlab.com/ee/development/cascading_settings.html).Backloghttps://gitlab.com/gitlab-org/gitlab/-/issues/452220[Test] spec/requests/api/graphql/packages/package_spec.rb | package details w...2024-03-27T16:29:20ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/requests/api/graphql/packages/package_spec.rb | package details with authorized user with package files pending destruction does not return them### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/package_spec.rb#L127`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/packag...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/package_spec.rb#L127`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/package_spec.rb#L127) |
| Filename | `spec/requests/api/graphql/packages/package_spec.rb` |
| Description | `package details with authorized user with package files pending destruction does not return them` |
| Test level | integration |
| Hash | `409519f956addb00d67b32e656e99c3158833a975` |
| Reference duration | 4.85 seconds |
| Expected duration | < 19.2 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/452147[Test] spec/requests/api/graphql/packages/helm_spec.rb | helm package details...2024-03-27T07:20:21ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/requests/api/graphql/packages/helm_spec.rb | helm package details behaves like a package detail behaves like a working graphql query returns a successful response### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/helm_spec.rb#L32`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/helm_spec....### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/helm_spec.rb#L32`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/helm_spec.rb#L32) |
| Filename | `spec/requests/api/graphql/packages/helm_spec.rb` |
| Description | `helm package details behaves like a package detail behaves like a working graphql query returns a successful response` |
| Test level | integration |
| Hash | `5570205312a8ad58cae49cd7f68283c69b3b2575e` |
| Reference duration | 4.23 seconds |
| Expected duration | < 19.2 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/452135Remove publish data for error packages in packages list UI2024-03-28T04:33:09ZRahul ChanilaRemove publish data for error packages in packages list UI## Context
The following discussion from !147026 should be addressed:
- [ ] @katiemacoy started a [discussion](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/147026#note_1832079391):
> An idea for a follow-up, in the case...## Context
The following discussion from !147026 should be addressed:
- [ ] @katiemacoy started a [discussion](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/147026#note_1832079391):
> An idea for a follow-up, in the case where the package was not actually published, we should not show the `manually published` , `published just now` here as it was not published :)
>
> ![CleanShot_2024-03-26_at_10.01.39_2x](https://gitlab.com/gitlab-org/gitlab/uploads/ae79551a2307ce10ab1989203532b663/CleanShot_2024-03-26_at_10.01.39_2x.png)
## Implementation guide
- Hide `#right-primary` & `#right-secondary` templates in `app/assets/javascripts/packages_and_registries/package_registry/components/list/package_list_row.vue` when package status is `ERROR`.https://gitlab.com/gitlab-org/gitlab/-/issues/452085[Test] spec/requests/api/graphql/group/packages_spec.rb | getting a package l...2024-03-26T18:40:01ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/requests/api/graphql/group/packages_spec.rb | getting a package list for a group behaves like group and project packages query when the user does not have access to the resource behaves like a working graphql query that returns no data beha...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/group/packages_spec.rb#L16`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/group/packages_spe...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/group/packages_spec.rb#L16`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/group/packages_spec.rb#L16) |
| Filename | `spec/requests/api/graphql/group/packages_spec.rb` |
| Description | `getting a package list for a group behaves like group and project packages query when the user does not have access to the resource behaves like a working graphql query that returns no data behaves like a working graphql query returns a successful response` |
| Test level | integration |
| Hash | `e3dbc66f37be735f771d04ecde26d4e00f587588a` |
| Reference duration | 1.18 seconds |
| Expected duration | < 19.2 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/452057[Test] spec/requests/api/graphql/packages/package_spec.rb | package details w...2024-03-26T15:55:02ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/requests/api/graphql/packages/package_spec.rb | package details with authorized user public_package when project is public returns true### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/package_spec.rb#L357`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/packag...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/package_spec.rb#L357`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/package_spec.rb#L357) |
| Filename | `spec/requests/api/graphql/packages/package_spec.rb` |
| Description | `package details with authorized user public_package when project is public returns true` |
| Test level | integration |
| Hash | `839d9de1a699a889f352157aebd2bb2f18a16f9f0` |
| Reference duration | 3.95 seconds |
| Expected duration | < 19.2 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/452046Maven dependency proxy: upstream url with a trailing /2024-03-26T16:33:33ZDavid FernandezMaven dependency proxy: upstream url with a trailing /## :fire: Problem
The maven dependency proxy will not work if the upstream url ends with a slash. Example: `https://repo.maven.apache.org/maven2/`.
