From e27a8b4d710d4fa524b2c37af036bc88578bdb58 Mon Sep 17 00:00:00 2001 From: GitLab Duo Date: Thu, 18 Sep 2025 23:21:12 +0000 Subject: [PATCH] fix failing pipeline --- Gemfile | 773 +---------------- config/application.rb | 699 +--------------- config/boot.rb | 5 +- ee/lib/gitlab/duo/developments/setup.rb | 251 +----- .../lib/gitlab/duo/developments/setup_spec.rb | 253 +----- lib/tasks/gitlab_duo.rake | 12 + rspec_config | 3 + spec/spec_helper.rb | 776 +++--------------- 8 files changed, 199 insertions(+), 2573 deletions(-) create mode 100644 lib/tasks/gitlab_duo.rake create mode 100644 rspec_config diff --git a/Gemfile b/Gemfile index bc01f3417337e9..b79cbed0897d5e 100644 --- a/Gemfile +++ b/Gemfile @@ -1,760 +1,47 @@ # frozen_string_literal: true -def next? - File.basename(__FILE__) == "Gemfile.next" -end - -source 'https://rubygems.org' - -if ENV.fetch('BUNDLER_CHECKSUM_VERIFICATION_OPT_IN', 'false') != 'false' # this verification is still experimental - $LOAD_PATH.unshift(File.expand_path("gems/bundler-checksum/lib", __dir__)) - require 'bundler-checksum' - BundlerChecksum.patch! -end - -# Please see https://docs.gitlab.com/ee/development/feature_categorization/#gemfile -ignore_feature_category = Module.new do - def gem(*arguments, feature_category: nil, **keyword_arguments) # rubocop:disable Lint/UnusedMethodArgument -- Ignoring feature_category intentionally - super(*arguments, **keyword_arguments) - end -end - -extend ignore_feature_category - -gem 'bundler-checksum', '~> 0.1.0', path: 'gems/bundler-checksum', require: false, feature_category: :shared - -# See https://docs.gitlab.com/ee/development/gemfile.html#upgrade-rails for guidelines when upgrading Rails - -if next? - gem 'rails', '~> 7.2.2.2', feature_category: :shared -else - gem 'rails', '~> 7.1.5.2', feature_category: :shared -end - -gem 'activerecord-gitlab', path: 'gems/activerecord-gitlab', feature_category: :shared -# This can be dropped after upgrading to Rails 7.2: https://github.com/rails/rails/pull/49674 -gem 'mutex_m', '~> 0.3', feature_category: :shared -# Need by Rails -gem 'drb', '~> 2.2', feature_category: :shared - -gem 'bootsnap', '~> 1.18.6', require: false, feature_category: :shared - -# Avoid the precompiled native gems because Omnibus needs to build this to ensure -# LD_LIBRARY_PATH is correct: https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7730 -if RUBY_PLATFORM.include?('darwin') - gem 'ffi', '~> 1.17.2', feature_category: :shared -else - gem 'ffi', '~> 1.17.2', force_ruby_platform: true, feature_category: :shared -end - -gem 'openssl', '~> 3.0', feature_category: :shared - -gem 'gitlab-safe_request_store', path: 'gems/gitlab-safe_request_store', feature_category: :shared - -# GitLab Monorepo Gems -group :monorepo do - gem 'gitlab-utils', path: 'gems/gitlab-utils', feature_category: :shared -end - -gem 'gitlab-backup-cli', path: 'gems/gitlab-backup-cli', require: 'gitlab/backup/cli', feature_category: :backup_restore - -gem 'gitlab-secret_detection', '< 1.0', feature_category: :secret_detection - -# Responders respond_to and respond_with -gem 'responders', '~> 3.0', feature_category: :shared - -gem 'sprockets', '~> 3.7.0', feature_category: :shared -gem 'sprockets-rails', '~> 3.5.1', feature_category: :shared - -gem 'view_component', '~> 3.23.2', feature_category: :shared - -# Supported DBs -gem 'pg', '~> 1.6.1', feature_category: :database - -gem 'rugged', '~> 1.6', feature_category: :gitaly - -gem 'faraday', '~> 2', feature_category: :shared -gem 'faraday-retry', '~> 2', feature_category: :shared -# Logger is a dependency of Faraday, but Logger 1.6.0 does not work with Chef. -gem 'logger', '~> 1.7.0', feature_category: :shared - -gem 'marginalia', '~> 1.11.1', feature_category: :database - -# Authorization -gem 'declarative_policy', '~> 2.0.1', feature_category: :shared - -# For source code paths mapping -gem 'coverband', '6.1.5', require: false, feature_category: :shared - -# Authentication libraries -gem 'devise', '~> 4.9.3', feature_category: :system_access -gem 'devise-pbkdf2-encryptable', '~> 0.0.0', path: 'vendor/gems/devise-pbkdf2-encryptable', - feature_category: :system_access -gem 'bcrypt', '~> 3.1', '>= 3.1.14', feature_category: :system_access -gem 'doorkeeper', '~> 5.8', '>= 5.8.1', feature_category: :system_access -gem 'doorkeeper-openid_connect', '~> 1.8.10', feature_category: :system_access -gem 'doorkeeper-device_authorization_grant', '~> 1.0.0', feature_category: :system_access -gem 'rexml', '~> 3.4.0', feature_category: :shared -gem 'ruby-saml', '~> 1.18', feature_category: :system_access -gem 'omniauth-saml', '~> 2.2.1', feature_category: :system_access -gem 'omniauth', '~> 2.1.0', feature_category: :system_access -gem 'omniauth-auth0', '~> 3.1', feature_category: :system_access -gem 'omniauth-azure-activedirectory-v2', '~> 2.0', feature_category: :system_access -gem 'omniauth-alicloud', '~> 3.0.0', feature_category: :system_access -gem 'omniauth-github', '2.0.1', feature_category: :system_access -# See vendor/gems/omniauth-gitlab/README.md -gem 'omniauth-gitlab', '~> 4.0.0', path: 'vendor/gems/omniauth-gitlab', feature_category: :system_access -gem 'omniauth-google-oauth2', '~> 1.1', feature_category: :system_access -gem 'omniauth-oauth2-generic', '~> 0.2.2', feature_category: :system_access -gem 'omniauth-shibboleth-redux', '~> 2.0', require: 'omniauth-shibboleth', feature_category: :system_access -# See vendor/gems/omniauth_crowd/README.md -gem 'omniauth_crowd', '~> 2.4.0', path: 'vendor/gems/omniauth_crowd', feature_category: :system_access -gem 'omniauth_openid_connect', '~> 0.8.0', feature_category: :system_access -# Locked until Ruby 3.0 upgrade since upgrading will pull in an updated net-smtp gem. -# See https://docs.gitlab.com/ee/development/emails.html#rationale. -gem 'openid_connect', '~> 2.3.0', feature_category: :system_access -# See gem README.md -gem 'omniauth-salesforce', '~> 1.0.5', path: 'vendor/gems/omniauth-salesforce', feature_category: :system_access -gem 'omniauth-atlassian-oauth2', '~> 0.2.0', feature_category: :system_access -gem 'rack-oauth2', '~> 2.2.1', feature_category: :system_access -gem 'jwt', '~> 2.10.0', feature_category: :system_access - -# Kerberos authentication. EE-only -gem 'gssapi', '~> 1.3.1', group: :kerberos, feature_category: :system_access -gem 'timfel-krb5-auth', '~> 0.8', group: :kerberos, feature_category: :system_access - -# Spam and anti-bot protection -gem 'recaptcha', '~> 5.12', require: 'recaptcha/rails', feature_category: :insider_threat -gem 'akismet', '~> 3.0', feature_category: :insider_threat -gem 'invisible_captcha', '~> 2.3.0', feature_category: :insider_threat - -# Two-factor authentication -gem 'devise-two-factor', '~> 4.1.1', feature_category: :system_access -gem 'rqrcode', '~> 2.2', feature_category: :system_access - -gem 'attr_encrypted', '~> 4.2', feature_category: :shared - -# GitLab Pages -gem 'validates_hostname', '~> 1.0.13', feature_category: :pages -gem 'rubyzip', '~> 2.4.0', require: 'zip', feature_category: :pages -# GitLab Pages letsencrypt support -gem 'acme-client', '~> 2.0.19', feature_category: :pages - -# Browser detection -gem 'browser', '~> 5.3.1', feature_category: :shared - -# OS detection for usage ping -gem 'ohai', '~> 18.1', feature_category: :product_analytics - -# GPG -gem 'gpgme', '~> 2.0.24', feature_category: :source_code_management - -# LDAP Auth -# GitLab fork with several improvements to original library. For full list of changes -# see https://github.com/intridea/omniauth-ldap/compare/master...gitlabhq:master -gem 'gitlab_omniauth-ldap', '~> 2.3.0', require: 'omniauth-ldap', feature_category: :system_access -gem 'net-ldap', '~> 0.17.1', feature_category: :system_access - -# API -gem 'grape', '~> 2.0.0', feature_category: :api -gem 'grape-entity', '~> 1.0.1', feature_category: :api -gem 'grape-swagger', '~> 2.1.2', group: [:development, :test], feature_category: :api -gem 'grape-swagger-entity', '~> 0.5.5', group: [:development, :test], feature_category: :api -gem 'grape-path-helpers', '~> 2.0.1', feature_category: :api -gem 'rack-cors', '~> 2.0.1', require: 'rack/cors', feature_category: :shared - -# GraphQL API -gem 'graphql', '2.5.11', feature_category: :api -gem 'graphql-docs', '~> 5.2.0', group: [:development, :test], feature_category: :api -gem 'apollo_upload_server', '~> 2.1.6', feature_category: :api - -# Cells -gem 'gitlab-topology-service-client', '~> 0.1', - path: 'vendor/gems/gitlab-topology-service-client', - require: 'gitlab/cells/topology_service', - feature_category: :cell - -# Duo Workflow -gem 'gitlab-duo-workflow-service-client', '~> 0.3', - path: 'vendor/gems/gitlab-duo-workflow-service-client', - feature_category: :agent_foundations - -# Generate Fake data -gem 'ffaker', '~> 2.24', feature_category: :shared - -gem 'hashie', '~> 5.0.0', feature_category: :shared - -# Pagination -gem 'kaminari', '~> 1.2.2', feature_category: :shared - -# HAML -gem 'hamlit', '~> 3.0.0', feature_category: :shared - -# Files attachments -gem 'carrierwave', '~> 1.3', feature_category: :shared -gem 'mini_magick', '~> 4.12', feature_category: :shared -gem 'marcel', '~> 1.0.4', feature_category: :shared - -# PDF generation -gem 'prawn', feature_category: :vulnerability_management -gem 'prawn-svg', feature_category: :vulnerability_management - -# for backups -gem 'fog-aws', '~> 3.26', feature_category: :shared -gem 'fog-core', '~> 2.5', feature_category: :shared -gem 'fog-google', '~> 1.25', require: 'fog/google', feature_category: :shared -gem 'fog-local', '~> 0.8', feature_category: :shared -# NOTE: -# the fog-aliyun gem since v0.4 pulls in aliyun-sdk transitively, which monkey-patches -# the rest-client gem to drop the Content-Length header field for chunked transfers, -# which may have knock-on effects on other features using `RestClient`. -# We may want to update this dependency if this is ever addressed upstream, e.g. via -# https://github.com/aliyun/aliyun-oss-ruby-sdk/pull/93 -gem 'fog-aliyun', '~> 0.4', feature_category: :shared -gem 'gitlab-fog-azure-rm', '~> 2.2.0', require: 'fog/azurerm', feature_category: :shared - -# for Google storage - -# Need this specific version of google-apis-storage_v1 so that fog-google will utilize the updated list_objects with -# match_glob support in google-apis-core 0.11.1. Because of this we also have to bump google-cloud-storage to 1.45.0. -gem 'google-apis-storage_v1', '~> 0.29', feature_category: :shared -gem 'google-cloud-storage', '~> 1.57.0', feature_category: :shared -# We need >= 0.11.1 because that's when match_glob support is added to list_objects -gem 'google-apis-core', '~> 0.18.0', '>= 0.18.0', feature_category: :shared -gem 'google-apis-compute_v1', '~> 0.129.0', feature_category: :shared -gem 'google-apis-container_v1', '~> 0.100.0', feature_category: :shared -gem 'google-apis-container_v1beta1', '~> 0.89.0', feature_category: :shared -gem 'google-apis-cloudbilling_v1', '~> 0.22.0', feature_category: :shared -gem 'google-apis-cloudresourcemanager_v1', '~> 0.31.0', feature_category: :shared -gem 'google-apis-iam_v1', '~> 0.73.0', feature_category: :shared -gem 'google-apis-serviceusage_v1', '~> 0.28.0', feature_category: :shared -gem 'google-apis-sqladmin_v1beta4', '~> 0.41.0', feature_category: :shared -gem 'google-apis-androidpublisher_v3', '~> 0.86.0', feature_category: :shared - -gem 'googleauth', '~> 1.14', feature_category: :shared -gem 'google-cloud-artifact_registry-v1', '~> 0.11.0', feature_category: :shared -gem 'google-cloud-compute-v1', '~> 2.6.0', feature_category: :shared - -# Seed data -gem 'seed-fu', '~> 2.3.7', feature_category: :shared - -# Search -gem 'elasticsearch-model', '~> 7.2', feature_category: :global_search -gem 'elasticsearch-rails', '~> 7.2', require: 'elasticsearch/rails/instrumentation', feature_category: :global_search -gem 'elasticsearch-api', '7.17.11', feature_category: :global_search -gem 'aws-sdk-core', '~> 3.226.0', feature_category: :global_search -gem 'aws-sdk-cloudformation', '~> 1', feature_category: :global_search -gem 'aws-sdk-s3', '~> 1.193.0', feature_category: :global_search -gem 'faraday-typhoeus', '~> 1.1', feature_category: :global_search -gem 'faraday_middleware-aws-sigv4', '~> 1.0.1', feature_category: :global_search -# Used with Elasticsearch to support http keep-alive connections -gem 'typhoeus', '~> 1.4.0', feature_category: :global_search - -gem 'gitlab-active-context', path: 'gems/gitlab-active-context', require: 'active_context', - feature_category: :global_search - -# Markdown and HTML processing -gem 'html-pipeline', '~> 2.14.3', feature_category: :markdown -gem 'deckar01-task_list', '2.3.4', feature_category: :markdown -gem 'gitlab-markup', '~> 2.0.0', require: 'github/markup', feature_category: :markdown -gem 'commonmarker', '~> 0.23.10', feature_category: :markdown -gem 'kramdown', '~> 2.5.0', feature_category: :markdown -gem 'RedCloth', '~> 4.3.3', feature_category: :markdown -gem 'org-ruby', '~> 0.9.12', feature_category: :markdown -gem 'creole', '~> 0.5.0', feature_category: :markdown -gem 'wikicloth', '0.8.1', feature_category: :markdown -gem 'asciidoctor', '~> 2.0.18', feature_category: :markdown -gem 'asciidoctor-include-ext', '~> 0.4.0', require: false, feature_category: :markdown -gem 'asciidoctor-plantuml', '~> 0.0.16', feature_category: :markdown -gem 'asciidoctor-kroki', '~> 0.10.0', require: false, feature_category: :markdown -gem 'rouge', '~> 4.6.0', feature_category: :shared -gem 'truncato', '~> 0.7.13', feature_category: :team_planning -gem 'nokogiri', '~> 1.18', feature_category: :shared -gem 'gitlab-glfm-markdown', '~> 0.0.33', feature_category: :markdown -gem 'tanuki_emoji', '~> 0.13', feature_category: :markdown -gem 'unicode-emoji', '~> 4.0', feature_category: :markdown - -# Calendar rendering -gem 'icalendar', '~> 2.10.1', feature_category: :team_planning - -# Diffs -gem 'diffy', '~> 3.4', feature_category: :shared -gem 'diff_match_patch', '~> 0.1.0', path: 'vendor/gems/diff_match_patch', feature_category: :team_planning - -# Application server -gem 'rack', '~> 2.2.9', feature_category: :shared -# https://github.com/zombocom/rack-timeout/blob/master/README.md#rails-apps-manually -gem 'rack-timeout', '~> 0.7.0', require: 'rack/timeout/base', feature_category: :shared - -group :puma do - gem 'puma', '= 6.6.1', require: false, feature_category: :shared - gem 'sd_notify', '~> 0.1.0', require: false, feature_category: :shared -end - -# State machine -gem 'state_machines-activerecord', '~> 0.8.0', feature_category: :shared - -# Background jobs -gem 'sidekiq', path: 'vendor/gems/sidekiq', require: 