VladPolskiy/gitlab-ce
1
0
Fork 0
mirror of https://github.com/gitlabhq/gitlabhq.git synced 2025-07-21 23:37:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add latest changes from gitlab-org/gitlab@master

Browse Source
This commit is contained in:
GitLab Bot
2024-12-16 21:26:50 +00:00
parent e6d27fce1f
commit 5d19eb9b89
18 changed files with 408 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.rubocop_todo/gitlab/bounded_contexts.yml
View File

@ -2296,8 +2296,8 @@ Gitlab/BoundedContexts:
- 'ee/app/graphql/mutations/iterations/delete.rb'
- 'ee/app/graphql/mutations/iterations/update.rb'
- 'ee/app/graphql/mutations/member_roles/base.rb'
- 'ee/app/graphql/mutations/member_roles/create_admin.rb'
- 'ee/app/graphql/mutations/member_roles/create.rb'
- 'ee/app/graphql/mutations/member_roles/create_admin.rb'
- 'ee/app/graphql/mutations/member_roles/delete.rb'
- 'ee/app/graphql/mutations/member_roles/update.rb'
- 'ee/app/graphql/mutations/quality_management/test_cases/create.rb'
@ -2925,8 +2925,8 @@ Gitlab/BoundedContexts:
- 'ee/app/models/package_metadata/sync_configuration.rb'
- 'ee/app/models/path_lock.rb'
- 'ee/app/models/preloaders/environments/protected_environment_preloader.rb'
- 'ee/app/models/preloaders/user_member_roles_in_groups_preloader.rb'
- 'ee/app/models/preloaders/user_member_roles_for_admin_preloader.rb'
- 'ee/app/models/preloaders/user_member_roles_in_groups_preloader.rb'
- 'ee/app/models/preloaders/user_member_roles_in_projects_preloader.rb'
- 'ee/app/models/product_analytics/dashboard.rb'
- 'ee/app/models/product_analytics/funnel.rb'
@ -3337,6 +3337,7 @@ Gitlab/BoundedContexts:
- 'ee/app/services/llm/internal/categorize_chat_question_service.rb'
- 'ee/app/services/llm/internal/completion_service.rb'
- 'ee/app/services/llm/merge_requests/summarize_review_service.rb'
- 'ee/app/services/llm/notes/measure_comment_temperature_service.rb'
- 'ee/app/services/llm/product_analytics/generate_cube_query_service.rb'
- 'ee/app/services/llm/resolve_vulnerability_service.rb'
- 'ee/app/services/llm/review_merge_request_service.rb'

1
.rubocop_todo/layout/argument_alignment.yml
View File

@ -3,7 +3,6 @@
Layout/ArgumentAlignment:
Exclude:
- 'ee/app/services/ee/projects/create_from_template_service.rb'
- 'ee/app/services/ee/projects/gitlab_projects_import_service.rb'
- 'ee/app/services/ee/search/snippet_service.rb'
- 'ee/app/services/ee/users/update_service.rb'
- 'ee/app/services/elastic/process_bookkeeping_service.rb'

3
app/assets/javascripts/sentry/init_sentry.js
View File

@ -1,6 +1,7 @@
/* eslint-disable no-restricted-imports */
import {
init,
browserSessionIntegration,
browserTracingIntegration,
// exports
@ -24,7 +25,6 @@ const initSentry = () => {
? [gon.gitlab_url]
: [gon.gitlab_url, 'webpack-internal://'],
environment: gon.sentry_environment,
autoSessionTracking: true,
ignoreErrors: [
// Network errors create noise in Sentry and can't be fixed, ignore them.
@ -37,6 +37,7 @@ const initSentry = () => {
tracePropagationTargets: [/^\//], // only trace internal requests
tracesSampleRate: gon.sentry_clientside_traces_sample_rate || 0,
integrations: [
browserSessionIntegration(),
browserTracingIntegration({
beforeStartSpan(context) {
return {

10
app/services/projects/destroy_service.rb
View File

@ -188,15 +188,7 @@ module Projects
#
# Exclude container repositories because its before_destroy would be
# called multiple times, and it doesn't destroy any database records.
Gitlab::Database::QueryAnalyzers::PreventCrossDatabaseModification.temporary_ignore_tables_in_transaction(
%w[
vulnerabilities
notes
], url: 'https://gitlab.com/gitlab-org/gitlab/-/issues/485803'
) do
project.destroy_dependent_associations_in_batches(exclude: [:container_repositories, :snippets])
end
project.destroy_dependent_associations_in_batches(exclude: [:container_repositories, :snippets])
project.destroy!
rescue ActiveRecord::RecordNotDestroyed => e
raise_error(

1
config/application.rb
View File

@ -370,7 +370,6 @@ module Gitlab
config.assets.precompile << "page_bundles/todos.css"
config.assets.precompile << "page_bundles/todos_vue.css"
config.assets.precompile << "page_bundles/tree.css"
config.assets.precompile << "page_bundles/trial_discover_page.css"
config.assets.precompile << "page_bundles/users.css"
config.assets.precompile << "page_bundles/web_ide_loader.css"
config.assets.precompile << "page_bundles/wiki.css"

20
doc/api/admin/token.md
View File

@ -32,7 +32,7 @@ The availability of this feature is controlled by a feature flag.
