From 1df76ff02fb84163793b53e55fc1bdcd42b57a5f Mon Sep 17 00:00:00 2001 From: GitLab Bot Date: Wed, 28 Aug 2024 09:11:43 +0000 Subject: [PATCH] Add latest changes from gitlab-org/gitlab@master --- Gemfile | 2 +- Gemfile.checksum | 2 +- Gemfile.lock | 4 +- Gemfile.next.checksum | 2 +- Gemfile.next.lock | 4 +- .../ide/components/branches/item.vue | 23 ++-- app/assets/javascripts/members/constants.js | 7 +- .../concerns/membership_actions.rb | 2 - .../groups/group_members_controller.rb | 1 - .../projects/project_members_controller.rb | 4 - app/finders/group_members_finder.rb | 2 +- app/finders/members_finder.rb | 2 +- .../agent_url_configurations/create.rb | 79 ++++++++++++ .../agent_url_configurations/delete.rb | 31 +++++ app/graphql/types/ci/runner_status_enum.rb | 18 --- app/graphql/types/clusters/agent_type.rb | 14 +++ .../clusters/agent_url_configuration_type.rb | 53 +++++++++ app/graphql/types/mutation_type.rb | 2 + app/models/ci/runner.rb | 5 +- app/models/ci/runner_manager.rb | 1 + app/models/concerns/ci/has_runner_status.rb | 2 +- ...ed_private_group_accessibility_assigner.rb | 2 - .../agents/url_configuration_policy.rb | 11 ++ app/views/shared/users/_user.html.haml | 17 ++- app/views/shared/users/index.html.haml | 2 +- .../webui_members_inherited_users.yml | 8 -- doc/api/graphql/reference/index.md | 90 +++++++++++++- doc/api/members.md | 10 +- doc/operations/logs.md | 15 +-- doc/operations/metrics.md | 15 +-- doc/operations/tracing.md | 46 +++---- .../observability_django_tutorial.md | 18 ++- .../observability_dotnet_tutorial.md | 26 ++-- .../observability_java_tutorial.md | 26 ++-- .../observability_nodejs_tutorial.md | 21 ++-- .../observability_rails_tutorial.md | 19 +-- doc/update/versions/gitlab_16_changes.md | 17 +-- .../get_started/get_started_monitoring.md | 12 +- doc/user/gitlab_duo/experiments.md | 3 +- doc/user/gitlab_duo/index.md | 2 +- doc/user/group/subgroups/index.md | 5 +- .../build_and_push_images.md | 8 +- .../delete_container_registry_images.md | 8 +- doc/user/project/members/index.md | 5 +- .../members/sharing_projects_groups.md | 7 +- lib/api/ci/runners.rb | 6 +- locale/gitlab.pot | 3 - .../groups/group_members_controller_spec.rb | 19 --- .../projects/jobs_controller_spec.rb | 2 +- .../project_members_controller_spec.rb | 12 -- spec/factories/ci/runners.rb | 2 +- spec/features/admin/admin_runners_spec.rb | 4 +- .../groups/members/filter_members_spec.rb | 17 --- spec/features/projects/jobs_spec.rb | 8 +- spec/features/users/overview_spec.rb | 12 +- spec/finders/ci/runners_finder_spec.rb | 36 +++--- spec/finders/group_members_finder_spec.rb | 13 -- spec/finders/members_finder_spec.rb | 10 -- .../mutations/ci/runner/update_spec.rb | 2 +- .../agent_url_configurations/create_spec.rb | 112 ++++++++++++++++++ .../agent_url_configurations/delete_spec.rb | 64 ++++++++++ .../ci/group_runners_resolver_spec.rb | 4 +- .../ci/project_runners_resolver_spec.rb | 4 +- .../resolvers/ci/runners_resolver_spec.rb | 4 +- .../clusters/agents_resolver_spec.rb | 4 +- .../graphql/types/clusters/agent_type_spec.rb | 4 +- .../agent_url_configuration_type_spec.rb | 30 +++++ spec/models/ci/build_spec.rb | 4 +- spec/models/ci/runner_spec.rb | 26 ++-- ...ivate_group_accessibility_assigner_spec.rb | 25 +--- .../agents/url_configuration_policy_spec.rb | 43 +++++++ .../api/ci/runner/jobs_request_post_spec.rb | 2 +- spec/requests/api/ci/runners_spec.rb | 36 +++--- spec/requests/api/graphql/ci/runners_spec.rb | 18 +-- .../groups/group_members_controller_spec.rb | 1 - .../runners_resolver_shared_context.rb | 4 +- ...unner_with_status_scope_shared_examples.rb | 2 +- .../runners/_runner_details.html.haml_spec.rb | 4 +- workhorse/go.mod | 2 +- workhorse/go.sum | 4 +- 80 files changed, 765 insertions(+), 431 deletions(-) create mode 100644 app/graphql/mutations/clusters/agent_url_configurations/create.rb create mode 100644 app/graphql/mutations/clusters/agent_url_configurations/delete.rb create mode 100644 app/graphql/types/clusters/agent_url_configuration_type.rb create mode 100644 app/policies/clusters/agents/url_configuration_policy.rb delete mode 100644 config/feature_flags/development/webui_members_inherited_users.yml create mode 100644 spec/graphql/mutations/clusters/agent_url_configurations/create_spec.rb create mode 100644 spec/graphql/mutations/clusters/agent_url_configurations/delete_spec.rb create mode 100644 spec/graphql/types/clusters/agent_url_configuration_type_spec.rb create mode 100644 spec/policies/clusters/agents/url_configuration_policy_spec.rb diff --git a/Gemfile b/Gemfile index a18aba328ca..6e0a6342707 100644 --- a/Gemfile +++ b/Gemfile @@ -138,7 +138,7 @@ gem 'browser', '~> 5.3.1' # rubocop:todo Gemfile/MissingFeatureCategory gem 'ohai', '~> 18.1' # rubocop:todo Gemfile/MissingFeatureCategory # GPG -gem 'gpgme', '~> 2.0.23' # rubocop:todo Gemfile/MissingFeatureCategory +gem 'gpgme', '~> 2.0.24', feature_category: :source_code_management # LDAP Auth # GitLab fork with several improvements to original library. For full list of changes diff --git a/Gemfile.checksum b/Gemfile.checksum index 70e2a167a93..e1c63294518 100644 --- a/Gemfile.checksum +++ b/Gemfile.checksum @@ -271,7 +271,7 @@ {"name":"googleapis-common-protos","version":"1.4.0","platform":"ruby","checksum":"da2380fb5ab1563580816c74e8d684ac17512c3654c829a3ee84f6d6139de382"}, {"name":"googleapis-common-protos-types","version":"1.5.0","platform":"ruby","checksum":"5769cf7376abc86ef7f5897a4aaca1d5c5a3c49ddabeddd2c251fcf8155f858b"}, {"name":"googleauth","version":"1.8.1","platform":"ruby","checksum":"814adadaaa1221dce72a67131e3ecbd6d23491a161ec84fb15fd353b87d8c9e7"}, -{"name":"gpgme","version":"2.0.23","platform":"ruby","checksum":"c87bbafdb8719da7c58ebcac08297aa1fb227022ac6cd2972829ba68adc91c04"}, +{"name":"gpgme","version":"2.0.24","platform":"ruby","checksum":"53eccd7042abb4fd5c78f30bc9ed075b1325e6450eab207f2f6a1e7e28ae3b64"}, {"name":"grape","version":"2.0.0","platform":"ruby","checksum":"3aeff94c17e84ccead4ff98833df691e7da0c108878cc128ca31f80c1047494a"}, {"name":"grape-entity","version":"1.0.1","platform":"ruby","checksum":"e00f9e94e407aff77aa2945d741f544d07e48501927942988799913151d02634"}, {"name":"grape-path-helpers","version":"2.0.1","platform":"ruby","checksum":"ad5216e52c6e796738a9118087352ab4c962900dbad1d8f8c0f96e093c6702d7"}, diff --git a/Gemfile.lock b/Gemfile.lock index 4c9c966aeb6..cbf0afff5f9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -873,7 +873,7 @@ GEM multi_json (~> 1.11) os (>= 0.9, < 2.0) signet (>= 0.16, < 2.a) - gpgme (2.0.23) + gpgme (2.0.24) mini_portile2 (~> 2.7) grape (2.0.0) activesupport (>= 5) @@ -2092,7 +2092,7 @@ DEPENDENCIES google-cloud-storage (~> 1.45.0) google-protobuf (~> 3.25, >= 3.25.3) googleauth (~> 1.8.1) - gpgme (~> 2.0.23) + gpgme (~> 2.0.24) grape (~> 2.0.0) grape-entity (~> 1.0.1) grape-path-helpers (~> 2.0.1) diff --git a/Gemfile.next.checksum b/Gemfile.next.checksum index 802cc903dfa..fd338681fdc 100644 --- a/Gemfile.next.checksum +++ b/Gemfile.next.checksum @@ -272,7 +272,7 @@ {"name":"googleapis-common-protos","version":"1.4.0","platform":"ruby","checksum":"da2380fb5ab1563580816c74e8d684ac17512c3654c829a3ee84f6d6139de382"}, {"name":"googleapis-common-protos-types","version":"1.5.0","platform":"ruby","checksum":"5769cf7376abc86ef7f5897a4aaca1d5c5a3c49ddabeddd2c251fcf8155f858b"}, {"name":"googleauth","version":"1.8.1","platform":"ruby","checksum":"814adadaaa1221dce72a67131e3ecbd6d23491a161ec84fb15fd353b87d8c9e7"}, -{"name":"gpgme","version":"2.0.23","platform":"ruby","checksum":"c87bbafdb8719da7c58ebcac08297aa1fb227022ac6cd2972829ba68adc91c04"}, +{"name":"gpgme","version":"2.0.24","platform":"ruby","checksum":"53eccd7042abb4fd5c78f30bc9ed075b1325e6450eab207f2f6a1e7e28ae3b64"}, {"name":"grape","version":"2.0.0","platform":"ruby","checksum":"3aeff94c17e84ccead4ff98833df691e7da0c108878cc128ca31f80c1047494a"}, {"name":"grape-entity","version":"1.0.1","platform":"ruby","checksum":"e00f9e94e407aff77aa2945d741f544d07e48501927942988799913151d02634"}, {"name":"grape-path-helpers","version":"2.0.1","platform":"ruby","checksum":"ad5216e52c6e796738a9118087352ab4c962900dbad1d8f8c0f96e093c6702d7"}, diff --git a/Gemfile.next.lock b/Gemfile.next.lock index 92e4e5be3ac..f766865f2bc 100644 --- a/Gemfile.next.lock +++ b/Gemfile.next.lock @@ -883,7 +883,7 @@ GEM multi_json (~> 1.11) os (>= 0.9, < 2.0) signet (>= 0.16, < 2.a) - gpgme (2.0.23) + gpgme (2.0.24) mini_portile2 (~> 2.7) grape (2.0.0) activesupport (>= 5) @@ -2120,7 +2120,7 @@ DEPENDENCIES google-cloud-storage (~> 1.45.0) google-protobuf (~> 3.25, >= 3.25.3) googleauth (~> 1.8.1) - gpgme (~> 2.0.23) + gpgme (~> 2.0.24) grape (~> 2.0.0) grape-entity (~> 1.0.1) grape-path-helpers (~> 2.0.1) diff --git a/app/assets/javascripts/ide/components/branches/item.vue b/app/assets/javascripts/ide/components/branches/item.vue index 8f8406b2c39..80d6d2f2e18 100644 --- a/app/assets/javascripts/ide/components/branches/item.vue +++ b/app/assets/javascripts/ide/components/branches/item.vue @@ -1,13 +1,14 @@ diff --git a/app/assets/javascripts/members/constants.js b/app/assets/javascripts/members/constants.js index a442d631fda..c574b057d26 100644 --- a/app/assets/javascripts/members/constants.js +++ b/app/assets/javascripts/members/constants.js @@ -139,12 +139,7 @@ export const FILTERED_SEARCH_TOKEN_WITH_INHERITED_PERMISSIONS = { operators: OPERATORS_IS, options: [ { value: 'exclude', title: s__('Members|Direct') }, - { - value: 'only', - title: gon.features?.webuiMembersInheritedUsers - ? s__('Members|Indirect') - : s__('Members|Inherited'), - }, + { value: 'only', title: s__('Members|Indirect') }, ], }; diff --git a/app/controllers/concerns/membership_actions.rb b/app/controllers/concerns/membership_actions.rb index 231adfefc19..7deb9cd521a 100644 --- a/app/controllers/concerns/membership_actions.rb +++ b/app/controllers/concerns/membership_actions.rb @@ -185,8 +185,6 @@ module MembershipActions end def shared_members_relations - return [] unless Feature.enabled?(:webui_members_inherited_users, current_user) - project_relations = [:invited_groups, :shared_into_ancestors] [:shared_from_groups, *(project_relations if params[:project_id])] end diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb index 48b8629eb15..59d9e247a85 100644 --- a/app/controllers/groups/group_members_controller.rb +++ b/app/controllers/groups/group_members_controller.rb @@ -21,7 +21,6 @@ class Groups::GroupMembersController < Groups::ApplicationController push_frontend_feature_flag(:importer_user_mapping, current_user) push_frontend_feature_flag(:importer_user_mapping_reassignment_csv, current_user) push_frontend_feature_flag(:service_accounts_crud, @group) - push_frontend_feature_flag(:webui_members_inherited_users, current_user) end skip_before_action :check_two_factor_requirement, only: :leave diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb index b9a971c93e0..168ae402898 100644 --- a/app/controllers/projects/project_members_controller.rb +++ b/app/controllers/projects/project_members_controller.rb @@ -8,10 +8,6 @@ class Projects::ProjectMembersController < Projects::ApplicationController # Authorize before_action :authorize_admin_project_member!, except: [:index, :leave, :request_access] - before_action only: [:index] do - push_frontend_feature_flag(:webui_members_inherited_users, current_user) - end - feature_category :groups_and_projects urgency :low diff --git a/app/finders/group_members_finder.rb b/app/finders/group_members_finder.rb index de52187031a..379a7a9eb78 100644 --- a/app/finders/group_members_finder.rb +++ b/app/finders/group_members_finder.rb @@ -56,7 +56,7 @@ class GroupMembersFinder < UnionFinder if include_relations.include?(:shared_from_groups) related_groups[:shared_from_groups] = - if group.member?(user) && Feature.enabled?(:webui_members_inherited_users, user) + if group.member?(user) Group.shared_into_ancestors(group) else Group.shared_into_ancestors(group).public_or_visible_to_user(user) diff --git a/app/finders/members_finder.rb b/app/finders/members_finder.rb index 285f2d01dc9..a4624681ef5 100644 --- a/app/finders/members_finder.rb +++ b/app/finders/members_finder.rb @@ -85,7 +85,7 @@ class MembersFinder def project_invited_groups invited_groups_including_ancestors = project.invited_groups.self_and_ancestors - if Feature.disabled?(:webui_members_inherited_users, current_user) || !project.member?(current_user) + unless project.member?(current_user) invited_groups_including_ancestors = invited_groups_including_ancestors.public_or_visible_to_user(current_user) end diff --git a/app/graphql/mutations/clusters/agent_url_configurations/create.rb b/app/graphql/mutations/clusters/agent_url_configurations/create.rb new file mode 100644 index 00000000000..e53695e91c8 --- /dev/null +++ b/app/graphql/mutations/clusters/agent_url_configurations/create.rb @@ -0,0 +1,79 @@ +# frozen_string_literal: true + +module Mutations + module Clusters + module AgentUrlConfigurations + class Create < BaseMutation + graphql_name 'ClusterAgentUrlConfigurationCreate' + + authorize :create_cluster + + ClusterAgentID = ::Types::GlobalIDType[::Clusters::Agent] + + argument :cluster_agent_id, + ClusterAgentID, + required: true, + description: 'Global ID of the cluster agent that will be associated with the new URL configuration.' + + argument :url, + GraphQL::Types::String, + required: true, + description: 'URL for the new URL configuration.' + + argument :client_cert, + GraphQL::Types::String, + required: false, + description: 'Base64-encoded client certificate in PEM format if mTLS authentication should be used. ' \ + 'Must be provided with `client_key`.' + + argument :client_key, + GraphQL::Types::String, + required: false, + description: 'Base64-encoded client key in PEM format if mTLS authentication should be used. ' \ + 'Must be provided with `client_cert`.' + + argument :ca_cert, + GraphQL::Types::String, + required: false, + description: 'Base64-encoded CA certificate in PEM format to verify the agent endpoint.' + + argument :tls_host, + GraphQL::Types::String, + required: false, + description: 'TLS host name to verify the server name in agent endpoint certificate.' + + field :url_configuration, + Types::Clusters::AgentUrlConfigurationType, + null: true, + description: 'URL configuration created after mutation.' + + def resolve(args) + cluster_agent = authorized_find!(id: args[:cluster_agent_id]) + + url_cfg_params = args + + url_cfg_params[:ca_cert] = Base64.decode64(url_cfg_params[:ca_cert]) if url_cfg_params[:ca_cert] + if url_cfg_params[:client_cert] + url_cfg_params[:client_cert] = + Base64.decode64(url_cfg_params[:client_cert]) + end + + url_cfg_params[:client_key] = Base64.decode64(url_cfg_params[:client_key]) if url_cfg_params[:client_key] + + result = ::Clusters::Agents::CreateUrlConfigurationService.new( + agent: cluster_agent, + current_user: current_user, + params: url_cfg_params + ).execute + + payload = result.payload + + { + url_configuration: payload[:url_configuration], + errors: Array.wrap(result.message) + } + end + end + end + end +end diff --git a/app/graphql/mutations/clusters/agent_url_configurations/delete.rb b/app/graphql/mutations/clusters/agent_url_configurations/delete.rb new file mode 100644 index 00000000000..c99fce7d9a3 --- /dev/null +++ b/app/graphql/mutations/clusters/agent_url_configurations/delete.rb @@ -0,0 +1,31 @@ +# frozen_string_literal: true + +module Mutations + module Clusters + module AgentUrlConfigurations + class Delete < BaseMutation + graphql_name 'ClusterAgentUrlConfigurationDelete' + + authorize :admin_cluster + + UrlConfigurationID = ::Types::GlobalIDType[::Clusters::Agents::UrlConfiguration] + + argument :id, UrlConfigurationID, + required: true, + description: 'Global ID of the agent URL configuration that will be deleted.' + + def resolve(id:) + url_cfg = authorized_find!