With this url, the dependency proxy will end up in errors ranging from `404 Not found` ...## :fire: Problem
The maven dependency proxy will not work if the upstream url ends with a slash. Example: `https://repo.maven.apache.org/maven2/`.
With this url, the dependency proxy will end up in errors ranging from `404 Not found` to `401 Unauthenticated`.
## :fire_engine: Solution
Either:
* Accept trailing `/` in urls and handle them properly when forming the upstream file url _or_
* Add a model validation to not allow them.17.0https://gitlab.com/gitlab-org/gitlab/-/issues/452026[Test] spec/features/groups/packages_spec.rb | Group Packages when feature is...2024-03-27T00:12:26ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/features/groups/packages_spec.rb | Group Packages when feature is available when there are packages behaves like pipelines on packages list shows the latest pipeline### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/features/groups/packages_spec.rb#L50`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/features/groups/packages_spec.rb#L50) |
| Filename...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/features/groups/packages_spec.rb#L50`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/features/groups/packages_spec.rb#L50) |
| Filename | `spec/features/groups/packages_spec.rb` |
| Description | `Group Packages when feature is available when there are packages behaves like pipelines on packages list shows the latest pipeline` |
| Test level | system |
| Hash | `e69ea885c7a4d48411cb6a92d3ff19d2a10403bab` |
| Reference duration | 63.58 seconds |
| Expected duration | < 50.13 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/452025[Test] spec/features/groups/packages_spec.rb | Group Packages when feature is...2024-03-27T00:12:27ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/features/groups/packages_spec.rb | Group Packages when feature is available when there are packages allows you to navigate to the project page### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/features/groups/packages_spec.rb#L54`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/features/groups/packages_spec.rb#L54) |
| Filename...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/features/groups/packages_spec.rb#L54`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/features/groups/packages_spec.rb#L54) |
| Filename | `spec/features/groups/packages_spec.rb` |
| Description | `Group Packages when feature is available when there are packages allows you to navigate to the project page` |
| Test level | system |
| Hash | `b94e7dc002ffbf8175fb5f47bbf94b5714545505c` |
| Reference duration | 63.43 seconds |
| Expected duration | < 50.13 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/451889Error in displaying Terraform Module Registry in UI2024-03-26T23:25:10ZMoaz KhalifaError in displaying Terraform Module Registry in UI### Summary
The UI page of ~"Terraform Registry" in a project/group isn't displaying the terraform modules if those modules are published through a pipeline and the name of the pipeline's author is missing.
### Steps to reproduce
1. r...### Summary
The UI page of ~"Terraform Registry" in a project/group isn't displaying the terraform modules if those modules are published through a pipeline and the name of the pipeline's author is missing.
### Steps to reproduce
1. run the following in rails console:
```ruby
# stub file upload
def fixture_file_upload(*args, **kwargs)
Rack::Test::UploadedFile.new(*args, **kwargs)
end
# create a terraform module package
module = FactoryBot.create(:terraform_module_package, project: Project.last
# link the module to a pipeline that has no user
Packages::BuildInfo.create(package_id: module.id, pipeline_id: Ci::Pipeline.where(user_id: nil).last.id)
```
2. Open the Terraform Module Registry UI page of the project, and you should find that the module isn't shown. If you checked the console, there should be an error related to the missing user of the module's pipeline.
### Example Project
Open this page https://ops.gitlab.net/gitlab-com/gl-infra/terraform-modules/gitlab/project/-/infrastructure_registry and check the console errors.
### What is the current *bug* behavior?
The terraform modules are not shown.
### What is the expected *correct* behavior?
The terraform modules are shown normally.