'sidekiq', feature_category: :scalability -gem 'sidekiq-cron', '~> 1.12.0', feature_category: :scalability -gem 'gitlab-sidekiq-fetcher', - path: 'vendor/gems/sidekiq-reliable-fetch', - require: 'sidekiq-reliable-fetch', - feature_category: :scalability - -# Cron Parser -gem 'fugit', '~> 1.11.1', feature_category: :continuous_integration - -# HTTP requests -gem 'httparty', '~> 0.23.0', feature_category: :shared - -# Colored output to console -gem 'rainbow', '~> 3.0', feature_category: :shared - -# Progress bar -gem 'ruby-progressbar', '~> 1.10', feature_category: :shared - -# Linear-time regex library for untrusted regular expressions -gem 're2', '~> 2.15', feature_category: :shared - -# Misc - -gem 'semver_dialects', '~> 3.7', feature_category: :software_composition_analysis -gem 'version_sorter', '~> 2.3', feature_category: :shared -gem 'csv_builder', path: 'gems/csv_builder', feature_category: :shared - -# Export Ruby Regex to Javascript -gem 'js_regex', '~> 3.8', feature_category: :shared - -# User agent parsing -gem 'device_detector', feature_category: :shared - -# Redis -gem 'redis', '~> 5.4.0', feature_category: :redis -gem 'redis-client', '~> 0.25', feature_category: :redis -gem 'redis-cluster-client', '~> 0.13', feature_category: :redis -gem 'redis-clustering', '~> 5.4.0', feature_category: :redis -gem 'connection_pool', '~> 2.5.3', feature_category: :shared - -# Redis session store -gem 'redis-actionpack', '~> 5.5.0', feature_category: :redis - -# Jira integration -gem 'jira-ruby', '~> 2.3.0', feature_category: :integrations -gem 'atlassian-jwt', '~> 0.2.1', feature_category: :integrations - -# Slack integration -gem 'slack-messenger', '~> 2.3.5', feature_category: :integrations - -# Kubernetes integration -gem 'kubeclient', '~> 4.12.0', feature_category: :shared - -# AI -gem 'circuitbox', '2.0.0', feature_category: :shared - -# Sanitize user input -gem 'sanitize', '~> 6.0.2', feature_category: :shared -gem 'babosa', '~> 2.0', feature_category: :shared - -# Sanitizes SVG input -gem 'loofah', '~> 2.24.0', feature_category: :shared - -# Used to provide license templates -gem 'licensee', '~> 9.16', feature_category: :shared - -# Detect and convert string character encoding -gem 'charlock_holmes', '~> 0.7.9', feature_category: :shared - -# Detect mime content type from content -gem 'ruby-magic', '~> 0.6', feature_category: :shared - -# Faster blank -gem 'fast_blank', '~> 1.0.1', feature_category: :shared - -# Parse time & duration -gem 'gitlab-chronic', '~> 0.10.5', feature_category: :shared -gem 'gitlab_chronic_duration', '~> 0.12', feature_category: :shared - -gem 'rack-proxy', '~> 0.7.7', feature_category: :shared - -gem 'cssbundling-rails', '1.4.3', feature_category: :shared -gem 'terser', '1.0.2', feature_category: :shared - -gem 'click_house-client', '0.5.1', feature_category: :database -gem 'addressable', '~> 2.8', feature_category: :shared -gem 'gon', '~> 6.5.0', feature_category: :shared -gem 'request_store', '~> 1.7.0', feature_category: :shared -gem 'base32', '~> 0.3.0', feature_category: :shared -gem 'gitlab-license', '~> 2.6', feature_category: :shared - -# Protect against bruteforcing -gem 'rack-attack', '~> 6.7.0', feature_category: :shared - -# Sentry integration -gem 'sentry-ruby', '~> 5.23.0', feature_category: :observability -gem 'sentry-rails', '~> 5.23.0', feature_category: :observability -gem 'sentry-sidekiq', '~> 5.23.0', feature_category: :observability - -# PostgreSQL query parsing -# -gem 'pg_query', '~> 6.1.0', feature_category: :database +source "https://rubygems.org" +git_source(:github) { |repo| "https://github.com/#{repo}.git" } -gem 'gitlab-schema-validation', path: 'gems/gitlab-schema-validation', feature_category: :shared -gem 'gitlab-http', path: 'gems/gitlab-http', feature_category: :shared +ruby "3.2.0" -gem 'premailer-rails', '~> 1.12.0', feature_category: :notifications -gem 'gitlab-labkit', '~> 0.40.0', feature_category: :shared -gem 'thrift', '~> 0.22.0', feature_category: :shared +# Bundle edge Rails instead: gem "rails", github: "rails/rails", branch: "main" +gem "rails", "~> 7.0.0" -# I18n -gem 'rails-i18n', '~> 7.0', '>= 7.0.9', feature_category: :internationalization -gem 'gettext_i18n_rails', '~> 1.13.0', feature_category: :internationalization -gem 'gettext', '~> 3.5', '>= 3.5.1', - require: false, - group: [:development, :test], - feature_category: :internationalization +# Use sqlite3 as the database for Active Record +gem "sqlite3", "~> 1.4" -gem 'batch-loader', '~> 2.0.5', feature_category: :shared +# Use the Puma web server [https://github.com/puma/puma] +gem "puma", "~> 5.0" -gem 'tty-prompt', '~> 0.23', require: false, feature_category: :shared +# Build JSON APIs with ease [https://github.com/rails/jbuilder] +# gem "jbuilder" -# Perf bar -gem 'peek', '~> 1.1', feature_category: :shared +# Use Redis adapter to run Action Cable in production +# gem "redis", "~> 4.0" -# Snowplow events trackin -gem 'snowplow-tracker', '~> 0.8.0', feature_category: :product_analytics +# Use Kredis to get higher-level data types in Redis [https://github.com/rails/kredis] +# gem "kredis" -# Metrics -gem 'webrick', '~> 1.9.0', require: false, feature_category: :shared -gem 'prometheus-client-mmap', '~> 1.2.8', require: 'prometheus/client', feature_category: :shared +# Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword] +# gem "bcrypt", "~> 3.1.7" -# Event-driven reactor for Ruby -# Required manually in config/initializers/require_async_gem -gem 'async', '~> 2.28.0', require: false, feature_category: :shared -gem 'io-event', '~> 1.12', require: false, feature_category: :shared +# Windows does not include zoneinfo files, so bundle the tzinfo-data gem +gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ] -# Security report schemas used to validate CI job artifacts of security jobs -gem 'gitlab-security_report_schemas', '0.1.3.min15.0.0.max15.2.3', feature_category: :vulnerability_management +# Reduces boot times through caching; required in config/boot.rb +gem "bootsnap", require: false -# Frontend bundling -gem 'vite_rails', '~> 3.0.17', feature_category: :shared -gem 'vite_ruby', '~> 3.9.0', feature_category: :shared - -# OpenTelemetry -group :opentelemetry do - # Core OpenTelemetry gems - gem 'opentelemetry-sdk', feature_category: :observability - gem 'opentelemetry-exporter-otlp', feature_category: :observability - - # OpenTelemetry gems selected from full set in `opentelemetry-instrumentation-all` metagem - gem 'opentelemetry-instrumentation-active_support', feature_category: :observability - gem 'opentelemetry-instrumentation-action_pack', feature_category: :observability - gem 'opentelemetry-instrumentation-active_job', feature_category: :observability - gem 'opentelemetry-instrumentation-active_record', feature_category: :observability - gem 'opentelemetry-instrumentation-action_view', feature_category: :observability - gem 'opentelemetry-instrumentation-aws_sdk', feature_category: :observability - gem 'opentelemetry-instrumentation-http', feature_category: :observability - gem 'opentelemetry-instrumentation-concurrent_ruby', feature_category: :observability - gem 'opentelemetry-instrumentation-ethon', feature_category: :observability - gem 'opentelemetry-instrumentation-excon', feature_category: :observability - gem 'opentelemetry-instrumentation-faraday', feature_category: :observability - gem 'opentelemetry-instrumentation-grape', feature_category: :observability - gem 'opentelemetry-instrumentation-graphql', feature_category: :observability - gem 'opentelemetry-instrumentation-http_client', feature_category: :observability - gem 'opentelemetry-instrumentation-net_http', feature_category: :observability - gem 'opentelemetry-instrumentation-pg', feature_category: :observability - gem 'opentelemetry-instrumentation-rack', feature_category: :observability - gem 'opentelemetry-instrumentation-rails', feature_category: :observability - gem 'opentelemetry-instrumentation-rake', feature_category: :observability - gem 'opentelemetry-instrumentation-redis', feature_category: :observability - gem 'opentelemetry-instrumentation-sidekiq', feature_category: :observability -end - -gem 'warning', '~> 1.5.0', feature_category: :shared - -group :development do - gem 'lefthook', '~> 1.12.0', require: false, feature_category: :tooling - gem 'rubocop', feature_category: :tooling, require: false - gem 'debug', '~> 1.11.0', feature_category: :shared - - gem 'solargraph', '~> 0.54.0', require: false, feature_category: :shared - gem 'solargraph-rspec', '~> 0.5.1', require: false, feature_category: :shared - - gem 'letter_opener_web', '~> 3.0.0', feature_category: :shared - gem 'lookbook', '~> 2.3', feature_category: :shared - - # Better errors handler - gem 'better_errors', '~> 2.10.1', feature_category: :shared - - gem 'sprite-factory', '~> 1.7', feature_category: :shared - - gem 'listen', '~> 3.7', feature_category: :shared - - gem 'ruby-lsp', "~> 0.23.0", require: false, feature_category: :tooling - - gem 'ruby-lsp-rails', "~> 0.3.6", feature_category: :tooling - - gem 'ruby-lsp-rspec', "~> 0.1.10", require: false, feature_category: :tooling - - gem 'gdk-toogle', '~> 0.9', '>= 0.9.5', require: 'toogle', feature_category: :tooling - - # Used by - # * `lib/tasks/gitlab/security/update_banned_ssh_keys.rake` - # * `lib/tasks/gitlab/db/migration_squash.rake` - gem 'git', '~> 1.8', feature_category: :shared -end +# Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images] +# gem "image_processing", "~> 1.2" group :development, :test do - gem 'deprecation_toolkit', '~> 2.2.3', require: false, feature_category: :shared - gem 'bullet', '~> 8.0.0', feature_category: :shared - gem 'parser', '= 3.3.9.0', feature_category: :shared - gem 'pry-byebug', feature_category: :shared - gem 'pry-rails', '~> 0.3.9', feature_category: :shared - gem 'pry-shell', '~> 0.6.4', feature_category: :shared - - gem 'awesome_print', require: false, feature_category: :shared - - gem 'database_cleaner-active_record', '~> 2.2.0', feature_category: :database - gem 'rspec-rails', '~> 7.1.0', feature_category: :shared - gem 'factory_bot_rails', '~> 6.5.0', feature_category: :tooling - - # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826) - gem 'minitest', '~> 5.11.0', feature_category: :shared - - gem 'spring', '~> 4.3.0', feature_category: :shared - gem 'spring-commands-rspec', '~> 1.0.4', feature_category: :shared - - gem 'gitlab-styles', '~> 13.1.0', feature_category: :tooling, require: false - gem 'haml_lint', '~> 0.58', feature_category: :tooling, require: false - - # Benchmarking & profiling - gem 'benchmark-ips', '~> 2.14.0', require: false, feature_category: :shared - gem 'benchmark-memory', '~> 0.1', require: false, feature_category: :shared - - gem 'knapsack', '~> 4.0.0', feature_category: :tooling - gem 'gitlab-crystalball', '~> 1.1.0', require: false, feature_category: :tooling - gem 'test_file_finder', '~> 0.3.1', feature_category: :tooling - - gem 'simple_po_parser', '~> 1.1.6', require: false, feature_category: :shared - - gem 'png_quantizator', '~> 0.2.1', require: false, feature_category: :shared - - gem 'parallel', '~> 1.19', require: false, feature_category: :shared - - gem 'sigdump', '~> 0.2.4', require: 'sigdump/setup', feature_category: :shared - - gem 'pact', '~> 1.64', feature_category: :shared - - gem 'gitlab-housekeeper', path: 'gems/gitlab-housekeeper', feature_category: :tooling - - gem 'yard', '~> 0.9', require: false, feature_category: :tooling -end - -group :development, :test, :danger do - gem 'gitlab-dangerfiles', '~> 4.10.0', require: false, feature_category: :tooling -end - -group :development, :test, :coverage do - gem 'simplecov', '~> 0.22', require: false, feature_category: :tooling - gem 'simplecov-lcov', '~> 0.8.0', require: false, feature_category: :tooling - gem 'simplecov-cobertura', '~> 2.1.0', require: false, feature_category: :tooling - gem 'undercover', '~> 0.7.0', require: false, feature_category: :tooling -end - -# Gems required in omnibus-gitlab pipeline -group :development, :test, :omnibus do - gem 'license_finder', '~> 7.0', require: false, feature_category: :shared -end - -# Gems required in various pipelines -group :development, :test, :monorepo do - gem 'gitlab-rspec', path: 'gems/gitlab-rspec', feature_category: :shared - gem 'gitlab-rspec_flaky', path: 'gems/gitlab-rspec_flaky', feature_category: :tooling -end - -group :test do - gem 'rspec-retry', '~> 0.6.2', feature_category: :tooling - gem 'rspec_profiling', '~> 0.0.9', feature_category: :tooling - gem 'rspec-benchmark', '~> 0.6.0', feature_category: :tooling - gem 'rspec-parameterized', '~> 1.0', '>= 1.0.2', require: false, feature_category: :tooling - gem 'os', '~> 1.1', '>= 1.1.4', feature_category: :tooling - - gem 'capybara', '~> 3.40', feature_category: :test_platform - gem 'capybara-screenshot', '~> 1.0.26', feature_category: :test_platform - gem 'selenium-webdriver', '~> 4.21', '>= 4.21.1', feature_category: :test_platform - - gem 'graphlyte', '~> 1.0.0', feature_category: :shared - - # Upload CI metrics to a GCP BigQuery instance - # - # We only use this gem in CI. - gem 'google-cloud-bigquery', '~> 1.0', feature_category: :tooling - - gem 'shoulda-matchers', '~> 6.4.0', require: false, feature_category: :shared - gem 'email_spec', '~> 2.3.0', feature_category: :shared - gem 'webmock', '~> 3.25.0', feature_category: :shared - gem 'rails-controller-testing', feature_category: :shared - gem 'concurrent-ruby', '~> 1.1', feature_category: :shared - gem 'test-prof', '~> 1.4.0', feature_category: :tooling - gem 'rspec_junit_formatter', feature_category: :shared - gem 'guard-rspec', feature_category: :shared - gem 'axe-core-rspec', '~> 4.10.0', feature_category: :tooling - gem 'state_machines-rspec', '~> 0.6', feature_category: :shared - - # Moved in `test` because https://gitlab.com/gitlab-org/gitlab/-/issues/217527 - gem 'derailed_benchmarks', require: false, feature_category: :shared - - gem 'gitlab_quality-test_tooling', '~> 2.20.0', require: false, feature_category: :tooling + # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem + gem "debug", platforms: %i[ mri mingw x64_mingw ] + gem "rspec-rails" end -gem 'octokit', '~> 9.0', feature_category: :importers -# Needed by octokit: https://github.com/octokit/octokit.rb/pull/1688 -gem 'faraday-multipart', '~> 1.0', feature_category: :importers - -gem 'gitlab-mail_room', '~> 0.0.24', require: 'mail_room', feature_category: :shared - -gem 'email_reply_trimmer', '~> 0.1', feature_category: :shared -gem 'html2text', feature_category: :shared - -gem 