Add an option to expose `description_html` in Release API [RUN ALL RSPEC] [RUN AS-IF-FOSS]

Merged Shinya Maeda requested to merge optinally-expose-description-html-in-release-api into master

What does this MR do?

This MR revisits the previous discussion point to introduce an API option to expose the description_html.

After the evaluation on gitlab.com and the recent 13.12 release, we got a few feedback from users that they are depending on the field for building an release page in the external system (example). Originally the field was not intended for such usage, however, we can't turn it down as long as the users are depending on it. Hence, we'll introduce include_html_description option to the Release API, to allow users to get the field by specifying the include_html_description=true. This field is hidden by default for performance reason (See #299447 (closed) for more details).

Reference: !60380 (comment 588693368)

Manual QA (API)

Get a list of Releases without description_html

shinya@shinya-B550-VISION-D:~/workspace/thin-gdk/services/rails/src$ curl "http://local.gitlab.test:8181/api/v4/projects/35/releases" 2>&1 | grep 'description_html'
shinya@shinya-B550-VISION-D:~/workspace/thin-gdk/services/rails/src$ 

Get a list of Releases with description_html

shinya@shinya-B550-VISION-D:~/workspace/thin-gdk/services/rails/src$ curl "http://local.gitlab.test:8181/api/v4/projects/35/releases?include_html_description=true" 2>&1  | grep description_html
[{"name":"Test","tag_name":"v0.1","description":"a","description_html":"\u003cp data-sourcepos=\"1:1-1:1\" dir=\"auto\"\u003ea\u003c/p\u003e","created_at":"2021-05-03T02:27:08.559Z","released_at":"2021-05-03T02:27:08.559Z","author":{"id":1,"name":"Administrator","username":"root","state":"active","avatar_url":"https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80\u0026d=identicon","web_url":"http://local.gitlab.test:8181/root"},"commit":{"id":"73ad9a9c13f7a885860425f272a28c2dc52d6d0c","short_id":"73ad9a9c","created_at":"2021-04-29T01:49:40.000+00:00","parent_ids":["6f515815f7a6c33fdc603c309bd6f7500896bea9"],"title":"Update .gitlab-ci.yml","message":"Update .gitlab-ci.yml","author_name":"Administrator","author_email":"admin@example.com","authored_date":"2021-04-29T01:49:40.000+00:00","committer_name":"Administrator","committer_email":"admin@example.com","committed_date":"2021-04-29T01:49:40.000+00:00","web_url":"http://local.gitlab.test:8181/root/dora-metrics/-/commit/73ad9a9c13f7a885860425f272a28c2dc52d6d0c"},"upcoming_release":false,"commit_path":"/root/dora-metrics/-/commit/73ad9a9c13f7a885860425f272a28c2dc52d6d0c","tag_path":"/root/dora-metrics/-/tags/v0.1","assets":{"count":7,"sources":[{"format":"zip","url":"http://local.gitlab.test:8181/root/dora-metrics/-/archive/v0.1/dora-metrics-v0.1.zip"},{"format":"tar.gz","url":"http://local.gitlab.test:8181/root/dora-metrics/-/archive/v0.1/dora-metrics-v0.1.tar.gz"},{"format":"tar.bz2","url":"http://local.gitlab.test:8181/root/dora-metrics/-/archive/v0.1/dora-metrics-v0.1.tar.bz2"},{"format":"tar","url":"http://local.gitlab.test:8181/root/dora-metrics/-/archive/v0.1/dora-metrics-v0.1.tar"}],"links":[{"id":3,"name":"google-3","url":"https://google-3.com","direct_asset_url":"https://google-3.com","external":true,"link_type":"other"},{"id":2,"name":"google-2","url":"https://google-2.com","direct_asset_url":"https://google-2.com","external":true,"link_type":"other"},{"id":1,"name":"google-1","url":"https://google-1.com","direct_asset_url":"https://google-1.com","external":true,"link_type":"other"}]},"evidences":[{"sha":"2cc4554ec19ef23185261fd556f93f5c22f1a97b9a0d","filepath":"http://local.gitlab.test:8181/root/dora-metrics/-/releases/v0.1/evidences/2.json","collected_at":"2021-05-03T02:27:08.990Z"}],"_links":{"self":"http://local.gitlab.test:8181/root/dora-metrics/-/releases/v0.1"}}]

