BigW Consortium Gitlab

Commit d139276a by Robert Speicher

Merge branch 'master' into 8-4-stable

parents 99393cde 0e344aa2
......@@ -42,6 +42,7 @@ v 8.4.0 (unreleased)
- Ajax filter by message for commits page
- API: Add support for deleting a tag via the API (Robert Schilling)
- Allow subsequent validations in CI Linter
- Fix Encoding::CompatibilityError bug when markdown content has some complex URL (Jason Lee)
v 8.3.4
- Use gitlab-workhorse 0.5.4 (fixes API routing bug)
......@@ -59,6 +60,8 @@ v 8.3.3
- Fix Error 500 when visiting build page of project with nil runners_token (Stan Hu)
- Use WOFF versions of SourceSansPro fonts
- Fix regression when builds were not generated for tags created through web/api interface
- Fix: maintain milestone filter between Open and Closed tabs (Greg Smethells)
- Fix missing artifacts and build traces for build created before 8.3
v 8.3.2
- Disable --follow in `git log` to avoid loading duplicate commit data in infinite scroll (Stan Hu)
......
......@@ -334,9 +334,9 @@ merge request:
1. [CoffeeScript](https://github.com/thoughtbot/guides/tree/master/style/coffeescript)
1. [Shell commands](doc/development/shell_commands.md) created by GitLab
contributors to enhance security
1. [Markdown](http://www.cirosantilli.com/markdown-styleguide)
1. [Database Migrations](doc/development/migration_style_guide.md)
1. [Documentation styleguide](doc_styleguide.md)
1. [Markdown](http://www.cirosantilli.com/markdown-styleguide)
1. [Documentation styleguide](doc/development/doc_styleguide.md)
1. Interface text should be written subjectively instead of objectively. It
should be the GitLab core team addressing a person. It should be written in
present time and never use past tense (has been/was). For example instead
......
......@@ -73,6 +73,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
:metrics_pool_size,
:metrics_timeout,
:metrics_method_call_threshold,
:metrics_sample_interval,
:recaptcha_enabled,
:recaptcha_site_key,
:recaptcha_private_key,
......
......@@ -266,7 +266,7 @@ module ApplicationHelper
state: params[:state],
scope: params[:scope],
label_name: params[:label_name],
milestone_id: params[:milestone_id],
milestone_title: params[:milestone_title],
assignee_id: params[:assignee_id],
author_id: params[:author_id],
sort: params[:sort],
......
......@@ -48,8 +48,8 @@ class WebHook < ActiveRecord::Base
else
post_url = url.gsub("#{parsed_url.userinfo}@", "")
auth = {
username: URI.decode(parsed_url.user),
password: URI.decode(parsed_url.password),
username: CGI.unescape(parsed_url.user),
password: CGI.unescape(parsed_url.password),
}
response = WebHook.post(post_url,
body: data.to_json,
......
......@@ -120,13 +120,13 @@ class HipchatService < Service
message << "#{push[:user_name]} "
if Gitlab::Git.blank_ref?(before)
message << "pushed new #{ref_type} <a href=\""\
"#{project_url}/commits/#{URI.escape(ref)}\">#{ref}</a>"\
"#{project_url}/commits/#{CGI.escape(ref)}\">#{ref}</a>"\
" to #{project_link}\n"
elsif Gitlab::Git.blank_ref?(after)
message << "removed #{ref_type} <b>#{ref}</b> from <a href=\"#{project.web_url}\">#{project_name}</a> \n"
else
message << "pushed to #{ref_type} <a href=\""\
"#{project.web_url}/commits/#{URI.escape(ref)}\">#{ref}</a> "
"#{project.web_url}/commits/#{CGI.escape(ref)}\">#{ref}</a> "
message << "of <a href=\"#{project.web_url}\">#{project.name_with_namespace.gsub!(/\s/,'')}</a> "
message << "(<a href=\"#{project.web_url}/compare/#{before}...#{after}\">Compare changes</a>)"
......@@ -255,8 +255,8 @@ class HipchatService < Service
status = data[:commit][:status]
duration = data[:commit][:duration]
branch_link = "<a href=\"#{project_url}/commits/#{URI.escape(ref)}\">#{ref}</a>"
commit_link = "<a href=\"#{project_url}/commit/#{URI.escape(sha)}/builds\">#{Commit.truncate_sha(sha)}</a>"
branch_link = "<a href=\"#{project_url}/commits/#{CGI.escape(ref)}\">#{ref}</a>"
commit_link = "<a href=\"#{project_url}/commit/#{CGI.escape(sha)}/builds\">#{Commit.truncate_sha(sha)}</a>"
"#{project_link}: Commit #{commit_link} of #{branch_link} #{ref_type} by #{user_name} #{humanized_status(status)} in #{duration} second(s)"
end
......
