12.1.201907011127-89a10646f72.525eef0083b QA Issue
Process
Each engineer validates and checks off each of their assigned QA task(s).
- Check off each Merge Request changes that you've tested successfully and note any issues you've created and check them off as they are resolved.
- If a problem is found:
- Create an issue for it and add a sub bullet item under the corresponding validation checklist task. Link the issue there.
- Add the severity label
- Raise the problem in the discussion and tag relevant Engineering and Product managers.
- If a regression is found:
- Create an issue for it
- Add the severity label and the regression label
- Raise the regression in the discussion and tag relevant Engineering and Product managers.
General Quality info can be found in the Quality Handbook.
Note: If you are assigned tasks outside your normal work hours, you're not expected to work overtime. Please complete the tasks as soon as possible during your normal work hours.
Deadline
QA testing on staging.gitlab.com for this issue should be completed by 2019-07-02 15:08 UTC. After this deadline has passed, the issue will be closed automatically.
If the deadline has passed, please perform your task as soon as possible anyway (during your normal work hours). It's important that the testing is performed, even if deployment has proceeded to a later stage.
Merge Requests tested in 12.1.201907011127-89a10646f72.525eef0083b
Community contribution
Community contribution-
@filipa | Remove tooltip directive on project avatar image component Community contribution ~"Create" devopscreate frontend ~"group::editor" ~"performance" -
@kushalpandya | Update tar to 2.2.2 Community contribution ~"backstage" ~"dependency update" security -
@ayufan | Add name & search parameters to project environments API Community contribution ~"Release" api environments -
@nick.thomas | Change HTTP Status Code when repository disabled 1st contribution Community contribution ~"Create" api devopscreate -
@eread | Mention kaniko in container registry ~"Category::Runner" Community contribution ~"Documentation" docs-only -
@reprazent | Upgrade Gitaly to v1.49.0 Community contribution ~"Gitaly" ~"backstage" -
@tkuah | Fix Jupyter-Git integration Community contribution ~"Configure" ~"Pick into 12.0" ~"bug" ~"devops::configure" ~"jupyter" ~"runbooks" -
@stanhu | Port of refactor/remove-sentry-from-app-settings to EE Community contribution customer deprecation -
@stanhu | Remove Sentry settings from application settings Community contribution customer deprecation release post item -
@fatihacet | Externalize strings of access tokens page in user profile Community contribution Hackathon frontend ~"internationalization" -
@fatihacet | Externalize strings of access tokens page in user profile Community contribution frontend ~"internationalization" -
@eread | Docs: GFM Doc Refactor Community contribution ~"Documentation" markdown -
@rpaik | docs: Update README.md. Made a simple grammar fix. 1st contribution Community contribution ~"Documentation" -
@iamphill | Fix styling for app/assets/stylesheets/framework/notes.scss
CSS cleanup Community contribution ~"backstage" frontend -
@marcia | Add alerts to GitLab basics Community contribution ~"Create" ~"Documentation" devopscreate -
@filipa | move EE-specific code to subtemplate Community contribution ~"backstage" frontend single codebase ~"technical debt" -
@filipa | added code difference in app/views/search/_category.html.haml
from EE to CE 1st contribution Community contribution ~"Plan" -
@reprazent | Add /relate
quick action 1st contribution Community contribution ~"Documentation" ~"Plan" devopsplan quick actions -
@reprazent | Doc backport: Add /relate
quick action 1st contribution Community contribution ~"Documentation" ~"Plan" devopsplan single codebase -
@rymai | Replace 'JIRA' with 'Jira' Community contribution ~"Documentation" ~"Jira" ~"backstage" devopsplan ~"external services"
Plan ~"Plan"
-
@annabeldunstone | Epic tabs UI fixes ~"Plan" ~"S4" UX ~"bug" devopsplan epics ~"group::team planning" -
@smcgivern | Fix notes email with group-level notification email ~"P2" ~"Plan" ~"S2" backend ~"bug" regression regression:12.0 -
@smcgivern | Fix label serialisation in issue and note hooks ~"Plan" backend ~"bug" regression regression:12.0 ~"webhooks" -