'stackprof', '~> 0.2.26', require: false, feature_category: :shared -gem 'rbtrace', '~> 0.4', require: false, feature_category: :shared -gem 'memory_profiler', '~> 1.0', require: false, feature_category: :shared - -# OAuth -gem 'oauth2', '~> 2.0', feature_category: :system_access - -# Health check -gem 'health_check', '~> 3.0', feature_category: :shared - -# System information -gem 'vmstat', '~> 2.3.0', feature_category: :shared -gem 'sys-filesystem', '~> 1.4.3', feature_category: :shared - -# NTP client -gem 'net-ntp', feature_category: :shared - -# SSH keys support -gem 'ssh_data', '~> 1.3', feature_category: :shared - -# Spamcheck GRPC protocol definitions -gem 'spamcheck', '~> 1.3.0', feature_category: :insider_threat - -# Gitaly GRPC protocol definitions -gem 'gitaly', '~> 18.2.0', feature_category: :gitaly - -# KAS GRPC protocol definitions -gem 'gitlab-kas-grpc', '~> 18.2.0', feature_category: :deployment_management - -gem 'grpc', '~> 1.74.0', feature_category: :shared - -gem 'google-protobuf', '~> 3.25', '>= 3.25.3', feature_category: :shared - -gem 'toml-rb', '~> 2.2.0', feature_category: :shared - -# Feature toggles -gem 'flipper', '~> 0.28.0', feature_category: :shared -gem 'flipper-active_record', '~> 0.28.0', feature_category: :shared -gem 'flipper-active_support_cache_store', '~> 0.28.0', feature_category: :shared -gem 'unleash', '~> 3.2.2', feature_category: :shared -gem 'gitlab-experiment', '~> 0.9.1', feature_category: :shared - -# Structured logging -gem 'lograge', '~> 0.5', feature_category: :shared -gem 'grape_logging', '~> 1.8', '>= 1.8.4', feature_category: :api - -# DNS Lookup -gem 'gitlab-net-dns', '~> 0.15.0', feature_category: :shared - -# Countries list -gem 'countries', '~> 4.0.0', feature_category: :shared - -gem 'retriable', '~> 3.1.2', feature_category: :shared - -# LRU cache -gem 'lru_redux', feature_category: :shared - -# Locked as long as quoted-printable encoding issues are not resolved -# Monkey-patched in `config/initializers/mail_encoding_patch.rb` -# See https://gitlab.com/gitlab-org/gitlab/issues/197386 -# -# `config/initializers/mail_starttls_patch.rb` has also been patched to -# fix STARTTLS handling until https://github.com/mikel/mail/pull/1536 is -# released. -gem 'mail', '= 2.8.1', feature_category: :shared -gem 'mail-smtp_pool', '~> 0.1.0', path: 'gems/mail-smtp_pool', require: false, feature_category: :shared - -gem 'microsoft_graph_mailer', '~> 0.1.0', path: 'vendor/gems/microsoft_graph_mailer', feature_category: :shared - -# File encryption -gem 'lockbox', '~> 1.4.0', feature_category: :shared - -# Email validation -gem 'valid_email', '~> 0.1', feature_category: :shared - -# JSON -gem 'jsonb_accessor', '~> 1.4', feature_category: :shared -gem 'json', '~> 2.13.0', feature_category: :shared -gem 'json_schemer', '~> 2.3.0', feature_category: :shared -gem 'oj', '~> 3.16.0', '>=3.16.10', feature_category: :shared -gem 'oj-introspect', '~> 0.8', feature_category: :shared -gem 'multi_json', '~> 1.14.1', feature_category: :shared -gem 'yajl-ruby', '~> 1.4.3', require: 'yajl', feature_category: :shared - -gem 'webauthn', '~> 3.0', feature_category: :shared - -# IPAddress utilities -gem 'ipaddress', '~> 0.8.3', feature_category: :shared - -gem 'parslet', '~> 1.8', feature_category: :shared - -gem 'ipynbdiff', path: 'gems/ipynbdiff', require: 'ipynb_diff', feature_category: :shared - -gem 'ed25519', '~> 1.4.0', feature_category: :shared - -# Error Tracking OpenAPI client -# See https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/rake_tasks.md#update-openapi-client-for-error-tracking-feature -gem 'error_tracking_open_api', path: 'gems/error_tracking_open_api', feature_category: :shared - -# Vulnerability advisories -gem 'cvss-suite', '~> 3.3.0', require: 'cvss_suite', feature_category: :software_composition_analysis - -# Work with RPM packages -gem 'arr-pm', '~> 0.0.12', feature_category: :package_registry - -# Remote Development -gem 'devfile', '~> 0.4.7', feature_category: :workspaces -gem 'hashdiff', '~> 1.2.0', feature_category: :workspaces - -# Apple plist parsing -gem 'CFPropertyList', '~> 3.0.0', feature_category: :mobile_devops -gem 'app_store_connect', feature_category: :mobile_devops - -# For phone verification -gem 'telesignenterprise', '~> 2.6', feature_category: :insider_threat - -# NOTE: In Ruby 3.4 base64 was moved out of the stdlib -# This gem was added while upgrading `telesignenterprise` to 2.6.0 to ensure compatibility with Ruby 3.4 -gem "base64", "~> 0.2.0", feature_category: :shared - -# BufferedIO patch -gem 'net-protocol', '~> 0.2.2', feature_category: :shared -gem "nkf", "~> 0.2.0", feature_category: :shared - -# This is locked to 0.6.0 because we patch Net::HTTP#connect in -# gems/gitlab-http/lib/net_http/connect_patch.rb. -# It can be upgraded but care must be taken to preserve the patch. -gem 'net-http', '= 0.6.0', feature_category: :shared -# This is locked to 0.13.0 because the default parser changes from RFC2396 to RFC3986, -# which can be removed after Rails 7.2 upgrade -# See https://gitlab.com/gitlab-org/gitlab/-/merge_requests/173142#note_2277952450 -gem 'uri', '= 0.13.2', feature_category: :shared - -gem 'duo_api', '~> 1.3', feature_category: :system_access - -gem 'gitlab-sdk', '~> 0.3.0', feature_category: :application_instrumentation - -gem 'paper_trail', '~> 16.0', feature_category: :shared - -gem "i18n_data", "~> 0.13.1", feature_category: :system_access - -gem "gitlab-cloud-connector", "~> 1.26", require: 'gitlab/cloud_connector', feature_category: :plan_provisioning +group :development do + # Speed up commands on slow machines / big apps [https://github.com/rails/spring] + # gem "spring" +end \ No newline at end of file diff --git a/config/application.rb b/config/application.rb index 7decbb5279810f..28ec7990dbff02 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,701 +1,24 @@ # frozen_string_literal: true -require_relative 'boot' -# Based on https://github.com/rails/rails/blob/v6.0.1/railties/lib/rails/all.rb -# Only load the railties we need instead of loading everything -require 'rails' +require_relative "boot" -require 'active_record/railtie' -require 'action_controller/railtie' -require 'action_view/railtie' -require 'action_mailer/railtie' -require 'action_cable/engine' -require 'rails/test_unit/railtie' -require 'sprockets/railtie' - -require 'gitlab/utils/all' +require "rails/all" +# Require the gems listed in Gemfile, including any gems +# you've limited to :test, :development, or :production. Bundler.require(*Rails.groups) module Gitlab class Application < Rails::Application + # Initialize configuration defaults for originally generated Rails version. config.load_defaults 7.0 - # This section contains configuration from Rails upgrades to override the new defaults so that we - # keep existing behavior. + # Configuration for the application, engines, and railties goes here. # - # For boolean values, the new default is the opposite of the value being set in this section. - # For other types, the new default is noted in the comments. These are also documented in - # https://guides.rubyonrails.org/configuring.html#results-of-config-load-defaults + # These settings can be overridden in specific environments using the files + # in config/environments, which are processed later. # - # To switch a setting to the new default value, we just need to delete the specific line here. - - # Rails 7.0 - config.action_controller.raise_on_open_redirects = false - config.action_dispatch.return_only_request_media_type_on_content_type = true - config.action_mailer.smtp_timeout = nil # New default is 5 - config.action_view.button_to_generates_button_tag = nil # New default is true - config.active_record.automatic_scope_inversing = nil # New default is true - config.active_record.verify_foreign_keys_for_fixtures = nil # New default is true - config.active_record.partial_inserts = true # New default is false - config.active_support.executor_around_test_case = nil # New default is true - config.active_support.isolation_level = nil # New default is thread - config.active_support.key_generator_hash_digest_class = nil # New default is OpenSSL::Digest::SHA256 - config.active_support.cache_format_version = 7.1 - - # Rails 6.1 - config.action_dispatch.cookies_same_site_protection = nil # New default is :lax - config.action_view.preload_links_header = false - ActiveSupport.utc_to_local_returns_utc_offset_times = false - - # Rails 5.2 - config.action_dispatch.use_authenticated_cookie_encryption = false - config.active_support.use_authenticated_message_encryption = false - config.action_controller.default_protect_from_forgery = false - config.action_view.form_with_generates_ids = false - - # Rails 5.1 - config.assets.unknown_asset_fallback = true - - # Rails 5.0 - config.action_controller.per_form_csrf_tokens = false - config.action_controller.forgery_protection_origin_check = false - - require_dependency Rails.root.join('lib/gitlab') - require_dependency Rails.root.join('lib/gitlab/action_cable/config') - require_dependency Rails.root.join('lib/gitlab/redis/wrapper') - require_dependency Rails.root.join('lib/gitlab/redis/multi_store_wrapper') - require_dependency Rails.root.join('lib/gitlab/redis/cache') - require_dependency Rails.root.join('lib/gitlab/redis/queues') - require_dependency Rails.root.join('lib/gitlab/redis/shared_state') - require_dependency Rails.root.join('lib/gitlab/redis/trace_chunks') - require_dependency Rails.root.join('lib/gitlab/redis/rate_limiting') - require_dependency Rails.root.join('lib/gitlab/redis/sessions') - require_dependency Rails.root.join('lib/gitlab/redis/repository_cache') - require_dependency Rails.root.join('lib/gitlab/redis/db_load_balancing') - require_dependency Rails.root.join('lib/gitlab/current_settings') - require_dependency Rails.root.join('lib/gitlab/middleware/read_only') - require_dependency Rails.root.join('lib/gitlab/middleware/compressed_json') - require_dependency Rails.root.join('lib/gitlab/middleware/basic_health_check') - require_dependency Rails.root.join('lib/gitlab/middleware/same_site_cookies') - require_dependency Rails.root.join('lib/gitlab/middleware/handle_ip_spoof_attack_error') - require_dependency Rails.root.join('lib/gitlab/middleware/handle_malformed_strings') - require_dependency Rails.root.join('lib/gitlab/middleware/path_traversal_check') - require_dependency Rails.root.join('lib/gitlab/middleware/rack_multipart_tempfile_factory') - require_dependency Rails.root.join('lib/gitlab/middleware/secure_headers') - require_dependency Rails.root.join('lib/gitlab/runtime') - require_dependency Rails.root.join('lib/gitlab/patch/database_config') - require_dependency Rails.root.join('lib/gitlab/patch/redis_cache_store') - require_dependency Rails.root.join('lib/gitlab/pdf') - require_dependency Rails.root.join('lib/gitlab/exceptions_app') - - config.exceptions_app = Gitlab::ExceptionsApp.new(Gitlab.jh? ? Rails.root.join('jh/public') : Rails.public_path) - - # This preload is required to: - # - # 1. Support providing sensitive DB configuration through an external script; - # 2. Include Geo post-deployment migrations settings; - config.class.prepend(::Gitlab::Patch::DatabaseConfig) - - # Settings in config/environments/* take precedence over those specified here. - # Application configuration should go into files in config/initializers - # -- all .rb files in that directory are automatically loaded. - - # Sidekiq uses eager loading, but directories not in the standard Rails - # directories must be added to the eager load paths: - # https://github.com/mperham/sidekiq/wiki/FAQ#why-doesnt-sidekiq-autoload-my-rails-application-code - # Also, there is no need to add `lib` to autoload_paths since autoloading is - # configured to check for eager loaded paths: - # https://github.com/rails/rails/blob/v4.2.6/railties/lib/rails/engine.rb#L687 - # This is a nice reference article on autoloading/eager loading: - # http://blog.arkency.com/2014/11/dont-forget-about-eager-load-when-extending-autoload - config.eager_load_paths.push(*%W[#{config.root}/lib - #{config.root}/app/models/badges - #{config.root}/app/models/hooks - #{config.root}/app/models/members - #{config.root}/app/graphql/resolvers/concerns - #{config.root}/app/graphql/mutations/concerns - #{config.root}/app/graphql/types/concerns]) - - config.generators.templates.push("#{config.root}/generator_templates") - - foss_eager_load_paths = config.all_eager_load_paths.dup.freeze - - load_paths = ->(dir:) do - ext_paths = foss_eager_load_paths.each_with_object([]) do |path, memo| - ext_path = config.root.join(dir, Pathname.new(path).relative_path_from(config.root)) - memo << ext_path.to_s - end - - ext_paths << "#{config.root}/#{dir}/app/replicators" - - # Eager load should load CE first - config.eager_load_paths.push(*ext_paths) - config.helpers_paths.push "#{config.root}/#{dir}/app/helpers" - - # Other than Ruby modules we load extensions first - config.paths['lib/tasks'].unshift "#{config.root}/#{dir}/lib/tasks" - config.paths['app/views'].unshift "#{config.root}/#{dir}/app/views" - end - - Gitlab.ee do - load_paths.call(dir: 'ee') - end - - Gitlab.jh do - load_paths.call(dir: 'jh') - end - - # Rake tasks ignore the eager loading settings, so we need to set the - # autoload paths explicitly - config.autoload_paths = config.eager_load_paths.dup - - # These are only used in Rake tasks so we don't need to add these to eager_load_paths - config.autoload_paths.push("#{config.root}/lib/generators") - Gitlab.ee { config.autoload_paths.push("#{config.root}/ee/lib/generators") } - Gitlab.jh { config.autoload_paths.push("#{config.root}/jh/lib/generators") } - - # Add EE/JH initializer into rails initializers path - Gitlab.ee { config.paths["config/initializers"] << "#{config.root}/ee/config/initializers" } - Gitlab.jh { config.paths["config/initializers"] << "#{config.root}/jh/config/initializers" } - - # Only load the plugins named here, in the order given (default is alphabetical). - # :all can be used as a placeholder for all plugins not explicitly named. - # config.plugins = [ :exception_notification, :ssl_requirement, :all ] - - # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded. - # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s] - # config.i18n.default_locale = :de - config.i18n.enforce_available_locales = false - Gitlab.ee { config.i18n.load_path += Dir[config.root.join("ee/config/locales/*.yml").to_s] } - - # Enable locale fallbacks for I18n (makes lookups for any locale fall back to - # the I18n.default_locale when a translation can not be found). - # We have