...@@ -33,7 +33,6 @@ include: ...@@ -33,7 +33,6 @@ include:
- local: .gitlab/ci/frontend.gitlab-ci.yml - local: .gitlab/ci/frontend.gitlab-ci.yml
- local: .gitlab/ci/global.gitlab-ci.yml - local: .gitlab/ci/global.gitlab-ci.yml
- local: .gitlab/ci/memory.gitlab-ci.yml - local: .gitlab/ci/memory.gitlab-ci.yml
- local: .gitlab/ci/notifications.gitlab-ci.yml
- local: .gitlab/ci/pages.gitlab-ci.yml - local: .gitlab/ci/pages.gitlab-ci.yml
- local: .gitlab/ci/qa.gitlab-ci.yml - local: .gitlab/ci/qa.gitlab-ci.yml
- local: .gitlab/ci/reports.gitlab-ci.yml - local: .gitlab/ci/reports.gitlab-ci.yml
... ...
......
cloud-native-image: cloud-native-image:
extends: .only:variables-canonical-dot-com
image: ruby:2.6-alpine image: ruby:2.6-alpine
dependencies: [] dependencies: []
stage: post-test stage: post-test
...@@ -12,5 +13,3 @@ cloud-native-image: ...@@ -12,5 +13,3 @@ cloud-native-image:
only: only:
refs: refs:
- tags - tags
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org"
...@@ -2,12 +2,11 @@ ...@@ -2,12 +2,11 @@
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .only-docs-changes - .only:variables-canonical-dot-com
- .only:changes-docs
only: only:
refs: refs:
- merge_requests - merge_requests
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org"
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: review stage: review
dependencies: [] dependencies: []
...@@ -50,7 +49,7 @@ docs lint: ...@@ -50,7 +49,7 @@ docs lint:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .default-only
- .only-docs-changes - .only:changes-docs
image: "registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-docs-lint" image: "registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-docs-lint"
stage: test stage: test
dependencies: [] dependencies: []
...@@ -76,7 +75,7 @@ graphql-docs-verify: ...@@ -76,7 +75,7 @@ graphql-docs-verify:
- .default-cache - .default-cache
- .default-only - .default-only
- .default-before_script - .default-before_script
- .only-graphql-changes - .only:changes-graphql
variables: variables:
SETUP_DB: "false" SETUP_DB: "false"
stage: test stage: test
... ...
......
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
- .default-only - .default-only
- .default-before_script - .default-before_script
- .assets-compile-cache - .assets-compile-cache
- .only-code-qa-changes - .only:changes-code-backstage-qa
image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-git-2.22-chrome-73.0-node-12.x-yarn-1.16-graphicsmagick-1.3.33-docker-18.06.1 image: registry.gitlab.com/gitlab-org/gitlab-build-images:ruby-2.6.3-git-2.22-chrome-73.0-node-12.x-yarn-1.16-graphicsmagick-1.3.33-docker-18.06.1
stage: test stage: test
dependencies: ["setup-test-env"] dependencies: ["setup-test-env"]
...@@ -73,7 +73,7 @@ gitlab:assets:compile pull-cache: ...@@ -73,7 +73,7 @@ gitlab:assets:compile pull-cache:
- .default-only - .default-only
- .default-before_script - .default-before_script
- .assets-compile-cache - .assets-compile-cache
- .only-code-qa-changes - .only:changes-code-backstage-qa
- .use-pg9 - .use-pg9
stage: prepare stage: prepare
script: script:
...@@ -128,7 +128,7 @@ compile-assets pull-cache foss: ...@@ -128,7 +128,7 @@ compile-assets pull-cache foss:
- .default-cache - .default-cache
- .default-only - .default-only
- .default-before_script - .default-before_script
- .only-code-changes - .only:changes-code-backstage
- .use-pg9 - .use-pg9
stage: test stage: test
needs: ["setup-test-env", "compile-assets pull-cache"] needs: ["setup-test-env", "compile-assets pull-cache"]
...@@ -205,7 +205,7 @@ jest-foss: ...@@ -205,7 +205,7 @@ jest-foss:
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only - .default-only
- .only-code-changes - .only:changes-code-backstage
stage: test stage: test
dependencies: [] dependencies: []
cache: cache:
...@@ -238,7 +238,7 @@ webpack-dev-server: ...@@ -238,7 +238,7 @@ webpack-dev-server:
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only - .default-only
- .only-code-changes - .only:changes-code-backstage
stage: test stage: test
needs: ["setup-test-env", "compile-assets pull-cache"] needs: ["setup-test-env", "compile-assets pull-cache"]
dependencies: ["setup-test-env", "compile-assets pull-cache"] dependencies: ["setup-test-env", "compile-assets pull-cache"]
... ...