@engwan | [EE] Limit time tracking units to hours ~"Category::Time Tracking" ~"Plan" backend database frontend -
@engwan | Limit time tracking units to hours ~"Category::Time Tracking" ~"Plan" backend database frontend -
@arthanzel | Allow autocompleting labels using colons and spaces ~"Accepting merge requests" ~"Plan" devopsplan ~"feature" frontend internal customer quick actions ~"workflow::In review" -
@winh | Copy issue boards list model from CE ~"Category::Issue Boards" ~"Plan" ~"backstage" devopsplan frontend single codebase -
@rajatgitlab | Bring Manual Ordering on Issue List ~"Plan" ~"feature" frontend issues -
@rajatgitlab | Bring Manual Ordering on Issue List ~"Plan" ~"feature" frontend issues -
@filipa | EE port of Removes EE differences for sortable_default_options ~"Plan" frontend single codebase -
@filipa | Removes EE differences for sortable_default_options ~"Plan" frontend single codebase -
@filipa | Removes EE differences for app/assets/javascripts/sidebar/components/time_tracking/comparison_pane.vue
~"Plan" frontend single codebase -
@filipa | EE port of: Removes EE differences for app/assets/javascripts/sidebar/sidebar_mediator.js ~"Plan" ~"backstage" frontend single codebase -
@filipa | Removes EE differences for app/assets/javascripts/sidebar/sidebar_mediator.js ~"Plan" ~"backstage" frontend single codebase -
@annabeldunstone | Use darker gray color for system note metadata and edited text ~"Plan" UI polish UX accessibility frontend -
@acroitor | Port Multiple Issue Boards for Projects to Core ~"Category::Issue Boards" ~"Documentation" ~"Plan" backend ~"feature" -
@acroitor | Move Multiple Issue Boards for Projects to Core ~"Category::Issue Boards" ~"Documentation" ~"Plan" auto updated backend ~"backstage" customer devopsplan ~"feature" frontend potential proposal stewardship -
@arthanzel | Conform related issues/MRs card to design docs ~"Plan" UX debt ~"bug" frontend issues ~"technical debt" ~"workflow::In review" -
@arthanzel | Conform related issues/MRs card to design docs ~"Plan" UX debt ~"bug" frontend issues ~"technical debt" ~"workflow::In review" -
@pgascouvaillancourt | Fix unresponsive reply button in discussions ~"Create" ~"P3" ~"Plan" ~"S3" ~"Secure" ~"bug" frontend regression regression:11.11 -
@filipa | EE port of Removes EE differences for app/views/projects/tree/_tree_header.html.haml ~"Plan" ~"backstage" frontend single codebase -
@filipa | Removes EE differences for app/views/projects/tree/_tree_header.html.haml ~"Plan" ~"backstage" frontend single codebase -
@jarka | Fix weight quick action to support 0 value ~"P3" ~"Plan" ~"S3" backend ~"bug" devopsplan issue weight issues ~"missed-SLO" quick actions ~"workflow::In review" -
@egrieff | Do not change updated_at on an issue when reordering on an issue board ~"Plan" backend customer ~"feature" issues -
@filipa | EE: Moves EE differences for app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue ~"Plan" frontend single codebase -
@filipa | Moves EE differences for app/assets/javascripts/pages/projects/shared/permissions/components/settings_panel.vue ~"Plan" ~"backstage" frontend single codebase -
@arthanzel | Allow collapsing all issue boards CS Top 10 (2018CQ2) ~"Category::Issue Boards" ~"Plan" ~"UX ready" customer devopsplan direction ~"feature" frontend internal customer
Create ~"Create"
-
@iamphill | Fix EE differences in services/_form.html.haml ~"Create" ~"bug" frontend single codebase -
@oswaldo | [EE] Automatically update MR merge-ref along merge status ~"Create" backend ~"backstage" merge requests -
https://gitlab.com/gitlab-org/gitlab-ee/issues/12562 (~P2 ~S2 being handled by @dosuken123)
-
-
@oswaldo | Automatically update MR merge-ref along merge status ~"Create" backend ~"backstage" ~"code review" diff merge requests -
@iamphill | Show create merge request button on confidential issues ~"Create" ~"feature" frontend -
@toupeira | Build correct basenames for title search results ~"Create" Deliverable ~"P2" ~"S2" backend ~"bug" customer ~"group::editor" regression regression:11.0 ~"search" ~"wiki" -
@filipa | Removes EE differences for title_spec ~"Create" ~"backstage" frontend single codebase -
@iamphill | Render branch divergence graph with Vue ~"Create" ~"feature" frontend -
@toupeira | Resolve "500 error when forking via the web IDE button" ~"Create" Deliverable ~"P2" ~"S3" backend ~"bug" ~"group::editor" ~"missed-SLO" regression regression:11.3 reproduced on GitLab.com ~"web ide" -