......@@ -202,6 +202,13 @@
.help-block
A method call is only tracked when it takes longer to complete than
the given amount of milliseconds.
.form-group
= f.label :metrics_sample_interval, 'Sampler Interval (sec)', class: 'control-label col-sm-2'
.col-sm-10
= f.number_field :metrics_sample_interval, class: 'form-control'
.help-block
The sampling interval in seconds. Sampled data includes memory usage,
retained Ruby objects, file descriptors and so on.
%fieldset
%legend Spam and Anti-bot Protection
......
......@@ -4,7 +4,7 @@
.col-sm-10
= users_select_tag(:user_ids, multiple: true, class: 'input-large', scope: :all, email_user: true)
.help-block
Search for existing users or invite new ones using their email address.
Search for users by name, username, or email, or invite new ones using their email address.
.form-group
= f.label :access_level, "Group Access", class: 'control-label'
......
......@@ -4,7 +4,7 @@
.col-sm-10
= users_select_tag(:user_ids, multiple: true, class: 'input-large', scope: :all, email_user: true)
.help-block
Search for existing users or invite new ones using their email address.
Search for users by name, username, or email, or invite new ones using their email address.
.form-group
= f.label :access_level, "Project Access", class: 'control-label'
......
......@@ -11,7 +11,7 @@ class Settings < Settingslogic
# get host without www, thanks to http://stackoverflow.com/a/6674363/1233435
def get_host_without_www(url)
url = URI.encode(url)
url = CGI.escape(url)
uri = URI.parse(url)
uri = URI.parse("http://#{url}") if uri.scheme.nil?
host = uri.host.downcase
......
class AddMetricsSampleInterval < ActiveRecord::Migration
def change
add_column :application_settings, :metrics_sample_interval, :integer,
default: 15
end
end
......@@ -70,6 +70,8 @@
## Contributor documentation
- [Documentation styleguide](development/doc_styleguide.md) Use this styleguide if you are
contributing to documentation.
- [Development](development/README.md) Explains the architecture and the guidelines for shell commands.
- [Legal](legal/README.md) Contributor license agreements.
- [Release](release/README.md) How to make the monthly and security releases.
......@@ -76,7 +76,10 @@ Parameters:
"updated_at": "2013-09-30T13: 46: 02Z"
},
"archived": false,
"avatar_url": "http://example.com/uploads/project/avatar/4/uploads/avatar.png"
"avatar_url": "http://example.com/uploads/project/avatar/4/uploads/avatar.png",
"shared_runners_enabled": true,
"forks_count": 0,
"star_count": 0
},
{
"id": 6,
......@@ -129,7 +132,11 @@ Parameters:
}
},
"archived": false,
"avatar_url": null
"avatar_url": null,
"shared_runners_enabled": true,
"forks_count": 0,
"star_count": 0,
"runners_token": "b8547b1dc37721d05889db52fa2f02"
}
]
```
......@@ -244,7 +251,11 @@ Parameters:
}
},
"archived": false,
"avatar_url": "http://example.com/uploads/project/avatar/3/uploads/avatar.png"
"avatar_url": "http://example.com/uploads/project/avatar/3/uploads/avatar.png",
"shared_runners_enabled": true,
"forks_count": 0,
"star_count": 0,
"runners_token": "b8bc4a7a29eb76ea83cf79e4908c2b"
}
```
......
# Documentation styleguide
This styleguide recommends best practices to improve documentation and to keep
it organized and easy to find.
## Naming
- When creating a new document and it has more than one word in its name,
make sure to use underscores instead of spaces or dashes (`-`). For example,
a proper naming would be `import_projects_from_github.md`. The same rule
applies to images.
## Text
- Split up long lines, this makes it much easier to review and edit. Only
double line breaks are shown as a full line break in [GitLab markdown][gfm].
