...@@ -327,7 +327,7 @@ group :metrics do ...@@ -327,7 +327,7 @@ group :metrics do
gem 'influxdb', '~> 0.2', require: false gem 'influxdb', '~> 0.2', require: false
# Prometheus # Prometheus
gem 'prometheus-client-mmap', '~> 0.9.10' gem 'prometheus-client-mmap', '~> 0.10.0'
gem 'raindrops', '~> 0.18' gem 'raindrops', '~> 0.18'
end end
... ...
......
...@@ -531,8 +531,8 @@ GEM ...@@ -531,8 +531,8 @@ GEM
regexp_parser (~> 1.1) regexp_parser (~> 1.1)
regexp_property_values (~> 0.3) regexp_property_values (~> 0.3)
json (1.8.6) json (1.8.6)
json-jwt (1.9.4) json-jwt (1.11.0)
activesupport activesupport (>= 4.2)
aes_key_wrap aes_key_wrap
bindata bindata
json-schema (2.8.0) json-schema (2.8.0)
...@@ -746,7 +746,7 @@ GEM ...@@ -746,7 +746,7 @@ GEM
parser parser
unparser unparser
procto (0.0.3) procto (0.0.3)
prometheus-client-mmap (0.9.10) prometheus-client-mmap (0.10.0)
pry (0.11.3) pry (0.11.3)
coderay (~> 1.1.0) coderay (~> 1.1.0)
method_source (~> 0.9.0) method_source (~> 0.9.0)
...@@ -1283,7 +1283,7 @@ DEPENDENCIES ...@@ -1283,7 +1283,7 @@ DEPENDENCIES
peek (~> 1.1) peek (~> 1.1)
pg (~> 1.1) pg (~> 1.1)
premailer-rails (~> 1.10.3) premailer-rails (~> 1.10.3)
prometheus-client-mmap (~> 0.9.10) prometheus-client-mmap (~> 0.10.0)
pry-byebug (~> 3.5.1) pry-byebug (~> 3.5.1)
pry-rails (~> 0.3.4) pry-rails (~> 0.3.4)
rack (~> 2.0.7) rack (~> 2.0.7)
... ...
......
# frozen_string_literal: true
module Clusters
class KnativeServingNamespaceFinder
attr_reader :cluster
def initialize(cluster)
@cluster = cluster
end
def execute
cluster.kubeclient&.get_namespace(Clusters::Kubernetes::KNATIVE_SERVING_NAMESPACE)
rescue Kubeclient::ResourceNotFoundError
nil
rescue Kubeclient::HttpError => e
# If the kubernetes auth engine is enabled, it will return 403
if e.error_code == 403
Gitlab::ErrorTracking.track_exception(e)
nil
else
raise
end
end
end
end
# frozen_string_literal: true
module Clusters
class KnativeVersionRoleBindingFinder
attr_reader :cluster
def initialize(cluster)
@cluster = cluster
end
def execute
cluster.kubeclient&.get_cluster_role_binding(Clusters::Kubernetes::GITLAB_KNATIVE_VERSION_ROLE_BINDING_NAME)
rescue Kubeclient::ResourceNotFoundError
nil
end
end
end
...@@ -1320,7 +1320,7 @@ class Project < ApplicationRecord ...@@ -1320,7 +1320,7 @@ class Project < ApplicationRecord
end end
def has_active_hooks?(hooks_scope = :push_hooks) def has_active_hooks?(hooks_scope = :push_hooks)
hooks.hooks_for(hooks_scope).any? || SystemHook.hooks_for(hooks_scope).any? hooks.hooks_for(hooks_scope).any? || SystemHook.hooks_for(hooks_scope).any? || Gitlab::Plugin.any?
end end
def has_active_services?(hooks_scope = :push_hooks) def has_active_services?(hooks_scope = :push_hooks)
... ...
......
...@@ -40,7 +40,7 @@ class ReleasePresenter < Gitlab::View::Presenter::Delegated ...@@ -40,7 +40,7 @@ class ReleasePresenter < Gitlab::View::Presenter::Delegated
def evidence_file_path def evidence_file_path
return unless release.evidence.present? return unless release.evidence.present?
evidence_project_release_url(project, tag, format: :json) evidence_project_release_url(project, release.to_param, format: :json)
end end
private private
... ...
......
...@@ -46,6 +46,8 @@ module Ci ...@@ -46,6 +46,8 @@ module Ci
# it could contain many. We only need to know whether it has 1 or more # it could contain many. We only need to know whether it has 1 or more
# artifacts, so fetching the first 2 would be sufficient. # artifacts, so fetching the first 2 would be sufficient.
def first_2_metadata_entries_for_artifacts_paths(job) def first_2_metadata_entries_for_artifacts_paths(job)
return [] unless job.artifacts_metadata
job.artifacts_paths job.artifacts_paths
.lazy .lazy
.map { |path| job.artifacts_metadata_entry(path, recursive: true) } .map { |path| job.artifacts_metadata_entry(path, recursive: true) }
... ...
......
...@@ -38,8 +38,7 @@ module Clusters ...@@ -38,8 +38,7 @@ module Clusters
def credentials def credentials
@credentials ||= Clusters::Aws::FetchCredentialsService.new( @credentials ||= Clusters::Aws::FetchCredentialsService.new(
provision_role, provision_role,
provider: provider, provider: provider
region: provider.region
).execute ).execute
end end
... ...