@mishunov | Resolve "Re-name files in Web IDE in a more natural way" ~"Create" Deliverable Persona: Development Team Lead Persona: Software developer devopscreate ~"feature" frontend ~"group::editor" missed-deliverable missed:12.0 ~"web ide" ~"workflow::In dev" -
@mishunov | Hid re-named entries in subfolders
-
-
@iamphill | Fetch commit message with logs_tree endpoint ~"Create" ~"feature" frontend -
@pslaughter | Add jQuery in jest test_setup ~"Create" Deliverable ~"backstage" frontend ~"group::editor" unit testing -
@sming-gitlab | Fix incorrect reaction placement in commit diff discussion ~"Create" Deliverable ~"P3" ~"S3" award emoji ~"bug" devopscreate diff frontend groupsource code missed-deliverable missed:12.0 reproduced on GitLab.com ~"workflow::In dev" -
@filipa | Removes EE differences for spec/javascripts/vue_mr_widget/mr_widget_options_spec.js ~"Create" ~"backstage" frontend single codebase -
@sbigelow | Extract related issuable input for #9688 ~"Create" auto updated ~"feature" frontend groupsource code -
@sming-gitlab | Rearrange discussion resolve buttons ~"Create" Deliverable UI polish ~"UX ready" ~"bug" devopscreate frontend groupsource code merge requests -
@.luke | EE backport for !gitlab-ce/29919 (GraphQL mutations for add, remove and toggle emoji) ~"Create" GraphQL backend devopscreate ~"feature" groupknowledge -
@.luke | GraphQL mutations for add, remove and toggle emoji ~"Create" Deliverable GraphQL backend ~"design management" devopscreate ~"feature" groupknowledge ~"workflow::In dev" -
@igor.drozdov | Extract MR's widget into a separate request ~"Create" backend ~"backstage" devopscreate groupsource code merge requests ~"performance" -
@iamphill | Added commit type to tree GraphQL type ~"Create" ~"feature" frontend -
@patrickbajao | Support remapping of Git repos via SSH with project aliases ~"Create" Deliverable ~"Documentation" api backend customer+ database devopscreate ~"feature" groupsource code repository ~"workflow::In review" -
@iamphill | Use GraphQL API to fetch last commit data ~"Create" ~"feature" frontend
Manage ~"Manage"
-
@wortschi | Resolve "User Onboarding: Calculate percentageComplated
instead of using a hardcoded value" ~"Manage" frontend -
@tristan | Docs: Correct group path instructions ~"Documentation" ~"Manage" devopsmanage ~"support-fix" -
@dennis | Resolve "Improved group lists UI" Deliverable ~"Manage" ~"P2" devopsmanage direction ~"feature" frontend ~"groups" missed:11.11 project -
@wortschi | New user onboarding (Guided Tour) Deliverable ~"Growth" ~"Manage" ~"P1" direction feature flag frontend ~"workflow::In dev" -
@wortschi | (CE Port) New user onboarding (Guided Tour) Deliverable ~"Growth" ~"Manage" ~"P1" direction frontend -
@wortschi | Add additonal specs for onboarding Deliverable ~"Growth" ~"Manage" ~"P1" ~"backstage" direction frontend ~"technical debt" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/jobs directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | EE Port - Vue-i18n: app/assets/javascripts/monitoring directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/monitoring directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | EE Port - Vue i18n js issue show directory ee Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/issue_show directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@wortschi | Resolve "Track onboarding events in Snowplow" ~"Accepting merge requests" ~"Manage" ~"P1" devopsmanage frontend snowplow tracking events -
@wortschi | Set project path on localStorage during onboarding Deliverable ~"Growth" ~"Manage" ~"P1" direction frontend -
@wortschi | (CE Port) Set project path on localStorage during onboarding Deliverable ~"Growth" ~"Manage" ~"P1" direction frontend -
@tristan | Docs: Add more info on recovery codes 2FA ~"Documentation" ~"Manage" devopsmanage ~"support-fix" -
@ekigbo | EE Port - Vue-i18n: app/assets/javascripts/diffs directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/diffs directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ifarkas | Update doc link on IP restriction Deliverable GitLab Ultimate ~"Manage" authorization backend ~"backstage" devopsmanage ~"estimation:completed" ~"group::access" -