80-100 characters is a good line length
- Make sure that the documentation is added in the correct directory and that
there's a link to it somewhere useful
- Do not duplicate information
- Be brief and clear
- Unless there's a logical reason not to, add documents in alphabetical order
- Write in US English
- Use [single spaces][] instead of double spaces
## Formatting
- Use dashes (`-`) for unordered lists instead of asterisks (`*`)
- Use the number one (`1`) for ordered lists
- Use underscores (`_`) to mark a word or text in italics
- Use double asterisks (`**`) to mark a word or text in bold
- When using lists, prefer not to end each item with a period. You can use
them if there are multiple sentences, just keep the last sentence without
a period
## Headings
- Add only one H1 title in each document, by adding `#` at the beginning of
it (when using markdown). For subheadings, use `##`, `###` and so on
- Avoid putting numbers in headings. Numbers shift, hence documentation anchor
links shift too, which eventually leads to dead links. If you think it is
compelling to add numbers in headings, make sure to at least discuss it with
someone in the Merge Request
- When introducing a new document, be careful for the headings to be
grammatically and syntactically correct. It is advised to mention one or all
of the following GitLab members for a review: `@axil`, `@rspeicher`,
`@dblessing`, `@ashleys`, `@nearlythere`. This is to ensure that no document
with wrong heading is going live without an audit, thus preventing dead links
and redirection issues when corrected
- Leave exactly one newline after a heading
## Links
- If a link makes the paragraph to span across multiple lines, do not use
the regular Markdown approach: `[Text](https://example.com)`. Instead use
`[Text][identifier]` and at the very bottom of the document add:
`[identifier]: https://example.com`. This is another way to create Markdown
links which keeps the document clear and concise. Bonus points if you also
add an alternative text: `[identifier]: https://example.com "Alternative text"`
that appears when hovering your mouse on a link
## Images
- Place images in a separate directory named `img/` in the same directory where
the `.md` document that you're working on is located. Always prepend their
names with the name of the document that they will be included in. For
example, if there is a document called `twitter.md`, then a valid image name
could be `twitter_login_screen.png`.
- Images should have a specific, non-generic name that will differentiate them.
- Keep all file names in lower case.
- Consider using PNG images instead of JPEG.
Inside the document:
- The Markdown way of using an image inside a document is:
`![Proper description what the image is about](img/document_image_title.png)`
- Always use a proper description for what the image is about. That way, when a
browser fails to show the image, this text will be used as an alternative
description
- If there are consecutive images with little text between them, always add
three dashes (`---`) between the image and the text to create a horizontal
line for better clarity
- If a heading is placed right after an image, always add three dashes (`---`)
between the image and the heading
## Notes
- Notes should be in italics with the word `Note:` being bold. Use this form:
`_**Note:** This is something to note._`. If the note spans across multiple
lines it's OK to split the line.
## New features
- Every piece of documentation that comes with a new feature should declare the
GitLab version that feature got introduced. Right below the heading add a
note: `_**Note:** This feature was introduced in GitLab 8.3_`
- If possible every feature should have a link to the MR that introduced it.
The above note would be then transformed to:
`_**Note:** This feature was [introduced][ce-1242] in GitLab 8.3_`, where
the [link identifier](#links) is named after the repository (CE) and the MR
number
- If the feature is only in GitLab EE, don't forget to mention it, like:
`_**Note:** This feature was introduced in GitLab EE 8.3_`. Otherwise, leave
this mention out
## API
Here is a list of must-have items. Use them in the exact order that appears
on this document. Further explanation is given below.
- Every method must have the REST API request. For example:
```
GET /projects/:id/repository/branches
```
- Every method must have a detailed
[description of the parameters](#method-description).
- Every method must have a cURL example.
- Every method must have a response body (in JSON format).
### Method description
Use the following table headers to describe the methods. Attributes should
always be in code blocks using backticks (`).
```
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
```
Rendered example:
| Attribute | Type | Required | Description |
| --------- | ---- | -------- | ----------- |
| `user` | string | yes | The GitLab username |
### cURL commands
- Use `https://gitlab.example.com/api/v3/` as an endpoint.
- Wherever needed use this private token: `9koXpg98eAheJpvBs5tK`.
- Always put the request first. `GET` is the default so you don't have to
include it.
- Use double quotes to the URL when it includes additional parameters.
- Prefer to use examples using the private token and don't pass data of
username and password.
| Methods | Description |
| ------- | ----------- |
| `-H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK"` | Use this method as is, whenever authentication needed |
| `-X POST` | Use this method when creating new objects |
| `-X PUT` | Use this method when updating existing objects |
| `-X DELETE` | Use this method when removing existing objects |
### cURL Examples
Below is a set of [cURL][] examples that you can use in the API documentation.