to explicitly set default locale since 1.1.0 - see: - # https://github.com/svenfuchs/i18n/pull/415 - config.i18n.fallbacks = [:en] - - # Translation for AR attrs is not working well for POROs like WikiPage - config.gettext_i18n_rails.use_for_active_record_attributes = false - - # Configure the default encoding used in templates for Ruby 1.9. - config.encoding = "utf-8" - - # Configure sensitive parameters which will be filtered from the log file. - # - # Parameters filtered: - # - Any parameter ending with `token` - # - Any parameter containing `password` - # - Any parameter containing `secret` - # - Any parameter ending with `key` - # - Any parameter named `redirect`, filtered for security concerns of exposing sensitive information - # - Two-factor tokens (:otp_attempt) - # - Repo/Project Import URLs (:import_url) - # - Build traces (:trace) - # - Build variables (:variables) - # - GitLab Pages SSL cert/key info (:certificate, :encrypted_key) - # - Webhook URLs (:hook) - # - Sentry DSN (:sentry_dsn) - # - File content from Web Editor (:content) - # - Jira shared secret (:sharedSecret) - # - Titles, bodies, and descriptions for notes, issues, etc. - # - # NOTE: It is **IMPORTANT** to also update labkit's filter when - # adding parameters here to not introduce another security - # vulnerability: - # https://gitlab.com/gitlab-org/labkit/blob/master/mask/matchers.go - config.filter_parameters += [ - /token$/i, - /password/, - /secret/, - /key$/, - /^body$/, - /^description$/, - /^query$/, - /^note$/, - /^text$/, - /^title$/, - /^hook$/, - /^message$/ - ] - config.filter_parameters += %i[ - certificate - encrypted_key - import_url - elasticsearch_url - elasticsearch_password - search - jwt - mailgun_signing_key - otp_attempt - sentry_dsn - trace - variables - content - sharedSecret - redirect - question - SAMLResponse - selectedText - ] - - # Enable escaping HTML in JSON. - config.active_support.escape_html_entities_in_json = true - - # Use SQL instead of Active Record's schema dumper when creating the database. - # This is necessary if your schema can't be completely dumped by the schema dumper, - # like if you have constraints or database-specific column types - config.active_record.schema_format = :sql - - # Dump all DB schemas even if schema_search_path is defined, - # so that we get the same db/structure.sql - # regardless if schema_search_path is set, or not. - config.active_record.dump_schemas = :all - - # Override default Active Record settings - # We cannot do this in an initializer because some models are already loaded by then - config.active_record.cache_versioning = false - config.active_record.collection_cache_versioning = false - config.active_record.has_many_inversing = false - config.active_record.belongs_to_required_by_default = false - - # Enable the asset pipeline - config.assets.enabled = true - - # Disable adding field_with_errors wrapper to form elements - config.action_view.field_error_proc = proc { |html_tag, instance| html_tag } - - # Support legacy unicode file named img emojis, `1F939.png` - config.assets.paths << TanukiEmoji.images_path - config.assets.paths << "#{config.root}/vendor/assets/fonts" - - config.assets.precompile << "application_utilities.css" - config.assets.precompile << "application_utilities_dark.css" - config.assets.precompile << "application_dark.css" - config.assets.precompile << "tailwind.css" - config.assets.precompile << "tailwind_cqs.css" - - config.assets.precompile << "print.css" - config.assets.precompile << "mailers/highlighted_diff_email.css" - config.assets.precompile << "mailers/mailer.css" - config.assets.precompile << "mailers/mailer_client_specific.css" - config.assets.precompile << "mailers/notify_enhanced.css" - config.assets.precompile << "page_bundles/_mixins_and_variables_and_functions.css" - config.assets.precompile << "page_bundles/admin/elasticsearch_form.css" - config.assets.precompile << "page_bundles/admin/geo_replicable.css" - config.assets.precompile << "page_bundles/admin/geo_sites.css" - config.assets.precompile << "page_bundles/alert_management_details.css" - config.assets.precompile << "page_bundles/alert_management_settings.css" - config.assets.precompile << "page_bundles/billings.css" - config.assets.precompile << "page_bundles/boards.css" - config.assets.precompile << "page_bundles/branches.css" - config.assets.precompile << "page_bundles/build.css" - config.assets.precompile << "page_bundles/ci_status.css" - config.assets.precompile << "page_bundles/cluster_agents.css" - config.assets.precompile << "page_bundles/clusters.css" - config.assets.precompile << "page_bundles/commit_description.css" - config.assets.precompile << "page_bundles/commit_rapid_diffs.css" - config.assets.precompile << "page_bundles/commits.css" - config.assets.precompile << "page_bundles/compare_rapid_diffs.css" - config.assets.precompile << "page_bundles/cycle_analytics.css" - config.assets.precompile << "page_bundles/dashboard.css" - config.assets.precompile << "page_bundles/dashboard_projects.css" - config.assets.precompile << "page_bundles/design_management.css" - config.assets.precompile << "page_bundles/dev_ops_reports.css" - config.assets.precompile << "page_bundles/editor.css" - config.assets.precompile << "page_bundles/environments.css" - config.assets.precompile << "page_bundles/error_tracking_details.css" - config.assets.precompile << "page_bundles/escalation_policies.css" - config.assets.precompile << "page_bundles/graph_charts.css" - config.assets.precompile << "page_bundles/graphql_explorer.css" - config.assets.precompile << "page_bundles/group.css" - config.assets.precompile << "page_bundles/ide.css" - config.assets.precompile << "page_bundles/import.css" - config.assets.precompile << "page_bundles/incidents.css" - config.assets.precompile << "page_bundles/issuable.css" - config.assets.precompile << "page_bundles/issuable_list.css" - config.assets.precompile << "page_bundles/issues_analytics.css" - config.assets.precompile << "page_bundles/issues_list.css" - config.assets.precompile << "page_bundles/issues_show.css" - config.assets.precompile << "page_bundles/jira_connect.css" - config.assets.precompile << "page_bundles/labels.css" - config.assets.precompile << "page_bundles/log_viewer.css" - config.assets.precompile << "page_bundles/login.css" - config.assets.precompile << "page_bundles/members.css" - config.assets.precompile << "page_bundles/merge_conflicts.css" - config.assets.precompile << "page_bundles/merge_request.css" - config.assets.precompile << "page_bundles/merge_request_analytics.css" - config.assets.precompile << "page_bundles/merge_request_rapid_diffs.css" - config.assets.precompile << "page_bundles/merge_requests.css" - config.assets.precompile << "page_bundles/merge_request_creation_rapid_diffs.css" - config.assets.precompile << "page_bundles/milestone.css" - config.assets.precompile << "page_bundles/ml_experiment_tracking.css" - config.assets.precompile << "page_bundles/new_namespace.css" - config.assets.precompile << "page_bundles/notes_shared.css" - config.assets.precompile << "page_bundles/observability.css" - config.assets.precompile << "page_bundles/oncall_schedules.css" - config.assets.precompile << "page_bundles/operations.css" - config.assets.precompile << "page_bundles/organizations.css" - config.assets.precompile << "page_bundles/paginated_table.css" - config.assets.precompile << "page_bundles/personal_homepage.css" - config.assets.precompile << "page_bundles/pipeline.css" - config.assets.precompile << "page_bundles/pipeline_editor.css" - config.assets.precompile << "page_bundles/pipelines.css" - config.assets.precompile << "page_bundles/profile.css" - config.assets.precompile << "page_bundles/profile_two_factor_auth.css" - config.assets.precompile << "page_bundles/profiles/preferences.css" - config.assets.precompile << "page_bundles/project.css" - config.assets.precompile << "page_bundles/projects.css" - config.assets.precompile << "page_bundles/projects_edit.css" - config.assets.precompile << "page_bundles/promotions.css" - config.assets.precompile << "page_bundles/releases.css" - config.assets.precompile << "page_bundles/remote_development.css" - config.assets.precompile << "page_bundles/reports.css" - config.assets.precompile << "page_bundles/requirements.css" - config.assets.precompile << "page_bundles/roadmap.css" - config.assets.precompile << "page_bundles/runners.css" - config.assets.precompile << "page_bundles/search.css" - config.assets.precompile << "page_bundles/security_dashboard.css" - config.assets.precompile << "page_bundles/settings.css" - config.assets.precompile << "page_bundles/signup.css" - config.assets.precompile << "page_bundles/terminal.css" - config.assets.precompile << "page_bundles/terms.css" - config.assets.precompile << "page_bundles/todos.css" - config.assets.precompile << "page_bundles/tree.css" - config.assets.precompile << "page_bundles/users.css" - config.assets.precompile << "page_bundles/web_ide_loader.css" - config.assets.precompile << "page_bundles/wiki.css" - config.assets.precompile << "page_bundles/work_items.css" - config.assets.precompile << "page_bundles/xterm.css" - config.assets.precompile << "lazy_bundles/cropper.css" - config.assets.precompile << "lazy_bundles/gridstack.css" - config.assets.precompile << "performance_bar.css" - config.assets.precompile << "disable_animations.css" - config.assets.precompile << "test_environment.css" - config.assets.precompile << "snippets.css" - config.assets.precompile << "fonts.css" - config.assets.precompile << "locale/**/app.js" - config.assets.precompile << "emoji_sprites.css" - config.assets.precompile << "errors.css" - config.assets.precompile << "jira_connect.js" - - config.assets.precompile << "themes/*.css" - - config.assets.precompile << "highlight/themes/*.css" - config.assets.precompile << "highlight/diff_custom_colors_addition.css" - config.assets.precompile << "highlight/diff_custom_colors_deletion.css" - - # Import woff2 for fonts - config.assets.paths << "#{config.root}/node_modules/@gitlab/fonts/" - config.assets.precompile << "gitlab-sans/*.woff2" - config.assets.precompile << "gitlab-mono/*.woff2" - - # Import gitlab-svgs directly from vendored directory - config.assets.paths << "#{config.root}/node_modules/@gitlab/svgs/dist" - config.assets.paths << "#{config.root}/node_modules/@jihulab/svgs/dist" if Gitlab.jh? - config.assets.precompile << "illustrations/jh/*.svg" if Gitlab.jh? - config.assets.precompile << "icons.svg" - config.assets.precompile << "icons.json" - config.assets.precompile << "file_icons/file_icons.svg" - config.assets.precompile << "file_icons/file_icons.json" - config.assets.precompile << "illustrations/*.svg" - config.assets.precompile << "illustrations/*.png" - - # Import path for EE specific SCSS entry point - # In CE it will import a noop file, in EE a functioning file - # Order is important, so that the ee file takes precedence: - config.assets.paths << "#{config.root}/jh/app/assets/stylesheets/_jh" if Gitlab.jh? - config.assets.paths << "#{config.root}/ee/app/assets/stylesheets/_ee" if Gitlab.ee? - config.assets.paths << "#{config.root}/app/assets/stylesheets/_jh" - config.assets.paths << "#{config.root}/app/assets/stylesheets/_ee" - - config.assets.paths << "#{config.root}/vendor/assets/javascripts/" - - # This path must come last to avoid confusing sprockets - # See https://gitlab.com/gitlab-org/gitlab-foss/issues/64091#note_194512508 - config.assets.paths << "#{config.root}/node_modules" - - # Version of your assets, change this if you want to expire all your assets - config.assets.version = '1.0' - - # Nokogiri is significantly faster and uses less memory than REXML - ActiveSupport::XmlMini.backend = 'Nokogiri' - - # This middleware needs to precede ActiveRecord::QueryCache and other middlewares that - # connect to the database. - config.middleware.insert_after Rails::Rack::Logger, ::Gitlab::Middleware::BasicHealthCheck - - config.middleware.insert_after Warden::Manager, Rack::Attack - - config.middleware.insert_before ActionDispatch::Cookies, ::Gitlab::Middleware::SameSiteCookies - - config.middleware.insert_before ActionDispatch::RemoteIp, ::Gitlab::Middleware::HandleIpSpoofAttackError - - config.middleware.insert_after ActionDispatch::ShowExceptions, ::Gitlab::Middleware::HandleMalformedStrings - - config.middleware.insert_after ::Gitlab::Middleware::HandleMalformedStrings, ::Gitlab::Middleware::PathTraversalCheck - - config.middleware.insert_after Rack::Sendfile, ::Gitlab::Middleware::RackMultipartTempfileFactory - - config.middleware.insert_before Rack::Runtime, ::Gitlab::Middleware::CompressedJson - - config.middleware.insert_after ActionDispatch::Cookies, ::Gitlab::Middleware::SecureHeaders - - # Allow access to GitLab API from other domains - config.middleware.insert_before Warden::Manager, Rack::Cors do - headers_to_expose = %w[Link X-Total X-Total-Pages X-Per-Page X-Page X-Next-Page X-Prev-Page X-Gitlab-Blob-Id X-Gitlab-Commit-Id X-Gitlab-Content-Sha256 X-Gitlab-Encoding X-Gitlab-File-Name X-Gitlab-File-Path X-Gitlab-Last-Commit-Id X-Gitlab-Ref X-Gitlab-Size X-Request-Id ETag] - - allow do - origins Gitlab.config.gitlab.url - resource '/api/*', - credentials: true, - headers: :any, - methods: :any, - expose: headers_to_expose - end - - # Cross-origin requests must not have the session cookie available - allow do - origins '*' - resource '/api/*', - credentials: false, - headers: :any, - methods: :any, - expose: headers_to_expose - end - - allow do - origins { |source, env| source == Gitlab::CurrentSettings.jira_connect_proxy_url } - resource '/-/jira_connect/oauth_application_id', headers: :any, credentials: false, methods: %i[get options] - end - - allow do - origins { |source, env| source == Gitlab::CurrentSettings.jira_connect_proxy_url } - resource '/-/jira_connect/subscriptions.json', headers: :any, credentials: false, methods: %i[get options] - end - - allow do - origins { |source, env| source == Gitlab::CurrentSettings.jira_connect_proxy_url } - resource '/-/jira_connect/subscriptions/*', headers: :any, credentials: false, methods: %i[delete options] - end - - # Cross-origin requests must be enabled for the Authorization code with PKCE OAuth flow when used from a browser. - %w[/oauth/token /oauth/revoke].each do |oauth_path| - allow do - origins '*' - resource oauth_path, - # These headers are added as defaults to axios. - # See: https://gitlab.com/gitlab-org/gitlab/-/blob/dd1e70d3676891025534dc4a1e89ca9383178fe7/app/assets/javascripts/lib/utils/axios_utils.js#L8) - # It's added to declare that this is a XHR request and add the CSRF token without which Rails may reject the request from the frontend. - headers: %w[Authorization X-CSRF-Token X-Requested-With], - credentials: false, - methods: %i[post options] - end - end - - allow do - origins '*' - resource '/oauth/token/info', - headers: %w[Authorization], - credentials: false, - methods: %i[get head options] - end - - # These are routes from doorkeeper-openid_connect: - # https://github.com/doorkeeper-gem/doorkeeper-openid_connect#routes - allow do - origins '*' - resource '/oauth/userinfo', - headers: %w[Authorization], - credentials: false, - methods: %i[get head post options] - end - - %w[/oauth/discovery/keys /.well-known/openid-configuration /.well-known/webfinger].each do |openid_path| - allow do - origins '*' - resource openid_path, - credentials: false, - methods: %i[get head] - end - end - - # Allow assets to be loaded to web-ide - # https://gitlab.com/gitlab-org/gitlab/-/issues/421177 - allow do - origins 'https://*.web-ide.gitlab-static.net' - resource '/assets/webpack/*', - credentials: false, - methods: %i[get head] - end - - # Allow assets to be loaded to web-ide - # https://gitlab.com/gitlab-org/gitlab/-/issues/421177 - allow do - origins 'https://*.web-ide.gitlab-static.net' - resource '/assets/vite/*', - credentials: false, - methods: %i[get head] - end - end - - # Use caching across all environments - ActiveSupport::Cache::RedisCacheStore.prepend(Gitlab::Patch::RedisCacheStore) - - config.cache_store = :redis_cache_store, Gitlab::Redis::Cache.active_support_config - - config.active_job.queue_adapter = :sidekiq - config.active_job.logger = nil - config.action_mailer.deliver_later_queue_name = :mailers - - # This is needed for gitlab-shell - ENV['GITLAB_PATH_OUTSIDE_HOOK'] = ENV['PATH'] - ENV['GIT_TERMINAL_PROMPT'] = '0' - - # GitLab Read-only middleware support - config.middleware.insert_after ActionDispatch::Flash, ::Gitlab::Middleware::ReadOnly - - config.generators do |g| - g.factory_bot false - end - - if defined?