@ekigbo | Vue-i18n: app/assets/javascripts/performance_bar directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | Vue-i18n: autofix for app/assets/javascripts/performance_bar directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" -
@ekigbo | EE port - Vue-i18n: javascripts/boards directory Deliverable ~"Manage" ~"backstage" frontend ~"internationalization" ~"workflow::In review"
Verify ~"Verify"
-
@sarahghp | Resolve "Add Copy to Clipboard Button to Review App Modal" ~"Category::Usability Testing" Deliverable ~"UX ready" ~"Verify" depth devopsverify ~"feature" frontend -
@fabiopitino | Skip TeamCity trigger on branch delete and support MR triggers ~"Accepting merge requests" ~"P4" ~"S3" ~"Verify" ~"bug" default-priority default-severity devopsverify ~"external services" ~"workflow::In review" -
@dosuken123 | FIX: Scheduled pipelines scheduled to run at the same time as pipeline_schedule_worker gets pushed to the next run ~"P3" ~"Pick into 12.0" ~"S3" ~"Verify" ~"bug" devopsverify -
@drewcimino | RSpec::Parameterized syntax for CI pipeline build seed specs ~"Verify" ~"backstage" devopsverify -
@ayufan | Revert "Fix copying a single line from Firefox" ~"Verify" ~"backstage" ~"bug" frontend reverted -
@dzaporozhets | Resolve "Runner tags search dropdown is empty" ~"Verify" ~"bug" -
@blunceford | Updated explanation of CI_COMMIT_BEFORE_SHA variable ~"Documentation" ~"Verify" devopsverify docs-only ~"support-fix" -
@tmaczukin | Update GitLab Runner Helm Chart to 0.6.0/12.0.0 ~"Verify" ~"dependency update" -
@fabiopitino | Pipeline must be present if "Pipeline must succeed" is set ~"P3" ~"S3" ~"Verify" ~"bug" customer devopsverify -
@steveazz | Add note about Docker socket mounting ~"Category::Runner" ~"Verify" ~"backstage" devopsverify ~"group::ci and runner" -
@matteeyah | Bump Code Quality version ~"Category::Code Quality" ~"Verify" ~"backstage" devopsverify -
@filipa | EE: Removes EE differences for app/assets/javascripts/pipelines/pipeline_details_mediator.js ~"Verify" ~"backstage" frontend single codebase -
@filipa | Removes EE differences for app/assets/javascripts/pipelines/pipeline_details_mediator.js ~"Verify" ~"backstage" frontend single codebase -
@sarahghp | Visual Review: Fix the typo preventing the button from displaying ~"Pick into 12.0" ~"Verify" ~"backstage" ~"bug" frontend -
@sarahghp | Resolve "Including a link to the posted comment for visual review app review feature" ~"Category::Usability Testing" GitLab Starter UX debt ~"Verify" backend depth devopsverify ~"feature" frontend -
@filipa | EE: Removes EE differences for app/assets/javascripts/reports/components/report_item.vue ~"Secure" ~"Verify" ~"backstage" frontend single codebase -
@filipa | Removes EE differences for app/assets/javascripts/reports/components/report_item.vue ~"Secure" ~"Verify" ~"backstage" frontend single codebase -
@dosuken123 | Set higher TTL to write lock for traces ~"P2" ~"S2" ~"Verify" ~"bug"
Release ~"Release"
-
@marcia | Docs: link to predefined env variables reference more evident ~"Documentation" ~"Release" ~"ci variables" ~"docs:improvement" -
@vshushlin | Renew pages domain's certificates through Let's Encrypt Deliverable Product Vision FY20 ~"Release" UX ~"UX ready" breadth customer ~"devops::release" direction ~"feature" frontend maturitylovable missed-deliverable missed:11.10 missed:11.11 ~"pages" ~"workflow::In dev" -
@vshushlin | Use project depended feature flag for pages ssl and get certificates only for enabled domains Deliverable ~"Documentation" Product Vision FY20 ~"Release" ~"UX ready" breadth customer ~"devops::release" direction ~"feature" frontend maturitylovable missed-deliverable missed:11.10 missed:11.11 ~"pages" ~"workflow::In dev" -
@vshushlin | Speed up obtaining Let's Encrypt certificates Deliverable ~"Documentation" Product Vision FY20 ~"Release" ~"UX ready" breadth customer ~"devops::release" direction ~"feature" frontend maturitylovable missed-deliverable missed:11.10 missed:11.11 ~"pages" ~"workflow::In dev" -
@marcia | Docs: document "force https" for Pages ~"Documentation" OKR ~"Release" ~"devops::release" docs-missing docs-only -
@dosuken123 | Show position of merge trains in system notes ~"P4" ~"Release" ~"S4" UX ~"bug" -
@psimyn | Resolve "Environment details header border misaligned" ~"Release" UI polish UX frontend issues
Geo ~"Geo"
-