For more information, see the history.
This feature is available for testing, but not ready for production use.
Gets information for a given token. This endpoint supports the following tokens:
Gets information for a given token. This endpoint supports the following token types:
- [Personal access tokens](../../user/profile/personal_access_tokens.md)
- [Impersonation tokens](../../api/rest/authentication.md#impersonation-tokens)
@ -49,9 +49,9 @@ POST /api/v4/admin/token
Supported attributes:
| Attribute | Type | Required | Description |
|--------------|---------|----------|-----------------------------|
| `token` | string | Yes | Existing token to identify. |
| Attribute | Type | Required | Description |
|--------------|---------|----------|----------------------------|
| `token` | string | Yes | Existing token to identify |
If successful, returns [`200`](../rest/troubleshooting.md#status-codes) and information about the token.
@ -98,7 +98,7 @@ Example response:
}
```
## Revoke token
## Revoke a token
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/170421) in GitLab 17.7 [with a flag](../../administration/feature_flags.md) named `api_admin_token_revoke`. Disabled by default.
@ -107,9 +107,7 @@ The availability of this feature is controlled by a feature flag.
For more information, see the history.
This feature is available for testing, but not ready for production use.
Revokes a token.
Supported tokens:
Revokes a given token. This endpoint supports the following token types:
- [Personal access tokens](../../user/profile/personal_access_tokens.md)
- [Project access tokens](../../security/tokens/index.md#project-access-tokens)
@ -123,9 +121,9 @@ DELETE /api/v4/admin/token
Supported attributes:
| Attribute | Type | Required | Description |
|--------------|---------|----------|----------------------------------|
| `token` | string | Yes | Token that should be revoked. |
| Attribute | Type | Required | Description |
|--------------|---------|----------|--------------------------|
| `token` | string | Yes | Existing token to revoke |
If successful, returns [`204`](../rest/troubleshooting.md#status-codes) without content.

10
doc/api/graphql/reference/index.md
View File

@ -1727,6 +1727,7 @@ Input type: `AiActionInput`
| <a id="mutationaiactiongeneratecommitmessage"></a>`generateCommitMessage` | [`AiGenerateCommitMessageInput`](#aigeneratecommitmessageinput) | Input for generate_commit_message AI action. |
| <a id="mutationaiactiongeneratecubequery"></a>`generateCubeQuery` | [`AiGenerateCubeQueryInput`](#aigeneratecubequeryinput) | Input for generate_cube_query AI action. |
| <a id="mutationaiactiongeneratedescription"></a>`generateDescription` | [`AiGenerateDescriptionInput`](#aigeneratedescriptioninput) | Input for generate_description AI action. |
| <a id="mutationaiactionmeasurecommenttemperature"></a>`measureCommentTemperature` | [`AiMeasureCommentTemperatureInput`](#aimeasurecommenttemperatureinput) | Input for measure_comment_temperature AI action. |
| <a id="mutationaiactionplatformorigin"></a>`platformOrigin` | [`String`](#string) | Specifies the origin platform of the request. |
| <a id="mutationaiactionprojectid"></a>`projectId` | [`ProjectID`](#projectid) | Global ID of the project the user is acting on. |
| <a id="mutationaiactionresolvevulnerability"></a>`resolveVulnerability` | [`AiResolveVulnerabilityInput`](#airesolvevulnerabilityinput) | Input for resolve_vulnerability AI action. |
@ -43974,6 +43975,15 @@ see the associated mutation type above.
| <a id="aigeneratedescriptioninputdescriptiontemplatename"></a>`descriptionTemplateName` | [`String`](#string) | Name of the description template to use to generate message off of. |
| <a id="aigeneratedescriptioninputresourceid"></a>`resourceId` | [`AiModelID!`](#aimodelid) | Global ID of the resource to mutate. |
### `AiMeasureCommentTemperatureInput`
#### Arguments
| Name | Type | Description |
| ---- | ---- | ----------- |
| <a id="aimeasurecommenttemperatureinputcontent"></a>`content` | [`String!`](#string) | Content of the message. |
| <a id="aimeasurecommenttemperatureinputresourceid"></a>`resourceId` | [`AiModelID!`](#aimodelid) | Global ID of the resource to mutate. |
### `AiResolveVulnerabilityInput`
#### Arguments

197
doc/api/pages_domains.md
View File

@ -26,16 +26,39 @@ Get a list of all Pages domains.