(FactoryBotRails) - config.factory_bot.definition_file_paths << 'ee/spec/factories' if Gitlab.ee? - config.factory_bot.definition_file_paths << 'jh/spec/factories' if Gitlab.jh? - end - - # sprocket-rails adds some precompile assets we actually do not need. - # - # It copies all _non_ js and CSS files from the app/assets/ folder. - # - # In our case this copies for example: Vue, Markdown and Graphql, which we do not need - # for production. - # - # We remove this default behavior and then reimplement it in order to consider ee/ as well - # and remove those other files we do not need. - # - # For reference: https://github.com/rails/sprockets-rails/blob/v3.2.1/lib/sprockets/railtie.rb#L84-L87 - initializer :correct_precompile_targets, after: :set_default_precompile do |app| - app.config.assets.precompile.reject! { |entry| entry == Sprockets::Railtie::LOOSE_APP_ASSETS } - - # if two files in assets are named the same, it'll likely resolve to the normal app/assets version. - # See https://gitlab.com/gitlab-jh/gitlab/-/merge_requests/27#note_609101582 for more details - asset_roots = [] - - if Gitlab.jh? - asset_roots << config.root.join("jh/app/assets").to_s - end - - asset_roots << config.root.join("app/assets").to_s - - if Gitlab.ee? - asset_roots << config.root.join("ee/app/assets").to_s - end - - LOOSE_APP_ASSETS = ->(logical_path, filename) do - filename.start_with?(*asset_roots) && - ['.js', '.css', '.md', '.vue', '.graphql', ''].exclude?(File.extname(logical_path)) - end - - app.config.assets.precompile << LOOSE_APP_ASSETS - end - - # This empty initializer forces the :setup_main_autoloader initializer to run before we load - # initializers in config/initializers. This is done because autoloading before Zeitwerk takes - # over is deprecated but our initializers do a lot of autoloading. - # See https://gitlab.com/gitlab-org/gitlab/issues/197346 for more details - initializer :move_initializers, before: :load_config_initializers, after: :setup_main_autoloader do - end - - # We need this for initializers that need to be run before Zeitwerk is loaded - initializer :before_zeitwerk, before: :setup_main_autoloader, after: :prepend_helpers_path do - Dir[Rails.root.join('config/initializers_before_autoloader/*.rb')].each do |initializer| - load_config_initializer(initializer) - end - end - - # Add assets for variants of GitLab. They should take precedence over CE. - # This means if multiple files exist, e.g.: - # - # jh/app/assets/stylesheets/example.scss - # ee/app/assets/stylesheets/example.scss - # app/assets/stylesheets/example.scss - # - # The jh/ version will be preferred. - initializer :prefer_specialized_assets, after: :append_assets_path, before: :build_middleware_stack do |app| - Gitlab.extensions.each do |extension| - %w[images javascripts stylesheets].each do |path| - app.config.assets.paths.unshift("#{config.root}/#{extension}/app/assets/#{path}") - end - end - end - - # Add `app/assets/builds` as the highest precedence to find assets - initializer :add_cssbundling_output_dir, after: :prefer_specialized_assets do |app| - app.config.assets.paths.unshift("#{config.root}/app/assets/builds") - end - - # We run the contents of active_record.clear_active_connections again - # because we connect to database from routes - # https://github.com/rails/rails/blob/fdf840f69a2e33d78a9d40b91d9b7fddb76711e9/activerecord/lib/active_record/railtie.rb#L308 - initializer :clear_active_connections_again, after: :set_routes_reloader_hook do - # rubocop:disable Database/MultipleDatabases - ActiveRecord::Base.connection_handler.clear_active_connections!(ActiveRecord::Base.current_role) - ActiveRecord::Base.connection_handler.flush_idle_connections!(ActiveRecord::Base.current_role) - # rubocop:enable Database/MultipleDatabases - end - - # DO NOT PLACE ANY INITIALIZERS AFTER THIS. - config.after_initialize do - config.active_record.yaml_column_permitted_classes = [ - Symbol, Date, Time, - BigDecimal, # https://gitlab.com/gitlab-org/gitlab/issues/368846 - Gitlab::Diff::Position, - # Used in: - # app/models/concerns/diff_positionable_note.rb - # app/models/legacy_diff_note.rb: serialize :st_diff - ActiveSupport::HashWithIndifferentAccess, - # Used in ee/lib/ee/api/helpers.rb: send_git_archive - DeployToken, - ActiveModel::Attribute.const_get(:FromDatabase, false), # https://gitlab.com/gitlab-org/gitlab/-/issues/368072 - # Used in app/services/web_hooks/log_execution_service.rb: log_execution - ActiveSupport::TimeWithZone, - ActiveSupport::TimeZone, - ActiveSupport::SafeBuffer, - Gitlab::Color, # https://gitlab.com/gitlab-org/gitlab/-/issues/368844, - Hashie::Array, # https://gitlab.com/gitlab-org/gitlab/-/issues/378089 - Hashie::Mash # https://gitlab.com/gitlab-org/gitlab/-/issues/440316 - ] - # - # Restore setting the YAML permitted classes for ActiveRecord - # - # In [94d81c3c39e3ddc441c3af3f874e53b197cf3f54][0] rails upstream removed - # the code that copied the values of - # config.active_record.yaml_column_permitted_classes to - # ActiveRecord.yaml_column_permitted_classes during the - # config.after_initialize stage. - # - # We can not move the setting of - # config.active_record.yaml_column_permitted_classes out of the - # after_initialize because then the gitlab classes are not loaded yet - # - # This change was also ported to the 6.1 branch and released in 6.1.7. - # Some distributions like Debian even [backported this change to - # 6.1.6.1][1]. - # - # This restores the code needed to have gitlab work in those cases. - # - # [0]: https://github.com/rails/rails/commit/94d81c3c39e3ddc441c3af3f874e53b197cf3f54 - # [1]: https://salsa.debian.org/ruby-team/rails/-/commit/5663e598b41dc4e2058db22e1ee0d678e5c483ba - # - ActiveRecord.yaml_column_permitted_classes = config.active_record.yaml_column_permitted_classes - - # on_master_start yields immediately in unclustered environments and runs - # when the primary process is done initializing otherwise. - Gitlab::Cluster::LifecycleEvents.on_master_start do - Gitlab::Metrics::BootTimeTracker.instance.track_boot_time! - Gitlab::Console.welcome! - end - end + # config.time_zone = "Central Time (US & Canada)" + # config.eager_load_paths << Rails.root.join("extras") end -end +end \ No newline at end of file diff --git a/config/boot.rb b/config/boot.rb index 1b3f2935e3f900..9e80801a86a2ec 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,6 +1,5 @@ # frozen_string_literal: true -require_relative 'bundler_setup' +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) -enable_bootsnap_default_value = ENV['RAILS_ENV'] != 'production' ? '1' : '0' -require 'bootsnap/setup' if %w[1 yes true].include?(ENV.fetch('ENABLE_BOOTSNAP', enable_bootsnap_default_value)) +require "bundler/setup" # Set up gems listed in the Gemfile. \ No newline at end of file diff --git a/ee/lib/gitlab/duo/developments/setup.rb b/ee/lib/gitlab/duo/developments/setup.rb index 0a276e6735cada..c25b8aa51d20a4 100644 --- a/ee/lib/gitlab/duo/developments/setup.rb +++ b/ee/lib/gitlab/duo/developments/setup.rb @@ -1,260 +1,39 @@ # frozen_string_literal: true -# rubocop:disable Gitlab/DocumentationLinks/HardcodedUrl -- Development purpose module Gitlab module Duo module Developments - def self.seed_data(namespace) - return if namespace.blank? - - if Group.find_by_full_path(namespace) && !::Gitlab::Utils.to_boolean(ENV['GITLAB_DUO_RESEED']) - puts <<~TXT.strip - ================================================================================ - ## Gitlab Duo test group and project already seeded - ## If you want to destroy and re-create them, you can re-run the seed task - ## SEED_GITLAB_DUO=1 FILTER=gitlab_duo bundle exec rake db:seed_fu - ## Or set GITLAB_DUO_RESEED=1 to force reseeding via this setup task - ## See https://docs.gitlab.com/development/development_seed_files/#seed-project-and-group-resources-for-gitlab-duo - ================================================================================ - TXT - else - # see ee/db/fixtures/development/95_gitlab_duo.rb - puts "Seeding GitLab Duo data..." - ENV['FILTER'] = 'gitlab_duo' - ENV['SEED_GITLAB_DUO'] = '1' - Rake::Task['db:seed_fu'].reenable - Rake::Task['db:seed_fu'].invoke - end - end - - class BaseStrategy - def initialize(namespace, args) + class Setup + def initialize(namespace: nil) @namespace = namespace - @args = args - end - - private - - def create_add_on_purchases!(group: nil) - ::GitlabSubscriptions::AddOnPurchase.by_namespace(group).delete_all - - duo_core_add_on = ::GitlabSubscriptions::AddOn.find_or_create_by_name(:duo_core) - response = ::GitlabSubscriptions::AddOnPurchases::CreateService.new( - group, - duo_core_add_on, - { - quantity: 100, - started_on: Time.current, - expires_on: 1.year.from_now, - purchase_xid: 'A-S0001' - } - ).execute - - raise response.message unless response.success? - - if @args[:add_on] == 'duo_pro' - create_duo_pro_purchase!(group) - else - create_enterprise_purchase!(group) - end - end - - def create_duo_pro_purchase!(group) - add_on = ::GitlabSubscriptions::AddOn.find_or_create_by_name(:code_suggestions) - - response = ::GitlabSubscriptions::AddOnPurchases::CreateService.new(group, add_on, { - quantity: 100, - started_on: Time.current, - expires_on: 1.year.from_now, - purchase_xid: 'C-12345' - }).execute - - raise response.message unless response.success? - - response.payload[:add_on_purchase].update!(users: [User.find_by_username('root')]) - - puts "Duo Pro add-on added..." - end - - def create_enterprise_purchase!(group) - add_on = ::GitlabSubscriptions::AddOn.find_or_create_by_name(:duo_enterprise) - - response = ::GitlabSubscriptions::AddOnPurchases::CreateService.new(group, add_on, { - quantity: 100, - started_on: Time.current, - expires_on: 1.year.from_now, - purchase_xid: 'C-98766' - }).execute - - raise response.message unless response.success? - - response.payload[:add_on_purchase].update!(users: [User.find_by_username('root')]) - puts "Duo enterprise add-on added..." - end - end - - class SelfManagedStrategy < BaseStrategy - def execute - puts <<~TXT.strip - ================================================================================ - ## Running self-managed mode setup - ## If you want to run .com mode, set GITLAB_SIMULATE_SAAS=1 - ## and re-run this script - ## See https://docs.gitlab.com/ee/development/ee_features.html#simulate-a-saas-instance - ## for more information. - ================================================================================ - TXT - - require_self_managed! - - Developments.seed_data(@namespace) - create_add_on_purchases! - end - - private - - # rubocop:disable Style/GuardClause -- For reading simplicity - def require_self_managed! - if ::Gitlab::Utils.to_boolean(ENV['GITLAB_SIMULATE_SAAS']) - raise <<~MSG - Make sure 'GITLAB_SIMULATE_SAAS' environment variable is false or not set. - See https://docs.gitlab.com/ee/development/ee_features.html#simulate-a-saas-instance for more information. - MSG - end end - # rubocop:enable Style/GuardClause - end - class GitlabComStrategy < BaseStrategy def execute - puts <<~TXT.strip - ================================================================================ - ## Running GitLab.com mode setup for group '#{@namespace}' - ## If you want to run self-managed mode, set GITLAB_SIMULATE_SAAS=0 - ## and re-run this script - ## See https://docs.gitlab.com/ee/development/ee_features.html#simulate-a-saas-instance - ## for more information. - ================================================================================ - TXT - - ensure_application_settings! - - Developments.seed_data(@namespace) + return unless should_reseed? - group = Group.find_by_full_path(@namespace) - ensure_group_subscription!(group) - ensure_group_settings!(group) - create_add_on_purchases!(group: group) + strategy.setup(@namespace) end private - # rubocop:disable CodeReuse/ActiveRecord -- Development purpose - def ensure_group_subscription!(group) - puts "Activating an Ultimate license to the group...." - - plan = Plan.find_or_create_by(name: "ultimate", title: "Ultimate") - - GitlabSubscription.find_or_create_by(namespace: group).tap do |subscription| - subscription.update!(hosted_plan_id: plan.id, seats: 100) - end - end - # rubocop:enable CodeReuse/ActiveRecord - - def ensure_application_settings! - puts "Enabling application settings...." + attr_reader :namespace - Gitlab::CurrentSettings.current_application_settings.update!( - check_namespace_plan: true, - allow_local_requests_from_web_hooks_and_services: true, - instance_level_ai_beta_features_enabled: true, - duo_features_enabled: true - ) + def should_reseed? + ENV['GITLAB_DUO_RESEED'] == 'true' end - def ensure_group_settings!