@dbalexandre | Geo - Use Gitlab::JsonCache only for the persistent cache on Gitlab::Geo ~"Geo" ~"Geo Performance" ~"backstage" -
@dbalexandre | Geo - Clean up code related to legacy queries Deliverable ~"Geo" ~"Geo Performance" ~"backstage" -
@ashmckenzie | Quarantine Geo Secondary::ShardWorker test for now ~"Geo" Geo Administration ~"backstage" master:broken ~"workflow::In dev"
Gitaly ~"Gitaly"
-
@stanhu | Enable Gitaly ref name caching for discussions.json ~"Gitaly" ~"performance" -
@zj-gitlab | Bump GITALY_SERVER_VERSION to v1.48.0 ~"Gitaly" ~"backstage" -
@stanhu | Allow caching of negative FindCommit matches ~"Gitaly" ~"performance" -
@stanhu | Enable Gitaly ref caching for SearchController ~"Gitaly" ~"performance" ~"search" -
@pokstad1 | Change GetRawChanges RPC to use bytes ~"Gitaly" auto updated ~"bug" devopscreate -
@stanhu | Avoid loading pipeline status in search results ~"Gitaly" devopsverify ~"performance"
Configure ~"Configure"
-
@tkuah | [EE] App label warning for deploy boards ~"Configure" Deliverable ~"UX ready" backend deprecation depth ~"devops::configure" ~"feature" frontend ~"kubernetes" -
@tkuah | Improve #has_metrics? and Environment#has_terminals? ~"Configure" ~"backstage" ~"performance" -
@tigerwnz | Enable JIT Kubernetes resource creation for project level clusters ~"Configure" ~"feature" ~"kubernetes" -
@tkuah | Add how to migrate deployments for deploy boards ~"Configure" ~"Documentation" ~"docs-fix" ~"feature" ~"kubernetes" -
@tkuah | Remove deprecated call in BuildSuccessWorker ~"Configure" ~"backstage" environments -
@tkuah | Refactor Deployment#cluster to #deployment_platform_cluster ~"Configure" ~"backstage" environments ~"kubernetes" -
@ealcantara | Handle dependencies between cluster managed apps installation status ~"Configure" ~"backstage" frontend -
@tigerwnz | Instance-level cluster pod terminal access ~"Configure" Deliverable backend ~"devops::configure" direction ~"feature" ~"kubernetes" -
@tigerwnz | Instance-level cluster pod terminal access ~"Configure" Deliverable backend ~"devops::configure" direction ~"feature" ~"kubernetes" -
@danielgruesso | Add zero downtime upgrade detail for production_replicas ~"Configure" ~"Documentation" ~"Pick into 12.0" ~"auto devops" ~"devops::configure" ~"feature" -
@tkuah | Refactor EE find_group_cluster_platform_kubernetes ~"Configure" ~"backstage" ~"kubernetes" -
@jerasmus | Update toast action selector ~"Configure" ~"component::toasts" frontend -
@tkuah | Remove group and instance clusters feature flag ~"Configure" ~"feature" feature flag ~"kubernetes" -
@danielgruesso | Application Development Platform docs updates ~"Configure" ~"Documentation" ~"devops::configure" ~"feature"
Monitor ~"Monitor"
-
@jivanvl | Add column chart component to the monitoring bundle APM Charts ~"Monitor" ~"backstage" frontend -
@splattael | CE backport: Resolve "Make "Create an issue" default for Incident Management" ~"Documentation" ~"Monitor" ~"feature" ~"incident management" -
@bjk-gitlab | Update HA monitoring documentation ~"Monitor" ~"backstage" docs-only -
@splattael | Resolve "Make "Create an issue" default for Incident Management" Deliverable ~"Monitor" backend database ~"feature" ~"incident management" release post item -
@rpereira2 | Always display environment selector in Metrics dashboard APM Deliverable ~"Monitor" ~"P2" ~"S2" ~"bug" customer devopsmonitor frontend ~"workflow::In review" -
@psimyn | Load dashboards from project's git repository APM Deliverable ~"Monitor" devopsmonitor feature flag frontend -
@syasonik | Add permission check to metrics dashboards Health ~"Monitor" backend devopsmonitor ~"feature" ~"group::health" -
@dbodicherla | Turn commit sha in monitor charts popover to link APM Deliverable ~"Monitor" ~"cluster monitoring" ~"feature" frontend ~"workflow::In dev" -
@psimyn | Fix charts on Cluster page Charts ~"Monitor" ~"bug" frontend regression -
@ayufan | Update prometheus-client-mmap to 0.9.6 ~"Memory" ~"Monitor" ~"bug" ~"metrics" -
@alipniagov | Use PROCESS_CPUTIME_ID for cpu time metrics ~"Memory" ~"Monitor" ~"bug" ~"metrics"
Secure ~"Secure"
-
@pgascouvaillancourt | Update pagination prev and next texts ~"Secure" ~"component::pagination" frontend ~"pajamas::implement" -
@dpisek | Make side-nav expanded when viewing dependencies ~"P4" ~"S4" ~"Secure" ~"Secure::Software Composition Analysis" ~"bug" dependency list devopssecure frontend ~"group::software composition analysis" -