GET /pages/domains
```
If successful, returns [`200`](rest/troubleshooting.md#status-codes) and the following
response attributes:
| Attribute | Type | Description |
| ------------------- | --------------- | ---------------------------------------- |
| `domain` | string | The custom domain name for the GitLab Pages site. |
| `url` | string | The full URL of the Pages site, including the protocol. |
| `project_id` | integer | The ID of the GitLab project associated with this Pages domain. |
| `verified` | boolean | Indicates whether the domain has been verified. |
| `verification_code` | string | A unique record used to verify domain ownership. |
| `enabled_until` | date | The date until which the domain is enabled. This updates periodically as the domain is reverified. |
| `auto_ssl_enabled` | boolean | Indicates if [automatic generation](../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md) of SSL certificates using Let's Encrypt is enabled for this domain. |
| `certificate_expiration` | object | Information about the SSL certificate expiration. |
| `certificate_expiration.expired` | boolean | Indicates whether the SSL certificate has expired. |
| `certificate_expiration.expiration` | date | The expiration date and time of the SSL certificate. |
Example request:
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/pages/domains"
```
Example response:
```json
[
{
"domain": "ssl.domain.example",
"url": "https://ssl.domain.example",
"project_id": 1337,
"verified": true,
"verification_code": "1234567890abcdef",
"enabled_until": "2020-04-12T14:32:00.000Z",
"auto_ssl_enabled": false,
"certificate": {
"expired": false,
@ -53,23 +76,53 @@ Get a list of project Pages domains. The user must have permissions to view Page
GET /projects/:id/pages/domains
```
Supported attributes:
| Attribute | Type | Required | Description |
| --------- | -------------- | -------- | ---------------------------------------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-paths) |
If successful, returns [`200`](rest/troubleshooting.md#status-codes) and the following
response attributes:
| Attribute | Type | Description |
| ------------------- | --------------- | ---------------------------------------- |
| `domain` | string | The custom domain name for the GitLab Pages site. |
| `url` | string | The full URL of the Pages site, including the protocol. |
| `verified` | boolean | Indicates whether the domain has been verified. |
| `verification_code` | string | A unique record used to verify domain ownership. |
| `enabled_until` | date | The date until which the domain is enabled. This updates periodically as the domain is reverified. |
| `auto_ssl_enabled` | boolean | Indicates if [automatic generation](../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md) of SSL certificates using Let's Encrypt is enabled for this domain. |
| `certificate` | object | Information about the SSL certificate. |
| `certificate.subject` | string | The subject of the SSL certificate, typically containing information about the domain. |
| `certificate.expired` | date | Indicates whether the SSL certificate has expired (true) or is still valid (false). |
| `certificate.certificate` | string | The full SSL certificate in PEM format. |
| `certificate.certificate_text` | date | A human-readable text representation of the SSL certificate, including details such as issuer, validity period, subject, and other certificate information. |
Example request:
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/pages/domains"
```
Example response:
```json
[
{
"domain": "www.domain.example",
"url": "http://www.domain.example"
"url": "http://www.domain.example",
"verified": true,
"verification_code": "1234567890abcdef",
"enabled_until": "2020-04-12T14:32:00.000Z",
"auto_ssl_enabled": false,
},
{
"domain": "ssl.domain.example",
"url": "https://ssl.domain.example",
"verified": true,
"verification_code": "1234567890abcdef",
"enabled_until": "2020-04-12T14:32:00.000Z",
"auto_ssl_enabled": false,
"certificate": {
"subject": "/O=Example, Inc./OU=Example Origin CA/CN=Example Origin Certificate",
@ -89,30 +142,45 @@ Get a single project Pages domain. The user must have permissions to view Pages
GET /projects/:id/pages/domains/:domain
```
Supported attributes:
| Attribute | Type | Required | Description |
| --------- | -------------- | -------- | ---------------------------------------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-paths) |
| `domain` | string | yes | The custom domain indicated by the user |
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/pages/domains/www.domain.example"
```
If successful, returns [`200`](rest/troubleshooting.md#status-codes) and the following
response attributes:
```json
{
"domain": "www.domain.example",
"url": "http://www.domain.example"
}
```
| Attribute | Type | Description |
| ------------------- | --------------- | ---------------------------------------- |
| `domain` | string | The custom domain name for the GitLab Pages site. |
| `url` | string | The full URL of the Pages site, including the protocol. |
| `verified` | boolean | Indicates whether the domain has been verified. |
| `verification_code` | string | A unique record used to verify domain ownership. |
| `enabled_until` | date | The date until which the domain is enabled. This updates periodically as the domain is reverified. |
| `auto_ssl_enabled` | boolean | Indicates if [automatic generation](../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md) of SSL certificates using Let's Encrypt is enabled for this domain. |
| `certificate` | object | Information about the SSL certificate. |
| `certificate.subject` | string | The subject of the SSL certificate, typically containing information about the domain. |
| `certificate.expired` | date | Indicates whether the SSL certificate has expired (true) or is still valid (false). |
| `certificate.certificate` | string | The full SSL certificate in PEM format. |
| `certificate.certificate_text` | date | A human-readable text representation of the SSL certificate, including details such as issuer, validity period, subject, and other certificate information. |
Example request:
```shell
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example"
```
Example response:
```json
{
"domain": "ssl.domain.example",
"url": "https://ssl.domain.example",
"verified": true,
"verification_code": "1234567890abcdef",
"enabled_until": "2020-04-12T14:32:00.000Z",
"auto_ssl_enabled": false,
"certificate": {
"subject": "/O=Example, Inc./OU=Example Origin CA/CN=Example Origin Certificate",
@ -131,6 +199,8 @@ Creates a new Pages domain. The user must have permissions to create new Pages d
POST /projects/:id/pages/domains
```
Supported attributes:
| Attribute | Type | Required | Description |
| -------------------| -------------- | -------- | ---------------------------------------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-paths) |
@ -139,6 +209,25 @@ POST /projects/:id/pages/domains
| `certificate` | file/string | no | The certificate in PEM format with intermediates following in most specific to least specific order.|
| `key` | file/string | no | The certificate key in PEM format. |