(id: id) + + result = ::Clusters::Agents::DeleteUrlConfigurationService + .new(agent: url_cfg.agent, current_user: current_user, url_configuration: url_cfg) + .execute + + { + errors: Array.wrap(result.message) + } + end + end + end + end +end diff --git a/app/graphql/types/ci/runner_status_enum.rb b/app/graphql/types/ci/runner_status_enum.rb index ea19abf0435..181b7236fea 100644 --- a/app/graphql/types/ci/runner_status_enum.rb +++ b/app/graphql/types/ci/runner_status_enum.rb @@ -5,24 +5,6 @@ module Types class RunnerStatusEnum < BaseEnum graphql_name 'CiRunnerStatus' - value 'ACTIVE', - description: 'Runner that is not paused.', - deprecated: { - reason: :renamed, - replacement: 'CiRunner.paused', - milestone: '14.6' - }, - value: :active - - value 'PAUSED', - description: 'Runner that is paused.', - deprecated: { - reason: :renamed, - replacement: 'CiRunner.paused', - milestone: '14.6' - }, - value: :paused - value 'ONLINE', description: "Runner that contacted this instance within the last #{::Ci::Runner::ONLINE_CONTACT_TIMEOUT.inspect}.", value: :online diff --git a/app/graphql/types/clusters/agent_type.rb b/app/graphql/types/clusters/agent_type.rb index 5b51c899723..d7415349501 100644 --- a/app/graphql/types/clusters/agent_type.rb +++ b/app/graphql/types/clusters/agent_type.rb @@ -66,6 +66,16 @@ module Types null: true, description: 'User access config for the cluster agent.' + field :is_receptive, + GraphQL::Types::Boolean, + null: true, + description: 'Whether the cluster agent is receptive or not.' + + field :url_configurations, + AgentUrlConfigurationType.connection_type, + null: true, + description: 'URL configurations for the cluster agent in case it is a receptive agent.' + def project Gitlab::Graphql::Loaders::BatchModelLoader.new(Project, object.project_id).find end @@ -73,6 +83,10 @@ module Types def web_path ::Gitlab::Routing.url_helpers.project_cluster_agent_path(object.project, object.name) end + + def url_configurations + [object.agent_url_configuration] + end end end end diff --git a/app/graphql/types/clusters/agent_url_configuration_type.rb b/app/graphql/types/clusters/agent_url_configuration_type.rb new file mode 100644 index 00000000000..528bedfec24 --- /dev/null +++ b/app/graphql/types/clusters/agent_url_configuration_type.rb @@ -0,0 +1,53 @@ +# frozen_string_literal: true + +module Types + module Clusters + class AgentUrlConfigurationType < BaseObject + graphql_name 'ClusterAgentUrlConfiguration' + + authorize :read_cluster_agent + + connection_type_class Types::CountableConnectionType + + field :cluster_agent, + Types::Clusters::AgentType, + description: 'Cluster agent of the URL configuration.', + null: true + + field :id, + ::Types::GlobalIDType[::Clusters::Agents::UrlConfiguration], + null: false, + description: 'Global ID of the URL configuration.' + + field :url, + GraphQL::Types::String, + null: true, + description: 'URL of the URL configuration.' + + field :ca_cert, + GraphQL::Types::String, + null: true, + description: 'CA certificate of the URL configuration. It is used to verify the agent endpoint.' + + field :tls_host, + GraphQL::Types::String, + null: true, + description: 'TLS host of the URL configuration. ' \ + 'It is used to verify the server name in the agent endpoint certificate.' + + field :public_key, + GraphQL::Types::String, + null: true, + description: 'Public key if JWT authentication is used.' + + field :client_cert, + GraphQL::Types::String, + null: true, + description: 'Client certificate if JWT authentication is used.' + + def cluster_agent + Gitlab::Graphql::Loaders::BatchModelLoader.new(::Clusters::Agent, object.agent_id).find + end + end + end +end diff --git a/app/graphql/types/mutation_type.rb b/app/graphql/types/mutation_type.rb index f95390bf819..6269cb0948f 100644 --- a/app/graphql/types/mutation_type.rb +++ b/app/graphql/types/mutation_type.rb @@ -44,6 +44,8 @@ module Types mount_mutation Mutations::Clusters::Agents::Delete mount_mutation Mutations::Clusters::AgentTokens::Create mount_mutation Mutations::Clusters::AgentTokens::Revoke + mount_mutation Mutations::Clusters::AgentUrlConfigurations::Create + mount_mutation Mutations::Clusters::AgentUrlConfigurations::Delete mount_mutation Mutations::Commits::Create, calls_gitaly: true mount_mutation Mutations::CustomEmoji::Create mount_mutation Mutations::CustomEmoji::Destroy diff --git a/app/models/ci/runner.rb b/app/models/ci/runner.rb index dd4e224ae63..bffa26e1330 100644 --- a/app/models/ci/runner.rb +++ b/app/models/ci/runner.rb @@ -73,8 +73,9 @@ module Ci AVAILABLE_TYPES_LEGACY = %w[specific shared].freeze AVAILABLE_TYPES = runner_types.keys.freeze DEPRECATED_STATUSES = %w[active paused].freeze # TODO: Remove in REST v5. Relevant issue: https://gitlab.com/gitlab-org/gitlab/-/issues/344648 - AVAILABLE_STATUSES = (DEPRECATED_STATUSES + %w[online offline never_contacted stale]).freeze - AVAILABLE_SCOPES = (AVAILABLE_TYPES_LEGACY + AVAILABLE_TYPES + AVAILABLE_STATUSES).freeze + AVAILABLE_STATUSES = %w[online offline never_contacted stale].freeze + AVAILABLE_STATUSES_INCL_DEPRECATED = (DEPRECATED_STATUSES + AVAILABLE_STATUSES).freeze + AVAILABLE_SCOPES = (AVAILABLE_TYPES_LEGACY + AVAILABLE_TYPES + AVAILABLE_STATUSES_INCL_DEPRECATED).freeze FORM_EDITABLE = %i[description tag_list active run_untagged locked access_level maximum_timeout_human_readable].freeze MINUTES_COST_FACTOR_FIELDS = %i[public_projects_minutes_cost_factor private_projects_minutes_cost_factor].freeze diff --git a/app/models/ci/runner_manager.rb b/app/models/ci/runner_manager.rb index 5fe35ef641f..9a6f936030c 100644 --- a/app/models/ci/runner_manager.rb +++ b/app/models/ci/runner_manager.rb @@ -12,6 +12,7 @@ module Ci self.table_name = 'ci_runner_machines' AVAILABLE_STATUSES = %w[online offline never_contacted stale].freeze + AVAILABLE_STATUSES_INCL_DEPRECATED = AVAILABLE_STATUSES # The `UPDATE_CONTACT_COLUMN_EVERY` defines how often the Runner Machine DB entry can be updated UPDATE_CONTACT_COLUMN_EVERY = (40.minutes)..(55.minutes) diff --git a/app/models/concerns/ci/has_runner_status.rb b/app/models/concerns/ci/has_runner_status.rb index 4615e9573ff..8d7fa1dd34a 100644 --- a/app/models/concerns/ci/has_runner_status.rb +++ b/app/models/concerns/ci/has_runner_status.rb @@ -18,7 +18,7 @@ module Ci class_methods do def available_statuses - self::AVAILABLE_STATUSES + self::AVAILABLE_STATUSES_INCL_DEPRECATED end def online_contact_time_deadline diff --git a/app/models/members/members/invited_private_group_accessibility_assigner.rb b/app/models/members/members/invited_private_group_accessibility_assigner.rb index e4dafd56a16..152c6b57d81 100644 --- a/app/models/members/members/invited_private_group_accessibility_assigner.rb +++ b/app/models/members/members/invited_private_group_accessibility_assigner.rb @@ -23,8 +23,6 @@ module Members end def execute - return if Feature.disabled?(:webui_members_inherited_users, current_user) - # We don't need to calculate the access level of the current user in the invited groups if: # # 1. The current user can admin members then the user should be able to see the source of all memberships diff --git a/app/policies/clusters/agents/url_configuration_policy.rb b/app/policies/clusters/agents/url_configuration_policy.rb new file mode 100644 index 00000000000..d923bb7f846 --- /dev/null +++ b/app/policies/clusters/agents/url_configuration_policy.rb @@ -0,0 +1,11 @@ +# frozen_string_literal: true + +module Clusters + module Agents + class UrlConfigurationPolicy < BasePolicy + alias_method :agent_url_configuration, :subject + + delegate { agent_url_configuration.agent } + end + end +end diff --git a/app/views/shared/users/_user.html.haml b/app/views/shared/users/_user.html.haml index 4dc276a45c2..30f05358c99 100644 --- a/app/views/shared/users/_user.html.haml +++ b/app/views/shared/users/_user.html.haml @@ -1,13 +1,12 @@ - user = local_assigns.fetch(:user) -.col-lg-3.col-md-4.col-sm-12 - = render Pajamas::CardComponent.new(card_options: { class: 'gl-mb-5' }) do |c| - - c.with_body do - = render Pajamas::AvatarComponent.new(user, size: 48, alt: "", class: 'gl-float-left gl-mr-3') += render Pajamas::CardComponent.new(body_options: { class: 'gl-flex gl-gap-3' }) do |c| + - c.with_body do + = render Pajamas::AvatarComponent.new(user, size: 48, alt: "") - .user-info - .block-truncated - = link_to user.name, user_path(user), class: 'user js-user-link', data: { user_id: user.id, testid: 'user-link', qa_username: user.username } + .gl-grow.user-info + .gl-line-clamp-1.gl-break-all + = link_to user.name, user_path(user), class: 'js-user-link', data: { user_id: user.id, testid: 'user-link', qa_username: user.username } - .block-truncated - %span.gl-text-gray-900= user.to_reference + .gl-line-clamp-1.gl-break-all + %span.gl-text-secondary= user.to_reference diff --git a/app/views/shared/users/index.html.haml b/app/views/shared/users/index.html.haml index fd850ce0ba2..f8503229e64 100644 --- a/app/views/shared/users/index.html.haml +++ b/app/views/shared/users/index.html.haml @@ -6,7 +6,7 @@ - following_current_user_empty_message_header = s_('UserProfile|You are not following other users') - if users.size > 0 - .row.gl-mt-3 + .gl-grid.gl-gap-3.gl-mt-3.md:gl-grid-cols-3 = render partial: 'shared/users/user', collection: users, as: :user = paginate users, theme: 'gitlab' - else diff --git a/config/feature_flags/development/webui_members_inherited_users.yml b/config/feature_flags/development/webui_members_inherited_users.yml deleted file mode 100644 index 47005c333ae..00000000000 --- a/config/feature_flags/development/webui_members_inherited_users.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: webui_members_inherited_users -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/83214 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/364078 -milestone: '15.4' -type: development -group: group::tenant scale -default_enabled: true diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 1f2d787439c..404abc8144e 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -3079,6 +3079,48 @@ Input type: `ClusterAgentTokenRevokeInput` | `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +### `Mutation.clusterAgentUrlConfigurationCreate` + +Input type: `ClusterAgentUrlConfigurationCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `caCert` | [`String`](#string) | Base64-encoded CA certificate in PEM format to verify the agent endpoint. | +| `clientCert` | [`String`](#string) | Base64-encoded client certificate in PEM format if mTLS authentication should be used. Must be provided with `client_key`. | +| `clientKey` | [`String`](#string) | Base64-encoded client key in PEM format if mTLS authentication should be used. Must be provided with `client_cert`. | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `clusterAgentId` | [`ClustersAgentID!`](#clustersagentid) | Global ID of the cluster agent that will be associated with the new URL configuration. | +| `tlsHost` | [`String`](#string) | TLS host name to verify the server name in agent endpoint certificate. | +| `url` | [`String!`](#string) | URL for the new URL configuration. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| `urlConfiguration` | [`ClusterAgentUrlConfiguration`](#clusteragenturlconfiguration) | URL configuration created after mutation. | + +### `Mutation.clusterAgentUrlConfigurationDelete` + +Input type: `ClusterAgentUrlConfigurationDeleteInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `id` | [`ClustersAgentsUrlConfigurationID!`](#clustersagentsurlconfigurationid) | Global ID of the agent URL configuration that will be deleted. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| `errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + ### `Mutation.commitCreate` Input type: `CommitCreateInput` @@ -11951,6 +11993,30 @@ The edge type for [`ClusterAgentToken`](#clusteragenttoken). | `cursor` | [`String!`](#string) | A cursor for use in pagination. | | `node` | [`ClusterAgentToken`](#clusteragenttoken) | The item at the end of the edge. | +#### `ClusterAgentUrlConfigurationConnection` + +The connection type for [`ClusterAgentUrlConfiguration`](#clusteragenturlconfiguration). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `count` | [`Int!`](#int) | Total count of collection. | +| `edges` | [`[ClusterAgentUrlConfigurationEdge]`](#clusteragenturlconfigurationedge) | A list of edges. | +| `nodes` | [`[ClusterAgentUrlConfiguration]`](#clusteragenturlconfiguration) | A list of nodes. | +| `pageInfo` | [`PageInfo!`](#pageinfo) | Information to aid in pagination. | + +#### `ClusterAgentUrlConfigurationEdge` + +The edge type for [`ClusterAgentUrlConfiguration`](#clusteragenturlconfiguration). + +##### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `cursor` | [`String!`](#string) | A cursor for use in pagination. | +| `node` | [`ClusterAgentUrlConfiguration`](#clusteragenturlconfiguration) | The item at the end of the edge. | + #### `CodeCoverageActivityConnection` The connection type for [`CodeCoverageActivity`](#codecoverageactivity). @@ -19183,11 +19249,13 @@ GitLab CI/CD configuration template. | `createdAt` | [`Time`](#time) | Timestamp the cluster agent was created. | | `createdByUser` | [`UserCore`](#usercore) | User object, containing information about the person who created the agent. | | `id` | [`ID!`](#id) | ID of the cluster agent. | +| `isReceptive` | [`Boolean`](#boolean) | Whether the cluster agent is receptive or not. | | `name` | [`String`](#string) | Name of the cluster agent. | | `project` | [`Project`](#project) | Project the cluster agent is associated with. | | `remoteDevelopmentAgentConfig` | [`RemoteDevelopmentAgentConfig`](#remotedevelopmentagentconfig) | Remote development agent config for the cluster agent. | | `tokens` | [`ClusterAgentTokenConnection`](#clusteragenttokenconnection) | Tokens associated with the cluster agent. (see [Connections](#connections)) | | `updatedAt` | [`Time`](#time) | Timestamp the cluster agent was updated. | +| `urlConfigurations` | [`ClusterAgentUrlConfigurationConnection`](#clusteragenturlconfigurationconnection) | URL configurations for the cluster agent in case it is a receptive agent. (see [Connections](#connections)) | | `userAccessAuthorizations` | [`ClusterAgentAuthorizationUserAccess`](#clusteragentauthorizationuseraccess) | User access config for the cluster agent. | | `vulnerabilityImages` | [`VulnerabilityContainerImageConnection`](#vulnerabilitycontainerimageconnection) | Container images reported on the agent vulnerabilities. (see [Connections](#connections)) | | `webPath` | [`String`](#string) | Web path of the cluster agent. | @@ -19257,6 +19325,20 @@ four standard [pagination arguments](#pagination-arguments): | `name` | [`String`](#string) | Name given to the token. | | `status` | [`AgentTokenStatus`](#agenttokenstatus) | Current status of the token. | +### `ClusterAgentUrlConfiguration` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| `caCert` | [`String`](#string) | CA certificate of the URL configuration. It is used to verify the agent endpoint. | +| `clientCert` | [`String`](#string) | Client certificate if JWT authentication is used. | +| `clusterAgent` | [`ClusterAgent`](#clusteragent) | Cluster agent of the URL configuration. | +| `id` | [`ClustersAgentsUrlConfigurationID!