@caneldem | Update license management paragraph in ci settings Deliverable ~"Secure" ~"Secure::Software Composition Analysis" UX backend ~"backstage" devopssecure ~"feature" ~"group::software composition analysis" -
@axil | Document all the available options for Dependency Scanning ~"Documentation" ~"Secure" ~"Secure::Software Composition Analysis" ~"dependency scanning" devopssecure -
@dpisek | Add anchor to learn-more-button on dependency list ~"P1" ~"S3" ~"Secure" ~"Secure::Software Composition Analysis" ~"bug" dependency list devopssecure frontend ~"group::software composition analysis" -
@plafoucriere | Fix reports jobs timing out because of cache ~"Secure" ~"Secure::Static and Dynamic Analysis" backend ~"bug" ~"dependency scanning" devopsverify ~"sast" -
@axil | Mention what tools are not supported in Dependency Scanning ~"Documentation" ~"Secure" devopssecure -
@plafoucriere | Fix learn more link in dep list empty state ~"Secure" ~"Secure::Software Composition Analysis" ~"feature" -
@markrian | Add dependency_list_vulnerabilities feature flag Deliverable Persona: Development Team Lead Persona: Security Analyst ~"Secure" ~"Secure::Software Composition Analysis" ~"UX ready" analysts backend ~"backstage" customer dependency list devopssecure direction ~"feature" feature flag frontend internal customer -
@leipert | Add a danger rule to suggest docs-
prefixes Danger bot ~"Secure" ~"backstage" -
@markrian | Refactor Dependency List Vuex store Deliverable Persona: Development Team Lead Persona: Security Analyst ~"Secure" ~"Secure::Software Composition Analysis" ~"UX ready" analysts backend customer dependency list devopssecure direction ~"feature" frontend internal customer -
@axil | Document the security tools maintenance and vulnerabilities DB update ~"Documentation" ~"Secure" ~"Secure::Software Composition Analysis" devopssecure ~"feature" -
@leipert | Use absolute paths for SCSS imports ~"Secure" ~"backstage" ~"dependency update" frontend -
@leipert | EE-Port of https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/30161 ~"Secure" ~"backstage" ~"dependency update" frontend -
@farias-gl | First pass at auto remediation changes Deliverable ~"Secure" frontend
frontend
frontend-
@filipa | Removes EE differences for gfm_autocomplete frontend single codebase -
@leipert | Upgrade jquery to 3.4.1 ~"backstage" ~"dependency update" frontend -
@leipert | Upgrade axios to 0.19.0 ~"backstage" ~"dependency update" frontend -
@dzaporozhets | Remove baseEndpoint from search dropdwon ~"backstage" frontend ~"technical debt" -
@dzaporozhets | Resolve "Follow-up from "Use scoped routes for labels and milestones"" ~"backstage" frontend ~"technical debt" -
@filipa | Removes EE differences for spec/frontend/boards/modal_store_spec.js ~"backstage" frontend single codebase -
@leipert | Remove duplicate frontend spec ~"backstage" frontend single codebase -
@filipa | Removes EE differences for sp.js ~"backstage" frontend single codebase
database
database-
@stanhu | Re-add ignore_column for import columns ~"backstage" database devopscreate -
@andrewn | Refactor AfterCommitQueue.inside_transaction? ~"backstage" database -
@stanhu | Fix background migrations failing with unused replication slot backend ~"bug" database devopscreate -
@mayra-cabrera | Removes Database Reviewer template backend ~"backstage" database -
@jagood | Support jsonb Default Value in add_column_with_default Migration Helper database ~"feature" -
@patrickbajao | CE port of https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/14108 Deliverable ~"Documentation" backend ~"backstage" database groupsource code repository -
@andrewn | Monitor database transaction activity for Rails Observability ~"backstage" database ~"metrics"
uncategorized ~"uncategorized"
-
@stanhu | Memoize non-existent custom appearances ~"performance" -
@ekigbo | Fix broken master : Regenerate gitlab.pot file ~"backstage" ~"internationalization" master:broken -
@mvanremmerden | Resolve "Avatar in "Please sign in" pattern too large" UI polish UX UX debt ~"bug" -
@stanhu | Eliminate N+1 queries in Dashboard::TodosController devopsplan ~"performance" -
@alipniagov | Move derailed_benchmarks
gem to :default group ~"Memory" ~"P1" ~"backstage" -
@alipniagov | Move derailed_benchmarks
gem to default group ~"Memory" ~"backstage" -