### Relevant logs and/or screenshots
![Screenshot_2024-03-25_at_18.45.01](/uploads/41a92f0226730a1347989d93169ba08d/Screenshot_2024-03-25_at_18.45.01.png)
### Output of checks
<!-- If you are reporting a bug on GitLab.com, uncomment below -->
This bug happens on GitLab.com
### Possible fixes
<!-- If you can, link to the line of code that might be responsible for the problem. -->16.11Rahul ChanilaRahul Chanilahttps://gitlab.com/gitlab-org/gitlab/-/issues/451855[Test] spec/models/packages/package_spec.rb | Packages::Package.sort_by_attri...2024-03-29T04:56:47ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/models/packages/package_spec.rb | Packages::Package.sort_by_attribute behaves like package sorting by attribute sorting by project_path descending order is expected to eq [### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/models/packages/package_spec.rb#L121`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/models/packages/package_spec.rb#L121) |
| Filename...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/models/packages/package_spec.rb#L121`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/models/packages/package_spec.rb#L121) |
| Filename | `spec/models/packages/package_spec.rb` |
| Description | `Packages::Package.sort_by_attribute behaves like package sorting by attribute sorting by project_path descending order is expected to eq [` |
| Test level | unit |
| Hash | `198cb0536833de15c4cc7d21de8c51ff635d7198a` |
| Reference duration | 0.91 seconds |
| Expected duration | < 45.4 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/451854[Test] spec/models/packages/package_spec.rb | Packages::Package.sort_by_attri...2024-03-29T04:56:45ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/models/packages/package_spec.rb | Packages::Package.sort_by_attribute behaves like package sorting by attribute sorting by project_path ascending order is expected to eq [### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/models/packages/package_spec.rb#L121`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/models/packages/package_spec.rb#L121) |
| Filename...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/models/packages/package_spec.rb#L121`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/models/packages/package_spec.rb#L121) |
| Filename | `spec/models/packages/package_spec.rb` |
| Description | `Packages::Package.sort_by_attribute behaves like package sorting by attribute sorting by project_path ascending order is expected to eq [` |
| Test level | unit |
| Hash | `c64436c6212e54202aa595565bd7997c303cb23ec` |
| Reference duration | 1.6 seconds |
| Expected duration | < 45.4 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/451763[Test] spec/requests/api/npm_group_packages_spec.rb | API::NpmGroupPackages G...2024-03-28T12:53:32ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/requests/api/npm_group_packages_spec.rb | API::NpmGroupPackages GET /api/v4/groups/:id/-/packages/npm/*package_name behaves like handling get metadata requests with a user namespace behaves like handling all conditions auth: :oauth, package...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/npm_group_packages_spec.rb#L13`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/npm_group_packages_spec.rb#L13...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/npm_group_packages_spec.rb#L13`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/npm_group_packages_spec.rb#L13) |
| Filename | `spec/requests/api/npm_group_packages_spec.rb` |
| Description | `API::NpmGroupPackages GET /api/v4/groups/:id/-/packages/npm/*package_name behaves like handling get metadata requests with a user namespace behaves like handling all conditions auth: :oauth, package_name_type: :scoped_naming_convention, request_forward: false, visibility: :public, user_role: :reporter, expected_result: :accept, expected_status: :ok behaves like accept metadata request avoids N+1 database queries` |
| Test level | integration |
| Hash | `02506a242549aca1bad6705cf9588e6115b1aca4f` |
| Reference duration | 4.74 seconds |
| Expected duration | < 19.2 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/451600Milestone 17.0 review and discussion (Package stage)2024-03-22T21:14:14ZTim Rizzitrizzi@gitlab.comMilestone 17.0 review and discussion (Package stage)# Milestone 17.0 :rocket: (APR 18 - MAY 16)
# Goals :dart:
1. Celebrate the completion of the beta launch of the Google Artifact Management integration on schedule.
2. Advance the npm dependency proxy to help drive ARR.
3. Add sorting ...# Milestone 17.0 :rocket: (APR 18 - MAY 16)
# Goals :dart:
1. Celebrate the completion of the beta launch of the Google Artifact Management integration on schedule.
2. Advance the npm dependency proxy to help drive ARR.
3. Add sorting and pagination to the container registry UI to help improve user experience.
4. Unblock self-managed customers from migrating to the new container registry.
5. Prepare for breaking changes in %"17.0".
# [P1 (Deliverable) Issues](https://gitlab.com/dashboard/issues?scope=all&state=opened&label_name%5B%5D=Package%3AP1&milestone_title=17.01&label_name%5B%5D=group%3A%3Apackage%20registry) :fox:
_Please remember to make time in each milestone for learning and personal projects in addition to the below list._
### [Security Issues](https://gitlab.com/dashboard/issues?sort=relative_position&state=opened&label_name%5B%5D=group%3A%3Apackage%20registry&label_name%5B%5D=bug%3A%3Avulnerability&milestone_title=17.0)
1. [ ] [confidential]()
### Breaking changes
_All breaking changes from the [epic](https://gitlab.com/groups/gitlab-org/-/epics/10037) have been completed and are just waiting for feature flag removal in 17.0. Congrats team! And let me know if I missed any._
### Investigations :mag:
_This milestone we have planned three investigations for the container registry. First, adding background database migrations will help unblock https://gitlab.com/gitlab-org/container-registry/-/issues/973+ and move to GA for the next-generation container registry. The other two are investigations into a cleanup policy bug and the performance of the API.