`](#clustersagentsurlconfigurationid) | Global ID of the URL configuration. | +| `publicKey` | [`String`](#string) | Public key if JWT authentication is used. | +| `tlsHost` | [`String`](#string) | TLS host of the URL configuration. It is used to verify the server name in the agent endpoint certificate. | +| `url` | [`String`](#string) | URL of the URL configuration. | + ### `CodeCoverageActivity` Represents the code coverage activity for a group. @@ -35356,11 +35438,9 @@ Values for sorting runners. | Value | Description | | ----- | ----------- | -| `ACTIVE` **{warning-solid}** | **Deprecated** in GitLab 14.6. This was renamed. Use: [`CiRunner.paused`](#cirunnerpaused). | | `NEVER_CONTACTED` | Runner that has never contacted the instance. | | `OFFLINE` | Runner that has not contacted this instance within the last 2 hours. Will be considered `STALE` if offline for more than 7 days. | | `ONLINE` | Runner that contacted this instance within the last 2 hours. | -| `PAUSED` **{warning-solid}** | **Deprecated** in GitLab 14.6. This was renamed. Use: [`CiRunner.paused`](#cirunnerpaused). | | `STALE` | Runner that has not contacted this instance within the last 7 days. | ### `CiRunnerType` @@ -38471,6 +38551,12 @@ A `ClustersAgentTokenID` is a global ID. It is encoded as a string. An example `ClustersAgentTokenID` is: `"gid://gitlab/Clusters::AgentToken/1"`. +### `ClustersAgentsUrlConfigurationID` + +A `ClustersAgentsUrlConfigurationID` is a global ID. It is encoded as a string. + +An example `ClustersAgentsUrlConfigurationID` is: `"gid://gitlab/Clusters::Agents::UrlConfiguration/1"`. + ### `ClustersClusterID` A `ClustersClusterID` is a global ID. It is encoded as a string. diff --git a/doc/api/members.md b/doc/api/members.md index 5d0893a7b5d..44c2ab853ac 100644 --- a/doc/api/members.md +++ b/doc/api/members.md @@ -111,10 +111,7 @@ Example response: > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) to return members of the invited private group if the current user is a member of the shared group or project in GitLab 16.10 [with a flag](../administration/feature_flags.md) named `webui_members_inherited_users`. Disabled by default. > - Feature flag `webui_members_inherited_users` was [enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) in GitLab 17.0. - -FLAG: -On self-managed GitLab, by default this feature is available. To hide the feature per user, an administrator can [disable the feature flag](../administration/feature_flags.md) named `webui_members_inherited_users`. -On GitLab.com and GitLab Dedicated, this feature is available. +> - Feature flag `webui_members_inherited_users` [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/163627) in GitLab 17.4. Members of invited groups displayed by default. Gets a list of group or project members viewable by the authenticated user, including inherited members, invited users, and permissions through ancestor groups. @@ -275,10 +272,7 @@ Example response: > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/17744) in GitLab 12.4. > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) to return members of the invited private group if the current user is a member of the shared group or project in GitLab 16.10 [with a flag](../administration/feature_flags.md) named `webui_members_inherited_users`. Disabled by default. > - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) in GitLab 17.0. - -FLAG: -On self-managed GitLab, by default this feature is available. To hide the feature per user, an administrator can [disable the feature flag](../administration/feature_flags.md) named `webui_members_inherited_users`. -On GitLab.com and GitLab Dedicated, this feature is available. +> - Feature flag `webui_members_inherited_users` [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/163627) in GitLab 17.4. Members of invited groups displayed by default. Gets a member of a group or project, including members inherited or invited through ancestor groups. See the corresponding [endpoint to list all inherited members](#list-all-members-of-a-group-or-project-including-inherited-and-invited-members) for details. diff --git a/doc/operations/logs.md b/doc/operations/logs.md index 0758e6aa2f4..3f4ebdd8973 100644 --- a/doc/operations/logs.md +++ b/doc/operations/logs.md @@ -8,11 +8,12 @@ info: To determine the technical writer assigned to the Stage/Group associated w DETAILS: **Tier:** Ultimate -**Offering:** GitLab.com +**Offering:** GitLab.com, Self-managed **Status:** Beta > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143027) in GitLab 16.10 [with a flag](../administration/feature_flags.md) named `observability_logs`. Disabled by default. This feature is in [beta](../policy/experiment-beta-support.md#beta). > - Feature flag [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/158786) in GitLab 17.3 to the `observability_features` [feature flag](../administration/feature_flags.md), disabled by default. The previous feature flag (`observability_logs`) was removed. +> - [Introduced](https://gitlab.com/groups/gitlab-org/opstrace/-/epics/100) for self-managed in GitLab 17.3. FLAG: The availability of this feature is controlled by a feature flag. @@ -31,22 +32,22 @@ Prerequisites: - You must have at least the Maintainer role for the project. -1. Create an access token and enable logs: +1. Create an access token: 1. On the left sidebar, select **Search or go to** and find your project. 1. Select **Settings > Access tokens**. - 1. Create an access token with the following scopes: `read_api`, `read_observability`, `write_observability`. Be sure to save the access token value for later. - 1. Select **Monitor > Logs**, and then select **Enable**. + 1. Create an access token with the `api` scope and **Developer** role or greater. + Save the access token value for later. 1. To configure your application to send GitLab logs, set the following environment variables: ```shell OTEL_EXPORTER = "otlphttp" - OTEL_EXPORTER_OTLP_LOGS_ENDPOINT = "https://observe.gitlab.com/v3///ingest/logs" - OTEL_EXPORTER_OTLP_LOGS_HEADERS = "PRIVATE-TOKEN=" + OTEL_EXPORTER_OTLP_ENDPOINT = "https://gitlab.example.com/api/v4/projects//observability/" + OTEL_EXPORTER_OTLP_HEADERS = "PRIVATE-TOKEN=" ``` Use the following values: - - `namespace-id` - The top-level group ID that contains the project + - `gitlab.example.com` - The hostname for your self-managed instance, or `gitlab.com` - `gitlab-project-id` - The project ID - `gitlab-access-token` - The access token you created diff --git a/doc/operations/metrics.md b/doc/operations/metrics.md index 7fb10f6515d..da456db5dbd 100644 --- a/doc/operations/metrics.md +++ b/doc/operations/metrics.md @@ -8,11 +8,12 @@ info: To determine the technical writer assigned to the Stage/Group associated w DETAILS: **Tier:** Ultimate -**Offering:** GitLab.com +**Offering:** GitLab.com, Self-managed **Status:** Beta > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124966) in GitLab 16.7 [with a flag](../administration/feature_flags.md) named `observability_metrics`. Disabled by default. This feature is an [experiment](../policy/experiment-beta-support.md#experiment). > - Feature flag [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/158786) in GitLab 17.3 to the `observability_features` [feature flag](../administration/feature_flags.md), disabled by default. The previous feature flag (`observability_metrics`) was removed. +> - [Introduced](https://gitlab.com/groups/gitlab-org/opstrace/-/epics/100) for self-managed in GitLab 17.3. FLAG: The availability of this feature is controlled by a feature flag. @@ -37,22 +38,22 @@ Prerequisites: You must have at least the Maintainer role for the project. -1. Create an access token and enable metrics: +1. Create an access token: 1. On the left sidebar, select **Search or go to** and find your project. 1. Select **Settings > Access tokens**. - 1. Create an access token with the following scopes: `read_api`, `read_observability`, `write_observability`. Be sure to save the access token value for later. - 1. Select **Monitor > Metrics**, and then select **Enable**. + 1. Create an access token with the `api` scope and **Developer** role or greater. + Save the access token value for later. 1. To configure your application to send GitLab metrics, set the following environment variables: ```shell OTEL_EXPORTER = "otlphttp" - OTEL_EXPORTER_OTLP_METRICS_ENDPOINT = "https://observe.gitlab.com/v3///ingest/metrics" - OTEL_EXPORTER_OTLP_METRICS_HEADERS = "PRIVATE-TOKEN=" + OTEL_EXPORTER_OTLP_ENDPOINT = "https://gitlab.example.com/api/v4/projects//observability/" + OTEL_EXPORTER_OTLP_HEADERS = "PRIVATE-TOKEN=" ``` Use the following values: - - `namespace-id` - The top-level group ID that contains the project + - `gitlab.example.com` - The hostname for your self-managed instance, or `gitlab.com` - `gitlab-project-id` - The project ID - `gitlab-access-token` - The access token you created diff --git a/doc/operations/tracing.md b/doc/operations/tracing.md index f361d05671c..3446a536f6d 100644 --- a/doc/operations/tracing.md +++ b/doc/operations/tracing.md @@ -8,11 +8,12 @@ info: To determine the technical writer assigned to the Stage/Group associated w DETAILS: **Tier:** Ultimate -**Offering:** GitLab.com +**Offering:** GitLab.com, Self-managed **Status:** Beta > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124966) in GitLab 16.2 [with a flag](../administration/feature_flags.md) named `observability_tracing`. Disabled by default. This feature is in [beta](../policy/experiment-beta-support.md#beta). > - Feature flag [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/158786) in GitLab 17.3 to the `observability_features` [feature flag](../administration/feature_flags.md), disabled by default. The previous feature flag `observability_tracing` was removed. +> - [Introduced](https://gitlab.com/groups/gitlab-org/opstrace/-/epics/100) for self-managed in GitLab 17.3. FLAG: The availability of this feature is controlled by a feature flag. @@ -25,41 +26,30 @@ This feature is in [beta](../policy/experiment-beta-support.md). For more inform ## Configure distributed tracing for a project -To configure distributed tracing: - -1. [Create an access token and enable tracing.](#create-an-access-token) -1. [Configure your application to use the OpenTelemetry exporter.](#configure-your-application-to-use-the-opentelemetry-exporter) - -### Create an access token +Configure distributed tracing to enable it for a project. Prerequisites: - You must have at least the Maintainer role for the project. -To enable tracing in a project, you must first create an access token: +1. Create an access token: + 1. On the left sidebar, select **Search or go to** and find your project. + 1. Select **Settings > Access tokens**. + 1. Create an access token with the `api` scope and **Developer** role or greater. + Save the access token value for later. +1. To configure your application to send GitLab traces, set the following environment variables: -1. On the left sidebar, select **Search or go to** and find your project. -1. Select **Settings > Access tokens**. -1. Create an access token with the following scopes: `read_api`, `read_observability`, `write_observability`. -1. Copy the value of the access token. + ```shell + OTEL_EXPORTER = "otlphttp" + OTEL_EXPORTER_OTLP_ENDPOINT = "https://gitlab.example.com/api/v4/projects//observability/" + OTEL_EXPORTER_OTLP_HEADERS = "PRIVATE-TOKEN=" + ``` -### Configure your application to use the OpenTelemetry exporter + Use the following values: -Next, configure your application to send traces to GitLab. - -To do this, set the following environment variables: - -```shell -OTEL_EXPORTER = "otlphttp" -OTEL_EXPORTER_OTLP_TRACES_ENDPOINT = "https://observe.gitlab.com/v3///ingest/traces" -OTEL_EXPORTER_OTLP_TRACES_HEADERS = "PRIVATE-TOKEN=" -``` - -Use the following values: - -- `namespace-id`: The top-level namespace ID where your project is located. -- `gitlab-project-id`: The project ID. -- `gitlab-access-token`: The access token you [created previously](#create-an-access-token). + - `gitlab.example.com` - The hostname for your self-managed instance, or `gitlab.com` + - `gitlab-project-id` - The project ID. + - `gitlab-access-token` - The access token you created When your application is configured, run it, and the OpenTelemetry exporter attempts to send traces to GitLab. diff --git a/doc/tutorials/observability/observability_django_tutorial.md b/doc/tutorials/observability/observability_django_tutorial.md index b135e535f25..bdccda7417c 100644 --- a/doc/tutorials/observability/observability_django_tutorial.md +++ b/doc/tutorials/observability/observability_django_tutorial.md @@ -6,14 +6,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Tutorial: Use GitLab Observability with a Django application -DETAILS: -**Tier:** Ultimate -**Offering:** GitLab.com -**Status:** Beta - FLAG: The availability of this feature is controlled by a feature flag. For more information, see the history of the [**Distributed tracing** feature](../../operations/tracing.md). + In this tutorial, we'll show you how to create, configure, instrument, and monitor a Django application using GitLab observability features. @@ -23,7 +19,7 @@ In this tutorial, we'll show you how to create, configure, instrument, and monit To follow along this tutorial, you should have: -- A GitLab Ultimate subscription for GitLab.com +- A GitLab Ultimate subscription for GitLab.com or GitLab self-managed - A local installation of Python 3 and Django (You can install it with `python -m pip install Django`.) - Basic knowledge of Git and Python - Basic knowledge of the core concepts of [OpenTelemetry](https://opentelemetry.io/) @@ -39,7 +35,7 @@ This tutorial uses the project name `animals`. - In the **Project name** field, enter `animals`. 1. Select **Create project**. 