......
...@@ -12,8 +12,5 @@ module Clusters ...@@ -12,8 +12,5 @@ module Clusters
GITLAB_KNATIVE_SERVING_ROLE_BINDING_NAME = 'gitlab-knative-serving-rolebinding' GITLAB_KNATIVE_SERVING_ROLE_BINDING_NAME = 'gitlab-knative-serving-rolebinding'
GITLAB_CROSSPLANE_DATABASE_ROLE_NAME = 'gitlab-crossplane-database-role' GITLAB_CROSSPLANE_DATABASE_ROLE_NAME = 'gitlab-crossplane-database-role'
GITLAB_CROSSPLANE_DATABASE_ROLE_BINDING_NAME = 'gitlab-crossplane-database-rolebinding' GITLAB_CROSSPLANE_DATABASE_ROLE_BINDING_NAME = 'gitlab-crossplane-database-rolebinding'
GITLAB_KNATIVE_VERSION_ROLE_NAME = 'gitlab-knative-version-role'
GITLAB_KNATIVE_VERSION_ROLE_BINDING_NAME = 'gitlab-knative-version-rolebinding'
KNATIVE_SERVING_NAMESPACE = 'knative-serving'
end end
end end
...@@ -49,14 +49,8 @@ module Clusters ...@@ -49,14 +49,8 @@ module Clusters
create_or_update_knative_serving_role create_or_update_knative_serving_role
create_or_update_knative_serving_role_binding create_or_update_knative_serving_role_binding
create_or_update_crossplane_database_role create_or_update_crossplane_database_role
create_or_update_crossplane_database_role_binding create_or_update_crossplane_database_role_binding
return unless knative_serving_namespace
create_or_update_knative_version_role
create_or_update_knative_version_role_binding
end end
private private
...@@ -70,12 +64,6 @@ module Clusters ...@@ -70,12 +64,6 @@ module Clusters
).ensure_exists! ).ensure_exists!
end end
def knative_serving_namespace
kubeclient.get_namespace(Clusters::Kubernetes::KNATIVE_SERVING_NAMESPACE)
rescue Kubeclient::ResourceNotFoundError
nil
end
def create_role_or_cluster_role_binding def create_role_or_cluster_role_binding
if namespace_creator if namespace_creator
kubeclient.create_or_update_role_binding(role_binding_resource) kubeclient.create_or_update_role_binding(role_binding_resource)
...@@ -100,14 +88,6 @@ module Clusters ...@@ -100,14 +88,6 @@ module Clusters
kubeclient.update_role_binding(crossplane_database_role_binding_resource) kubeclient.update_role_binding(crossplane_database_role_binding_resource)
end end
def create_or_update_knative_version_role
kubeclient.update_cluster_role(knative_version_role_resource)
end
def create_or_update_knative_version_role_binding
kubeclient.update_cluster_role_binding(knative_version_role_binding_resource)
end
def service_account_resource def service_account_resource
Gitlab::Kubernetes::ServiceAccount.new( Gitlab::Kubernetes::ServiceAccount.new(
service_account_name, service_account_name,
...@@ -186,27 +166,6 @@ module Clusters ...@@ -186,27 +166,6 @@ module Clusters
service_account_name: service_account_name service_account_name: service_account_name
).generate ).generate
end end
def knative_version_role_resource
Gitlab::Kubernetes::ClusterRole.new(
name: Clusters::Kubernetes::GITLAB_KNATIVE_VERSION_ROLE_NAME,
rules: [{
apiGroups: %w(apps),
resources: %w(deployments),
verbs: %w(list get)
}]
).generate
end
def knative_version_role_binding_resource
subjects = [{ kind: 'ServiceAccount', name: service_account_name, namespace: service_account_namespace }]
Gitlab::Kubernetes::ClusterRoleBinding.new(
Clusters::Kubernetes::GITLAB_KNATIVE_VERSION_ROLE_BINDING_NAME,
Clusters::Kubernetes::GITLAB_KNATIVE_VERSION_ROLE_NAME,
subjects
).generate
end
end end
end end
end end
---
title: Fix CAS users being signed out repeatedly
merge_request: 22704
author:
type: fixed
---
title: Remove unused keyword from EKS provision service
merge_request: 22633
author:
type: fixed
---
title: Fix releases page when tag contains a slash
merge_request: 22527
author:
type: fixed
---
title: Fix bug when trying to expose artifacts and no artifacts are produced by the job
merge_request: 22378
author:
type: fixed
---
title: Fix RefreshMergeRequestsService raises an exception and unnecessary sidekiq retry
merge_request: 22262
author:
type: fixed
---
title: Reverts Add RBAC permissions for getting knative version
merge_request: 22560
author:
type: fixed
---
title: Upgrade json-jwt to v1.11.0
merge_request: 22440
author:
type: security
---
title: Disable Prometheus metrics if initialization fails
merge_request: 22355
author:
type: fixed
---
title: Gracefully error handle CI lint errors in artifacts section
merge_request: 22388
author:
type: fixed
---
title: Fix GitLab plugins not working without hooks configured
merge_request: 22409
author:
type: fixed