1. [ ]
### Container Registry
_This milestone, we have some exciting issues planned. We'll wrap up the instrumentation work in gitlab-org&8732, add the last published date into the UI, resolve issues with the OCI-conformance tests, and continue to drive adoption of the metadata database by unblocking self-managed customers and driving awareness of the beta program. We also have work scheduled for the public preview of the Artifact Management Integration.
1. [ ]
### Package Registry
_This milestone we'll continue to drive forward several key projects. The first is the npm dependency proxy, which is expected to impact ARR and adoption significantly. We also will continue to make progress on adding support for Terraform module readme.md which is important for Platform Engineers who want to help their Developers use the module correctly and safely. It's also likely that there will be follow up work on the Artifact Management Integration, so please leave room for that._
1. [ ]
# Stretch goals
_Stretch goals are good to work on between ~Deliverable issues._
1. [ ]
# Research issues
1. [ ]
# [Issue Refinement](https://gitlab.com/dashboard/issues?sort=relative_position&state=opened&label_name%5B%5D=group%3A%3Apackage%20registry&label_name%5B%5D=needs%20refining&milestone_title=16.11)
_The issues below need refining to schedule them in subsequent milestones._
<table>
<tr>
<th>Assigned</th>
<th>Completed</th>
<th>Issue</th>
</tr>
<tr>
<td> </td>
<td>
* [ ]
</td>
<td>
https://gitlab.com/gitlab-org/gitlab/-/issues/391551
</td>
</tr>
<tr>
<td>
* [ ]
</td>
<td>
* [ ]
</td>
<td>
</td>
</tr>
<tr>
<td>
* [ ]
</td>
<td>
* [ ]
</td>
<td>
</td>
</tr>
</table>
# Kick-off video :movie_camera:
1. [ ] [GitLab 17.0 Kickoff - Package:Package](https://youtu.be/62XTt_nE2lI)
# Holidays :palm_tree:
:calendar_spiral: [Shared calendar](https://calendar.google.com/calendar/embed?src=c_5kbg522u4n99le6j6j1eejg2a4%40group.calendar.google.com)
Please order by _From_ date
| Person | From | To |
|--------|------|----|
| @trizzi | May 10 | May 21 |
| | | |
| | | |
# Helpful links
| Helpful links | Use this for |
|---------------|--------------|
| [Functional breakdown](https://gitlab.com/groups/gitlab-org/-/boards/1548554?label_name%5B%5D=group%3A%3Apackage%20registry&milestone_title=17.0) | Viewing issues scheduled for the current and next several milestones. |
| [Milestone board](https://gitlab.com/groups/gitlab-org/-/boards/1196366?label_name%5B%5D=group%3A%3Apackage%20registry) | See how the planned issues are broken down by function. |
| [Workflow board](https://gitlab.com/groups/gitlab-org/-/boards/1284221?label_name%5B%5D=group%3A%3Apackage%20registry&milestone_title=17.0) | See how the milestone issues are broken down by their current status (workflow). |
| [List of P1 unweighted issues](https://gitlab.com/dashboard/issues?scope=all&state=opened&label_name%5B%5D=group%3A%3Apackage%20registry&weight=None&milestone_title=17.0) | A list of issues that are not yet weighted, which is a requirement for P1 issues. |
| [Issues that need refining](https://gitlab.com/dashboard/issues?sort=relative_position&state=opened&label_name%5B%5D=group%3A%3Apackage%20registry&label_name%5B%5D=needs%20refining&milestone_title=17.0) | A list of issues that refinement |
| [Issue types by milestone](https://app.periscopedata.com/app/gitlab/1042933/Issue-Types-by-Milestone) | See the ratio of features, maintenance, and bugs |
# Operational tasks
1. [x] PM: Create this issue with the title "Milestone XX.Y review and discussion (Package stage)"
2. [x] PM: Assign the issue to PM, EM, SET, and PD
3. [x] PM: Set the due date to the end of the milestone
4. [x] PM: Update links with the correct milestone
5. [ ] PM: Write goals, list deliverables, community contribution, and stretch issues that align to the goals
6. [ ] SET: List quality issues
7. [ ] PD: List usability improvement issues
8. [ ] PM: List research issues
9. [ ] EM: List issues needing refinement
10. [ ] EM: Review that all issues listed as deliverables are refined. If there is missing weight, implementation plan, and/or ~"workflow::ready for development" label, then ping the team to [perform refinement](https://about.gitlab.com/handbook/engineering/development/ops/package/#refinement)
11. [ ] EM: For issues that are refined and labeled as ~"Package:P1", assign ~Deliverable and \~"Track Health Status" labels
12. [ ] EM: Confirm the list of issues in this issue match with the ones in the [filter](https://gitlab.com/dashboard/issues?state=all&label_name%5B%5D=group%3A%3Apackage%20registry&label_name%5B%5D=Deliverable&sort=relative_position&first_page_size=100&milestone_title=17.0).
13. [ ] EM: Confirm there is enough work for ~golang engineers, ~rails engineers, and ~frontend engineers, and capacity is not exceeded. Can use the [functional breakdown board](https://gitlab.com/groups/gitlab-org/-/boards/1548554?label_name%5B%5D=group%3A%3Apackage%20registry&milestone_title=17.0) to evaluate weights and coordinate with the team to confirm they feel comfortable with the commitments.
14. [ ] EM: Record a comment like [this](https://gitlab.com/gitlab-org/gitlab/-/issues/376232#note_1141647071 "Milestone 15.6 review and discussion") with the total weight, average, and type of issues ratio and update the table in this issue
15. [ ] PM: Record the kickoff video, link to this issue, and share it on Slack.
---
This issue was generated using the [Package:Package Registry milestone plan template](https://gitlab.com/gitlab-org/ci-cd/package-stage/package/-/blob/master/.gitlab/issue_templates/milestone-plan-package.md).17.0Tim Rizzitrizzi@gitlab.comCrystal Poolecpoole@gitlab.comTim Rizzitrizzi@gitlab.com2024-05-16https://gitlab.com/gitlab-org/gitlab/-/issues/451508Package registry order by version doesn't follow semver2024-03-26T21:27:19ZPhilippe LafoucrièrePackage registry order by version doesn't follow semver<!---
Please read this!
Before opening a new issue, make sure to search for keywords in the issues
filtered by the "regression" or "type::bug" label:
- https://gitlab.com/gitlab-org/gitlab/issues?label_name%5B%5D=regression
- https://g...<!---
Please read this!
Before opening a new issue, make sure to search for keywords in the issues
filtered by the "regression" or "type::bug" label:
- https://gitlab.com/gitlab-org/gitlab/issues?label_name%5B%5D=regression
- https://gitlab.com/gitlab-org/gitlab/issues?label_name%5B%5D=type::bug
and verify the issue you're about to submit isn't a duplicate.
--->
### Summary
<!-- Summarize the bug encountered concisely. -->
When sorting packages (in the [Package Registry](https://docs.gitlab.com/ee/user/packages/package_registry/index.html) page) by version, the sort is done on the text, and not on the semver representation.
### Steps to reproduce
<!-- Describe how one can reproduce the issue - this is very important. Please use an ordered list. -->
1. Create a new GitLab project
1. Publish a package with the version `v16.9.0`
1. Publish a package with the version `v16.9.1`
1. Publish a package with the version `v16.10.0`
1. Go to the project packages (Deploy -> Package registry)
### Example Project
<!-- If possible, please create an example project here on GitLab.com that exhibits the problematic
behavior, and link to it here in the bug report. If you are using an older version of GitLab, this
will also determine whether the bug is fixed in a more recent version. -->
https://gitlab.com/gitlab-org/sbom/features/gitlab-runner/-/packages?type=&version=&orderBy=version&sort=desc&search[]=
### What is the current *bug* behavior?
<!-- Describe what actually happens. -->
Order is:
1. v16.10.0
2. v16.9.0
3. v16.9.1
### What is the expected *correct* behavior?
<!-- Describe what you should see instead. -->
Order should be:
1. v16.9.0
1. v16.9.1
1. v16.10.0
### Relevant logs and/or screenshots
<!-- Paste any relevant logs - please use code blocks (```) to format console output, logs, and code
as it's tough to read otherwise. -->
### Output of checks
<!-- If you are reporting a bug on GitLab.com, uncomment below -->
This bug happens on GitLab.com
#### Results of GitLab environment info
<!-- Input any relevant GitLab environment information if needed. -->
<details>
<summary>Expand for output related to GitLab environment info</summary>
<pre>
(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)
(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)
</pre>
</details>
#### Results of GitLab application Check
<!-- Input any relevant GitLab application check information if needed. -->
<details>
<summary>Expand for output related to the GitLab application check</summary>
<pre>
(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:check SANITIZE=true`)
(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true`)
(we will only investigate if the tests are passing)
</pre>
</details>
### Possible fixes
<!-- If you can, link to the line of code that might be responsible for the problem. -->
This is how we sort version in the GitLab SBOM generator: https://gitlab.com/gitlab-org/sbom/generator/-/blob/850b66cee5ff1e1aeb91d4a0dda17778e603c223/common/common.sh#L260Backloghttps://gitlab.com/gitlab-org/gitlab/-/issues/451454[Test] spec/workers/packages/debian/generate_distribution_worker_spec.rb | Pa...2024-03-22T13:41:15ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/workers/packages/debian/generate_distribution_worker_spec.rb | Packages::Debian::GenerateDistributionWorker#perform for group with valid parameters behaves like an idempotent worker performs multiple times sequentially without raising an ex...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/workers/packages/debian/generate_distribution_worker_spec.rb#L56`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/workers/packages/debia...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/workers/packages/debian/generate_distribution_worker_spec.rb#L56`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/workers/packages/debian/generate_distribution_worker_spec.rb#L56) |
| Filename | `spec/workers/packages/debian/generate_distribution_worker_spec.rb` |
| Description | `Packages::Debian::GenerateDistributionWorker#perform for group with valid parameters behaves like an idempotent worker performs multiple times sequentially without raising an exception` |
| Test level | unit |
| Hash | `fd8b1452cc16fb932f488abd59f80d61210429fc4` |
| Reference duration | 8.5 seconds |
| Expected duration | < 45.4 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/451255[Test] spec/requests/api/graphql/packages/nuget_spec.rb | nuget package detai...2024-03-21T15:00:32ZTEST_FAILURES_PROJECT_TOKEN[Test] spec/requests/api/graphql/packages/nuget_spec.rb | nuget package details avoids N+1 queries### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/nuget_spec.rb#L41`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/nuget_spe...### Test metadata (don't modify)
| Field | Value |
| ------ | ------ |
| File URL | [`spec/requests/api/graphql/packages/nuget_spec.rb#L41`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/requests/api/graphql/packages/nuget_spec.rb#L41) |
| Filename | `spec/requests/api/graphql/packages/nuget_spec.rb` |
| Description | `nuget package details avoids N+1 queries` |
| Test level | integration |
| Hash | `88d6e1cb1b207138109841987e898256e133a46b1` |
| Reference duration | 4.93 seconds |
| Expected duration | < 19.2 seconds |https://gitlab.com/gitlab-org/gitlab/-/issues/451242Investigate dependency proxy for packages performance2024-03-22T20:44:03ZDavid FernandezInvestigate dependency proxy for packages performance## :fire: Problem
Compare the performance of the following scenarios:
1. CI job pulling _all_ packages from an official registry directly vs through a dependency proxy (with a warm cache).
1. local machine (located far from the ~"gitla...## :fire: Problem
Compare the performance of the following scenarios:
1. CI job pulling _all_ packages from an official registry directly vs through a dependency proxy (with a warm cache).
1. local machine (located far from the ~"gitlab.com" object storage) pulling _all_ packages from an official registry directly vs through a dependency proxy (with a warm cache).
If usage (2.) (non CI) is larger that usage (1.) (CI), then a CDN approach (as in https://about.gitlab.com/blog/2022/10/25/gitlab-com-artifacts-cdn-change/) is valuable as it will help users to retrieve packages from closer locations. However, from my understanding, this brings no benefit in usage (1.).
## :fire_engine: Solution
1. Investigate the dependency proxy usage. In particular, analyze the CI usage vs the non CI usage.
* We can use GCP IP ranges here to detect request coming from GCP. See https://www.gstatic.com/ipranges/goog.json.
1. Depending on the results of (1.), investigate if using a CDN is worth here.
1. If that's the case, investigate the amount of work to do.
## :crystal_ball: Other considerations
The same analysis path/logic could be applied to the [dependency proxy for container images](https://docs.gitlab.com/ee/user/packages/dependency_proxy/).17.0