1. In the `animals` project, on the left sidebar, select **Settings > Access tokens**. -1. Create an access token with the Owner role and the `read_api` and `write_observability` scopes. Store the token value somewhere safe—you'll need it later. +1. Create an access token with the `api` scope and Developer role. Store the token value somewhere safe—you'll need it later. ## Create a Django application @@ -147,7 +143,9 @@ To create an application: from opentelemetry.sdk.metrics.export import PeriodicExportingMetricReader, ConsoleMetricExporter ``` -1. To instrument the application, in the `manage.py` file add the following code (replacing `{{PROJECT_ACCESS_TOKEN}}`, `{{NAMESPACE_ID}}`, and `{{PROJECT_ID}}` with the values from your project and root namespace): +1. To instrument the application, in the `manage.py` file, add the following code. + - Replace `{{PROJECT_ACCESS_TOKEN}}` and `{{PROJECT_ID}}` with the values from your project. + - If you're using self-managed GitLab, replace `gitlab.com` with your self-managed instance hostname. ```python resource = Resource(attributes={ @@ -155,12 +153,12 @@ To create an application: }) os.environ.setdefault('OTEL_EXPORTER_OTLP_HEADERS', "PRIVATE-TOKEN={{PROJECT_ACCESS_TOKEN}}") traceProvider = TracerProvider(resource=resource) - processor = BatchSpanProcessor(OTLPSpanExporter(endpoint="https://observe.gitlab.com/v3/{{NAMESPACE_ID}}/{{PROJECT_ID}}/ingest/traces")) + processor = BatchSpanProcessor(OTLPSpanExporter(endpoint="https://gitlab.com/api/v4/projects/{{PROJECT_ID}}/observability/v1/traces")) traceProvider.add_span_processor(processor) trace.set_tracer_provider(traceProvider) reader = PeriodicExportingMetricReader( - OTLPMetricExporter(endpoint="https://observe.gitlab.com/v3/{{NAMESPACE_ID}}/{{PROEJCT_ID}}/ingest/metrics") + OTLPMetricExporter(endpoint="https://gitlab.com/api/v4/projects/{{PROJECT_ID}}/observability/v1/metrics") ) meterProvider = MeterProvider(resource=resource, metric_readers=[reader]) metrics.set_meter_provider(meterProvider) diff --git a/doc/tutorials/observability/observability_dotnet_tutorial.md b/doc/tutorials/observability/observability_dotnet_tutorial.md index 49b91ee9168..0bce2380490 100644 --- a/doc/tutorials/observability/observability_dotnet_tutorial.md +++ b/doc/tutorials/observability/observability_dotnet_tutorial.md @@ -6,17 +6,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Tutorial: Use GitLab Observability with a .NET application -DETAILS: -**Tier:** Ultimate -**Offering:** GitLab.com -**Status:** Beta - -> - Observability [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124966) in GitLab 16.2 [with a flag](../../administration/feature_flags.md) named `observability_features`. Disabled by default. - FLAG: The availability of this feature is controlled by a feature flag. -For more information, see the history. -This feature is available for testing, but not ready for production use. +For more information, see the history of the [**Distributed tracing** feature](../../operations/tracing.md). + In this tutorial, you'll learn how to create, configure, instrument, and monitor a .NET Core application using GitLab Observability features. @@ -24,7 +17,7 @@ In this tutorial, you'll learn how to create, configure, instrument, and monitor To follow along this tutorial, you must have: -- A GitLab Ultimate subscription for GitLab.com +- A GitLab Ultimate subscription for GitLab.com or GitLab self-managed - A local installation of [.NET](https://dotnet.microsoft.com/en-us/) - Basic knowledge of Git, .NET, and the core concepts of [OpenTelemetry](https://opentelemetry.io/) @@ -38,7 +31,8 @@ First, create a GitLab project and a corresponding access token. - In the **Project name** field, enter `dotnet-O11y-tutorial`. 1. Select **Create project**. 1. In the `dotnet-O11y-tutorial` project, on the left sidebar, select **Settings > Access tokens**. -1. Create a new access token with the Owner role and the `read_api` and `write_observability` scopes. Store the token value somewhere safe—you'll need it later. +1. Create an access token with the `api` scope and Developer role. Store the token value somewhere safe. + You'll need it later. ## Create a .NET application @@ -205,18 +199,16 @@ Next, we'll create a .NET web application that we can instrument. For this tutor app.Run(); ``` -1. Find your group ID: - 1. On the left sidebar, select **Search or go to** and find the top-level group with the `dotnet-O11y-tutorial` project. For example, if your project URL is `https://gitlab.com/tankui/observability/dotnet-O11y-tutorial`, the top-level group is `tanuki`. - 1. On the group overview page, in the upper-right corner, select **Actions** (**{ellipsis_v}**). - 1. Select **Copy group ID**. Save the copied ID for later. 1. Find your project ID: 1. On the `dotnet-O11y-tutorial` project overview page, in the upper-right corner, select **Actions** (**{ellipsis_v}**). 1. Select **Copy project ID**. Save the copied ID for later. -1. Configure and run your application with instrumentation: +1. Configure your application with instrumentation. + If you're using self-managed GitLab, replace `gitlab.com` with your self-managed instance hostname. +1. Run your application. ```shell - env OTEL_EXPORTER_OTLP_ENDPOINT="https://observe.gitlab.com/v3/{{GROUP_ID}}/{{PROJECT_ID}}/ingest" \ + env OTEL_EXPORTER_OTLP_ENDPOINT="https://gitlab.com/api/v4/projects/{{PROJECT_ID}}/observability" \ OTEL_EXPORTER_OTLP_HEADERS="PRIVATE-TOKEN={{ACCESS_TOKEN}}" \ OTEL_LOG_LEVEL="debug" \ dotnet run diff --git a/doc/tutorials/observability/observability_java_tutorial.md b/doc/tutorials/observability/observability_java_tutorial.md index b837946b817..73f4f8ca85f 100644 --- a/doc/tutorials/observability/observability_java_tutorial.md +++ b/doc/tutorials/observability/observability_java_tutorial.md @@ -6,17 +6,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Tutorial: Use GitLab Observability with a Java Spring application -DETAILS: -**Tier:** Ultimate -**Offering:** GitLab.com -**Status:** Beta - -> - Observability [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124966) in GitLab 16.2 [with a flag](../../administration/feature_flags.md) named `observability_features`. Disabled by default. - -FLAG: -The availability of this feature is controlled by a feature flag. -For more information, see the history. -This feature is available for testing, but not ready for production use. +For more information, see the history of the [**Distributed tracing** feature](../../operations/tracing.md). + In this tutorial, you'll learn how to create, configure, instrument, and monitor a Java Spring application using GitLab Observability features. @@ -24,7 +15,7 @@ In this tutorial, you'll learn how to create, configure, instrument, and monitor To follow along this tutorial, you must have: -- A GitLab Ultimate subscription for GitLab.com +- A GitLab Ultimate subscription for GitLab.com or GitLab self-managed - A local installation of Ruby on Rails - Basic knowledge of Git, Java Spring, and the core concepts of [OpenTelemetry](https://opentelemetry.io/) @@ -39,7 +30,8 @@ First, create a GitLab project and a corresponding access token. - In the **Project name** field, enter a name such as `test-spring-o11y` 1. Select **Create project**. 1. In the `test-sprint-o11y` project, on the left sidebar, select **Settings > Access tokens**. -1. Create a new access token with the Owner role and the `read_api` and `write_observability` scopes. Store the token value somewhere safe—you'll need it later. +1. Create an access token with the `api` scope and Developer role. Store the token value somewhere safe. + You'll need it later. ## Run the application @@ -107,15 +99,13 @@ The OpenTelemetry autoconfigure libraries read their configuration from environm ![Configuration menu](img/java_configuration_menu.png) -1. Add the following set of environment variables, replacing `{{PATH_TO_JAVA_AGENT}}`, `{{NAMESPACE_ID}}`, `{{PROJECT_ID}}`, `{{PROJECT_ACCESS_TOKEN}}` and `{{SERVICE_NAME}}` with the correct values. +1. Add the following set of environment variables, replacing `{{PATH_TO_JAVA_AGENT}}`, `{{PROJECT_ID}}`, `{{PROJECT_ACCESS_TOKEN}}` and `{{SERVICE_NAME}}` with the correct values. If using a self-managed GitLab instance, replace `gitlab.com` with your self-managed instance hostname. - `JAVA_TOOL_OPTIONS=-javaagent:{{PATH_TO_JAVA_AGENT}}/opentelemetry-javaagent.jar` - - `OTEL_EXPORTER_OTLP_ENDPOINT=https://observe.gitlab.com/v3/{{NAMESPACE_ID}}/{{PROJECT_ID}}/ingest` + - `OTEL_EXPORTER_OTLP_ENDPOINT=https://gitlab.com/api/v4/projects/{{PROJECT_ID}}/observability` - `OTEL_EXPORTER_OTLP_HEADERS=PRIVATE-TOKEN\={{PROJECT_ACCESS_TOKEN}}` - - `OTEL_LOGS_EXPORTER=otlp` + - `OTEL_EXPORTER=otlphttp` - `OTEL_METRIC_EXPORT_INTERVAL=15000` - - `OTEL_METRICS_EXPORTER=otlp` - `OTEL_SERVICE_NAME=example-java-application` - - `OTEL_TRACES_EXPORTER=otlp` 1. Restart the application and reload the page at `http://localhost:8000` a few times. diff --git a/doc/tutorials/observability/observability_nodejs_tutorial.md b/doc/tutorials/observability/observability_nodejs_tutorial.md index 9b121dd61c7..b620fd53ee4 100644 --- a/doc/tutorials/observability/observability_nodejs_tutorial.md +++ b/doc/tutorials/observability/observability_nodejs_tutorial.md @@ -6,14 +6,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Tutorial: Use GitLab Observability with a NodeJS application -DETAILS: -**Tier:** Ultimate -**Offering:** GitLab.com -**Status:** Beta - FLAG: The availability of this feature is controlled by a feature flag. For more information, see the history of the [**Distributed tracing** feature](../../operations/tracing.md). + In this tutorial, you'll learn how to configure, instrument, and monitor a NodeJS application using GitLab Observability features. @@ -21,7 +17,7 @@ In this tutorial, you'll learn how to configure, instrument, and monitor a NodeJ Take a moment and make sure you have the following: -- A GitLab Ultimate subscription for GitLab.com +- A GitLab Ultimate subscription for GitLab.com or GitLab self-managed - A local installation of NodeJS - Basic knowledge of Git, NodeJS, JavaScript, and the core concepts of [OpenTelemetry](https://opentelemetry.io/) @@ -37,7 +33,7 @@ This tutorial uses the project name `nodejs-O11y-tutorial`. - In the **Project name** field, enter `nodejs-O11y-tutorial`. 1. Select **Create project**. 1. In the `nodejs-O11y-tutorial` project, on the left sidebar, select **Settings > Access tokens**. -1. Create a new access token with the Owner role and the `read_api` and `write_observability` scopes. Store the token value somewhere safe—you'll need it later. +1. Create an access token with the `api` scope and Developer role. Store the token value somewhere safe—you'll need it later. ## Instrument your NodeJS application @@ -70,10 +66,6 @@ Next, we need to instrument the NodeJS application. @opentelemetry/auto-instrumentations-node ``` -1. Find your group ID: - 1. On the left sidebar, select **Search or go to** and find the top-level group with the `nodejs-O11y-tutorial` project. For example, if your project URL is `https://gitlab.com/tankui/observability/nodejs-O11y-tutorial`, the top-level group is `tanuki`. - 1. On the group overview page, in the upper-right corner, select **Actions** (**{ellipsis_v}**). - 1. Select **Copy group ID**. Save the copied ID for later. 1. Find your project ID: 1. On the `nodejs-O11y-tutorial` project overview page, in the upper-right corner, select **Actions** (**{ellipsis_v}**). 1. Select **Copy project ID**. Save the copied ID for later. @@ -81,8 +73,8 @@ Next, we need to instrument the NodeJS application. 1. Configure and run your project with instrumentation: ```shell - env OTEL_TRACES_EXPORTER="otlp" \ - OTEL_EXPORTER_OTLP_ENDPOINT="https://observe.gitlab.com/v3/{{GROUP_ID}}/{{PROJECT_ID}}/ingest" \ + env OTEL_TRACES_EXPORTER="otlphttp" \ + OTEL_EXPORTER_OTLP_ENDPOINT="https://gitlab.com/api/v4/projects/{{PROJECT_ID}}/observability" \ OTEL_EXPORTER_OTLP_HEADERS="PRIVATE-TOKEN={{ACCESS_TOKEN}}" \ OTEL_SERVICE_NAME="nodejs-O11y-tutorial" \ OTEL_LOG_LEVEL="debug" \ @@ -90,7 +82,8 @@ Next, we need to instrument the NodeJS application. PORT=8080 node server.js ``` - Be sure to replace the `GROUP_ID`, `PROJECT_ID`, and `ACCESS_TOKEN` with the values you obtained earlier. + Be sure to replace the `PROJECT_ID`, and `ACCESS_TOKEN` with the values you obtained earlier. + If using a self-managed GitLab instance, replace `gitlab.com` with your self-managed instance hostname. ## View traces diff --git a/doc/tutorials/observability/observability_rails_tutorial.md b/doc/tutorials/observability/observability_rails_tutorial.md index 3df200cfd1c..0edbe7719d8 100644 --- a/doc/tutorials/observability/observability_rails_tutorial.md +++ b/doc/tutorials/observability/observability_rails_tutorial.md @@ -6,14 +6,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Tutorial: Use GitLab Observability with a Ruby on Rails application -DETAILS: -**Tier:** Ultimate -**Offering:** GitLab.com -**Status:** Beta - FLAG: The availability of this feature is controlled by a feature flag. For more information, see the history of the [**Distributed tracing** feature](../../operations/tracing.md). + In this tutorial, you'll learn how to create, configure, instrument, and monitor a Ruby on Rails application using GitLab Observability features. @@ -21,7 +17,7 @@ In this tutorial, you'll learn how to create, configure, instrument, and monitor Take a moment and make sure you have the following: -- A GitLab Ultimate subscription for GitLab.com +- A GitLab Ultimate subscription for GitLab.com or GitLab self-managed - A local installation of Ruby on Rails - Basic knowledge of Git, Ruby on Rails, and the core concepts of [OpenTelemetry](https://opentelemetry.io/) @@ -36,7 +32,7 @@ This tutorial uses the project name `animals`. - In the **Project name** field, enter `animals`. 1. Select **Create project**. 1. In the `animals` project, on the left sidebar, select **Settings > Access tokens**. -1. Create a new access token with the Owner role and the `read_api` and `write_observability` scopes. Store the token value somewhere safe—you'll need it later. +1. Create an access token with the `api` scope and Developer role. Store the token value somewhere safe—you'll need it later. ## Create a Rails application @@ -92,10 +88,6 @@ To create an application: end ``` -1. Find your group ID: - 1. On the left sidebar, select **Search or go to** and find the top-level group with the `animal` project. For example, if your project URL is `https://gitlab.com/tankui/observability/animal`, the top-level group is `tanuki`. - 1. On the group overview page, in the upper-right corner, select **Actions** (**{ellipsis_v}**). - 1. Select **Copy group ID**. Save the copied ID for later. 1. Find your project ID: 1. On the `animal` project overview page, in the upper-right corner, select **Actions** (**{ellipsis_v}**). 1. Select **Copy project ID**. Save the copied ID for later. @@ -104,12 +96,13 @@ To create an application: ```shell OTEL_EXPORTER = "otlphttp" - OTEL_EXPORTER_OTLP_ENDPOINT = "https://observe.gitlab.com/v3/{{GROUP_ID}}/{{PROJECT_ID}}/ingest" + OTEL_EXPORTER_OTLP_ENDPOINT = "https://gitlab.com/api/v4/projects/{{PROJECT_ID}}/observability" OTEL_EXPORTER_OTLP_HEADERS = "PRIVATE-TOKEN={{ACCESS_TOKEN}}" OTEL_LOG_LEVEL = "debug" ``` - Be sure to replace the `GROUP_ID`, `PROJECT_ID`, and `ACCESS_TOKEN` with the values you obtained earlier. + Be sure to replace the `PROJECT_ID`, and `ACCESS_TOKEN` with the values you obtained earlier. + If using a self-managed GitLab instance, replace `gitlab.com` with your self-managed instance hostname. ## View traces diff --git a/doc/update/versions/gitlab_16_changes.md b/doc/update/versions/gitlab_16_changes.md index 7d4ce96d77a..7c385e7fcac 100644 --- a/doc/update/versions/gitlab_16_changes.md +++ b/doc/update/versions/gitlab_16_changes.md @@ -1287,13 +1287,13 @@ To protect against configuration mistakes, temporarily disable repository verifi 1. If you're running Gitaly Cluster, ensure repository verification is disabled on all Praefect nodes. Configure `verification_interval: 0`, and apply with `gitlab-ctl reconfigure`. -1. When applying the new structure to your configuration - - Replace the `...