......
...@@ -40,14 +40,104 @@ ...@@ -40,14 +40,104 @@
- merge_requests - merge_requests
- tags - tags
.only-code-changes: .only:variables-canonical-dot-com:
only:
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/)/ # Matches the gitlab-org group or its subgroups
.only:variables_refs-canonical-dot-com-schedules:
extends: .only:variables-canonical-dot-com
only:
refs:
- schedules
.except:refs-deploy:
except:
refs:
- /^\d+-\d+-auto-deploy-\d+$/
.except:refs-master-tags-stable-deploy:
except:
refs:
- master
- tags
- /^[\d-]+-stable(-ee)?$/
- /^\d+-\d+-auto-deploy-\d+$/
.only:kubernetes:
only:
kubernetes: active
.only-review:
extends:
- .only:variables-canonical-dot-com
- .only:kubernetes
- .except:refs-master-tags-stable-deploy
.only-review-schedules:
extends:
- .only:variables_refs-canonical-dot-com-schedules
- .only:kubernetes
- .except:refs-deploy
.code-patterns: &code-patterns
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
.backstage-patterns: &backstage-patterns
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file
.qa-patterns: &qa-patterns
- ".dockerignore"
- "qa/**/*"
.docs-patterns: &docs-patterns
- ".gitlab/route-map.yml"
- "doc/**/*"
- ".markdownlint.json"
.graphql-patterns: &graphql-patterns
- "{,ee/}app/graphql/**/*"
- "{,ee/}lib/gitlab/graphql/**/*"
.only:changes-code:
only:
changes: *code-patterns
.only:changes-qa:
only:
changes: *qa-patterns
.only:changes-docs:
only:
changes: *docs-patterns
.only:changes-graphql:
only:
changes: *graphql-patterns
.only:changes-code-backstage:
only: only:
changes: changes:
- ".gitlab/ci/**/*" - ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml" - ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json" - ".csscomb.json"
- "Dangerfile"
- "Dockerfile.assets" - "Dockerfile.assets"
- "*_VERSION" - "*_VERSION"
- "Gemfile{,.lock}" - "Gemfile{,.lock}"
...@@ -55,36 +145,41 @@ ...@@ -55,36 +145,41 @@
- "{babel.config,jest.config}.js" - "{babel.config,jest.config}.js"
- "config.ru" - "config.ru"
- "{package.json,yarn.lock}" - "{package.json,yarn.lock}"
- "{app,bin,config,danger,db,ee,fixtures,haml_lint,lib,locale,public,rubocop,scripts,spec,symbol,vendor}/**/*" - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
# Backstage changes
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file - "doc/README.md" # Some RSpec test rely on this file
.only-qa-changes: .only:changes-code-qa:
only: only:
changes: changes:
- ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json"
- "Dockerfile.assets"
- "*_VERSION"
- "Gemfile{,.lock}"
- "Rakefile"
- "{babel.config,jest.config}.js"
- "config.ru"
- "{package.json,yarn.lock}"
- "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
# QA changes
- ".dockerignore" - ".dockerignore"
- "qa/**/*" - "qa/**/*"
.only-docs-changes: .only:changes-code-backstage-qa:
only:
changes:
- ".gitlab/route-map.yml"
- "doc/**/*"
- ".markdownlint.json"
.only-graphql-changes:
only:
changes:
- "{,ee/}app/graphql/**/*"
- "{,ee/}lib/gitlab/graphql/**/*"
.only-code-qa-changes:
only: only:
changes: changes:
- ".gitlab/ci/**/*" - ".gitlab/ci/**/*"
- ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}" - ".{eslintignore,gitattributes,nvmrc,prettierrc,stylelintrc,yamllint}"
- ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml" - ".{codeclimate,eslintrc,gitlab-ci,haml-lint,haml-lint_todo,rubocop,rubocop_todo,scss-lint}.yml"
- ".csscomb.json" - ".csscomb.json"
- "Dangerfile"
- "Dockerfile.assets" - "Dockerfile.assets"
- "*_VERSION" - "*_VERSION"
- "Gemfile{,.lock}" - "Gemfile{,.lock}"
...@@ -92,36 +187,18 @@ ...@@ -92,36 +187,18 @@
- "{babel.config,jest.config}.js" - "{babel.config,jest.config}.js"
- "config.ru" - "config.ru"
- "{package.json,yarn.lock}" - "{package.json,yarn.lock}"
- "{app,bin,config,danger,db,ee,fixtures,haml_lint,lib,locale,public,rubocop,scripts,spec,symbol,vendor}/**/*" - "{,ee/}{app,bin,config,db,haml_lint,lib,locale,public,scripts,symbol,vendor}/**/*"
# Backstage changes
- "Dangerfile"
- "danger/**/*"
- "{,ee/}fixtures/**/*"
- "{,ee/}rubocop/**/*"