@mayra-cabrera | Fixes gitlab.pot master:broken -
@qzhaogitlab | Add gem size information to metrics.txt in memory CI artifacts ~"Memory" ~"P1" ~"backstage" -
@stanhu | Silence backup warnings when CRON=1 in use ~"bug" devopscreate regression:12.0 -
@ashmckenzie | New user signup with/without reCAPTCHA A/B test ~"A/B test" ~"Growth" ~"backstage" -
@ashmckenzie | CE port of new user signup with/without reCAPTCHA A/B test (no-op) ~"Growth" ~"backstage" -
@dbalexandre | Parse the cached value when it is false on Gitlab::JsonCache#read ~"backstage" -
@dbalexandre | Set 2 weeks as the expiration time for the current broadcast message ~"backstage" -
@dbalexandre | Set 2 weeks as the expiration time for the current broadcast message ~"backstage" -
@.luke | Sanity check for GraphQL authorized? GraphQL ~"backstage" -
@andrewn | In dev, always allow access to health endpoints from localhost ~"backstage" ~"metrics" -
@stanhu | Disable Rails SQL query cache when applying service templates ~"P1" backend ~"bug" devopscreate -
@jprovaznik | Fix failing spec/models/internal_id_spec.rb spec ~"backstage" ~"bug" -
@rajatgitlab | Stub manual_sorting flag ~"backstage" ~"master:flaky" -
@stanhu | Remove extraneous CHANGELOG entry ~"backstage" ~"docs-fix" -
@dzaporozhets | Remove deprecated user routes backend ~"backstage" ~"technical debt" -
@stanhu | Update Mermaid to 8.1.0 auto updated ~"bug" devopsplan markdown -
@stanhu | Add support for creating random passwords in user creation API api customer devopsmanage ~"feature" -
@craig-gomes | Added Memory and Ecosystem team labels -
@cablett | Remove N+1 queries in boards API ~"backstage" devopsplan ~"performance" -
@cablett | Remove N+1 queries in boards API ~"backstage" devopsplan ~"performance" -
@nfriend | Update description text of "Merge requests" section of general project settings page UI polish UX ~"backstage" missed:11.11 -
@nfriend | CE backport for gitlab-org/gitlab-ee!11859: Update description text of "Merge requests" section of general project settings page UI polish UX ~"backstage" missed:11.11 -
@stanhu | Fix handling of multiple GroupSAML identities ~"backstage" devopsmanage saml -
@stanhu | Backport CE changes for multiple GroupSAML support ~"backstage" devopsmanage saml -
@stanhu | Support CIDR notation in IP rate limiter devopsmanage production request -
@alipniagov | Get memory data after booting app in production ~"Memory" ~"P1" ~"backstage" -
@rymai | Revert "Merge branch '62722-boot-app-in-ci-and-check-memory' into 'master'" ~"Memory" ~"P1" ~"S1" ~"backstage" ci-build master:broken -
@rymai | Resolve "master broken due to static-analysis" ~"P1" ~"S1" ~"bug" master:broken -
@arthanzel | Allow collapsing all issue boards ~"feature"
Automated QA for 12.1.201907011127-89a10646f72.525eef0083b
No QA job could be found for this release!
You will need to set up a dedicated environment for 12.1.201907011127-89a10646f72.525eef0083b by following the following steps:
Prepare the environments for testing the security fixes
Instructions to prepare environment
- In Google Cloud Console (access to this
should have been granted during on-boarding), create a new VM instance (in the
gitlab-internal
project) from theqa-security-1cpu-3-75gb-ram-ubuntu-16-04-lts
instance template for each version of GitLab. - Find the
.deb
package to install:- First find the pipeline for the
12.1.201907011127+ee.0
tag in the pipelines page. - Then on the pipeline page, click the
Ubuntu-16.04-staging
job in theUpload:gitlab_com
stage (or theStaging_upload
stage for versions prior to 11.5), you will need the job ID later.
- First find the pipeline for the
- Install the
.deb
package from the job artifact:- SSH into the VM via the GCP console.
- Create a
install-gitlab.sh
script in your home folder:TEMP_DEB="$(mktemp)" GITLAB_PACKAGE="https://dev.gitlab.org/api/v4/projects/gitlab%2Fomnibus-gitlab/jobs/${JOB_ID}/artifacts/pkg/ubuntu-xenial/gitlab-ee_${GITLAB_VERSION}-ee.0_amd64.deb" curl -H "PRIVATE-TOKEN: $DEV_TOKEN" "$GITLAB_PACKAGE" -o "$TEMP_DEB" && sudo dpkg -i "$TEMP_DEB" rm -f "$TEMP_DEB"
-
$DEV_TOKEN
needs to be set with adev.gitlab.org
personal access token so that the script can download the package -
$JOB_ID
needs to be set with theUbuntu-16.04-staging
job ID -
$GITLAB_VERSION
needs to be set with the version (without the-ee
prefix, e.g.11.4.10
).