` with the value from the old key. - - When configuring `storage` to replace `git_data_dirs`, **you must append `repositories` to the path** as documented below. - If you miss this out your Git repositories are inaccessible until the configuration is fixed. - This misconfiguration can cause metadata deletion, and is the reason for disabling repository verification. - - Skip any keys you haven't configured a value for previously. - - Recommended. Include a trailing comma for all hash keys so the hash remains valid when keys are re-ordered or additional keys are added. +1. To apply the new structure to your configuration: + 1. Replace the `...` with the value from the old key. + 1. When configuring `storage` to replace `git_data_dirs`, **append `/repositories` to value of `path`** as documented below. If + you don't complete this step, your Git repositories are inaccessible until the configuration is fixed. This + misconfiguration can cause metadata deletion. + 1. Skip any keys you haven't configured a value for previously. + 1. Recommended. Include a trailing comma for all hash keys so the hash remains valid when keys are re-ordered or additional keys are added. 1. Apply the change with `gitlab-ctl reconfigure`. 1. Test Git repository functionality in GitLab. 1. Remove the old keys from the configuration once migrated, and then re-run `gitlab-ctl reconfigure`. @@ -1302,6 +1302,9 @@ To protect against configuration mistakes, temporarily disable repository verifi The new structure is documented below with the old keys described in a comment above the new keys. +WARNING: +Double check your update to `storage`. You must append `/repositories` to the value of `path`. + ```ruby gitaly['configuration'] = { # gitaly['socket_path'] diff --git a/doc/user/get_started/get_started_monitoring.md b/doc/user/get_started/get_started_monitoring.md index 79622118648..46213139607 100644 --- a/doc/user/get_started/get_started_monitoring.md +++ b/doc/user/get_started/get_started_monitoring.md @@ -118,7 +118,7 @@ Benefits of using the Collector: ```yaml exporters: otlphttp/gitlab: - endpoint: https://observe.gitlab.com/v3///ingest/ + endpoint: https://gitlab.com/api/v4/projects//observability/ headers: "private-token": "" @@ -134,15 +134,11 @@ Benefits of using the Collector: Replace the placeholders with the following values: - - ``: The top-level group ID for your project. - On the group homepage, in the upper-right corner, - select the vertical ellipsis (**{ellipsis_v}**), then **Copy group ID**. - - ``: The project ID. On the project homepage, in the upper-right corner, select the vertical ellipsis (**{ellipsis_v}**), then **Copy project ID**. - - - ``: An access token created in the project with the `Owner` role and - `read_api` and `write_observability` scopes. Create a token at the project's **Settings** > **Access tokens**. + - ``: An access token created in the project with the `Developer` role and + `api` scope. Create a token at the project's **Settings** > **Access tokens**. + - `gitlab.com`: Replace with your GitLab host if running a self-managed instance. 1. Instrument your application to send data to the Collector. Use the language-specific guides above, but point to your Collector instead of GitLab. diff --git a/doc/user/gitlab_duo/experiments.md b/doc/user/gitlab_duo/experiments.md index 099c15f7188..c0389c1c116 100644 --- a/doc/user/gitlab_duo/experiments.md +++ b/doc/user/gitlab_duo/experiments.md @@ -44,7 +44,7 @@ is displayed. Provide feedback on this experimental feature in [issue 416833](https://gitlab.com/gitlab-org/gitlab/-/issues/416833). -## Summarize an issue with Issue description generation +## Populate an issue with Issue description generation DETAILS: **Tier:** For a limited time, Ultimate. In the future, Ultimate with [GitLab Duo Enterprise](../../subscriptions/subscription-add-ons.md). @@ -59,6 +59,7 @@ Prerequisites: - You must belong to at least one group with the [experiment and beta features setting](turn_on_off.md#turn-on-beta-and-experimental-features) enabled. - You must have permission to view the issue. +- Only available for the plain text editor. To generate an issue description: diff --git a/doc/user/gitlab_duo/index.md b/doc/user/gitlab_duo/index.md index 63379596c26..ae1c2bbe458 100644 --- a/doc/user/gitlab_duo/index.md +++ b/doc/user/gitlab_duo/index.md @@ -182,7 +182,7 @@ DETAILS: - Helps populate an issue more quickly by generating a more in-depth description, based on a short summary you provide. - LLM: Anthropic [Claude Instant 1.2](https://docs.anthropic.com/en/docs/about-claude/models#legacy-models) -- [View documentation](experiments.md#summarize-an-issue-with-issue-description-generation). +- [View documentation](experiments.md#populate-an-issue-with-issue-description-generation). ### Code review summary diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md index 3ac912b5021..b0a79127072 100644 --- a/doc/user/group/subgroups/index.md +++ b/doc/user/group/subgroups/index.md @@ -124,10 +124,7 @@ For more information, view the [permissions table](../../permissions.md#group-me > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) to display invited group members on the Members tab of the Members page in GitLab 16.10 [with a flag](../../../administration/feature_flags.md) named `webui_members_inherited_users`. Disabled by default. > - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) in GitLab 17.0. - -FLAG: -On self-managed GitLab, by default this feature is available. To hide the feature per user, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `webui_members_inherited_users`. -On GitLab.com and GitLab Dedicated, this feature is available. +> - Feature flag `webui_members_inherited_users` [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/163627) in GitLab 17.4. Members of invited groups displayed by default. When you add a member to a group, that member is also added to all subgroups of that group. The member's permissions are inherited from the group into all subgroups. diff --git a/doc/user/packages/container_registry/build_and_push_images.md b/doc/user/packages/container_registry/build_and_push_images.md index 36cc2f46b92..b925819bfc8 100644 --- a/doc/user/packages/container_registry/build_and_push_images.md +++ b/doc/user/packages/container_registry/build_and_push_images.md @@ -200,15 +200,15 @@ release-image: - docker pull $CONTAINER_TEST_IMAGE - docker tag $CONTAINER_TEST_IMAGE $CONTAINER_RELEASE_IMAGE - docker push $CONTAINER_RELEASE_IMAGE - only: - - main + rules: + - if: $CI_COMMIT_BRANCH == "main" deploy: stage: deploy script: - ./deploy.sh - only: - - main + rules: + - if: $CI_COMMIT_BRANCH == "main" environment: production ``` diff --git a/doc/user/packages/container_registry/delete_container_registry_images.md b/doc/user/packages/container_registry/delete_container_registry_images.md index fd674e47123..c0646cdb8c8 100644 --- a/doc/user/packages/container_registry/delete_container_registry_images.md +++ b/doc/user/packages/container_registry/delete_container_registry_images.md @@ -97,10 +97,10 @@ build_image: - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY - docker build -t $IMAGE_TAG . - docker push $IMAGE_TAG - only: - - branches - except: - - main + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + when: never + - if: $CI_COMMIT_BRANCH delete_image: stage: clean diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md index 6ec71757b2c..397a19f83f2 100644 --- a/doc/user/project/members/index.md +++ b/doc/user/project/members/index.md @@ -18,10 +18,7 @@ Each member gets a role, which determines what they can do in the project. > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) to display invited group members on the Members tab of the Members page in GitLab 16.10 [with a flag](../../../administration/feature_flags.md) named `webui_members_inherited_users`. Disabled by default. > - Feature flag `webui_members_inherited_users` was [enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) in GitLab 17.0. - -FLAG: -On self-managed GitLab, by default this feature is available. To hide the feature per user, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `webui_members_inherited_users`. -On GitLab.com and GitLab Dedicated, this feature is available. +> - Feature flag `webui_members_inherited_users` [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/163627) in GitLab 17.4. Members of invited groups displayed by default. Users can become members of a group or project directly or indirectly. Indirect membership can be inherited, shared, or inherited shared. diff --git a/doc/user/project/members/sharing_projects_groups.md b/doc/user/project/members/sharing_projects_groups.md index 21086393066..ca2bc369483 100644 --- a/doc/user/project/members/sharing_projects_groups.md +++ b/doc/user/project/members/sharing_projects_groups.md @@ -11,11 +11,8 @@ DETAILS: **Offering:** GitLab.com, Self-managed, GitLab Dedicated > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) to display invited group members on the Members tab of the Members page in GitLab 16.10 [with a flag](../../../administration/feature_flags.md) named `webui_members_inherited_users`. Disabled by default. -> - Feature flag `webui_members_inherited_users` [enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) in GitLab 17.0. - -FLAG: -On self-managed GitLab, by default this feature is available. To hide the feature per user, an administrator can [disable the feature flag](../../../administration/feature_flags.md) named `webui_members_inherited_users`. -On GitLab.com and GitLab Dedicated, this feature is available. +> - Feature flag `webui_members_inherited_users` was [enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/219230) in GitLab 17.0. +> - Feature flag `webui_members_inherited_users` [removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/163627) in GitLab 17.4. Members of invited groups displayed by default. You can share by invitation: diff --git a/lib/api/ci/runners.rb b/lib/api/ci/runners.rb index 789339b3765..b1955a66a09 100644 --- a/lib/api/ci/runners.rb +++ b/lib/api/ci/runners.rb @@ -21,7 +21,7 @@ module API optional :type, type: String, values: ::Ci::Runner::AVAILABLE_TYPES, desc: 'The type of runners to return' optional :paused, type: Boolean, desc: 'Whether to include only runners that are accepting or ignoring new jobs' - optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES, + optional :status, type: String, values: ::Ci::Runner::AVAILABLE_STATUSES_INCL_DEPRECATED, desc: 'The status of runners to return' optional :tag_list, type: Array[String], coerce_with: ::API::Validations::Types::CommaSeparatedToArray.coerce, desc: 'A list of runner tags', documentation: { example: "['macos', 'shell']" } @@ -48,7 +48,7 @@ module API def apply_filter(runners, params) runners = filter_runners(runners, params[:type], allowed_scopes: ::Ci::Runner::AVAILABLE_TYPES) - runners = filter_runners(runners, params[:status], allowed_scopes: ::Ci::Runner::AVAILABLE_STATUSES) + runners = filter_runners(runners, params[:status], allowed_scopes: ::Ci::Runner::AVAILABLE_STATUSES_INCL_DEPRECATED) runners = filter_runners(runners, params[:paused] ? 'paused' : 'active', allowed_scopes: %w[paused active]) if params.include?(:paused) runners = runners.with_version_prefix(params[:version_prefix]) if params[:version_prefix] runners = runners.tagged_with(params[:tag_list]) if params[:tag_list] @@ -122,7 +122,7 @@ module API end get do runners = current_user.ci_owned_runners - runners = filter_runners(runners, params[:scope], allowed_scopes: ::Ci::Runner::AVAILABLE_STATUSES) + runners = filter_runners(runners, params[:scope], allowed_scopes: ::Ci::Runner::AVAILABLE_STATUSES_INCL_DEPRECATED) runners = apply_filter(runners, params) present paginate(runners), with: Entities::Ci::Runner diff --git a/locale/gitlab.pot b/locale/gitlab.pot index 73db685ed6b..50877b4534f 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -33266,9 +33266,6 @@ msgstr "" msgid "Members|Indirect" msgstr "" -msgid "Members|Inherited" -msgstr "" - msgid "Members|Inherited from %{group}" msgstr "" diff --git a/spec/controllers/groups/group_members_controller_spec.rb b/spec/controllers/groups/group_members_controller_spec.rb index 896a9123b4d..773cf9edb47 100644 --- a/spec/controllers/groups/group_members_controller_spec.rb +++ b/spec/controllers/groups/group_members_controller_spec.rb @@ -180,25 +180,6 @@ RSpec.describe Groups::GroupMembersController, feature_category: :groups_and_pro expect(assigns(:members).map(&:user_id)).to contain_exactly(user.id, shared_group_user.id) end end - - context 'when webui_members_inherited_users is disabled' do - let_it_be(:shared_group) { create(:group) } - let_it_be(:shared_group_user) { create(:user) } - let_it_be(:group_link) { create(:group_group_link, shared_group: shared_group, shared_with_group: group) } - - before do - group.add_owner(user) - shared_group.add_owner(shared_group_user) - stub_feature_flags(webui_members_inherited_users: false) - sign_in(user) - end - - it 'lists inherited group members only' do - get :index, params: { group_id: shared_group } - - expect(assigns(:members).map(&:user_id)).to contain_exactly(shared_group_user.id) - end - end end describe 'PUT update' do diff --git a/spec/controllers/projects/jobs_controller_spec.rb b/spec/controllers/projects/jobs_controller_spec.rb index 74f53e0612e..03d0d91c6c0 100644 --- a/spec/controllers/projects/jobs_controller_spec.rb +++ b/spec/controllers/projects/jobs_controller_spec.rb @@ -425,7 +425,7 @@ RSpec.describe Projects::JobsController, :clean_gitlab_redis_shared_state, featu end context 'when no runners are available' do - let(:runner) { create(:ci_runner, :instance, active: false) } + let(:runner) { create(:ci_runner, :instance, :paused) } let(:job) { create(:ci_build, :pending, pipeline: pipeline, runner: runner) } it 'exposes needed information' do diff --git a/spec/controllers/projects/project_members_controller_spec.rb b/spec/controllers/projects/project_members_controller_spec.rb index 33cae4e6670..5b0c2d5c707 100644 --- a/spec/controllers/projects/project_members_controller_spec.rb +++ b/spec/controllers/projects/project_members_controller_spec.rb @@ -107,18 +107,6 @@ RSpec.describe Projects::ProjectMembersController, feature_category: :groups_and shared_examples 'users are invited through groups' do let_it_be(:invited_group_member) { create(:user) } - context 'when webui_members_inherited_users is disabled' do - before do - stub_feature_flags(webui_members_inherited_users: false) - end - - it 'lists only direct members' do - get :index, params: { namespace_id: project.namespace, project_id: project } - - expect(assigns(:project_members).map(&:user_id)).not_to include(invited_group_member.id) - end - end - it 'lists invited group members by default' do get :index, params: { namespace_id: project.namespace, project_id: project } diff --git a/spec/factories/ci/runners.rb b/spec/factories/ci/runners.rb index b32f92f68fb..f732af596b6 100644 --- a/spec/factories/ci/runners.rb +++ b/spec/factories/ci/runners.rb @@ -104,7 +104,7 @@ FactoryBot.define do end end - trait :inactive do + trait :paused do active { false } end diff --git a/spec/features/admin/admin_runners_spec.rb b/spec/features/admin/admin_runners_spec.rb index 