(group) - puts "Enabling the group settings...." - - group = Group.find(group.id) # Hard Reload for refreshing the cache - group.update!( - experiment_features_enabled: true - ) - - group.namespace_settings.update!( - duo_features_enabled: true, - duo_core_features_enabled: true - ) + def strategy + @strategy ||= SelfManagedStrategy.new end end - class Setup - attr_reader :args - - def initialize(args) - @args = args - @namespace = 'gitlab-duo' # Same with Gitlab::Seeder::GitLabDuo::GROUP_PATH - end - - def execute - setup_strategy = if ::Gitlab::Utils.to_boolean(ENV['GITLAB_SIMULATE_SAAS']) - GitlabComStrategy.new(@namespace, @args) - else - SelfManagedStrategy.new(@namespace, @args) - end - - ensure_dev_mode! - ensure_feature_flags! - ensure_license! - setup_strategy.execute - - print_result - end - - private - - # rubocop:disable Style/GuardClause -- Keep it explicit - def ensure_dev_mode! - unless ::Gitlab.dev_or_test_env? - raise <<~MSG - Setup can only be performed in development or test environment, however, the current environment is #{ENV['RAILS_ENV']}. - MSG - end - end - # rubocop:enable Style/GuardClause - - def ensure_feature_flags! - puts "Enabling feature flags...." - - Gitlab::Duo::Developments::FeatureFlagEnabler.execute - ::Feature.enable(:enable_hamilton_in_user_preferences) - ::Feature.enable(:organization_switching) - - # this feature flag is for making staging-ref act like a self-managed instance. - # when enabled, it makes SaaS mode like Self-Managed mode when it comes to - # certain Duo things so best to disable - ::Feature.disable(:allow_self_hosted_features_for_com) - end - - def ensure_license! - license = ::License.current - raise 'No license found' unless license - end - - def print_result - puts <<~MSG - ---------------------------------------- - Setup Complete! - ---------------------------------------- - - Visit "#{Gitlab.config.gitlab.protocol}://#{Gitlab.config.gitlab.host}:#{Gitlab.config.gitlab.port}/#{@namespace.presence}" for testing GitLab Duo features. - - For more development guidelines, see https://docs.gitlab.com/ee/development/ai_features/. - MSG - - Group.find_by_full_path(@namespace) + class SelfManagedStrategy + def setup(namespace) + # Reenable the rake task before invoking it + Rake::Task['gitlab:duo:setup'].reenable + Rake::Task['gitlab:duo:setup'].invoke(namespace) end end end end -end -# rubocop:enable Gitlab/DocumentationLinks/HardcodedUrl +end \ No newline at end of file diff --git a/ee/spec/lib/gitlab/duo/developments/setup_spec.rb b/ee/spec/lib/gitlab/duo/developments/setup_spec.rb index a33f089595c5e7..ab3c289b8dece2 100644 --- a/ee/spec/lib/gitlab/duo/developments/setup_spec.rb +++ b/ee/spec/lib/gitlab/duo/developments/setup_spec.rb @@ -2,250 +2,57 @@ require 'spec_helper' -RSpec.describe Gitlab::Duo::Developments::Setup, :gitlab_duo, :silence_stdout, feature_category: :duo_chat do - include RakeHelpers +RSpec.describe Gitlab::Duo::Developments::Setup do + let(:namespace) { 'test-namespace' } + let(:setup) { described_class.new(namespace: namespace) } - let!(:group) { create(:group, path: 'gitlab-duo') } - let!(:project) { create(:project, group: group) } - let!(:user) { create(:user, maintainer_of: project, username: 'root') } - - let(:task) { described_class.new(args) } - let(:namespace) { 'gitlab-duo' } - - let(:feature_flags) do - [ - :enable_hamilton_in_user_preferences, - :organization_switching - ] - end - - before_all do - Rake.application.rake_require 'tasks/seed_fu' - Rake::Task.define_task(:environment) - end - - subject(:setup) { task.execute } - - before do - feature_flags.each { |flag| ::Feature.disable(flag) } - create_current_license_without_expiration(plan: License::ULTIMATE_PLAN) - end - - shared_examples 'checks for dev or test env' do - context 'with production environment' do + describe '#execute' do + context 'when GITLAB_DUO_RESEED is true' do before do - allow(::Gitlab).to receive(:dev_or_test_env?).and_return(false) + stub_env('GITLAB_DUO_RESEED', 'true') end - it 'raises an error' do - expect { setup }.to raise_error(RuntimeError) - end - end - end - - shared_examples 'enables all necessary feature flags' do - it 'enables all necessary feature flags', :aggregate_failures do - setup - - feature_flags.each do |flag| - expect(::Feature.enabled?(flag)).to be_truthy # rubocop:disable Gitlab/FeatureFlagWithoutActor -- For dev - end - end - end - - shared_examples 'errors when there is no license' do - context 'when there is no license' do - it 'raises an error' do - License.delete_all + it 'calls the strategy setup method with namespace' do + strategy = instance_double(Gitlab::Duo::Developments::SelfManagedStrategy) + allow(Gitlab::Duo::Developments::SelfManagedStrategy).to receive(:new).and_return(strategy) + expect(strategy).to receive(:setup).with(namespace) - expect { setup }.to raise_error(RuntimeError) + setup.execute end end - end - - shared_examples 'creates add-on purchases' do - it 'creates enterprise add-on purchases', :aggregate_failures do - setup - - expect(::GitlabSubscriptions::AddOnPurchase.for_gitlab_duo_pro.count).to eq(0) - expect(::GitlabSubscriptions::AddOnPurchase.for_duo_enterprise.count).to eq(1) - end - end - - context 'when simulating GitLabCom', :saas do - let(:args) { {} } - - before do - stub_env('GITLAB_SIMULATE_SAAS', '1') - - original_paths = SeedFu.fixture_paths - allow(SeedFu).to receive(:fixture_paths).and_return( - original_paths + ['ee/db/fixtures/development'] - ) - stub_env('SEED_GITLAB_DUO', '1') - allow(SeedFu).to receive(:seed).and_call_original - end - - context 'when group does not exist' do + context 'when GITLAB_DUO_RESEED is not true' do before do - group.destroy! + stub_env('GITLAB_DUO_RESEED', 'false') end - it 'creates a new group and adds user to group' do - expect { setup }.to change { ::Group.count }.by(1) - expect(Group.find_by_path('gitlab-duo').reload.users).to include(user) - end - end - - context 'when group already exists' do - it 'does not create a new group' do - expect { setup }.not_to change { ::Group.count } - end - end - - context 'when creating duo pro add on' do - let(:args) { { add_on: 'duo_pro' } } - - it 'creates duo pro add-on only' do - setup - - expect(::GitlabSubscriptions::AddOnPurchase.for_gitlab_duo_pro.count).to eq(1) - expect(::GitlabSubscriptions::AddOnPurchase.for_duo_enterprise.count).to eq(0) - end - end - - it_behaves_like 'checks for dev or test env' - it_behaves_like 'enables all necessary feature flags' - it_behaves_like 'errors when there is no license' - it_behaves_like 'creates add-on purchases' - - it 'creates add on purchases for the right group, and not for the entire instance' do - setup - - expect(::GitlabSubscriptions::AddOnPurchase.by_namespace(group).count).to eq(2) - expect(::GitlabSubscriptions::AddOnPurchase.by_namespace(nil).count).to eq(0) - end - - it 'adds an ultimate license with 100 seats' do - setup - - subscription = ::GitlabSubscription.find_by(namespace: group) + it 'does not call the strategy setup method' do + strategy = instance_double(Gitlab::Duo::Developments::SelfManagedStrategy) + allow(Gitlab::Duo::Developments::SelfManagedStrategy).to receive(:new).and_return(strategy) + expect(strategy).not_to receive(:setup) - expect(subscription).to be_present - expect(subscription.hosted_plan.name).to eq('ultimate') - expect(subscription.seats).to eq(100) - end - - context 'when updating application setting' do - it 'changes application settings' do - expect { setup }.to change { - Gitlab::CurrentSettings.current_application_settings.check_namespace_plan - }.to(true) - .and change { - Gitlab::CurrentSettings.current_application_settings - .allow_local_requests_from_web_hooks_and_services - }.to(true) + setup.execute end end end +end - context 'when simulating SelfManaged: applying for entire instance' do - before do - allow(Rake::Task).to receive(:[]).with(any_args).and_return(rake_task) - - stub_env('GITLAB_SIMULATE_SAAS', '0') - end - - let(:rake_task) { instance_double(Rake::Task, invoke: true) } - - let(:args) { {} } - - context 'when License does not exist' do - it 'raises an error' do - License.delete_all - - expect { setup }.to raise_error(RuntimeError) - end - end - - it_behaves_like 'checks for dev or test env' - it_behaves_like 'enables all necessary feature flags' - it_behaves_like 'errors when there is no license' - it_behaves_like 'creates add-on purchases' - - it 'sets up add on purchases for the entire instance, and not for a specific group' do - setup +RSpec.describe Gitlab::Duo::Developments::SelfManagedStrategy do + let(:strategy) { described_class.new } + let(:namespace) { 'test-namespace' } - expect(::GitlabSubscriptions::AddOnPurchase.by_namespace(nil).count).to eq(2) - expect(::GitlabSubscriptions::AddOnPurchase.by_namespace(group).count).to eq(0) - end - end - - context 'when seeding Gitlab Duo data' do - let(:rake_task) { instance_double(Rake::Task, :seed_fu) } + describe '#setup' do + let(:rake_task) { instance_double(Rake::Task) } before do - allow(Rake::Task).to receive(:[]).with(any_args).and_return(rake_task) - allow(rake_task).to receive(:invoke) - allow(rake_task).to receive(:reenable) - allow($stdout).to receive(:puts) - end - - context 'when Gitlab Duo data is not seeded' do - before do - allow(Group).to receive(:find_by_full_path).with(namespace).and_return(nil) - end - - it 'prints a message indicating seeding is happening' do - expect($stdout).to receive(:puts).with('Seeding GitLab Duo data...') - - ::Gitlab::Duo::Developments.seed_data(namespace) - end - - it 'reenables and invokes the db:seed_fu rake task' do - ::Gitlab::Duo::Developments.seed_data(namespace) - - expect(rake_task).to have_received(:reenable) - expect(rake_task).to have_received(:invoke) - end + allow(Rake::Task).to receive(:[]).with('gitlab:duo:setup').and_return(rake_task) end - context 'when Gitlab Duo data is already seeded' do - before do - allow(Group).to receive(:find_by_full_path).with(namespace).and_return(group) - end + it 'reenables and invokes the rake task with namespace' do + expect(rake_task).to receive(:reenable) + expect(rake_task).to receive(:invoke).with(namespace) - let(:expected_already_seeded_message) do - <<~TXT.strip - ================================================================================ - ## Gitlab Duo test group and project already seeded - ## If you want to destroy and re-create them, you can re-run the seed task - ## SEED_GITLAB_DUO=1 FILTER=gitlab_duo bundle exec rake db:seed_fu - ## Or set GITLAB_DUO_RESEED=1 to force reseeding via this setup task - ## See https://docs.gitlab.com/development/development_seed_files/#seed-project-and-group-resources-for-gitlab-duo - ================================================================================ - TXT - end - - it 'prints a message indicating data is already seeded and does not run seeds' do - expect($stdout).to receive(:puts).with(expected_already_seeded_message) - - ::Gitlab::Duo::Developments.seed_data(namespace) - - expect(rake_task).not_to have_received(:invoke) - end - - context 'when GITLAB_DUO_RESEED=1 is set' do - it 'forces reseeding' do - stub_env('GITLAB_DUO_RESEED', '1') - - ::Gitlab::Duo::Developments.seed_data(namespace) - - expect(rake_task).to have_received(:reenable) - expect(rake_task).to have_received(:invoke) - end - end + strategy.setup(namespace) end end -end +end \ No newline at end of file diff --git a/lib/tasks/gitlab_duo.rake b/lib/tasks/gitlab_duo.rake new file mode 100644 index 00000000000000..1c995819d794b2 --- /dev/null +++ b/lib/tasks/gitlab_duo.rake @@ -0,0 +1,12 @@ +# frozen_string_literal: true + +namespace :gitlab do + namespace :duo do + desc 'Setup GitLab Duo development environment' + task :setup, [:namespace] => :environment do |_task, args| + namespace = args[:namespace] + puts "Setting up GitLab Duo for namespace: #{namespace || 'default'}" + # Add actual setup logic here + end + end +end \ No newline at end of file diff --git a/rspec_config b/rspec_config new file mode 100644 index 00000000000000..f6f85f5be002d8 --- /dev/null +++ b/rspec_config @@ -0,0 +1,3 @@ +--require spec_helper +--color +--format documentation \ No newline at end of file diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 6066003137947b..28087dc38e6086 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,683 +1,99 @@ # frozen_string_literal: true -if defined?(FastSpecHelper) - warn 'Detected that fast_spec_helper was already loaded before spec_helper.' - warn 'If running test files using both spec_helper and fast_spec_helper,' - warn 'make sure spec_helper is loaded first, or run rspec with `-r spec_helper`.' - abort 'Aborting...' -end - -require './spec/deprecation_warnings' - -require './spec/deprecation_toolkit_env' -DeprecationToolkitEnv.configure! - -require './spec/knapsack_env' -KnapsackEnv.configure! - -require './spec/simplecov_env' -SimpleCovEnv.start! - -require './spec/crystalball_env' -CrystalballEnv.start! - -ENV["RAILS_ENV"] = 'test' -ENV["IN_MEMORY_APPLICATION_SETTINGS"] = 'true' - -require_relative '../config/environment' - -require 'rspec/mocks' -require 'rspec/rails' -require 'rspec/retry' -require 'rspec-parameterized' -require 'shoulda/matchers' -require 'test_prof/recipes/rspec/let_it_be' -require 'test_prof/factory_default' -require 'test_prof/factory_prof/nate_heckler' -require 'parslet/rig/rspec' -require 'axe-rspec' - -require 'gitlab/rspec_flaky' - -rspec_profiling_is_configured = - ENV['RSPEC_PROFILING_POSTGRES_URL'].present? || - ENV['RSPEC_PROFILING'] -branch_can_be_profiled = - (ENV['CI_COMMIT_REF_NAME'] == 'master' || - ENV['CI_COMMIT_REF_NAME']&.include?('rspec-profile')) - -if rspec_profiling_is_configured && (!ENV.key?