- "{,ee/}spec/**/*"
- "doc/README.md" # Some RSpec test rely on this file - "doc/README.md" # Some RSpec test rely on this file
# QA changes
- ".dockerignore" - ".dockerignore"
- "qa/**/*" - "qa/**/*"
.only-review:
only:
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org"
kubernetes: active
except:
refs:
- master
- /^\d+-\d+-auto-deploy-\d+$/
- /^[\d-]+-stable(-ee)?$/
.only-review-schedules:
only:
refs:
- schedules
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org"
kubernetes: active
.only-canonical-schedules:
only:
refs:
- schedules@gitlab-org/gitlab
- schedules@gitlab-org/gitlab-foss
.use-pg9: .use-pg9:
services: services:
- name: postgres:9.6 - name: postgres:9.6
... ...
......
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
- .default-cache - .default-cache
- .default-only - .default-only
- .default-before_script - .default-before_script
- .only-code-changes - .only:changes-code
memory-static: memory-static:
extends: .only-code-memory-job-base extends: .only-code-memory-job-base
... ...
......
...@@ -4,12 +4,11 @@ pages: ...@@ -4,12 +4,11 @@ pages:
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only - .default-only
- .only-code-qa-changes - .only:variables-canonical-dot-com
- .only:changes-code-backstage-qa
only: only:
refs: refs:
- master - master
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org"
stage: pages stage: pages
dependencies: ["coverage", "karma", "gitlab:assets:compile pull-cache"] dependencies: ["coverage", "karma", "gitlab:assets:compile pull-cache"]
script: script:
... ...
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-qa-changes - .only:changes-code-qa
stage: test stage: test
dependencies: [] dependencies: []
cache: cache:
...@@ -31,7 +31,6 @@ qa:selectors-foss: ...@@ -31,7 +31,6 @@ qa:selectors-foss:
- .only-ee-as-if-foss - .only-ee-as-if-foss
.package-and-qa-base: .package-and-qa-base:
extends: .default-only
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: qa stage: qa
dependencies: [] dependencies: []
...@@ -40,35 +39,31 @@ qa:selectors-foss: ...@@ -40,35 +39,31 @@ qa:selectors-foss:
- source scripts/utils.sh - source scripts/utils.sh
- install_gitlab_gem - install_gitlab_gem
- ./scripts/trigger-build omnibus - ./scripts/trigger-build omnibus
only:
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE =~ /^gitlab-org($|\/)/ # Matches the gitlab-org group or its subgroups
package-and-qa-manual: package-and-qa-manual:
extends: extends:
- .package-and-qa-base - .package-and-qa-base
- .only-code-changes - .default-only
except: - .only:variables-canonical-dot-com
refs: - .except:refs-deploy
- master - .only:changes-code
- /^\d+-\d+-auto-deploy-\d+$/
when: manual when: manual
needs: ["build-qa-image", "gitlab:assets:compile pull-cache"] needs: ["build-qa-image", "gitlab:assets:compile pull-cache"]
package-and-qa: package-and-qa:
extends: extends:
- .package-and-qa-base - .package-and-qa-base
- .only-qa-changes - .default-only
except: - .only:variables-canonical-dot-com
refs: - .except:refs-master-tags-stable-deploy
- master - .only:changes-qa
- /^\d+-\d+-auto-deploy-\d+$/
needs: ["build-qa-image", "gitlab:assets:compile pull-cache"] needs: ["build-qa-image", "gitlab:assets:compile pull-cache"]
allow_failure: true allow_failure: true
schedule:package-and-qa: schedule:package-and-qa:
extends: extends:
- .package-and-qa-base - .package-and-qa-base
- .only-code-qa-changes - .default-only
- .only-canonical-schedules - .only:variables_refs-canonical-dot-com-schedules
needs: ["build-qa-image", "gitlab:assets:compile pull-cache"] needs: ["build-qa-image", "gitlab:assets:compile pull-cache"]
allow_failure: true
...@@ -22,7 +22,7 @@ ...@@ -22,7 +22,7 @@
- .default-cache - .default-cache
- .default-only - .default-only
- .default-before_script - .default-before_script
- .only-code-changes - .only:changes-code-backstage
.only-code-qa-rails-job-base: .only-code-qa-rails-job-base:
extends: extends:
...@@ -31,7 +31,7 @@ ...@@ -31,7 +31,7 @@
- .default-cache - .default-cache
- .default-only - .default-only
- .default-before_script - .default-before_script
- .only-code-qa-changes - .only:changes-code-backstage-qa
setup-test-env: setup-test-env:
extends: extends:
...@@ -251,13 +251,8 @@ static-analysis: ...@@ -251,13 +251,8 @@ static-analysis:
downtime_check: downtime_check:
extends: extends:
- .rake-exec - .rake-exec
- .only-code-changes - .only:changes-code-backstage
except: - .except:refs-master-tags-stable-deploy
refs:
- master
- tags
variables:
- $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/
stage: test stage: test
needs: ["setup-test-env"] needs: ["setup-test-env"]
dependencies: ["setup-test-env"] dependencies: ["setup-test-env"]
... ...
......
...@@ -11,7 +11,7 @@ code_quality: ...@@ -11,7 +11,7 @@ code_quality:
extends: extends:
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-changes - .only:changes-code-backstage
stage: test stage: test
image: docker:stable image: docker:stable
allow_failure: true allow_failure: true
...@@ -50,7 +50,7 @@ sast: ...@@ -50,7 +50,7 @@ sast:
extends: extends:
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-changes - .only:changes-code-backstage-qa
stage: test stage: test
image: docker:stable image: docker:stable
variables: variables:
...@@ -132,7 +132,7 @@ dependency_scanning: ...@@ -132,7 +132,7 @@ dependency_scanning:
extends: extends:
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-changes - .only:changes-code-backstage-qa
stage: test stage: test
image: docker:stable image: docker:stable
variables: variables:
...@@ -195,7 +195,7 @@ dast: ...@@ -195,7 +195,7 @@ dast:
extends: extends:
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-qa-changes - .only:changes-code-qa
- .only-review - .only-review
stage: qa stage: qa
needs: ["review-deploy"] needs: ["review-deploy"]
... ...
......
.except-deploys:
except:
refs:
- /^\d+-\d+-auto-deploy-\d+$/
.review-docker: .review-docker:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .default-only
- .except-deploys
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-qa-alpine
services: services:
- docker:19.03.0-dind - docker:19.03.0-dind
...@@ -23,10 +17,9 @@ ...@@ -23,10 +17,9 @@
build-qa-image: build-qa-image:
extends: extends:
- .review-docker - .review-docker
- .only-code-qa-changes - .only:variables-canonical-dot-com
only: - .except:refs-deploy
variables: - .only:changes-code-qa
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org"
stage: prepare stage: prepare
script: script:
- '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"' - '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"'
...@@ -35,14 +28,11 @@ build-qa-image: ...@@ -35,14 +28,11 @@ build-qa-image:
- echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY} - echo "${CI_JOB_TOKEN}" | docker login --username gitlab-ci-token --password-stdin ${CI_REGISTRY}
- time docker push ${QA_IMAGE} - time docker push ${QA_IMAGE}
schedule:review-cleanup: .base-review-cleanup:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-qa-changes
- .only-review-schedules
- .except-deploys
stage: prepare stage: prepare
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
allow_failure: true allow_failure: true
...@@ -55,11 +45,22 @@ schedule:review-cleanup: ...@@ -55,11 +45,22 @@ schedule:review-cleanup:
script: script:
- ruby -rrubygems scripts/review_apps/automated_cleanup.rb - ruby -rrubygems scripts/review_apps/automated_cleanup.rb
schedule:review-cleanup:
extends:
- .base-review-cleanup
- .only-review-schedules
manual:review-cleanup:
extends:
- .base-review-cleanup
- .only:changes-code-qa
when: manual
.review-build-cng-base: .review-build-cng-base:
extends: extends:
- .default-tags
- .default-retry
- .default-only - .default-only
- .only-code-qa-changes
- .except-deploys
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: review-prepare stage: review-prepare
before_script: before_script:
...@@ -74,6 +75,7 @@ review-build-cng: ...@@ -74,6 +75,7 @@ review-build-cng:
extends: extends:
- .review-build-cng-base - .review-build-cng-base
- .only-review - .only-review
- .only:changes-code-qa
needs: ["gitlab:assets:compile pull-cache"] needs: ["gitlab:assets:compile pull-cache"]
schedule:review-build-cng: schedule:review-build-cng:
...@@ -82,26 +84,30 @@ schedule:review-build-cng: ...@@ -82,26 +84,30 @@ schedule:review-build-cng:
- .only-review-schedules - .only-review-schedules
needs: ["gitlab:assets:compile pull-cache"] needs: ["gitlab:assets:compile pull-cache"]
.review-deploy-base: .review-workflow-base:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-qa-changes
- .except-deploys
stage: review
image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base image: registry.gitlab.com/gitlab-org/gitlab-build-images:gitlab-charts-build-base
dependencies: [] dependencies: []
allow_failure: true
variables: variables:
HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}" HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}"
DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}" DOMAIN: "-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}"
GITLAB_HELM_CHART_REF: "v2.3.7" # v2.4.4 + two improvements:
# - Allow to pass an EE license when installing the chart: https://gitlab.com/gitlab-org/charts/gitlab/merge_requests/1008
# - Allow to customize the livenessProbe for `gitlab-shell`: https://gitlab.com/gitlab-org/charts/gitlab/merge_requests/1021
GITLAB_HELM_CHART_REF: "6c655ed77e60f1f7f533afb97bef8c9cb7dc61eb"
GITLAB_EDITION: "ce" GITLAB_EDITION: "ce"
environment: environment:
name: review/${CI_COMMIT_REF_NAME} name: review/${CI_COMMIT_REF_NAME}
url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN} url: https://gitlab-${CI_ENVIRONMENT_SLUG}.${REVIEW_APPS_DOMAIN}
on_stop: review-stop on_stop: review-stop
.review-deploy-base:
extends: .review-workflow-base
stage: review
allow_failure: true
before_script: before_script:
- '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"' - '[[ ! -d "ee/" ]] || export GITLAB_EDITION="ee"'
- export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION) - export GITLAB_SHELL_VERSION=$(<GITLAB_SHELL_VERSION)
...@@ -112,21 +118,13 @@ schedule:review-build-cng: ...@@ -112,21 +118,13 @@ schedule:review-build-cng:
- install_api_client_dependencies_with_apk - install_api_client_dependencies_with_apk
- source scripts/review_apps/review-apps.sh - source scripts/review_apps/review-apps.sh
script: script:
- date
- check_kube_domain - check_kube_domain
- date
- ensure_namespace - ensure_namespace
- date
- install_tiller - install_tiller
- date
- install_external_dns - install_external_dns
- date
- download_chart - download_chart
- date - date
- deploy || (display_deployment_debug && exit 1) - deploy || (display_deployment_debug && exit 1)
- date
- add_license
- date
artifacts: artifacts:
paths: [review_app_url.txt] paths: [review_app_url.txt]
expire_in: 2 days expire_in: 2 days
...@@ -136,6 +134,7 @@ review-deploy: ...@@ -136,6 +134,7 @@ review-deploy:
extends: extends:
- .review-deploy-base - .review-deploy-base
- .only-review - .only-review
- .only:changes-code-qa
needs: ["review-build-cng"] needs: ["review-build-cng"]
schedule:review-deploy: schedule:review-deploy:
...@@ -144,11 +143,11 @@ schedule:review-deploy: ...@@ -144,11 +143,11 @@ schedule:review-deploy:
- .only-review-schedules - .only-review-schedules
needs: ["schedule:review-build-cng"] needs: ["schedule:review-build-cng"]
review-stop: .base-review-stop:
extends: extends:
- .review-deploy-base - .review-workflow-base
- .only-review - .only-review
when: manual - .only:changes-code-qa
environment: environment:
action: stop action: stop
variables: variables:
...@@ -161,24 +160,26 @@ review-stop: ...@@ -161,24 +160,26 @@ review-stop:
- wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/utils.sh - wget $CI_PROJECT_URL/raw/$CI_COMMIT_SHA/scripts/utils.sh
- source utils.sh - source utils.sh
- source review-apps.sh - source review-apps.sh
script:
- delete_release
artifacts:
paths: []
review-cleanup-failed-deployment: review-stop-failed-deployment:
extends: review-stop extends: .base-review-stop
stage: prepare stage: prepare
when: on_success
allow_failure: false
script: script:
- delete_failed_release - delete_failed_release
review-stop:
extends: .base-review-stop
stage: review
when: manual
allow_failure: true
script:
- delete_release
.review-qa-base: .review-qa-base:
extends: extends:
- .review-docker - .review-docker
- .only-review - .only-review
- .only-code-qa-changes - .only:changes-code-qa
stage: qa stage: qa
allow_failure: true allow_failure: true
variables: variables:
...@@ -223,9 +224,7 @@ review-qa-all: ...@@ -223,9 +224,7 @@ review-qa-all:
- gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation - gitlab-qa Test::Instance::Any "${QA_IMAGE}" "${CI_ENVIRONMENT_URL}" -- --format RspecJunitFormatter --out tmp/rspec-${CI_JOB_ID}.xml --format html --out tmp/rspec.htm --color --format documentation
.review-performance-base: .review-performance-base:
extends: extends: .review-docker
- .review-docker
- .only-code-qa-changes
stage: qa stage: qa
allow_failure: true allow_failure: true
before_script: before_script:
...@@ -248,6 +247,7 @@ review-performance: ...@@ -248,6 +247,7 @@ review-performance:
extends: extends:
- .review-performance-base - .review-performance-base
- .only-review - .only-review
- .only:changes-code-qa
needs: ["review-deploy"] needs: ["review-deploy"]
dependencies: ["review-deploy"] dependencies: ["review-deploy"]
before_script: before_script:
...@@ -277,9 +277,8 @@ parallel-spec-reports: ...@@ -277,9 +277,8 @@ parallel-spec-reports:
extends: extends:
- .default-tags - .default-tags
- .default-only - .default-only
- .only-code-qa-changes
- .only-review - .only-review
- .except-deploys - .only:changes-code-qa
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: post-test stage: post-test
dependencies: ["review-qa-all"] dependencies: ["review-qa-all"]
...@@ -310,18 +309,13 @@ danger-review: ...@@ -310,18 +309,13 @@ danger-review:
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-only - .default-only
- .except:refs-master-tags-stable-deploy
image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger image: registry.gitlab.com/gitlab-org/gitlab-build-images:danger
stage: test stage: test
dependencies: [] dependencies: []
only: only:
variables: variables:
- $DANGER_GITLAB_API_TOKEN - $DANGER_GITLAB_API_TOKEN
except:
refs:
- master
variables:
- $CI_COMMIT_REF_NAME =~ /^\d+-\d+-auto-deploy-\d+$/
- $CI_COMMIT_REF_NAME =~ /^[\d-]+-stable(-ee)?$/
script: script:
- git version - git version
- node --version - node --version
... ...
......
...@@ -6,7 +6,8 @@ cache gems: ...@@ -6,7 +6,8 @@ cache gems:
- .default-retry - .default-retry
- .default-cache - .default-cache
- .default-before_script - .default-before_script
- .only-code-qa-changes - .only:variables-canonical-dot-com
- .only:changes-code-backstage-qa
stage: test stage: test
dependencies: ["setup-test-env"] dependencies: ["setup-test-env"]
needs: ["setup-test-env"] needs: ["setup-test-env"]
...@@ -21,15 +22,13 @@ cache gems: ...@@ -21,15 +22,13 @@ cache gems:
refs: refs:
- master - master
- tags - tags
variables:
- $CI_SERVER_HOST == "gitlab.com" && $CI_PROJECT_NAMESPACE == "gitlab-org"
.minimal-job: .minimal-job:
extends: extends:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-changes - .only:changes-code-backstage
dependencies: [] dependencies: []
gitlab_git_test: gitlab_git_test:
... ...
......
.tests-metadata-state: .tests-metadata-state:
extends: extends:
- .default-only - .default-only
- .only-code-changes - .only:changes-code-backstage
variables: variables:
TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache" TESTS_METADATA_S3_BUCKET: "gitlab-ce-cache"
before_script: before_script:
...@@ -48,7 +48,7 @@ flaky-examples-check: ...@@ -48,7 +48,7 @@ flaky-examples-check:
- .default-tags - .default-tags
- .default-retry - .default-retry
- .default-only - .default-only
- .only-code-changes - .only:changes-code-backstage
image: ruby:2.6-alpine image: ruby:2.6-alpine
stage: post-test stage: post-test
variables: variables:
... ...