-
- Change the script's permission with
chmod +x install-gitlab.sh
. - Run the script with
./install-gitlab.sh
. - Once GitLab installed, set the
external_url
in/etc/gitlab/gitlab.rb
withsudo vim /etc/gitlab/gitlab.rb
. You can find the VM's IP in the GCP console. - Reconfigure and restart GitLab with
sudo gitlab-ctl reconfigure && sudo gitlab-ctl restart
. - You may need to wait a few minutes after the above command finishes before the instance is actually accessible.
- Set the
root
's user password:- Visit http://IP_OF_THE_GCP_VM and change
root
's password. - Once the environments are ready, capture the information to add to the QA issue.
- Visit http://IP_OF_THE_GCP_VM and change
Automated QA
Instructions to perform automated QA
-
(Optional) If the QA Docker image doesn't exist, you will need to build it manually on your machine, e.g.
# In gitlab-ee › git fetch dev › git checkout v12.1.201907011127-89a10646f72.525eef0083b-ee › cd qa › docker build -t dev.gitlab.org:5005/gitlab/omnibus-gitlab/gitlab-ee-qa:12.1.201907011127-89a10646f72.525eef0083b-ee .
-
Make sure to export the following environment variables (you can find the token under the GitLab QA - Access tokens
1Password items)-
$QA_IMAGE
the URL of the QA image -
$QA_ENV_URL
with the URL of the environment where the package has been deployed (usually https://staging.gitlab.com for the current version, andhttp://IP_OF_THE_GCP_VM
for back-ported versions). -
$GITLAB_USERNAME
withroot
. -
$GITLAB_ADMIN_USERNAME
with$GITLAB_USERNAME
. -
$GITLAB_PASSWORD
with the password you've set for theroot
user. -
$GITLAB_ADMIN_PASSWORD
with$GITLAB_PASSWORD
. -
$GITHUB_ACCESS_TOKEN
with a valid GitHub API token that can access the https://github.com/gitlab-qa/test-project project -
$DEV_USERNAME
with yourdev
username -
$DEV_TOKEN
with a validdev
personal access token that has theread_registry
scope
› export QA_IMAGE="dev.gitlab.org:5005/gitlab/omnibus-gitlab/gitlab-ee-qa:12.1.201907011127-89a10646f72.525eef0083b-ee" › export QA_ENV_URL="<QA_ENV_URL>" › export GITLAB_USERNAME="root" › export GITLAB_ADMIN_USERNAME="$GITLAB_USERNAME" › export GITLAB_PASSWORD="<GITLAB_PASSWORD>" › export GITLAB_ADMIN_PASSWORD="$GITLAB_PASSWORD" › export GITHUB_ACCESS_TOKEN="<GITHUB_ACCESS_TOKEN>" › export DEV_USERNAME="<DEV_USERNAME>" › export DEV_TOKEN="<DEV_TOKEN>"
-
-
Update gitlab-qa
if needed› gem install gitlab-qa
-
Log into the dev
container registry› docker login --username "$DEV_USERNAME" --password "$DEV_TOKEN" dev.gitlab.org:5005
-
Automated QA completed. QA can be parallelized manually (for now): # Tab 1: This should take approximately 4.5 minutes › gitlab-qa Test::Instance::Any $QA_IMAGE $QA_ENV_URL -- qa/specs/features/api/ qa/specs/features/login/ qa/specs/features/merge_request/
# Tab 2: This should take approximately 6 minutes › gitlab-qa Test::Instance::Any $QA_IMAGE $QA_ENV_URL -- qa/specs/features/project/
# Tab 3: This should take approximately 5 minutes › gitlab-qa Test::Instance::Any $QA_IMAGE $QA_ENV_URL -- qa/specs/features/repository/
-
Post results as comments of this issue -
Create Automation Triage RELEASE_MAJOR_VERSION RC#
issues for all the automated QA failures (with failures logs + screenshots) and link it to this issue
Coordinate the Manual QA validation of the release
Click for details
- Notify the Security Engineer to verify the security fixes for the release.
- The manner in which the security fixes are verified can be done in two ways.
- By the Quality Engineer executing the validation with close collaboration and guidance from the Security Engineer.
- By the Security Engineer executing the validation with the Quality Engineer monitoring the steps.
- Note: When encountered with deadline and resource constraints, the work should be assigned for efficiency. Security Engineer should own verifying complex security validations while Quality Engineer is encouraged to help out with simpler validations. However it is important that the Security team signs off on the result of the validation.
- The manner in which the security fixes are verified can be done in two ways.
- Ensure that all the items for validation are validated and checked off before moving forward.
- Hand off the release assignment.
- Once all the validation is completed, Quality Engineer un-assigns themselves from the release issue leaving only the Security Engineer and the Release Manager.
/cc @gl-quality