If successful, returns [`201`](rest/troubleshooting.md#status-codes) and the following
response attributes:
| Attribute | Type | Description |
| ------------------- | --------------- | ---------------------------------------- |
| `domain` | string | The custom domain name for the GitLab Pages site. |
| `url` | string | The full URL of the Pages site, including the protocol. |
| `verified` | boolean | Indicates whether the domain has been verified. |
| `verification_code` | string | A unique record used to verify domain ownership. |
| `enabled_until` | date | The date until which the domain is enabled. This updates periodically as the domain is reverified. |
| `auto_ssl_enabled` | boolean | Indicates if [automatic generation](../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md) of SSL certificates using Let's Encrypt is enabled for this domain. |
| `certificate` | object | Information about the SSL certificate. |
| `certificate.subject` | string | The subject of the SSL certificate, typically containing information about the domain. |
| `certificate.expired` | date | Indicates whether the SSL certificate has expired (true) or is still valid (false). |
| `certificate.certificate` | string | The full SSL certificate in PEM format. |
| `certificate.certificate_text` | date | A human-readable text representation of the SSL certificate, including details such as issuer, validity period, subject, and other certificate information. |
Example requests:
Create a new Pages domain with a certificate from a `.pem` file:
```shell
@ -162,6 +251,8 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" --form "domain
--form "auto_ssl_enabled=true" "https://gitlab.example.com/api/v4/projects/5/pages/domains"
```
Example response:
```json
{
"domain": "ssl.domain.example",
@ -184,6 +275,8 @@ Updates an existing project Pages domain. The user must have permissions to chan
PUT /projects/:id/pages/domains/:domain
```
Supported attributes:
| Attribute | Type | Required | Description |
| ------------------ | -------------- | -------- | ---------------------------------------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-paths) |
@ -192,6 +285,23 @@ PUT /projects/:id/pages/domains/:domain
| `certificate` | file/string | no | The certificate in PEM format with intermediates following in most specific to least specific order.|
| `key` | file/string | no | The certificate key in PEM format. |
If successful, returns [`200`](rest/troubleshooting.md#status-codes) and the following
response attributes:
| Attribute | Type | Description |
| ------------------- | --------------- | ---------------------------------------- |
| `domain` | string | The custom domain name for the GitLab Pages site. |
| `url` | string | The full URL of the Pages site, including the protocol. |
| `verified` | boolean | Indicates whether the domain has been verified. |
| `verification_code` | string | A unique record used to verify domain ownership. |
| `enabled_until` | date | The date until which the domain is enabled. This updates periodically as the domain is reverified. |
| `auto_ssl_enabled` | boolean | Indicates if [automatic generation](../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md) of SSL certificates using Let's Encrypt is enabled for this domain. |
| `certificate` | object | Information about the SSL certificate. |
| `certificate.subject` | string | The subject of the SSL certificate, typically containing information about the domain. |
| `certificate.expired` | date | Indicates whether the SSL certificate has expired (true) or is still valid (false). |
| `certificate.certificate` | string | The full SSL certificate in PEM format. |
| `certificate.certificate_text` | date | A human-readable text representation of the SSL certificate, including details such as issuer, validity period, subject, and other certificate information. |
### Adding certificate
Add a certificate for a Pages domain from a `.pem` file:
@ -208,6 +318,8 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" --form "certifi
--form "key=$KEY_PEM" "https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example"
```
Example response:
```json
{
"domain": "ssl.domain.example",
@ -229,6 +341,8 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" \
--form "auto_ssl_enabled=true" "https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example"
```
Example response:
```json
{
"domain": "ssl.domain.example",
@ -246,6 +360,8 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" --form "certifi
--form "key=" "https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example"
```
Example response:
```json
{
"domain": "ssl.domain.example",
@ -254,6 +370,61 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" --form "certifi
}
```
## Verify Pages domain
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/21261) in GitLab 17.7.
Verifies an existing project Pages domain.
The user must have permissions to update Pages domains.
```plaintext
PUT /projects/:id/pages/domains/:domain/verify
```
Supported attributes:
| Attribute | Type | Required | Description |
| ------------------ | -------------- | -------- | ---------------------------------------- |
| `id` | integer/string | yes | The ID or URL-encoded path of the project |
| `domain` | string | yes | The custom domain to verify |
If successful, returns [`200`](rest/troubleshooting.md#status-codes) and the following
response attributes:
| Attribute | Type | Description |
| ------------------- | --------------- | ---------------------------------------- |
| `domain` | string | The custom domain name for the GitLab Pages site. |
| `url` | string | The full URL of the Pages site, including the protocol. |
| `verified` | boolean | Indicates whether the domain has been verified. |
| `verification_code` | string | A unique record used to verify domain ownership. |
| `enabled_until` | date | The date until which the domain is enabled. This updates periodically as the domain is reverified. |
| `auto_ssl_enabled` | boolean | Indicates if [automatic generation](../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md) of SSL certificates using Let's Encrypt is enabled for this domain. |
| `certificate` | object | Information about the SSL certificate. |
| `certificate.subject` | string | The subject of the SSL certificate, typically containing information about the domain. |
| `certificate.expired` | date | Indicates whether the SSL certificate has expired (true) or is still valid (false). |
| `certificate.certificate` | string | The full SSL certificate in PEM format. |
| `certificate.certificate_text` | date | A human-readable text representation of the SSL certificate, including details such as issuer, validity period, subject, and other certificate information. |
Example request:
```shell
curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" \
"https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example/verify"
```
Example response:
```json
{
"domain": "ssl.domain.example",
"url": "https://ssl.domain.example",
"auto_ssl_enabled": false,
"verified": true,
"verification_code": "1234567890abcdef",
"enabled_until": "2020-04-12T14:32:00.000Z"
}
```
## Delete Pages domain
Deletes an existing project Pages domain.