34748c5b69b..6b8729c03b2 100644 --- a/spec/features/admin/admin_runners_spec.rb +++ b/spec/features/admin/admin_runners_spec.rb @@ -156,7 +156,7 @@ RSpec.describe "Admin Runners", :freeze_time, feature_category: :fleet_visibilit describe 'filter by paused' do before_all do create(:ci_runner, :instance, description: 'runner-active') - create(:ci_runner, :instance, description: 'runner-paused', active: false) + create(:ci_runner, :instance, :paused, description: 'runner-paused') end before do @@ -397,7 +397,7 @@ RSpec.describe "Admin Runners", :freeze_time, feature_category: :fleet_visibilit end it 'maintains the same filter when switching between runner types' do - create(:ci_runner, :project, description: 'runner-paused-project', active: false, projects: [project]) + create(:ci_runner, :project, :paused, description: 'runner-paused-project', projects: [project]) visit admin_runners_path diff --git a/spec/features/groups/members/filter_members_spec.rb b/spec/features/groups/members/filter_members_spec.rb index 6bf0f2254bb..9002c7ba648 100644 --- a/spec/features/groups/members/filter_members_spec.rb +++ b/spec/features/groups/members/filter_members_spec.rb @@ -80,23 +80,6 @@ RSpec.describe 'Groups > Members > Filter members', :js, feature_category: :grou end end - context 'when the `webui_members_inherited_users` feature flag is disabled' do - before do - stub_feature_flags(webui_members_inherited_users: false) - end - - it 'shows only inherited members' do - visit_members_list(nested_group, with_inherited_permissions: 'only') - expect(member(0)).to include(user.name) - expect(member(1)).to include(user_with_2fa.name) - expect(all_rows.size).to eq(2) - - within filtered_search_bar_selector do - expect(page).to have_content 'Membership = Inherited' - end - end - end - def visit_members_list(group, options = {}) visit group_group_members_path(group.to_param, options) end diff --git a/spec/features/projects/jobs_spec.rb b/spec/features/projects/jobs_spec.rb index 7a45ddce3d7..6e843653f53 100644 --- a/spec/features/projects/jobs_spec.rb +++ b/spec/features/projects/jobs_spec.rb @@ -928,7 +928,7 @@ RSpec.describe 'Jobs', :clean_gitlab_redis_shared_state, feature_category: :grou end context 'without active runners available' do - let(:runner) { create(:ci_runner, :instance, active: false) } + let(:runner) { create(:ci_runner, :instance, :paused) } let(:job) { create(:ci_build, :pending, pipeline: pipeline, runner: runner) } it 'renders message about job being stuck because no runners are active' do @@ -938,7 +938,7 @@ RSpec.describe 'Jobs', :clean_gitlab_redis_shared_state, feature_category: :grou end context 'when available runners can not run specified tag' do - let(:runner) { create(:ci_runner, :instance, active: false) } + let(:runner) { create(:ci_runner, :instance, :paused) } let(:job) { create(:ci_build, :pending, pipeline: pipeline, runner: runner, tag_list: %w[docker linux]) } it 'renders message about job being stuck because of no runners with the specified tags' do @@ -950,7 +950,7 @@ RSpec.describe 'Jobs', :clean_gitlab_redis_shared_state, feature_category: :grou end context 'when runners are offline and build has tags' do - let(:runner) { create(:ci_runner, :instance, active: true) } + let(:runner) { create(:ci_runner, :instance) } let(:job) { create(:ci_build, :pending, pipeline: pipeline, runner: runner, tag_list: %w[docker linux]) } it 'renders message about job being stuck because of no runners with the specified tags' do @@ -971,7 +971,7 @@ RSpec.describe 'Jobs', :clean_gitlab_redis_shared_state, feature_category: :grou end context 'without available runners online' do - let(:runner) { create(:ci_runner, :instance, active: true) } + let(:runner) { create(:ci_runner, :instance) } let(:job) { create(:ci_build, :pending, pipeline: pipeline, runner: runner) } it 'renders message about job being stuck because runners are offline' do diff --git a/spec/features/users/overview_spec.rb b/spec/features/users/overview_spec.rb index b819e26f665..97dff26a0b9 100644 --- a/spec/features/users/overview_spec.rb +++ b/spec/features/users/overview_spec.rb @@ -147,7 +147,7 @@ RSpec.describe 'Overview tab on a user profile', :js, feature_category: :user_pr it 'shows an empty followers list with an info message' do page.within('#js-legacy-tabs-container') do expect(page).to have_content('You do not have any followers') - expect(page).not_to have_selector('.gl-card.gl-mb-5') + expect(page).not_to have_selector('.gl-card') expect(page).not_to have_selector('.gl-pagination') end end @@ -165,7 +165,7 @@ RSpec.describe 'Overview tab on a user profile', :js, feature_category: :user_pr it 'shows followers' do page.within('#js-legacy-tabs-container') do expect(page).to have_content(follower.name) - expect(page).to have_selector('.gl-card.gl-mb-5') + expect(page).to have_selector('.gl-card') expect(page).not_to have_selector('.gl-pagination') end end @@ -190,7 +190,7 @@ RSpec.describe 'Overview tab on a user profile', :js, feature_category: :user_pr expect(page).to have_content(follower.name) end - expect(page).to have_selector('.gl-card.gl-mb-5') + expect(page).to have_selector('.gl-card') expect(page).to have_selector('.gl-pagination') expect(page).to have_selector('.gl-pagination .js-pagination-page', count: 2) end @@ -208,7 +208,7 @@ RSpec.describe 'Overview tab on a user profile', :js, feature_category: :user_pr it 'shows an empty following list with an info message' do page.within('#js-legacy-tabs-container') do expect(page).to have_content('You are not following other users') - expect(page).not_to have_selector('.gl-card.gl-mb-5') + expect(page).not_to have_selector('.gl-card') expect(page).not_to have_selector('.gl-pagination') end end @@ -226,7 +226,7 @@ RSpec.describe 'Overview tab on a user profile', :js, feature_category: :user_pr it 'shows following user' do page.within('#js-legacy-tabs-container') do expect(page).to have_content(followee.name) - expect(page).to have_selector('.gl-card.gl-mb-5') + expect(page).to have_selector('.gl-card') expect(page).not_to have_selector('.gl-pagination') end end @@ -251,7 +251,7 @@ RSpec.describe 'Overview tab on a user profile', :js, feature_category: :user_pr expect(page).to have_content(followee.name) end - expect(page).to have_selector('.gl-card.gl-mb-5') + expect(page).to have_selector('.gl-card') expect(page).to have_selector('.gl-pagination') expect(page).to have_selector('.gl-pagination .js-pagination-page', count: 2) end diff --git a/spec/finders/ci/runners_finder_spec.rb b/spec/finders/ci/runners_finder_spec.rb index f0df2fd3d5a..996e76ebfe7 100644 --- a/spec/finders/ci/runners_finder_spec.rb +++ b/spec/finders/ci/runners_finder_spec.rb @@ -9,8 +9,8 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do describe '#execute' do shared_examples 'executes as admin' do context 'with 2 runners' do - let_it_be(:runner1) { create(:ci_runner, active: true) } - let_it_be(:runner2) { create(:ci_runner, active: false) } + let_it_be(:runner1) { create(:ci_runner) } + let_it_be(:runner2) { create(:ci_runner, :paused) } context 'with empty params' do it 'returns all runners' do @@ -112,7 +112,7 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do end context 'by status' do - Ci::Runner::AVAILABLE_STATUSES.each do |status| + Ci::Runner::AVAILABLE_STATUSES_INCL_DEPRECATED.each do |status| it "calls the corresponding :#{status} scope on Ci::Runner" do expect(Ci::Runner).to receive(:with_status).with(status).and_call_original @@ -264,8 +264,8 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do shared_examples 'executes as normal user' do it 'raises Gitlab::Access::AccessDeniedError' do user = create :user - create :ci_runner, active: true - create :ci_runner, active: false + create :ci_runner + create :ci_runner, :paused expect do described_class.new(current_user: user, params: {}).execute @@ -294,8 +294,8 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do context 'when user is nil' do it 'raises Gitlab::Access::AccessDeniedError' do user = nil - create :ci_runner, active: true - create :ci_runner, active: false + create :ci_runner + create :ci_runner, :paused expect do described_class.new(current_user: user, params: {}).execute @@ -320,7 +320,7 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do let_it_be(:project_6) { create(:project, group: sub_group_4) } let_it_be(:runner_instance) { create(:ci_runner, :instance, contacted_at: 13.minutes.ago) } let_it_be(:runner_group) { create(:ci_runner, :group, contacted_at: 12.minutes.ago, groups: [group]) } - let_it_be(:runner_sub_group_1) { create(:ci_runner, :group, :inactive, contacted_at: 11.minutes.ago, groups: [sub_group_1]) } + let_it_be(:runner_sub_group_1) { create(:ci_runner, :group, :paused, contacted_at: 11.minutes.ago, groups: [sub_group_1]) } let_it_be(:runner_sub_group_2) { create(:ci_runner, :group, contacted_at: 10.minutes.ago, groups: [sub_group_2]) } let_it_be(:runner_sub_group_3) { create(:ci_runner, :group, contacted_at: 9.minutes.ago, groups: [sub_group_3]) } let_it_be(:runner_sub_group_4) { create(:ci_runner, :group, contacted_at: 8.minutes.ago, groups: [sub_group_4]) } @@ -616,12 +616,12 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do end context 'filtering' do - let_it_be(:runner_instance_inactive) { create(:ci_runner, :instance, active: false, contacted_at: 13.minutes.ago) } - let_it_be(:runner_instance_active) { create(:ci_runner, :instance, active: true, contacted_at: 13.minutes.ago) } - let_it_be(:runner_project_active) { create(:ci_runner, :project, contacted_at: 5.minutes.ago, active: true, projects: [project]) } - let_it_be(:runner_project_inactive) { create(:ci_runner, :project, contacted_at: 5.minutes.ago, active: false, projects: [project]) } - let_it_be(:runner_other_project_inactive) { create(:ci_runner, :project, contacted_at: 5.minutes.ago, active: false, projects: [other_project]) } - let_it_be(:runner_manager) { create(:ci_runner_machine, runner: runner_instance_inactive, version: '15.10.0') } + let_it_be(:runner_instance_paused) { create(:ci_runner, :instance, :paused, contacted_at: 13.minutes.ago) } + let_it_be(:runner_instance_active) { create(:ci_runner, :instance, contacted_at: 13.minutes.ago) } + let_it_be(:runner_project_active) { create(:ci_runner, :project, contacted_at: 5.minutes.ago, projects: [project]) } + let_it_be(:runner_project_paused) { create(:ci_runner, :project, :paused, contacted_at: 5.minutes.ago, projects: [project]) } + let_it_be(:runner_other_project_paused) { create(:ci_runner, :project, :paused, contacted_at: 5.minutes.ago, projects: [other_project]) } + let_it_be(:runner_manager) { create(:ci_runner_machine, runner: runner_instance_paused, version: '15.10.0') } context 'by search term' do let_it_be(:runner_project_1) { create(:ci_runner, :project, contacted_at: 5.minutes.ago, description: 'runner_project_search', projects: [project]) } @@ -639,7 +639,7 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do let(:extra_params) { { active: false } } it 'returns the correct runners' do - expect(subject).to match_array([runner_instance_inactive, runner_project_inactive]) + expect(subject).to match_array([runner_instance_paused, runner_project_paused]) end end @@ -647,7 +647,7 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do let(:extra_params) { { status_status: 'paused' } } it 'returns correct runner' do - expect(subject).to match_array([runner_instance_inactive, runner_project_inactive]) + expect(subject).to match_array([runner_instance_paused, runner_project_paused]) end end @@ -667,7 +667,7 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do let(:extra_params) { { type_type: 'project_type' } } it 'returns correct runners' do - expect(subject).to match_array([runner_project_active, runner_project_inactive]) + expect(subject).to match_array([runner_project_active, runner_project_paused]) end end @@ -686,7 +686,7 @@ RSpec.describe Ci::RunnersFinder, feature_category: :fleet_visibility do let(:extra_params) { { version_prefix: '15.' } } it 'returns correct runners' do - is_expected.to contain_exactly(runner_instance_inactive) + is_expected.to contain_exactly(runner_instance_paused) end end end diff --git a/spec/finders/group_members_finder_spec.rb b/spec/finders/group_members_finder_spec.rb index fad98dbcf3e..d801315fb69 100644 --- a/spec/finders/group_members_finder_spec.rb +++ b/spec/finders/group_members_finder_spec.rb @@ -111,19 +111,6 @@ RSpec.describe GroupMembersFinder, '#execute', feature_category: :groups_and_pro expect(result.to_a).to match_array(expected_members) end end - - context 'when webui_members_inherited_users feature flag is disabled' do - before do - stub_feature_flags(webui_members_inherited_users: false) - end - - it 'does not return private invited group members' do - result = described_class.new(groups[subject_group], user6).execute(include_relations: subject_relations) - - expected_members = visible_members.map { |name| members[name] } - expect(result.to_a).to match_array(expected_members) - end - end end it 'returns the correct access level of the members shared through group sharing' do diff --git a/spec/finders/members_finder_spec.rb b/spec/finders/members_finder_spec.rb index 4c63e6bf807..ed7fef64d84 100644 --- a/spec/finders/members_finder_spec.rb +++ b/spec/finders/members_finder_spec.rb @@ -256,16 +256,6 @@ RSpec.describe MembersFinder, feature_category: :groups_and_projects do it 'includes members from invited groups not visible to the user' do expect(members).to contain_exactly(linked_group_member, private_linked_group_member, project_member) end - - context 'when webui_members_inherited_users feature flag is disabled' do - before do - stub_feature_flags(webui_members_inherited_users: false) - end - - it 'excludes members from invited groups not visible to the user' do - expect(members).to contain_exactly(linked_group_member, project_member) - end - end end context 'when the user is a member of invited group and ancestor groups' do diff --git a/spec/graphql/mutations/ci/runner/update_spec.rb b/spec/graphql/mutations/ci/runner/update_spec.rb index 440178cd7ce..8af0ff905c5 100644 --- a/spec/graphql/mutations/ci/runner/update_spec.rb +++ b/spec/graphql/mutations/ci/runner/update_spec.rb @@ -10,7 +10,7 @@ RSpec.describe Mutations::Ci::Runner::Update, feature_category: :runner do let_it_be(:project2) { create(:project, organization: project1.organization) } let(:runner) do - create(:ci_runner, :project, projects: [project1, project2], active: true, locked: false, run_untagged: true) + create(:ci_runner, :project, projects: [project1, project2], locked: false, run_untagged: true) end let(:current_ctx) { { current_user: user } } diff --git a/spec/graphql/mutations/clusters/agent_url_configurations/create_spec.rb b/spec/graphql/mutations/clusters/agent_url_configurations/create_spec.rb new file mode 100644 index 00000000000..28e7406b715 --- /dev/null +++ b/spec/graphql/mutations/clusters/agent_url_configurations/create_spec.rb @@ -0,0 +1,112 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Mutations::Clusters::AgentUrlConfigurations::Create, feature_category: :deployment_management do + include GraphqlHelpers + + let_it_be(:cluster_agent) { create(:cluster_agent) } + let_it_be(:current_user) { create(:user) } + + subject(:mutation) { described_class.new(object: nil, context: query_context, field: nil) } + + specify { expect(described_class).to require_graphql_authorizations(:create_cluster) } + + describe '#resolve' do + let(:url) { 'grpcs://localhost:1111' } + + subject(:mutate) { mutation.resolve(cluster_agent_id: cluster_agent.to_global_id, url: url) } + + context 'when receptive agents are enabled' do + before do + stub_application_setting(receptive_cluster_agents_enabled: true) + end + + context 'without permissions' do + it 'raises an error if the resource is not accessible to the user' do + expect { mutate }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable) + end + end + + context 'with user permissions' do + before do + cluster_agent.project.add_maintainer(current_user) + end + + context 'when using JWT auth' do + it 'creates a new URL configuration', :aggregate_failures do + expect { mutate }.to change { ::Clusters::Agents::UrlConfiguration.count }.by(1) + expect(mutate[:errors]).to eq([]) + expect(mutate[:url_configuration].url).to eq(url) + expect(mutate[:url_configuration].public_key).to be_truthy + end + end + + context 'when using mTLS auth' do + let(:client_cert) { File.read(Rails.root.join('spec/fixtures/clusters/sample_cert.pem')) } + let(:client_key) { File.read(Rails.root.join('spec/fixtures/clusters/sample_key.key')) } + + subject(:mutate) do + mutation.resolve( + cluster_agent_id: cluster_agent.to_global_id, + url: url, + client_cert: Base64.encode64(client_cert), + client_key: Base64.encode64(client_key) + ) + end + + it 'creates a new URL configuration', :aggregate_failures do + expect { mutate }.to change { ::Clusters::Agents::UrlConfiguration.count }.by(1) + expect(mutate[:errors]).to eq([]) + expect(mutate[:url_configuration].url).to eq(url) + expect(mutate[:url_configuration].client_cert).to eq(client_cert) + end + end + + context 'when configuring CA cert and tls host' do + let(:ca_cert) { File.read(Rails.root.join('spec/fixtures/clusters/sample_cert.pem')) } + let(:tls_host) { 'gitlab.example.com' } + + subject(:mutate) do + mutation.resolve( + cluster_agent_id: cluster_agent.to_global_id, + url: url, + ca_cert: Base64.encode64(ca_cert), + tls_host: tls_host + ) + end + + it 'creates a new URL configuration', :aggregate_failures do + expect { mutate }.to change { ::Clusters::Agents::UrlConfiguration.count }.by(1) + expect(mutate[:errors]).to eq([]) + expect(mutate[:url_configuration].ca_cert).to eq(ca_cert) + expect(mutate[:url_configuration].tls_host).to eq(tls_host) + end + end + + context 'when the agent URL configuration limit is reached' do + before do + create(:cluster_agent_url_configuration, agent: cluster_agent) + end + + it 'raises an error' do + expect { mutate }.not_to change { ::Clusters::Agents::UrlConfiguration.count } + expect(mutate[:errors]).to eq(["URL configuration already exists for this agent"]) + end + end + end + end + + context 'when receptive agents are disabled' do + before do + stub_application_setting(receptive_cluster_agents_enabled: false) + cluster_agent.project.add_maintainer(current_user) + end + + it 'raises an error' do + expect { mutate }.not_to change { ::Clusters::Agents::UrlConfiguration.count } + expect(mutate[:errors]).to eq(["Receptive agents are disabled for this GitLab instance"]) + end + end + end +end diff --git a/spec/graphql/mutations/clusters/agent_url_configurations/delete_spec.rb b/spec/graphql/mutations/clusters/agent_url_configurations/delete_spec.rb new file mode 100644 index 00000000000..03f9e37374e --- /dev/null +++ b/spec/graphql/mutations/clusters/agent_url_configurations/delete_spec.rb @@ -0,0 +1,64 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Mutations::Clusters::AgentUrlConfigurations::Delete, feature_category: :deployment_management do + include GraphqlHelpers + + let_it_be(:url_configuration) { create(:cluster_agent_url_configuration) } + let_it_be(:current_user) { create(:user) } + + let(:mutation) do + described_class.new( + object: double, + context: query_context, + field: double + ) + end + + it { expect(described_class.graphql_name).to eq('ClusterAgentUrlConfigurationDelete') } + it { expect(described_class).to require_graphql_authorizations(:admin_cluster) } + + describe '#resolve' do + let(:global_id) { url_configuration.to_global_id } + + subject(:mutate) { mutation.resolve(id: global_id) } + + context 'when receptive agents are enabled' do + before do + stub_application_setting(receptive_cluster_agents_enabled: true) + end + + context 'when user does not have permission' do + it 'does not delete the URL configuration' do + expect { mutate }.to raise_error(Gitlab::Graphql::Errors::ResourceNotAvailable) + expect { url_configuration.reload }.not_to raise_error + end + end + + context 'when user has permission' do + before do + url_configuration.agent.project.add_maintainer(current_user) + end + + it 'deletes the URL configuration' do + expect { mutate }.to change { ::Clusters::Agents::UrlConfiguration.count }.by(-1) + expect { url_configuration.reload }.to raise_error(ActiveRecord::RecordNotFound) + end + end + end + + context 'when receptive agents are disabled' do + before do + stub_application_setting(receptive_cluster_agents_enabled: false) + url_configuration.agent.project.add_maintainer(current_user) + end + + it 'raises an error' do + expect { mutate }.not_to change { ::Clusters::Agents::UrlConfiguration.count } + expect { url_configuration.reload }.not_to raise_error + expect(mutate[:errors]).to eq(["Receptive agents are disabled for this GitLab instance"]) + end + end + end +end diff --git a/spec/graphql/resolvers/ci/group_runners_resolver_spec.rb b/spec/graphql/resolvers/ci/group_runners_resolver_spec.rb index d1726c8da6c..277d2b22095 100644 --- a/spec/graphql/resolvers/ci/group_runners_resolver_spec.rb +++ b/spec/graphql/resolvers/ci/group_runners_resolver_spec.rb @@ -73,7 +73,7 @@ RSpec.describe Resolvers::Ci::GroupRunnersResolver, feature_category: :fleet_vis let(:finder) { instance_double(::Ci::RunnersFinder) } let(:args) do { - status: 'active', + status: 'online', type: :group_type, tag_list: ['active_runner'], search: 'abc', @@ -84,7 +84,7 @@ RSpec.describe Resolvers::Ci::GroupRunnersResolver, feature_category: :fleet_vis let(:expected_params) do { - status_status: 'active', + status_status: 'online', type_type: :group_type, tag_name: ['active_runner'], preload: {}, diff --git a/spec/graphql/resolvers/ci/project_runners_resolver_spec.rb b/spec/graphql/resolvers/ci/project_runners_resolver_spec.rb index 59ba7d4200c..4698a6be6b9 100644 --- a/spec/graphql/resolvers/ci/project_runners_resolver_spec.rb +++ b/spec/graphql/resolvers/ci/project_runners_resolver_spec.rb @@ -61,7 +61,7 @@ RSpec.describe Resolvers::Ci::ProjectRunnersResolver, feature_category: :fleet_v let(:finder) { instance_double(::Ci::RunnersFinder) } let(:args) do { - status: 'active', + status: 'online', type: :group_type, tag_list: ['active_runner'], search: 'abc', @@ -71,7 +71,7 @@ RSpec.describe Resolvers::Ci::ProjectRunnersResolver, feature_category: :fleet_v let(:expected_params) do { - status_status: 'active', + status_status: 'online', type_type: :group_type, tag_name: ['active_runner'], preload: {}, diff --git a/spec/graphql/resolvers/ci/runners_resolver_spec.rb b/spec/graphql/resolvers/ci/runners_resolver_spec.rb index f59b0ccf8b0..f594ecea8e7 100644 --- a/spec/graphql/resolvers/ci/runners_resolver_spec.rb +++ b/spec/graphql/resolvers/ci/runners_resolver_spec.rb @@ -80,7 +80,7 @@ RSpec.describe Resolvers::Ci::RunnersResolver, feature_category: :fleet_visibili let(:args) do { active: true, - status: 'active', + status: 'offline', upgrade_status: 'recommended', type: :instance_type, tag_list: ['active_runner'], @@ -95,7 +95,7 @@ RSpec.describe Resolvers::Ci::RunnersResolver, feature_category: :fleet_visibili let(:expected_params) do { active: true, - status_status: 'active', + status_status: 'offline', upgrade_status: 'recommended', type_type: :instance_type, tag_name: ['active_runner'], diff --git a/spec/graphql/resolvers/clusters/agents_resolver_spec.rb b/spec/graphql/resolvers/clusters/agents_resolver_spec.rb index c7eceffa1dd..531a00880d4 100644 --- a/spec/graphql/resolvers/clusters/agents_resolver_spec.rb +++ b/spec/graphql/resolvers/clusters/agents_resolver_spec.rb @@ -2,7 +2,7 @@ require 'spec_helper' -RSpec.describe Resolvers::Clusters::AgentsResolver do +RSpec.describe Resolvers::Clusters::AgentsResolver, feature_category: :deployment_management do include GraphqlHelpers specify do @@ -49,7 +49,7 @@ RSpec.describe Resolvers::Clusters::AgentsResolver do end end -RSpec.describe Resolvers::Clusters::AgentsResolver.single do +RSpec.describe Resolvers::Clusters::AgentsResolver.single, feature_category: :deployment_management do it { expect(described_class).to be < Resolvers::Clusters::AgentsResolver } it { expect(described_class.type).to eq(::Types::Clusters::AgentType) } diff --git a/spec/graphql/types/clusters/agent_type_spec.rb b/spec/graphql/types/clusters/agent_type_spec.rb index ae4722d39ac..6f50d509972 100644 --- a/spec/graphql/types/clusters/agent_type_spec.rb +++ b/spec/graphql/types/clusters/agent_type_spec.rb @@ -2,10 +2,10 @@ require 'spec_helper' -RSpec.describe GitlabSchema.types['ClusterAgent'] do +RSpec.describe GitlabSchema.types['ClusterAgent'], feature_category: :deployment_management do let(:fields) do %i[created_at created_by_user id name project updated_at tokens web_path connections activity_events - user_access_authorizations] + user_access_authorizations is_receptive url_configurations] end it { expect(described_class.graphql_name).to eq('ClusterAgent') } diff --git a/spec/graphql/types/clusters/agent_url_configuration_type_spec.rb b/spec/graphql/types/clusters/agent_url_configuration_type_spec.rb new file mode 100644 index 00000000000..b82cd21032a --- /dev/null +++ b/spec/graphql/types/clusters/agent_url_configuration_type_spec.rb @@ -0,0 +1,30 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe GitlabSchema.types['ClusterAgentUrlConfiguration'], feature_category: :deployment_management do + include GraphqlHelpers + + let(:fields) { %i[cluster_agent id url ca_cert tls_host public_key client_cert] } + + it { expect(described_class.graphql_name).to eq('ClusterAgentUrlConfiguration') } + + it { expect(described_class).to require_graphql_authorizations(:read_cluster_agent) } + + it { expect(described_class).to have_graphql_fields(fields) } + + describe '#cluster_agent' do + let(:cluster_agent) { create(:cluster_agent) } + let(:current_user) { create(:user, maintainer_of: cluster_agent.project) } + let(:url_configuration) { create(:cluster_agent_url_configuration, agent: cluster_agent) } + + subject do + resolve_field(:cluster_agent, url_configuration, current_user: current_user, object_type: described_class) + .value + end + + it 'returns the cluster agent' do + is_expected.to eq(cluster_agent) + end + end +end diff --git a/spec/models/ci/build_spec.rb b/spec/models/ci/build_spec.rb index 8bdcdac8880..ea035b99b04 100644 --- a/spec/models/ci/build_spec.rb +++ b/spec/models/ci/build_spec.rb @@ -905,8 +905,8 @@ RSpec.describe Ci::Build, feature_category: :continuous_integration, factory_def it { is_expected.to be_truthy } end - context 'that is inactive' do - let(:runner_traits) { [:online, :inactive] } + context 'that is paused' do + let(:runner_traits) { [:online, :paused] } it { is_expected.to be_falsey } end diff --git a/spec/models/ci/runner_spec.rb b/spec/models/ci/runner_spec.rb index c17adb45c03..041b30399ff 100644 --- a/spec/models/ci/runner_spec.rb +++ b/spec/models/ci/runner_spec.rb @@ -510,14 +510,14 @@ RSpec.describe Ci::Runner, type: :model, feature_category: :runner do describe '.active' do subject { described_class.active(active_value) } - let_it_be(:runner1) { create(:ci_runner, :instance, active: false) } + let_it_be(:runner1) { create(:ci_runner, :instance, :paused) } let_it_be(:runner2) { create(:ci_runner, :instance) } context 'with active_value set to false' do let(:active_value) { false } - it 'returns inactive runners' do - is_expected.to match_array([runner1]) + it 'returns paused runners' do + is_expected.to contain_exactly(runner1) end end @@ -525,7 +525,7 @@ RSpec.describe Ci::Runner, type: :model, feature_category: :runner do let(:active_value) { true } it 'returns active runners' do - is_expected.to match_array([runner2]) + is_expected.to contain_exactly(runner2) end end end @@ -533,10 +533,10 @@ RSpec.describe Ci::Runner, type: :model, feature_category: :runner do describe '.paused' do subject(:paused) { described_class.paused } - let!(:runner1) { create(:ci_runner, :instance, active: false) } + let!(:runner1) { create(:ci_runner, :instance, :paused) } let!(:runner2) { create(:ci_runner, :instance) } - it 'returns inactive runners' do + it 'returns paused runners' do expect(described_class).to receive(:active).with(false).and_call_original expect(paused).to contain_exactly(runner1) @@ -880,8 +880,8 @@ RSpec.describe Ci::Runner, type: :model, feature_category: :runner do end end - context 'inactive but online' do - let(:runner) { build(:ci_runner, :inactive, :online) } + context 'paused but online' do + let(:runner) { build(:ci_runner, :paused, :online) } it { is_expected.to eq(:online) } end @@ -926,8 +926,8 @@ RSpec.describe Ci::Runner, type: :model, feature_category: :runner do it { is_expected.to eq(:stale) } end - context 'inactive' do - let(:runner) { build(:ci_runner, :inactive, :online) } + context 'paused' do + let(:runner) { build(:ci_runner, :paused, :online) } it { is_expected.to eq(:paused) } end @@ -1884,13 +1884,13 @@ RSpec.describe Ci::Runner, type: :model, feature_category: :runner do subject { described_class.active(false).with_upgrade_status(:available) } before do - create(:ci_runner_machine, runner: inactive_runner_14_0_0, version: '14.0.0') + create(:ci_runner_machine, runner: paused_runner_14_0_0, version: '14.0.0') end - let(:inactive_runner_14_0_0) { create(:ci_runner, active: false) } + let(:paused_runner_14_0_0) { create(:ci_runner, :paused) } it 'returns runner matching the composed scope' do - is_expected.to contain_exactly(inactive_runner_14_0_0) + is_expected.to contain_exactly(paused_runner_14_0_0) end end end diff --git a/spec/models/members/members/invited_private_group_accessibility_assigner_spec.rb b/spec/models/members/members/invited_private_group_accessibility_assigner_spec.rb index ef32c8fbb19..1d22d50aa36 100644 --- a/spec/models/members/members/invited_private_group_accessibility_assigner_spec.rb +++ b/spec/models/members/members/invited_private_group_accessibility_assigner_spec.rb @@ -29,15 +29,8 @@ RSpec.describe Members::InvitedPrivateGroupAccessibilityAssigner, feature_catego let(:source) { create(source_type, source_visibility) } let(:direct_member) { source.add_developer(member_user) } let(:members) { [direct_member] } + it_behaves_like 'sets is_source_accessible_to_current_user to true for all members' - - context 'with webui_members_inherited_users feature flag disabled' do - before do - stub_feature_flags(webui_members_inherited_users: false) - end - - it_behaves_like 'sets is_source_accessible_to_current_user to true for all members' - end end end @@ -51,14 +44,6 @@ RSpec.describe Members::InvitedPrivateGroupAccessibilityAssigner, feature_catego let(:members) { [inherited_member] } it_behaves_like 'sets is_source_accessible_to_current_user to true for all members' - - context 'with webui_members_inherited_users feature flag disabled' do - before do - stub_feature_flags(webui_members_inherited_users: false) - end - - it_behaves_like 'sets is_source_accessible_to_current_user to true for all members' - end end end @@ -79,14 +64,6 @@ RSpec.describe Members::InvitedPrivateGroupAccessibilityAssigner, feature_catego expect(members.first.is_source_accessible_to_current_user).to eq(can_see_invited_members_source?) end - context 'with webui_members_inherited_users feature flag disabled' do - before do - stub_feature_flags(webui_members_inherited_users: false) - end - - it_behaves_like 'sets is_source_accessible_to_current_user to true for all members' - end - context 'with multiple members belonging to the same source' do it 'avoid N+1 queries' do assigner # Initialize objects in let blocks diff --git a/spec/policies/clusters/agents/url_configuration_policy_spec.rb b/spec/policies/clusters/agents/url_configuration_policy_spec.rb new file mode 100644 index 00000000000..dde6728ee60 --- /dev/null +++ b/spec/policies/clusters/agents/url_configuration_policy_spec.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Clusters::Agents::UrlConfigurationPolicy, feature_category: :deployment_management do + let_it_be(:url_configuration) { create(:cluster_agent_url_configuration) } + + let(:user) { create(:user) } + let(:policy) { described_class.new(user, url_configuration) } + let(:project) { url_configuration.agent.project } + + describe 'rules' do + context 'when reporter' do + before do + project.add_reporter(user) + end + + it { expect(policy).to be_disallowed :admin_cluster } + it { expect(policy).to be_disallowed :create_cluster } + it { expect(policy).to be_disallowed :read_cluster } + end + + context 'when developer' do + before do + project.add_developer(user) + end + + it { expect(policy).to be_disallowed :admin_cluster } + it { expect(policy).to be_disallowed :create_cluster } + it { expect(policy).to be_allowed :read_cluster } + end + + context 'when maintainer' do + before do + project.add_maintainer(user) + end + + it { expect(policy).to be_allowed :admin_cluster } + it { expect(policy).to be_allowed :create_cluster } + it { expect(policy).to be_allowed :read_cluster } + end + end +end diff --git a/spec/requests/api/ci/runner/jobs_request_post_spec.rb b/spec/requests/api/ci/runner/jobs_request_post_spec.rb index db9e04efb72..a5a9ebff97b 100644 --- a/spec/requests/api/ci/runner/jobs_request_post_spec.rb +++ b/spec/requests/api/ci/runner/jobs_request_post_spec.rb @@ -123,7 +123,7 @@ RSpec.describe API::Ci::Runner, :clean_gitlab_redis_shared_state, feature_catego end context 'when valid token is provided' do - context 'when Runner is not active' do + context 'when runner is paused' do let(:runner) { create(:ci_runner, :inactive) } let(:update_value) { runner.ensure_runner_queue_value } diff --git a/spec/requests/api/ci/runners_spec.rb b/spec/requests/api/ci/runners_spec.rb index 9081008b6de..800075422c8 100644 --- a/spec/requests/api/ci/runners_spec.rb +++ b/spec/requests/api/ci/runners_spec.rb @@ -96,7 +96,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v let(:query) { { scope: :paused } } before_all do - create(:ci_runner, :project, :inactive, description: 'Inactive project runner', projects: [project]) + create(:ci_runner, :project, :paused, description: 'Paused project runner', projects: [project]) end it 'filters runners by scope' do @@ -106,7 +106,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v expect(response).to include_pagination_headers expect(json_response).to match_array [ - a_hash_including('description' => 'Inactive project runner') + a_hash_including('description' => 'Paused project runner') ] end @@ -148,9 +148,9 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v end end - context 'with an inactive runner' do + context 'with a paused runner' do let_it_be(:runner) do - create(:ci_runner, :project, :inactive, description: 'Inactive project runner', projects: [project]) + create(:ci_runner, :project, :paused, description: 'Paused project runner', projects: [project]) end context 'when filtering by paused' do @@ -159,7 +159,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v it 'filters runners by paused state' do perform_request - expect(json_response).to contain_exactly(a_hash_including('description' => 'Inactive project runner')) + expect(json_response).to contain_exactly(a_hash_including('description' => 'Paused project runner')) end end @@ -169,7 +169,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v it 'filters runners by status' do perform_request - expect(json_response).to contain_exactly(a_hash_including('description' => 'Inactive project runner')) + expect(json_response).to contain_exactly(a_hash_including('description' => 'Paused project runner')) end end @@ -386,8 +386,8 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v end end - context 'with an inactive runner' do - let_it_be(:runner) { create(:ci_runner, :project, :inactive, description: 'Inactive project runner', projects: [project]) } + context 'with an paused runner' do + let_it_be(:runner) { create(:ci_runner, :project, :paused, description: 'Paused project runner', projects: [project]) } context 'when filtering runners by paused status' do let(:query) { { paused: true } } @@ -395,7 +395,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v it 'filters runners by status' do perform_request - expect(json_response).to contain_exactly(a_hash_including('description' => 'Inactive project runner')) + expect(json_response).to contain_exactly(a_hash_including('description' => 'Paused project runner')) end end @@ -405,7 +405,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v it 'filters runners by status' do perform_request - expect(json_response).to contain_exactly(a_hash_including('description' => 'Inactive project runner')) + expect(json_response).to contain_exactly(a_hash_including('description' => 'Paused project runner')) end context 'and status is invalid' do @@ -1978,8 +1978,8 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v end end - context 'with an inactive runner' do - let_it_be(:runner) { create(:ci_runner, :project, :inactive, description: 'Inactive project runner', projects: [project]) } + context 'with a paused runner' do + let_it_be(:runner) { create(:ci_runner, :project, :paused, description: 'Paused project runner', projects: [project]) } context 'when filtering by paused status' do let(:query) { { paused: true } } @@ -1988,7 +1988,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v perform_request expect(json_response).to contain_exactly( - a_hash_including('description' => 'Inactive project runner') + a_hash_including('description' => 'Paused project runner') ) end end @@ -2000,7 +2000,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v perform_request expect(json_response).to contain_exactly( - a_hash_including('description' => 'Inactive project runner') + a_hash_including('description' => 'Paused project runner') ) end @@ -2120,8 +2120,8 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v end end - context 'with an inactive runner' do - let_it_be(:runner) { create(:ci_runner, :group, :inactive, description: 'Inactive group runner', groups: [group]) } + context 'with a paused runner' do + let_it_be(:runner) { create(:ci_runner, :group, :paused, description: 'Paused group runner', groups: [group]) } context 'when filtering by paused status' do let(:query) { { paused: true } } @@ -2129,7 +2129,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v it 'filters runners by status' do perform_request - expect(json_response).to contain_exactly(a_hash_including('description' => 'Inactive group runner')) + expect(json_response).to contain_exactly(a_hash_including('description' => 'Paused group runner')) end end @@ -2139,7 +2139,7 @@ RSpec.describe API::Ci::Runners, :aggregate_failures, feature_category: :fleet_v it 'returns runners by valid status' do perform_request - expect(json_response).to contain_exactly(a_hash_including('description' => 'Inactive group runner')) + expect(json_response).to contain_exactly(a_hash_including('description' => 'Paused group runner')) end context 'and status is invalid' do diff --git a/spec/requests/api/graphql/ci/runners_spec.rb b/spec/requests/api/graphql/ci/runners_spec.rb index 75763d34b28..667882ffa7e 100644 --- a/spec/requests/api/graphql/ci/runners_spec.rb +++ b/spec/requests/api/graphql/ci/runners_spec.rb @@ -16,12 +16,12 @@ RSpec.describe 'Query.runners', feature_category: :fleet_visibility do describe 'Query.runners' do let_it_be(:project) { create(:project, :repository, :public) } - let_it_be(:instance_runner) { create(:ci_runner, :instance, description: 'Instance runner') } + let_it_be(:instance_runner) { create(:ci_runner, :instance, :online, description: 'Instance runner') } let_it_be(:instance_runner_manager) do create(:ci_runner_machine, runner: instance_runner, version: 'abc', revision: '123', ip_address: '127.0.0.1') end - let_it_be(:project_runner) { create(:ci_runner, :project, active: false, description: 'Project runner', projects: [project]) } + let_it_be(:project_runner) { create(:ci_runner, :project, :paused, description: 'Project runner', projects: [project]) } let_it_be(:project_runner_manager) do create(:ci_runner_machine, runner: project_runner, version: 'def', revision: '456', ip_address: '127.0.0.1') end @@ -57,8 +57,8 @@ RSpec.describe 'Query.runners', feature_category: :fleet_visibility do it 'returns expected runners' do post_graphql(query, current_user: current_user) - expect(runners_graphql_data['nodes']).to contain_exactly( - *Ci::Runner.all.map { |expected_runner| a_graphql_entity_for(expected_runner) } + expect(runners_graphql_data['nodes']).to match_array( + Ci::Runner.all.map { |expected_runner| a_graphql_entity_for(expected_runner) } ) end @@ -73,8 +73,8 @@ RSpec.describe 'Query.runners', feature_category: :fleet_visibility do it 'returns expected runners' do post_graphql(query, current_user: current_user) - expect(runners_graphql_data['nodes']).to contain_exactly( - *Array(expected_runners).map { |expected_runner| a_graphql_entity_for(expected_runner) } + expect(runners_graphql_data['nodes']).to match_array( + Array(expected_runners).map { |expected_runner| a_graphql_entity_for(expected_runner) } ) end end @@ -96,9 +96,9 @@ RSpec.describe 'Query.runners', feature_category: :fleet_visibility do end end - context 'runner_type is INSTANCE_TYPE and status is ACTIVE' do + context 'runner_type is INSTANCE_TYPE and status is ONLINE' do let(:runner_type) { 'INSTANCE_TYPE' } - let(:status) { 'ACTIVE' } + let(:status) { 'ONLINE' } let(:expected_runners) { instance_runner } @@ -354,7 +354,7 @@ RSpec.describe 'Group.runners' do let_it_be(:group_owner) { create_default(:user, owner_of: group) } describe 'edges' do - let_it_be(:runner) { create(:ci_runner, :group, active: false, description: 'Project runner', groups: [group]) } + let_it_be(:runner) { create(:ci_runner, :group, :paused, description: 'Project runner', groups: [group]) } let(:query) do %( diff --git a/spec/requests/groups/group_members_controller_spec.rb b/spec/requests/groups/group_members_controller_spec.rb index bb331ba7f71..4df630492ae 100644 --- a/spec/requests/groups/group_members_controller_spec.rb +++ b/spec/requests/groups/group_members_controller_spec.rb @@ -20,7 +20,6 @@ RSpec.describe Groups::GroupMembersController, feature_category: :groups_and_pro expect(response.body).to have_pushed_frontend_feature_flags(importerUserMapping: true) expect(response.body).to have_pushed_frontend_feature_flags(serviceAccountsCrud: true) - expect(response.body).to have_pushed_frontend_feature_flags(webuiMembersInheritedUsers: true) end end diff --git a/spec/support/shared_contexts/graphql/resolvers/runners_resolver_shared_context.rb b/spec/support/shared_contexts/graphql/resolvers/runners_resolver_shared_context.rb index e7bd3442045..2bd50013761 100644 --- a/spec/support/shared_contexts/graphql/resolvers/runners_resolver_shared_context.rb +++ b/spec/support/shared_contexts/graphql/resolvers/runners_resolver_shared_context.rb @@ -9,8 +9,8 @@ RSpec.shared_context 'runners resolver setup' do let_it_be(:project) { create(:project, :public, group: group) } let_it_be(:inactive_project_runner) do - create(:ci_runner, :project, :inactive, :online, projects: [project], - description: 'inactive project runner', token: 'abcdef', tag_list: %w[project_runner]) + create(:ci_runner, :project, :paused, :online, projects: [project], + description: 'paused project runner', token: 'abcdef', tag_list: %w[project_runner]) end let_it_be(:offline_project_runner) do diff --git a/spec/support/shared_examples/ci/runner_with_status_scope_shared_examples.rb b/spec/support/shared_examples/ci/runner_with_status_scope_shared_examples.rb index 510721d66b2..ec562589fe3 100644 --- a/spec/support/shared_examples/ci/runner_with_status_scope_shared_examples.rb +++ b/spec/support/shared_examples/ci/runner_with_status_scope_shared_examples.rb @@ -4,7 +4,7 @@ RSpec.shared_examples 'runner with status scope' do describe '.with_status' do subject(:scope) { described_class.with_status(status) } - described_class::AVAILABLE_STATUSES.each do |status| + described_class::AVAILABLE_STATUSES_INCL_DEPRECATED.each do |status| context "with #{status} status" do let(:status) { status } diff --git a/spec/views/shared/runners/_runner_details.html.haml_spec.rb b/spec/views/shared/runners/_runner_details.html.haml_spec.rb index e80862243cd..a6489a22c7b 100644 --- a/spec/views/shared/runners/_runner_details.html.haml_spec.rb +++ b/spec/views/shared/runners/_runner_details.html.haml_spec.rb @@ -57,8 +57,8 @@ RSpec.describe 'shared/runners/_runner_details.html.haml', feature_category: :fl it { is_expected.to have_content('Paused No') } end - context 'when runner is inactive' do - let(:runner) { build_stubbed(:ci_runner, :inactive) } + context 'when runner is paused' do + let(:runner) { build_stubbed(:ci_runner, :paused) } it { is_expected.to have_content('Paused Yes') } end diff --git a/workhorse/go.mod b/workhorse/go.mod index 931ed2e9216..652c2d8ef2f 100644 --- a/workhorse/go.mod +++ b/workhorse/go.mod @@ -19,7 +19,7 @@ require ( github.com/johannesboyne/gofakes3 v0.0.0-20240217095638-c55a48f17be6 github.com/jpillora/backoff v1.0.0 github.com/mitchellh/copystructure v1.2.0 - github.com/prometheus/client_golang v1.20.1 + github.com/prometheus/client_golang v1.20.2 github.com/redis/go-redis/v9 v9.6.1 github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a github.com/sirupsen/logrus v1.9.3 diff --git a/workhorse/go.sum b/workhorse/go.sum index 618dfdd2b9e..f4e4661a652 100644 --- a/workhorse/go.sum +++ b/workhorse/go.sum @@ -416,8 +416,8 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c h1:ncq/mPwQF4JjgDlrVEn3C11VoGHZN7m8qihwgMEtzYw= github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE= -github.com/prometheus/client_golang v1.20.1 h1:IMJXHOD6eARkQpxo8KkhgEVFlBNm+nkrFUyGlIu7Na8= -github.com/prometheus/client_golang v1.20.1/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_golang v1.20.2 h1:5ctymQzZlyOON1666svgwn3s6IKWgfbjsejTMiXIyjg= +github.com/prometheus/client_golang v1.20.2/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=