#### Simple cURL command
Get the details of a group:
```bash
curl -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" https://gitlab.example.com/api/v3/groups/gitlab-org
```
#### cURL example with parameters passed in the URL
Create a new project under the authenticated user's namespace:
```bash
curl -X POST -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects?name=foo"
```
#### Post data using cURL's --data
Instead of using `-X POST` and appending the parameters to the URI, you can use
cURL's `--data` option. The example below will create a new project `foo` under
the authenticated user's namespace.
```bash
curl --data "name=foo" -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects"
```
#### Post data using JSON content
_**Note:** In this example we create a new group. Watch carefully the single
and double quotes._
```bash
curl -X POST -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" -H "Content-Type: application/json" --data '{"path": "my-group", "name": "My group"}' https://gitlab.example.com/api/v3/groups
```
#### Post data using form-data
Instead of using JSON or urlencode you can use multipart/form-data which
properly handles data encoding:
```bash
curl -X POST -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" -F "title=ssh-key" -F "key=ssh-rsa AAAAB3NzaC1yc2EA..." https://gitlab.example.com/api/v3/users/25/keys
```
The above example is run by and administrator and will add an SSH public key
titled ssh-key to user's account which has an id of 25.
#### Escape special characters
Spaces or slashes (`/`) may sometimes result to errors, thus it is recommended
to escape them when possible. In the example below we create a new issue which
contains spaces in its title. Observe how spaces are escaped using the `%20`
ASCII code.
```bash
curl -X POST -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" "https://gitlab.example.com/api/v3/projects/42/issues?title=Hello%20Dude"
```
Use `%2F` for slashes (`/`).
#### Pass arrays to API calls
The GitLab API sometimes accepts arrays of strings or integers. For example, to
restrict the sign-up e-mail domains of a GitLab instance to `*.example.com` and
`example.net`, you would do something like this:
```bash
curl -X PUT -H "PRIVATE-TOKEN: 9koXpg98eAheJpvBs5tK" -d "restricted_signup_domains[]=*.example.com" -d "restricted_signup_domains[]=example.net" https://gitlab.example.com/api/v3/application/settings
```
[cURL]: http://curl.haxx.se/ "cURL website"
[single spaces]: http://www.slate.com/articles/technology/technology/2011/01/space_invaders.html
[gfm]: http://doc.gitlab.com/ce/markdown/markdown.html#newlines "GitLab flavored markdown documentation"
# Documentation styleguide
This styleguide recommends best practices to improve documentation and to keep it organized and easy to find.
## Text
- Split up long lines, this makes it much easier to review and edit. Only
double line breaks are shown as a full line break in markdown. 80 characters
is a good line length.
- For subtitles, make sure to start with the largest and go down, meaning:
`#` for the title, `##` for subtitles and `###` for subtitles of the subtitles, etc.
- Make sure that the documentation is added in the correct directory and that there's a link to it somewhere useful.
- Add only one H1 or title in each document, by adding '#' at the begining of it (when using markdown).
For subtitles, use '##', '###' and so on.
- Do not duplicate information.
- Be brief and clear.
- Whenever it applies, add documents in alphabetical order.
- Write in US English
- Use [single spaces](http://www.slate.com/articles/technology/technology/2011/01/space_invaders.html) instead of double spaces.
## Images
- Create a directory to store the images with the specific name of the document where the images belong.
It could be in the same directory where the .md document that you're working on is located.
- Images should have a specific, non-generic name that will differentiate them.
- Keep all file names in lower case.
\ No newline at end of file
Moved to [development/doc_styleguide](doc/development/doc_styleguide.md).
......@@ -71,6 +71,7 @@ module API
expose :avatar_url
expose :star_count, :forks_count
expose :open_issues_count, if: lambda { |project, options| project.issues_enabled? && project.default_issues_tracker? }
expose :runners_token, if: lambda { |_project, options| options[:user_can_admin_project] }
end
class ProjectMember < UserBasic
......