@ -262,11 +433,17 @@ Deletes an existing project Pages domain.
DELETE /projects/:id/pages/domains/:domain
```
Supported attributes:
| Attribute | Type | Required | Description |
| --------- | -------------- | -------- | ---------------------------------------- |
| `id` | integer/string | yes | The ID or [URL-encoded path of the project](rest/index.md#namespaced-paths) |
| `domain` | string | yes | The custom domain indicated by the user |
If successful, a `204 No Content` HTTP response with an empty body is expected.
Example request:
```shell
curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/pages/domains/ssl.domain.example"
```

3
doc/integration/bitbucket.md
View File

@ -126,6 +126,9 @@ sign-in form. Select the icon to begin the authentication process. Bitbucket ask
the user to sign in and authorize the GitLab application. If successful, the user
is returned to GitLab and signed in.
NOTE:
For multi-node architectures, the Bitbucket provider configuration must also be included on the Sidekiq nodes to be able to import projects.
## Bitbucket project import
After the above configuration is set up, you can use Bitbucket to sign in to

19
lib/api/pages_domains.rb
View File

@ -147,6 +147,25 @@ module API
end
end
desc 'Verify a pages domain' do
success Entities::PagesDomain
end
params do
requires :domain, type: String, desc: 'The domain to verify'
end
put ":id/pages/domains/:domain/verify", requirements: PAGES_DOMAINS_ENDPOINT_REQUIREMENTS do
authorize! :update_pages, user_project
pages_domain = find_pages_domain!
result = ::VerifyPagesDomainService.new(pages_domain).execute
if result[:status] == :success
present pages_domain, with: Entities::PagesDomain
else
render_api_error!(result[:message], result[:http_status])
end
end
desc 'Delete a pages domain'
params do
requires :domain, type: String, desc: 'The domain'

22
lib/gitlab/ci/reports/security/identifier.rb
View File

@ -57,6 +57,28 @@ module Gitlab
external_type.to_s.casecmp?('wasc')
end
def vendor
# https://gitlab.com/gitlab-org/security-products/analyzers/report/-/blob/902c7dcb5f3a0e551223167931ebf39588a0193a/identifier.go#L46
case external_type.downcase
when 'cve'
'NVD'
when 'elsa'
'Oracle'
when 'ghsa'
'GitHub'
when 'hackerone'
'HackerOne'
when 'osvdb'
'OSVDB'
when 'rhsa'
'RedHat'
when 'usn'
'Ubuntu'
else
'Unknown'
end
end
private
def generate_fingerprint

4
package.json
View File

@ -80,7 +80,7 @@
"@mattiasbuelens/web-streams-adapter": "^0.1.0",
"@rails/actioncable": "7.0.8-4",
"@rails/ujs": "7.0.8-4",
"@sentry/browser": "8.42.0",
"@sentry/browser": "8.45.0",
"@snowplow/browser-plugin-client-hints": "^3.24.2",
"@snowplow/browser-plugin-form-tracking": "^3.24.2",
"@snowplow/browser-plugin-ga-cookies": "^3.24.2",
@ -152,7 +152,7 @@
"deckar01-task_list": "^2.3.1",
"dexie": "^3.2.3",
"diff": "^3.4.0",
"dompurify": "^3.2.1",
"dompurify": "^3.2.2",
"dropzone": "^4.2.0",
"editorconfig": "^0.15.3",
"emoji-regex": "^10.3.0",

6
spec/features/search/user_uses_header_search_field_spec.rb
View File

@ -56,14 +56,14 @@ RSpec.describe 'User uses header search field', :js, :disable_rate_limiter, feat
end
end
context 'when clicking issues', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/332317' do
context 'when clicking issues' do
let!(:issue) { create(:issue, project: project, author: user, assignees: [user]) }
it 'shows assigned issues' do
find(search_modal_results).click_link('Issues assigned to me')
expect(page).to have_selector('.issues-list .issue')
expect_tokens([assignee_token(user.name)])
expect_assignee_token(user.name)
expect_filtered_search_input_empty
end