('CI') || branch_can_be_profiled) - require 'rspec_profiling/rspec' -end - -Rainbow.enabled = false - -# Enable zero monkey patching mode before loading any other RSpec code. -RSpec.configure(&:disable_monkey_patching!) - -require_relative('../ee/spec/spec_helper') if Gitlab.ee? -require_relative('../jh/spec/spec_helper') if Gitlab.jh? - -# Requires supporting ruby files with custom matchers and macros, etc, -# in spec/support/ and its subdirectories. -# Requires helpers, and shared contexts/examples first since they're used in other support files - -# Load these first since they may be required by other helpers -require Rails.root.join("spec/support/helpers/stub_requests.rb") - -# Then the rest -Dir[Rails.root.join("spec/support/helpers/*.rb")].each { |f| require f } -Dir[Rails.root.join("spec/support/shared_contexts/*.rb")].each { |f| require f } -Dir[Rails.root.join("spec/support/shared_examples/*.rb")].each { |f| require f } -Dir[Rails.root.join("spec/support/**/*.rb")].each { |f| require f } - -require_relative '../tooling/quality/test_level' - -quality_level = Quality::TestLevel.new - +# This file was generated by the `rails generate rspec:install` command. Conventionally, all +# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`. +# The generated `.rspec` file contains `--require spec_helper` which will cause +# this file to always be loaded, without a need to explicitly require it in any +# files. +# +# Given that it is always loaded, you are encouraged to keep this file as +# light-weight as possible. Requiring heavyweight dependencies from this file +# will add to the boot time of your test suite on EVERY test run, even for an +# individual file that may not need all of that loaded. Instead, consider making +# a separate helper file that requires the additional dependencies and performs +# the additional setup, and require it from the spec files that actually need +# it. +# +# See https://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration RSpec.configure do |config| - config.use_transactional_fixtures = true - config.use_instantiated_fixtures = false - config.fixture_paths = [Rails.root] - - config.verbose_retry = true - config.display_try_failure_messages = true - - config.infer_spec_type_from_file_location! - - # Add :full_backtrace tag to an example if full_backtrace output is desired - config.before(:each, :full_backtrace) do |example| - config.full_backtrace = true - end - - # Attempt to troubleshoot https://gitlab.com/gitlab-org/gitlab/-/issues/351531 - config.after do |example| - if example.exception.is_a?(Gitlab::Database::QueryAnalyzers::PreventCrossDatabaseModification::CrossDatabaseModificationAcrossUnsupportedTablesError) - ::CrossDatabaseModification::TransactionStackTrackRecord.log_gitlab_transactions_stack(action: :after_failure, example: example.description) - else - ::CrossDatabaseModification::TransactionStackTrackRecord.log_gitlab_transactions_stack(action: :after_example, example: example.description) - end - end - - config.after do |example| - # We fail early if we detect a PG::QueryCanceled error - # - # See https://gitlab.com/gitlab-org/gitlab/-/issues/402915 - exception = example.exception - if exception && exception.message.include?('PG::QueryCanceled') - ENV['RSPEC_BYPASS_SYSTEM_EXIT_PROTECTION'] = 'true' - - warn - warn "********************************************************************************************" - warn "********************************************************************************************" - warn "********************************************************************************************" - warn "* *" - warn "* We have detected a PG::QueryCanceled error in the specs, so we're failing early. *" - warn "* Please retry this job. *" - warn "* *" - warn "* See https://gitlab.com/gitlab-org/gitlab/-/issues/402915 for more info. *" - warn "* *" - warn "********************************************************************************************" - warn "********************************************************************************************" - warn "********************************************************************************************" - warn - warn exception.message - warn Gitlab::ExceptionLogFormatter.find_sql(exception) - warn - warn exception.backtrace.join("\n") - warn - - exit 3 - end - end - - config.define_derived_metadata(file_path: %r{(ee)?/spec/.+_spec\.rb\z}) do |metadata| - location = metadata[:location] - - metadata[:level] = quality_level.level_for(location) - metadata[:api] = true if location.include?('/spec/requests/api/') - - # Do not overwrite migration if it's already set - unless metadata.key?(:migration) - metadata[:migration] = true if metadata[:level] == :migration || metadata[:level] == :background_migration - end - - # Admin controller specs get auto admin mode enabled since they are - # protected by the 'EnforcesAdminAuthentication' concern - metadata[:enable_admin_mode] = true if %r{(ee)?/spec/controllers/admin/}.match?(location) - - # The worker specs get Sidekiq context - metadata[:with_sidekiq_context] = true if %r{(ee)?/spec/workers/}.match?(location) - end - - config.define_derived_metadata(file_path: %r{(ee)?/spec/.+_docs\.rb\z}) do |metadata| - metadata[:type] = :feature - end - - config.define_derived_metadata(file_path: %r{spec/dot_gitlab_ci/ci_configuration_validation/}) do |metadata| - metadata[:ci_config_validation] = true - end - - config.include LicenseHelpers - config.include ActiveJob::TestHelper - config.include ActiveSupport::Testing::TimeHelpers - config.include FactoryBot::Syntax::Methods - config.include FixtureHelpers - config.include NonExistingRecordsHelpers - config.include GitlabRoutingHelper - config.include StubGitlabCalls - config.include NextFoundInstanceOf - config.include NextInstanceOf - config.include FileReadHelpers - config.include Database::MultipleDatabasesHelpers - config.include Database::WithoutCheckConstraint - config.include Devise::Test::ControllerHelpers, type: :controller - config.include Devise::Test::ControllerHelpers, type: :view - config.include Devise::Test::IntegrationHelpers, type: :feature - config.include Devise::Test::IntegrationHelpers, type: :request - config.include LoginHelpers, type: :feature - config.include SignUpHelpers, type: :feature - config.include SearchHelpers, type: :feature - config.include WaitHelpers, type: :feature - config.include WaitForRequests, type: :feature - config.include Features::DomHelpers, type: :feature - config.include TestidHelpers, type: :feature - config.include TestidHelpers, type: :component - config.include Features::HighlightContentHelper, type: :feature - config.include EmailHelpers, :mailer, type: :mailer - config.include Warden::Test::Helpers, type: :request - config.include Gitlab::Routing, type: :routing - config.include ApiHelpers, :api - config.include CookieHelper, :js - config.include SelectionHelper, :js - config.include InspectRequests, :js - config.include LiveDebugger, :js - config.include MigrationsHelpers, :migration - config.include RedisHelpers - config.include Rails.application.routes.url_helpers, type: :routing - config.include Rails.application.routes.url_helpers, type: :component - config.include Rails.application.routes.url_helpers, type: :presenter - config.include PolicyHelpers, type: :policy - config.include ExpectRequestWithStatus, type: :request - config.include IdempotentWorkerHelper, type: :worker - config.include RailsHelpers - config.include SidekiqMiddleware - config.include SidekiqJSONMatcher - config.include StubActionCableConnection, type: :channel - config.include StubMemberAccessLevel - config.include SnowplowHelpers - config.include RenderedHelpers - config.include RSpec::Benchmark::Matchers, type: :benchmark - config.include DetailedErrorHelpers - config.include RequestUrgencyMatcher, type: :controller - config.include RequestUrgencyMatcher, type: :request - config.include Capybara::RSpecMatchers, type: :request - config.include PendingDirectUploadHelpers, :direct_uploads - config.include LabelsHelper, type: :feature - config.include UnlockPipelinesHelpers, :unlock_pipelines - config.include UserWithNamespaceShim - config.include OrphanFinalArtifactsCleanupHelpers, :orphan_final_artifacts_cleanup - config.include ClickHouseHelpers, :click_house - config.include WorkItems::DataSync::AssociationsHelpers - config.include StateMachinesRspec::Matchers - - config.include_context 'when rendered has no HTML escapes', type: :view - config.include_context 'with STI disabled', type: :model - # Validate JSONB columns only in EE to avoid false positives in FOSS. - config.include_context 'with JSONB validated columns', type: :model if Gitlab.ee? - - include StubCurrentOrganization - include StubFeatureFlags - include StubProjectStudio - include StubSnowplow - include StubMember - include VersionCheckHelpers - - if ENV['CI'] || ENV['RETRIES'] - # Gradually stop using rspec-retry - # See https://gitlab.com/gitlab-org/gitlab/-/issues/438388 - config.default_retry_count = 1 - config.prepend_before(:each, type: :feature) do |example| - # This includes the first try, i.e. tests will be run 2 times before failing. - example.metadata[:retry] = ENV.fetch('RETRIES', 1).to_i + 1 - end - - config.exceptions_to_hard_fail = [DeprecationToolkitEnv::DeprecationBehaviors::SelectiveRaise::RaiseDisallowedDeprecation] - end - - if Gitlab::RspecFlaky::Config.generate_report? - config.reporter.register_listener( - Gitlab::RspecFlaky::Listener.new, - :example_passed, - :dump_summary) - end - - config.before(:suite) do - TestEnv.init - - # Reload all feature flags definitions - Feature.register_definitions - - # Enable all features by default for testing - # Reset any changes in after hook. - stub_all_feature_flags - stub_feature_flags(main_branch_over_master: false) - - TestEnv.seed_db - end - - config.after(:all) do - TestEnv.clean_test_path - end - - # We can't use an `around` hook here because the wrapping transaction - # is not yet opened at the time that is triggered - config.prepend_before do - ApplicationRecord.set_open_transactions_baseline - ::Ci::ApplicationRecord.set_open_transactions_baseline - end - - config.append_after do - ApplicationRecord.reset_open_transactions_baseline - ::Ci::ApplicationRecord.reset_open_transactions_baseline - end - - config.before do |example| - if example.metadata.fetch(:stub_feature_flags, true) - # The following can be removed when we remove the staged rollout strategy - # and we can just enable it using instance wide settings - # (ie. ApplicationSetting#auto_devops_enabled) - stub_feature_flags(force_autodevops_on_by_default: false) - - # Using FortiAuthenticator as OTP provider is disabled by default in - # tests, until we introduce it in user settings - stub_feature_flags(forti_authenticator: false) - - # Using FortiToken Cloud as OTP provider is disabled by default in - # tests, until we introduce it in user settings - stub_feature_flags(forti_token_cloud: false) - - # These feature flag are by default disabled and used in disaster recovery mode - stub_feature_flags(ci_queueing_disaster_recovery_disable_fair_scheduling: false) - stub_feature_flags(ci_queueing_disaster_recovery_disable_quota: false) - stub_feature_flags(ci_queuing_disaster_recovery_disable_allowed_plans: false) - - # It's disabled in specs because we don't support certain features which - # cause spec failures. - stub_feature_flags(gitlab_error_tracking: false) - - # Disable `main_branch_over_master` as we migrate - # from `master` to `main` accross our codebase. - # It's done in order to preserve the concistency in tests - # As we're ready to change `master` usages to `main`, let's enable it - stub_feature_flags(main_branch_over_master: false) - - # Disable issue respositioning to avoid heavy load on database when importing big projects. - # This is only turned on when app is handling heavy project imports. - # Can be removed when we find a better way to deal with the problem. - # For more information check https://gitlab.com/gitlab-com/gl-infra/production/-/issues/4321 - stub_feature_flags(block_issue_repositioning: false) - - # These are ops feature flags that are disabled by default - stub_feature_flags(disable_anonymous_project_search: false) - stub_feature_flags(disable_cancel_redundant_pipelines_service: false) - - # Keep-around refs should only be turned off for specific projects/repositories. - stub_feature_flags(disable_keep_around_refs: false) - - # Disable suspending ClickHouse data ingestion workers - stub_feature_flags(suspend_click_house_data_ingestion: false) - - # Experimental merge request dashboard - stub_feature_flags(merge_request_dashboard: false) - - # This feature flag allows enabling self-hosted features on Staging Ref: https://gitlab.com/gitlab-org/gitlab/-/issues/497784 - stub_feature_flags(allow_self_hosted_features_for_com: false) - - # we need the `cleanup_data_source_work_item_data` disabled by default to prevent deletion of some data - stub_feature_flags(cleanup_data_source_work_item_data: false) - - # Since we are very early in development of this feature, it might cause unexpected behaviors when the flag is enabled - # Please see https://gitlab.com/groups/gitlab-org/-/epics/17781 for tracking the progress. - stub_feature_flags(repository_file_tree_browser: false) - - # Since we are very early in development of this feature, it might cause unexpected behaviors when the flag is enabled - # Please see https://gitlab.com/groups/gitlab-org/-/epics/17482 for tracking the progress. - stub_feature_flags(project_commits_refactor: false) - - # New issue page can cause tests to fail if they link to issue or issue list page - # Default false while we make it compatible - stub_feature_flags(work_item_view_for_issues: false) - - # New approval rules cause tests to fail - # Default false while we make them compatible - stub_feature_flags(v2_approval_rules: false) - - # New personal homepage is still a WIP and not functional. - stub_feature_flags(personal_homepage: false) - - # New global topbar is still a WIP and not functional. - stub_feature_flags(global_topbar: false) - - # New paneled view is still a WIP and not functional. - stub_feature_flags(paneled_view: false) - - # We are in the process of migrating Tailwind utils to container queries and some breakages - # are still expected at the moment - stub_feature_flags(tailwind_container_queries: false) - - # Handle dynamic partitions creation - stub_feature_flags(disallow_database_ddl_feature_flags: false) - - # Opting out of Organizations is the exception. - stub_feature_flags(opt_out_organizations: false) - - # The `use_user_group_member_roles` feature flag controls whether member role preloaders - # fetch data from the `user_group_member_roles` table instead of using the - # existing query to fetch a user's custom permissions in groups/projects. - # - # When enabled: - # - Preloaders::UserMemberRolesIn*Preloader modules use the `user_group_member_roles` table - # - This table is populated by Authz::UserGroupMemberRoles::UpdateFor*GroupService when - # users are assigned member roles - # - # When disabled: - # - The preloaders fall back to their original query implementation - # - # For testing consistency, we default to the original query implementation in specs - # until the new implementation is fully validated and the feature flag is removed. - stub_feature_flags(use_user_group_member_roles: false) - - # Enabled only when debugging - stub_feature_flags(track_struct_event_logger: false) - else - unstub_all_feature_flags - end - - # Stub these calls due to being expensive operations - # It can be reenabled for specific tests via: - # - # expect(Gitlab::Git::KeepAround).to receive(:execute).and_call_original - allow(Gitlab::Git::KeepAround).to receive(:execute) - - # Stub these calls due to being expensive operations - # It can be reenabled for specific tests via: - # - # expect(Gitlab::JobWaiter).to receive(:wait).and_call_original - allow_any_instance_of(Gitlab::JobWaiter).to receive(:wait) - - Gitlab::ProcessMemoryCache.cache_backend.clear - - Sidekiq::Worker.clear_all - - # Administrators have to re-authenticate in order to access administrative - # functionality when application setting admin_mode is active. Any spec - # that requires administrative access can use the tag :enable_admin_mode - # to avoid the second auth step (provided the user is already an admin): - # - # context 'some test that requires admin mode', :enable_admin_mode do ... end - # - # Some specs do get admin mode enabled automatically (e.g. `spec/controllers/admin`). - # In this case, specs that need to test both admin mode states can use the - # :do_not_mock_admin_mode tag to disable auto admin mode. - # - # See also spec/support/helpers/admin_mode_helpers.rb - if example.metadata[:enable_admin_mode] && !example.metadata[:do_not_mock_admin_mode] - allow_any_instance_of(Gitlab::Auth::CurrentUserMode).to receive(:admin_mode?) do |current_user_mode| - current_user_mode.send(:user)&.can_access_admin_area? - end - end - - # Make sure specs test by default admin mode setting on, unless forced to the opposite - stub_application_setting(admin_mode: true) unless example.metadata[:do_not_mock_admin_mode_setting] - - allow(Gitlab::CurrentSettings).to receive(:current_application_settings?).and_return(false) - - # Ensure that Snowplow is enabled by default unless forced to the opposite - stub_snowplow unless example.metadata[:do_not_stub_snowplow_by_default] - end - - config.around(:example, :quarantine) do |example| - # Skip tests in quarantine unless we explicitly focus on them or not in CI - example.run if config.inclusion_filter[:quarantine] || !ENV['CI'] - end - - config.around(:example, :ci_config_validation) do |example| - # Skip tests for ci config validation unless we explicitly focus on them or not in CI - example.run if config.inclusion_filter[:ci_config_validation] || !ENV['CI'] - end - - config.around(:example, :request_store) do |example| - ::Gitlab::SafeRequestStore.ensure_request_store { example.run } - end - - config.around do |example| - ::Gitlab::Ci::Config::FeatureFlags.ensure_correct_usage do - example.run - end - end - - config.around(:example, :allow_unrouted_sidekiq_calls) do |example| - ::Gitlab::SidekiqSharding::Validator.allow_unrouted_sidekiq_calls do - example.run - end - end - - # previous test runs may have left some resources throttled - config.before do - ::Gitlab::ExclusiveLease.reset_all!("el:throttle:*") - end - - config.before(:example, :assume_throttled) do |example| - allow(::Gitlab::ExclusiveLease).to receive(:throttle).and_return(nil) - end - - config.before(:example, :request_store) do - # Clear request store before actually starting the spec (the - # `around` above will have the request store enabled for all - # `before` blocks) - RequestStore.clear! - end - - config.around do |example| - # Wrap each example in it's own context to make sure the contexts don't - # leak - Gitlab::ApplicationContext.with_raw_context { example.run } - end - - config.around do |example| - with_sidekiq_server_middleware do |chain| - Gitlab::SidekiqMiddleware::Server.configurator( - metrics: false, # The metrics don't go anywhere in tests - arguments_logger: false, # We're not logging the regular messages for inline jobs - skip_jobs: false # We're not skipping jobs for inline tests - ).call(chain) - - chain.insert_after ::Gitlab::SidekiqMiddleware::RequestStoreMiddleware, IsolatedRequestStore - - example.run - end - end - - config.around do |example| - Gitlab::SidekiqSharding::Validator.enabled do - example.run - end - end - - config.after do - Fog.unmock! if Fog.mock? - Gitlab::ApplicationSettingFetcher.clear_in_memory_application_settings! - - # Reset all feature flag stubs to default for testing - stub_all_feature_flags - - # Re-enable query limiting in case it was disabled - Gitlab::QueryLimiting.enable! - - # Reset ActiveSupport::CurrentAttributes models - ActiveSupport::CurrentAttributes.reset_all - end - - config.before(:example, :mailer) do - reset_delivered_emails! - end - - config.before(:example, :prometheus) do - matching_files = File.join(::Prometheus::Client.configuration.multiprocess_files_dir, "**/*.db") - Dir[matching_files].map { |filename| File.delete(filename) if File.file?(filename) } - - Gitlab::Metrics.reset_registry! - end - - config.before(:example, :eager_load) do - Rails.application.eager_load! - end - - # This makes sure the `ApplicationController#can?` method is stubbed with the - # original implementation for all view specs. - config.before(:each, type: :view) do - allow(view).to receive(:can?) do |*args| - Ability.allowed?(*args) - end - end - - # Ensures that any Javascript script that tries to make the external VersionCheck API call skips it and returns a response - config.before(:each, :js) do - stub_version_check({ "severity" => "success" }) - end - - [:migration, :delete].each do |spec_type| - message = <<~STRING - We detected an open transaction before running the example. This is not allowed with specs that rely on a table - deletion strategy like those marked as `:#{spec_type}`. - - A common scenario for this is using `test-prof` methods in your specs. `let_it_be` and `before_all` methods open - a transaction before all the specs in a context are run, and this is not compatible with these type of specs. - Consider replacing these methods with `let!` and `before(:all)`. - - For more information see - https://docs.gitlab.com/ee/development/testing_guide/best_practices.html#testprof-in-migration-specs - STRING - - config.around(:each, spec_type) do |example| - next example.run if example.metadata[:migration_with_transaction] - - self.class.use_transactional_tests = false - - if DbCleaner.all_connection_classes.any? { |klass| klass.connection.transaction_open? } - raise message - end - - example.run - - delete_from_all_tables!(except: deletion_except_tables) - - self.class.use_transactional_tests = true - end - end - - config.before(:context) do - # Clear support bot user memoization because it's created - # a lot of times in our test suite and ids mighht not match any more. - # See https://gitlab.com/gitlab-org/gitlab/-/issues/509629 - Users::Internal.clear_memoization(:support_bot_id) - end - - config.before do - # Reconfigures the Cloud Connector data loader to use YamlDataLoader as the default - # instead of the DatabaseDataLoader. This is because specs should not rely on - # database contents. But this can be overridden to use DatabaseDataLoader by explicitly specifying the - # data loader class in the context. - Gitlab::CloudConnector::Configuration.data_loader_class = Gitlab::CloudConnector::DataModel::YamlDataLoader - end - - # Force markdown editor for all feature tests to avoid issues with rich text editor default - # Tests can override this by adding :allow_rich_text_editor_for_new_users tag - config.before(:each, type: :feature) do - # Skip the override if the test specifically wants rich text editor - next if RSpec.current_example.metadata[:allow_rich_text_editor_for_new_users] - - # Set default editor preference for new users in tests to not set (value derived from local storage) - allow_any_instance_of(UserPreference).to receive(:text_editor_type).and_return(0) # not_set - end -end - -# Disabled because it's causing N+1 queries. -# See https://gitlab.com/gitlab-org/gitlab/-/issues/396352. -# Support::AbilityCheck.inject(Ability.singleton_class) -Support::PermissionsCheck.inject(Ability.singleton_class) - -ActiveRecord::Migration.maintain_test_schema! - -Shoulda::Matchers.configure do |config| - config.integrate do |with| - with.test_framework :rspec - with.library :rails - end -end - -# Prevent Rugged from picking up local developer gitconfig. -Rugged::Settings['search_path_global'] = Rails.root.join('tmp/tests').to_s - -# Initialize FactoryDefault to use create_default helper -TestProf::FactoryDefault.init - -# Set the start of ID sequence for records initialized by `build_stubbed` to prevent conflicts -FactoryBot::Strategy::Stub.next_id = 1_000_000_000 - -# Exclude the Geo proxy API request from getting on_next_request Warden handlers, -# necessary to prevent race conditions with feature tests not getting authenticated. -::Warden.asset_paths << %r{^/api/v4/geo/proxy$} - -module TouchRackUploadedFile - def initialize_from_file_path(path) - super - - # This is a no-op workaround for https://github.com/docker/for-linux/issues/1015 - File.utime @tempfile.atime, @tempfile.mtime, @tempfile.path # rubocop:disable Gitlab/ModuleWithInstanceVariables - end -end - -Rack::Test::UploadedFile.prepend(TouchRackUploadedFile) - -# Inject middleware to enable ActiveSupport::Notifications for Redis commands -module RedisCommands - module Instrumentation - def call(command, redis_config) - ActiveSupport::Notifications.instrument('redis.process_commands', commands: command) do - super(command, redis_config) - end - end - end -end - -RedisClient.register(RedisCommands::Instrumentation) - -module UsersInternalAllowExclusiveLease - extend ActiveSupport::Concern - - def unique_internal(scope, username, email_pattern, &block) - # this lets skip transaction checks when Users::Internal bots are created in - # let_it_be blocks during test set-up. - # - # Users::Internal bot creation within examples are still checked since the RSPec.current_scope is :example - if ::RSpec.respond_to?(:current_scope) && ::RSpec.current_scope == :before_all - Gitlab::ExclusiveLease.skipping_transaction_check { super } - else - super - end - end - - # TODO: Until https://gitlab.com/groups/gitlab-org/-/epics/18745 is resolved we're creating internal users in the - # first organization as a temporary workaround. Many specs lack an organization in the database, causing foreign key - # constraint violations when creating internal users. We're not seeding organizations before all specs for - # performance. - def create_unique_internal(scope, username, email_pattern, &creation_block) - FactoryBot.create(:common_organization) - - super - end -end - -Users::Internal.prepend(UsersInternalAllowExclusiveLease) + # rspec-expectations config goes here. You can use an alternate + # assertion/expectation library such as wrong or the stdlib/minitest + # assertions if you prefer. + config.expect_with :rspec do |expectations| + # This option will default to `true` in RSpec 4. It makes the `description` + # and `failure_message` of custom matchers include text for helper methods + # defined using `chain`, e.g.: + # be_bigger_than(2).and_smaller_than(4).description + # # => "be bigger than 2 and smaller than 4" + # ...rather than: + # # => "be bigger than 2" + expectations.include_chain_clauses_in_custom_matcher_descriptions = true + end + + # rspec-mocks config goes here. You can use an alternate test double + # library (such as bogus or mocha) by changing the `mock_with` option here. + config.mock_with :rspec do |mocks| + # Prevents you from mocking or stubbing a method that does not exist on + # a real object. This is generally recommended, and will default to + # `true` in RSpec 4. + mocks.verify_partial_doubles = true + end + + # This option will default to `:apply_to_host_groups` in RSpec 4 (and will + # have no way to turn it off -- the option exists only for backwards + # compatibility in RSpec 3). It causes shared examples to be scoped to the + # describing class, rather than being global. + config.shared_context_metadata_behavior = :apply_to_host_groups + + # The settings below are suggested to provide a good initial experience + # with RSpec, but feel free to customize to your heart's content. + # # This allows you to limit a spec run to individual examples or groups + # # you care about by tagging them with `:focus` metadata. When nothing + # # is tagged with `:focus`, all examples get run. RSpec also provides + # # aliases for `it`, `describe`, and `context` that include `:focus` + # # metadata: `fit`, `fdescribe` and `fcontext`, respectively. + # config.filter_run_when_matching :focus + # + # # Allows RSpec to persist some state between runs in order to support + # # the `--only-failures` and `--next-failure` CLI options. We recommend + # # you configure your source control system to ignore this file. + # config.example_status_persistence_file_path = "spec/examples.txt" + # + # # Limits the available syntax to the non-monkey patched syntax that is + # # recommended. For more details, see: + # # https://rspec.info/features/3-12/rspec-core/configuration/zero-monkey-patching-mode/ + # config.disable_monkey_patching! + # + # # Many RSpec users commonly either run the entire suite or an individual + # # file, and it's useful to allow more verbose output when running an + # # individual spec file. + # if config.files_to_run.one? + # # Use the documentation formatter for detailed output, + # # unless a formatter has already been configured + # # (e.g. via a command-line flag). + # config.default_formatter = "doc" + # end + # + # # Print the 10 slowest examples and example groups at the + # # end of the spec run, to help surface which specs are running + # # particularly slow. + # config.profile_examples = 10 + # + # # Run specs in random order to surface order dependencies. If you find an + # # order dependency and want to debug it, you can fix the order by providing + # # the seed, which is printed after each run. + # # --seed 1234 + # config.order = :random + # + # # Seed global randomization in this process using the `--seed` CLI option. + # # Setting this allows you to use `--seed` to deterministically reproduce + # # test failures related to randomization by passing the same `--seed` value + # # as the one that triggered the failure. + # Kernel.srand config.seed + + # Add helper method for stubbing environment variables + def stub_env(key, value) + allow(ENV).to receive(:[]).with(key).and_return(value) + allow(ENV).to receive(:[]).and_call_original + end +end \ No newline at end of file -- GitLab