......
...@@ -11,6 +11,7 @@ class Profiles::NotificationsController < Profiles::ApplicationController ...@@ -11,6 +11,7 @@ class Profiles::NotificationsController < Profiles::ApplicationController
exclude_group_ids: @group_notifications.select(:source_id) exclude_group_ids: @group_notifications.select(:source_id)
).execute.map { |group| current_user.notification_settings_for(group, inherit: true) } ).execute.map { |group| current_user.notification_settings_for(group, inherit: true) }
@project_notifications = current_user.notification_settings.for_projects.order(:id) @project_notifications = current_user.notification_settings.for_projects.order(:id)
.select { |notification| current_user.can?(:read_project, notification.source) }
@global_notification_setting = current_user.global_notification_setting @global_notification_setting = current_user.global_notification_setting
end end
# rubocop: enable CodeReuse/ActiveRecord # rubocop: enable CodeReuse/ActiveRecord
... ...
......
...@@ -116,4 +116,8 @@ module NotificationsHelper ...@@ -116,4 +116,8 @@ module NotificationsHelper
def show_unsubscribe_title?(noteable) def show_unsubscribe_title?(noteable)
can?(current_user, "read_#{noteable.to_ability_name}".to_sym, noteable) can?(current_user, "read_#{noteable.to_ability_name}".to_sym, noteable)
end end
def can_read_project?(project)
can?(current_user, :read_project, project)
end
end end
...@@ -1308,7 +1308,7 @@ class User < ApplicationRecord ...@@ -1308,7 +1308,7 @@ class User < ApplicationRecord
.select('ci_runners.*') .select('ci_runners.*')
group_runners = Ci::RunnerNamespace group_runners = Ci::RunnerNamespace
.where(namespace_id: owned_or_maintainers_groups.select(:id)) .where(namespace_id: owned_groups.select(:id))
.joins(:runner) .joins(:runner)
.select('ci_runners.*') .select('ci_runners.*')
... ...
......
- noteable = @sent_notification.noteable - noteable = @sent_notification.noteable
- noteable_type = @sent_notification.noteable_type.titleize.downcase - noteable_type = @sent_notification.noteable_type.titleize.downcase
- noteable_text = show_unsubscribe_title?(noteable) ? %(#{noteable.title} (#{noteable.to_reference})) : %(#{noteable.to_reference}) - noteable_text = show_unsubscribe_title?(noteable) ? %(#{noteable.title} (#{noteable.to_reference})) : %(#{noteable.to_reference})
- page_title _("Unsubscribe"), noteable_text, noteable_type.pluralize, @sent_notification.project.full_name - show_project_path = can_read_project?(@sent_notification.project)
- project_path = show_project_path ? @sent_notification.project.full_name : _("GitLab / Unsubscribe")
- noteable_url = show_project_path ? url_for([@sent_notification.project.namespace.becomes(Namespace), @sent_notification.project, noteable]) : breadcrumb_title_link
- page_title _('Unsubscribe'), noteable_text, noteable_type.pluralize, project_path
%h3.page-title %h3.page-title
= _("Unsubscribe from %{type}") % { type: noteable_type } = _("Unsubscribe from %{type}") % { type: noteable_type }
%p %p
- link_to_noteable_text = link_to(noteable_text, url_for([@sent_notification.project.namespace.becomes(Namespace), @sent_notification.project, noteable])) - link_to_noteable_text = link_to(noteable_text, noteable_url)
= _("Are you sure you want to unsubscribe from the %{type}: %{link_to_noteable_text}?").html_safe % { type: noteable_type, link_to_noteable_text: link_to_noteable_text } = _("Are you sure you want to unsubscribe from the %{type}: %{link_to_noteable_text}?").html_safe % { type: noteable_type, link_to_noteable_text: link_to_noteable_text }
%p %p
... ...
......
---
title: 'GraphQL: Add timeout to all queries'
merge_request:
author:
type: security
---
title: Return only runners from groups where user is owner for user CI owned runners.
merge_request:
author:
type: security
---
title: Filter out notification settings for projects that a user does not have at least read access
merge_request:
author:
type: security