@ -71,7 +71,7 @@ RSpec.describe 'User uses header search field', :js, :disable_rate_limiter, feat
find(search_modal_results).click_link("Issues I've created")
expect(page).to have_selector('.issues-list .issue')
expect_tokens([author_token(user.name)])
expect_author_token(user.name)
expect_filtered_search_input_empty
end
end

11
spec/frontend/sentry/init_sentry_spec.js
View File

@ -19,7 +19,8 @@ jest.mock('@sentry/browser', () => {
...jest.createMockFromModule('@sentry/browser'),
// unmock actual configuration options
browserTracingIntegration: jest.requireActual('@sentry/browser').browserTracingIntegration,
browserSessionIntegration: jest.fn().mockReturnValue('mockBrowserSessionIntegration'),
browserTracingIntegration: jest.fn().mockReturnValue('mockBrowserTracingIntegration'),
};
});
@ -66,17 +67,21 @@ describe('SentryConfig', () => {
release: mockRevision,
allowUrls: [mockGitlabUrl, 'webpack-internal://'],
environment: mockEnvironment,
autoSessionTracking: true,
ignoreErrors: [/Network Error/i, /NetworkError/i],
enableTracing: true,
tracePropagationTargets: [/^\//],
tracesSampleRate: mockSentryClientsideTracesSampleRate,
integrations: [{ afterAllSetup: expect.any(Function), name: 'BrowserTracing' }],
integrations: ['mockBrowserSessionIntegration', 'mockBrowserTracingIntegration'],
initialScope: expect.any(Function),
}),
);
});
it('sets up integrations', () => {
expect(Sentry.browserSessionIntegration).toHaveBeenCalled();
expect(Sentry.browserTracingIntegration).toHaveBeenCalled();
});
it('Uses data-page to set browserTracingIntegration transaction name', () => {
const mockBrowserTracingIntegration = jest.spyOn(Sentry, 'browserTracingIntegration');

21
spec/lib/gitlab/ci/reports/security/identifier_spec.rb
View File

@ -122,4 +122,25 @@ RSpec.describe Gitlab::Ci::Reports::Security::Identifier do
end
end
end
describe '#vendor' do
where(:external_type, :expected) do
'cve' | 'NVD'
'elsa' | 'Oracle'
'ghsa' | 'GitHub'
'hackerone' | 'HackerOne'
'osvdb' | 'OSVDB'
'rhsa' | 'RedHat'
'usn' | 'Ubuntu'
'???' | 'Unknown'
end
let(:identifier) { create(:ci_reports_security_identifier, external_type: external_type) }
subject { identifier.vendor }
with_them do
it { is_expected.to eq(expected) }
end
end
end

2
spec/lib/gitlab/database/load_balancing/host_spec.rb
View File

@ -151,7 +151,7 @@ RSpec.describe Gitlab::Database::LoadBalancing::Host, feature_category: :databas
.and_return(true)
end
it 'refreshes the status' do
it 'refreshes the status', quarantine: 'https://gitlab.com/gitlab-org/gitlab/-/issues/486721' do
expect(host).to be_online
end

72
spec/requests/api/pages_domains_spec.rb
View File

@ -552,6 +552,78 @@ RSpec.describe API::PagesDomains, feature_category: :pages do
end
end
describe 'PUT /projects/:project_id/pages/domains/:domain/verify' do
let(:verify_domain_path) { "/projects/#{project.id}/pages/domains/#{pages_domain.domain}/verify" }
context 'when user is not authorized' do
it 'returns 401' do
put api(verify_domain_path)
expect(response).to have_gitlab_http_status(:unauthorized)
end
end
context 'when user is authorized' do
before do
project.add_maintainer(user)
end
context 'when user does not have sufficient permissions' do
before do
project.add_reporter(user)
end
it 'returns 403' do
put api(verify_domain_path, user)
expect(response).to have_gitlab_http_status(:forbidden)
end
end
context 'when domain does not exist' do
it 'returns 404' do
put api("/projects/#{project.id}/pages/domains/non-existent-domain.com/verify", user)
expect(response).to have_gitlab_http_status(:not_found)
end
end
context 'when verification succeeds' do
before do
allow_next_instance_of(VerifyPagesDomainService) do |service|
allow(service).to receive(:execute).and_return({ status: :success })
end
end
it 'returns the verified domain' do
put api(verify_domain_path, user)
expect(response).to have_gitlab_http_status(:success)
expect(json_response['domain']).to eq(pages_domain.domain)
end
end
context 'when verification fails' do
before do
allow_next_instance_of(VerifyPagesDomainService) do |service|
allow(service).to receive(:execute).and_return({
status: :error,
message: 'Verification failed',
http_status: :unprocessable_entity
})
end
end
it 'returns error message' do
put api(verify_domain_path, user)
expect(response).to have_gitlab_http_status(:unprocessable_entity)
expect(json_response['message']).to eq('Verification failed')
end
end
end
end
describe 'DELETE /projects/:project_id/pages/domains/:domain' do
shared_examples_for 'delete pages domain' do
it 'deletes a pages domain' do

85
yarn.lock
View File

@ -1397,7 +1397,7 @@
resolved "https://registry.yarnpkg.com/@gitlab/fonts/-/fonts-1.3.0.tgz#df89c1bb6714e4a8a5d3272568aa4de7fb337267"
integrity sha512-DoMUIN3DqjEn7wvcxBg/b7Ite5fTdF5EmuOZoBRo2j0UBGweDXmNBi+9HrTZs4cBU660dOxcf1hATFcG3npbPg==
"@gitlab/noop@^1.0.0", jackspeak@^2.3.5, "jackspeak@npm:@gitlab/noop@1.0.0":
"@gitlab/noop@^1.0.0":
version "1.0.0"
resolved "https://registry.yarnpkg.com/@gitlab/noop/-/noop-1.0.0.tgz#b1ecb8ae6b2abf9b2e28927e4fbb05b7a1b2704b"
integrity sha512-nOltttik5o2BjBo8LnyeTFzHoLpMY/XcCVOC+lm9ZwU+ivEam8wafacMF0KTbRn1KVrIoHYdo70QnqS+vJiOVw==
@ -2490,51 +2490,51 @@
resolved "https://registry.yarnpkg.com/@rtsao/scc/-/scc-1.1.0.tgz#927dd2fae9bc3361403ac2c7a00c32ddce9ad7e8"
integrity sha512-zt6OdqaDoOnJ1ZYsCYGt9YmWzDXl4vQdKTyJev62gFhRGKdx7mcT54V9KIjg+d2wi9EXsPvAPKe7i7WjfVWB8g==
"@sentry-internal/browser-utils@8.42.0":
version "8.42.0"
resolved "https://registry.yarnpkg.com/@sentry-internal/browser-utils/-/browser-utils-8.42.0.tgz#18155ea3d01ddb0234a6e9f59a2c6c329ff09dde"
integrity sha512-xzgRI0wglKYsPrna574w1t38aftuvo44gjOKFvPNGPnYfiW9y4m+64kUz3JFbtanvOrKPcaITpdYiB4DeJXEbA==
"@sentry-internal/browser-utils@8.45.0":
version "8.45.0"
resolved "https://registry.yarnpkg.com/@sentry-internal/browser-utils/-/browser-utils-8.45.0.tgz#8e9217b8e8a4242c9a8244dce648289eaa1e38a0"
integrity sha512-MX/E/C+W5I9jkGD1PsbZ2hpCc7YuizNKmEbuGPxQPfUSIPrdE2wpo6ZfIhEbxq9m/trl1oRCN4PXi3BB7dlYYg==
dependencies:
"@sentry/core" "8.42.0"
"@sentry/core" "8.45.0"
"@sentry-internal/feedback@8.42.0":
version "8.42.0"
resolved "https://registry.yarnpkg.com/@sentry-internal/feedback/-/feedback-8.42.0.tgz#20275774ab81b9cf776a2ab2f8b17269b8f5f62f"
integrity sha512-dkIw5Wdukwzngg5gNJ0QcK48LyJaMAnBspqTqZ3ItR01STi6Z+6+/Bt5XgmrvDgRD+FNBinflc5zMmfdFXXhvw==
"@sentry-internal/feedback@8.45.0":
version "8.45.0"
resolved "https://registry.yarnpkg.com/@sentry-internal/feedback/-/feedback-8.45.0.tgz#cfd7f54d5089682a2768c1229a5efcda4d9561fe"
integrity sha512-WerpfkKrKPAlnQuqjEgKXZtrx68cla7GyOkNOeL40JQbY4/By4Qjx1atUOmgk/FdjrCLPw+jQQY9pXRpMRqqRw==
dependencies:
"@sentry/core" "8.42.0"
"@sentry/core" "8.45.0"
"@sentry-internal/replay-canvas@8.42.0":
version "8.42.0"
resolved "https://registry.yarnpkg.com/@sentry-internal/replay-canvas/-/replay-canvas-8.42.0.tgz#4b8cf2e6e390a697038123f80208368bf507fb5d"
integrity sha512-XrPErqVhPsPh/oFLVKvz7Wb+Fi2J1zCPLeZCxWqFuPWI2agRyLVu0KvqJyzSpSrRAEJC/XFzuSVILlYlXXSfgA==
"@sentry-internal/replay-canvas@8.45.0":
version "8.45.0"
resolved "https://registry.yarnpkg.com/@sentry-internal/replay-canvas/-/replay-canvas-8.45.0.tgz#46f39402ff0cfee4ae05191af20b4e4fac6f474c"
integrity sha512-LZ8kBuzO5gutDiWnCyYEzBMDLq9PIllcsWsXRpKoau0Zqs3DbyRolI11dNnxmUSh7UW21FksxBpqn5yPmUMbag==
dependencies:
"@sentry-internal/replay" "8.42.0"
"@sentry/core" "8.42.0"
"@sentry-internal/replay" "8.45.0"
"@sentry/core" "8.45.0"
"@sentry-internal/replay@8.42.0":
version "8.42.0"
resolved "https://registry.yarnpkg.com/@sentry-internal/replay/-/replay-8.42.0.tgz#9024eb254e60295d303899c904db8ba933e17d05"
integrity sha512-oNcJEBlDfXnRFYC5Mxj5fairyZHNqlnU4g8kPuztB9G5zlsyLgWfPxzcn1ixVQunth2/WZRklDi4o1ZfyHww7w==
"@sentry-internal/replay@8.45.0":
version "8.45.0"
resolved "https://registry.yarnpkg.com/@sentry-internal/replay/-/replay-8.45.0.tgz#e94d250de235491888694f7cf0f637114adb4b9a"
integrity sha512-SOFwFpzx0B6lxhLl2hBnxvybo7gdB5TMY8dOHMwXgk5A2+BXvSpvWXnr33yqUlBmC8R3LeFTB3C0plzM5lhkJg==
dependencies:
"@sentry-internal/browser-utils" "8.42.0"
"@sentry/core" "8.42.0"
"@sentry-internal/browser-utils" "8.45.0"
"@sentry/core" "8.45.0"
"@sentry/browser@8.42.0":
version "8.42.0"
resolved "https://registry.yarnpkg.com/@sentry/browser/-/browser-8.42.0.tgz#2408a627f263adf2466b5a304957aa6c00d8351f"
integrity sha512-lStrEk609KJHwXfDrOgoYVVoFFExixHywxSExk7ZDtwj2YPv6r6Y1gogvgr7dAZj7jWzadHkxZ33l9EOSJBfug==
"@sentry/browser@8.45.0":
version "8.45.0"
resolved "https://registry.yarnpkg.com/@sentry/browser/-/browser-8.45.0.tgz#2e8f7b8b1a7860863aae4d716b9748a21789f0e0"
integrity sha512-Y+BcfpXY1eEkOYOzgLGkx1YH940uMAymYOxfSZSvC+Vx6xHuaGT05mIFef/aeZbyu2AUs6JjdvD1BRBZlHg78w==
dependencies:
"@sentry-internal/browser-utils" "8.42.0"
"@sentry-internal/feedback" "8.42.0"
"@sentry-internal/replay" "8.42.0"
"@sentry-internal/replay-canvas" "8.42.0"
"@sentry/core" "8.42.0"
"@sentry-internal/browser-utils" "8.45.0"
"@sentry-internal/feedback" "8.45.0"
"@sentry-internal/replay" "8.45.0"
"@sentry-internal/replay-canvas" "8.45.0"
"@sentry/core" "8.45.0"
"@sentry/core@8.42.0":
version "8.42.0"
resolved "https://registry.yarnpkg.com/@sentry/core/-/core-8.42.0.tgz#9fc0db6794186dc2d1167cf82e579e387198ba77"
integrity sha512-ac6O3pgoIbU6rpwz6LlwW0wp3/GAHuSI0C5IsTgIY6baN8rOBnlAtG6KrHDDkGmUQ2srxkDJu9n1O6Td3cBCqw==
"@sentry/core@8.45.0":
version "8.45.0"
resolved "https://registry.yarnpkg.com/@sentry/core/-/core-8.45.0.tgz#a03a1b666989898ce7fb33f9ec279ea08450b317"
integrity sha512-4YTuBipWSh4JrtSYS5GxUQBAcAgOIkEoFfFbwVcr3ivijOacJLRXTBn3rpcy1CKjBq0PHDGR+2RGRYC+bNAMxg==
"@sinclair/typebox@^0.27.8":
version "0.27.8"
@ -6712,10 +6712,10 @@ domexception@^4.0.0:
dependencies:
webidl-conversions "^7.0.0"
dompurify@^3.0.5, dompurify@^3.2.1:
version "3.2.1"
resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.2.1.tgz#d480972aeb1a59eb8ac47cba95558fbd72a0127b"
integrity sha512-NBHEsc0/kzRYQd+AY6HR6B/IgsqzBABrqJbpCDQII/OK6h7B7LXzweZTDsqSW2LkTRpoxf18YUP+YjGySk6B3w==
dompurify@^3.0.5, dompurify@^3.2.2:
version "3.2.2"
resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.2.2.tgz#6c0518745e81686c74a684f5af1e5613e7cc0246"
integrity sha512-YMM+erhdZ2nkZ4fTNRTSI94mb7VG7uVF5vj5Zde7tImgnhZE3R6YW/IACGIHb2ux+QkEXMhe591N+5jWOmL4Zw==
optionalDependencies:
"@types/trusted-types" "^2.0.7"
@ -9261,6 +9261,11 @@ iterall@^1.2.1:
resolved "https://registry.yarnpkg.com/iterall/-/iterall-1.3.0.tgz#afcb08492e2915cbd8a0884eb93a8c94d0d72fea"
integrity sha512-QZ9qOMdF+QLHxy1QIpUHUU1D5pS2CG2P69LF6L6CPjPYA/XMOmKV3PZpawHoAjHNyB0swdVTRxdYT4tbBbxqwg==
jackspeak@^2.3.5, "jackspeak@npm:@gitlab/noop@1.0.0":
version "1.0.0"
resolved "https://registry.yarnpkg.com/@gitlab/noop/-/noop-1.0.0.tgz#b1ecb8ae6b2abf9b2e28927e4fbb05b7a1b2704b"
integrity sha512-nOltttik5o2BjBo8LnyeTFzHoLpMY/XcCVOC+lm9ZwU+ivEam8wafacMF0KTbRn1KVrIoHYdo70QnqS+vJiOVw==
jed@^1.1.1:
version "1.1.1"
resolved "https://registry.yarnpkg.com/jed/-/jed-1.1.1.tgz#7a549bbd9ffe1585b0cd0a191e203055bee574b4"