Get a single Release without description_html

shinya@shinya-B550-VISION-D:~/workspace/thin-gdk/services/rails/src$ curl "http://local.gitlab.test:8181/api/v4/projects/35/releases/v0.1" 2>&1  | grep description_html
shinya@shinya-B550-VISION-D:~/workspace/thin-gdk/services/rails/src$ 

Get a single Release with description_html

shinya@shinya-B550-VISION-D:~/workspace/thin-gdk/services/rails/src$ curl "http://local.gitlab.test:8181/api/v4/projects/35/releases/v0.1?include_html_description=true" 2>&1  | grep description_html
{"name":"Test","tag_name":"v0.1","description":"a","description_html":"\u003cp data-sourcepos=\"1:1-1:1\" dir=\"auto\"\u003ea\u003c/p\u003e","created_at":"2021-05-03T02:27:08.559Z","released_at":"2021-05-03T02:27:08.559Z","author":{"id":1,"name":"Administrator","username":"root","state":"active","avatar_url":"https://www.gravatar.com/avatar/e64c7d89f26bd1972efa854d13d7dd61?s=80\u0026d=identicon","web_url":"http://local.gitlab.test:8181/root"},"commit":{"id":"73ad9a9c13f7a885860425f272a28c2dc52d6d0c","short_id":"73ad9a9c","created_at":"2021-04-29T01:49:40.000+00:00","parent_ids":["6f515815f7a6c33fdc603c309bd6f7500896bea9"],"title":"Update .gitlab-ci.yml","message":"Update .gitlab-ci.yml","author_name":"Administrator","author_email":"admin@example.com","authored_date":"2021-04-29T01:49:40.000+00:00","committer_name":"Administrator","committer_email":"admin@example.com","committed_date":"2021-04-29T01:49:40.000+00:00","web_url":"http://local.gitlab.test:8181/root/dora-metrics/-/commit/73ad9a9c13f7a885860425f272a28c2dc52d6d0c"},"upcoming_release":false,"commit_path":"/root/dora-metrics/-/commit/73ad9a9c13f7a885860425f272a28c2dc52d6d0c","tag_path":"/root/dora-metrics/-/tags/v0.1","assets":{"count":7,"sources":[{"format":"zip","url":"http://local.gitlab.test:8181/root/dora-metrics/-/archive/v0.1/dora-metrics-v0.1.zip"},{"format":"tar.gz","url":"http://local.gitlab.test:8181/root/dora-metrics/-/archive/v0.1/dora-metrics-v0.1.tar.gz"},{"format":"tar.bz2","url":"http://local.gitlab.test:8181/root/dora-metrics/-/archive/v0.1/dora-metrics-v0.1.tar.bz2"},{"format":"tar","url":"http://local.gitlab.test:8181/root/dora-metrics/-/archive/v0.1/dora-metrics-v0.1.tar"}],"links":[{"id":3,"name":"google-3","url":"https://google-3.com","direct_asset_url":"https://google-3.com","external":true,"link_type":"other"},{"id":2,"name":"google-2","url":"https://google-2.com","direct_asset_url":"https://google-2.com","external":true,"link_type":"other"},{"id":1,"name":"google-1","url":"https://google-1.com","direct_asset_url":"https://google-1.com","external":true,"link_type":"other"}]},"evidences":[{"sha":"2cc4554ec19ef23185261fd556f93f5c22f1a97b9a0d","filepath":"http://local.gitlab.test:8181/root/dora-metrics/-/releases/v0.1/evidences/2.json","collected_at":"2021-05-03T02:27:08.990Z"}],"_links":{"self":"http://local.gitlab.test:8181/root/dora-metrics/-/releases/v0.1"}}

Does this MR meet the acceptance criteria?

Conformity

Availability and Testing

Security

Does this MR contain changes to processing or storing of credentials or tokens, authorization and authentication methods or other items described in the security review guidelines? If not, then delete this Security section.

  • Label as security and @ mention @gitlab-com/gl-security/appsec
  • The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
  • Security reports checked/validated by a reviewer from the AppSec team
Edited by Shinya Maeda