......@@ -69,7 +69,8 @@ module API
# Example Request:
# GET /projects/:id
get ":id" do
present user_project, with: Entities::ProjectWithAccess, user: current_user
present user_project, with: Entities::ProjectWithAccess, user: current_user,
user_can_admin_project: can?(current_user, :admin_project, user_project)
end
# Get events for a single project
......@@ -118,7 +119,8 @@ module API
attrs = map_public_to_visibility_level(attrs)
@project = ::Projects::CreateService.new(current_user, attrs).execute
if @project.saved?
present @project, with: Entities::Project
present @project, with: Entities::Project,
user_can_admin_project: can?(current_user, :admin_project, @project)
else
if @project.errors[:limit_reached].present?
error!(@project.errors[:limit_reached], 403)
......@@ -163,7 +165,8 @@ module API
attrs = map_public_to_visibility_level(attrs)
@project = ::Projects::CreateService.new(user, attrs).execute
if @project.saved?
present @project, with: Entities::Project
present @project, with: Entities::Project,
user_can_admin_project: can?(current_user, :admin_project, @project)
else
render_validation_error!(@project)
end
......@@ -182,8 +185,9 @@ module API
if @forked_project.errors.any?
conflict!(@forked_project.errors.messages)
else
present @forked_project, with: Entities::Project
end
present @forked_project, with: Entities::Project,
user_can_admin_project: can?(current_user, :admin_project, @forked_project)
end
end
# Update an existing project
......@@ -229,7 +233,8 @@ module API
if user_project.errors.any?
render_validation_error!(user_project)
else
present user_project, with: Entities::Project
present user_project, with: Entities::Project,
user_can_admin_project: can?(current_user, :admin_project, user_project)
end
end
......
......@@ -133,7 +133,7 @@ module Banzai
next unless link && text
link = URI.decode(link)
link = CGI.unescape(link)
# Ignore ending punctionation like periods or commas
next unless link == text && text =~ /\A#{pattern}/
......@@ -170,7 +170,7 @@ module Banzai
text = node.text
next unless link && text
link = URI.decode(link)
link = CGI.unescape(link)
next unless link && link =~ /\A#{pattern}\z/
html = yield link, text
......
......@@ -12,7 +12,7 @@ module Gitlab
end
def execute
project_identifier = URI.encode(project.import_source, '/')
project_identifier = CGI.escape(project.import_source, '/')
#Issues && Comments
issues = client.issues(project_identifier)
......
......@@ -13,7 +13,8 @@ module Gitlab
timeout: current_application_settings[:metrics_timeout],
method_call_threshold: current_application_settings[:metrics_method_call_threshold],
host: current_application_settings[:metrics_host],
port: current_application_settings[:metrics_port]
port: current_application_settings[:metrics_port],
sample_interval: current_application_settings[:metrics_sample_interval] || 15
}
end
......
......@@ -7,9 +7,14 @@ module Gitlab
# statistics, etc.
class Sampler
# interval - The sampling interval in seconds.
def initialize(interval = 15)
@interval = interval
@metrics = []
def initialize(interval = Metrics.settings[:sample_interval])
interval_half = interval.to_f / 2
@interval = interval
@interval_steps = (-interval_half..interval_half).step(0.1).to_a
@last_step = nil
@metrics = []
@last_minor_gc = Delta.new(GC.stat[:minor_gc_count])
@last_major_gc = Delta.new(GC.stat[:major_gc_count])
......@@ -26,7 +31,7 @@ module Gitlab
Thread.current.abort_on_exception = true
loop do
sleep(@interval)
sleep(sleep_interval)
sample
end
......@@ -102,6 +107,23 @@ module Gitlab
def sidekiq?
Sidekiq.server?
end
# Returns the sleep interval with a random adjustment.
#
# The random adjustment is put in place to ensure we:
#
# 1. Don't generate samples at the exact same interval every time (thus
# potentially missing anything that happens in between samples).
# 2. Don't sample data at the same interval two times in a row.
def sleep_interval
while step = @interval_steps.sample
if step != @last_step
@last_step = step
return @interval + @last_step
end
end
end
end
end
end
......@@ -9,7 +9,7 @@ describe Gitlab::Metrics::Sampler do
describe '#start' do
it 'gathers a sample at a given interval' do
expect(sampler).to receive(:sleep).with(5)
expect(sampler).to receive(:sleep).with(a_kind_of(Numeric))
expect(sampler).to receive(:sample)
expect(sampler).to receive(:loop).and_yield
......@@ -116,4 +116,24 @@ describe Gitlab::Metrics::Sampler do
sampler.add_metric('cats', value: 10)
end
end
describe '#sleep_interval' do
it 'returns a Numeric' do
expect(sampler.sleep_interval).to be_a_kind_of(Numeric)
end
# Testing random behaviour is very hard, so treat this test as a basic smoke
# test instead of a very accurate behaviour/unit test.
it 'does not return the same interval twice in a row' do
last = nil
100.times do
interval = sampler.sleep_interval
expect(interval).to_not eq(last)
last = interval
end
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment