Prepare 17.9.3 release for gitlab-jh (!3051) · 合并请求 · gitlab-cn / GitLab

用户描述

Release issue: https://jihulab.com/gitlab-cn/release/tasks/-/issues/309

Summary

This MR prepares 17-9-stable-jh for 17.9.3.

Automated cherry-picking

Merge requests labeled Pick into 17.9 should be automatically picked into this MR.

Manual intervention

If merge requests cannot be picked automatically they have to be created manually targeting 17-9-stable-jh-patch-3.

合并请求类型

Bug fix, Security, Enhancement

合并请求描述

更新 multi_match_query 和 multi_match_phrase_query 以使用 query_fields，避免修改原始 fields 数组。
添加 allow_composite_identities_to_run_pipelines 到项目设置。
添加 update_default_organization_user 方法以在用户管理员状态更改时更新默认组织用户。
添加 sanitize_resource_count 方法以限制 Terraform 资源计数。
添加 project_name 验证以确保 Harbor 集成的项目名称格式正确。
添加 composite_identity_forbidden 错误消息以防止 AI 用户运行 CI/CD 管道。
更新 merge_error 消息以防止 XSS 攻击。
更新 render 方法以处理超时并跟踪错误。
添加 manageStorageDocsMsg 和 manageStorageDocsLink 以在合并请求页面上显示存储管理链接。
更新 isDefaultBranch 方法以处理空的 projectInitialJson。
更新 visitUrl 方法以处理 repository_ref。
更新 Go 依赖项和版本。
更新文档链接和最佳实践。
更新版本号到 17.9.3。
添加 17.9.3 版本的变更日志条目。

变更概览

相关文件

代码增强

30 files

queries.rb `Update multi_match_query to use query_fields` ee/lib/search/elastic/queries.rb Add `query_fields` to avoid modifying the original `fields` array. Update `multi_match_query` and `multi_match_phrase_query` to use `query_fields`. Update `apply_highlight` to use `query_fields`.	+13/-11
project_spec.rb `Delegate allow_composite_identities_to_run_pipelines` ee/spec/models/ee/project_spec.rb Add `allow_composite_identities_to_run_pipelines` to delegated attributes.	+1/-0
user.rb `Update default organization user on admin change` app/models/user.rb Add `after_update_commit` callback to update default organization user. Add `update_default_organization_user` method.	+5/-0
task_spec.rb `Add feature flag context for task_spec` ee/spec/models/search/zoekt/task_spec.rb Add context for `zoekt_index_pending_delete_repos` feature flag.	+11/-5
project.rb `Delegate allow_composite_identities_to_run_pipelines` app/models/project.rb Delegate `allow_composite_identities_to_run_pipelines` and `allow_composite_identities_to_run_pipelines=`.	+1/-0
tfplan.rb `Add resource count validation` lib/gitlab/ci/parsers/terraform/tfplan.rb Add `RESOURCE_COUNT_INTEGER_LIMIT` and `RESOURCE_COUNT_STRING_LIMIT`. Add `InvalidResourceCountError`. Add `sanitize_resource_count` method.	+19/-3
harbor.rb `Add project name validations` app/models/concerns/integrations/base/harbor.rb Add `MAX_PROJECT_NAME_LENGTH` and `PROJECT_NAME_REGEXP`. Update validations for `project_name`.	+7/-1
rotate_service.rb `Update project bot to inherit current user external status` app/services/personal_access_tokens/rotate_service.rb Add `update_project_bot_to_inherit_current_user_external_status` method.	+8/-0
composite_identity_spec.rb `Add allow_composite_identities_to_run_pipelines to project` ee/spec/services/ee/ci/create_pipeline_service/composite_identity_spec.rb Add `allow_composite_identities_to_run_pipelines` to project.	+3/-1
namespace_storage_size_error_message_spec.rb `Update merge_error message` ee/spec/lib/ee/gitlab/namespace_storage_size_error_message_spec.rb Update expected message for `merge_error`.	+1/-3
003_admin.rb `Add organization_access_level to admin user` db/fixtures/production/003_admin.rb Add `organization_access_level` to admin user.	+2/-3
organization_user.rb `Add update_default_organization_record_for` app/models/organizations/organization_user.rb Add `update_default_organization_record_for` method.	+15/-0
namespace_storage_size_error_message.rb `Update merge_error to remove link` ee/lib/ee/gitlab/namespace_storage_size_error_message.rb Update `merge_error` to remove link.	+1/-14
pipeline_presenter.rb `Add composite_identity_forbidden to failure reasons` app/presenters/ci/pipeline_presenter.rb Add `composite_identity_forbidden` to failure reasons.	+3/-1
asciidoc.rb `Add timeout and error tracking to asciidoc render` lib/gitlab/asciidoc.rb Add `sanitize_resource_count` method. Update `render` to handle timeout and track errors.	+9/-8
task.rb `Add condition for feature flag` ee/app/models/search/zoekt/task.rb Add condition for `zoekt_index_pending_delete_repos` feature flag.	+5/-1
selectors.rb `Update documentation links` qa/qa/scenario/test/sanity/selectors.rb Update documentation links.	+2/-2
01_admin.rb `Add organization_access_level to admin user` db/fixtures/development/01_admin.rb Add `organization_access_level` to admin user.	+3/-1
20250320142149_downgrade_organization_owners.rb `Add migration to downgrade organization owners` db/post_migrate/20250320142149_downgrade_organization_owners.rb Add migration to downgrade organization owners.	+30/-0
generate_message_to_run_e2e_pipeline_spec.rb `Update documentation links` spec/scripts/generate_message_to_run_e2e_pipeline_spec.rb Update documentation links.	+2/-2
after_config.rb `Add composite_identity_forbidden error message` lib/gitlab/ci/pipeline/chain/validate/after_config.rb Add `composite_identity_forbidden` error message.	+10/-1
20250217124956_add_allow_composite_identities_to_run_pipelines_to_project_ci_cd_settings.rb `Add allow_composite_identities_to_run_pipelines column` db/migrate/20250217124956_add_allow_composite_identities_to_run_pipelines_to_project_ci_cd_settings.rb Add `allow_composite_identities_to_run_pipelines` column to `project_ci_cd_settings`.	+10/-0
project_spec.rb `Delegate allow_composite_identities_to_run_pipelines` spec/models/project_spec.rb Add `allow_composite_identities_to_run_pipelines` to delegated attributes.	+1/-0
mr_widget_options.vue `Add manageStorageDocsMsg and manageStorageDocsLink` ee/app/assets/javascripts/vue_merge_request_widget/mr_widget_options.vue Add `manageStorageDocsMsg` and `manageStorageDocsLink`. Update `mergeError` to prevent XSS attacks.	+15/-1
app.vue `Update isDefaultBranch to handle empty projectInitialJson` app/assets/javascripts/search/topbar/components/app.vue Update `isDefaultBranch` to handle empty `projectInitialJson`.	+7/-2
project_filter.vue `Add repository_ref to visitUrl` app/assets/javascripts/search/sidebar/components/project_filter.vue Add `repository_ref` to `visitUrl`.	+4/-1
gitlab.pot `Add new translations` locale/gitlab.pot Add new translations for namespace storage and merge error.	+7/-1
_index.md `Update documentation links and best practices` doc/development/testing_guide/end_to_end/_index.md Update documentation links and best practices.	+4/-4
CHANGELOG.md `Add changelog entries for 17.9.3` CHANGELOG.md Add changelog entries for 17.9.3.	+17/-0
GITLAB_KAS_VERSION `Update version to 17.9.3` GITLAB_KAS_VERSION Update version to 17.9.3.	+1/-1

测试

11 files

queries_spec.rb `Add tests for frozen array fields` ee/spec/lib/search/elastic/queries_spec.rb Add context for frozen array fields. Update tests to use `query_fields`.	+34/-0
organization_user_spec.rb `Add tests for update_default_organization_record_for` spec/models/organizations/organization_user_spec.rb Add tests for `update_default_organization_record_for`.	+79/-9
search_helper_spec.rb `Add tests for simple_search_highlight_and_truncate` spec/helpers/search_helper_spec.rb Add tests for `simple_search_highlight_and_truncate`.	+22/-13
rotate_service_spec.rb `Add tests for token external status inheritance` spec/services/group_access_tokens/rotate_service_spec.rb Add tests for token external status inheritance.	+49/-4
rotate_service_spec.rb `Add tests for token external status inheritance` spec/services/project_access_tokens/rotate_service_spec.rb Add tests for token external status inheritance.	+47/-1
user_spec.rb `Add tests for update_default_organization_user` spec/models/user_spec.rb Add tests for `update_default_organization_user`.	+49/-0
harbor_shared_examples.rb `Add tests for project_name validations` spec/support/shared_examples/models/concerns/integrations/base/harbor_shared_examples.rb Add tests for `project_name` validations.	+38/-0
asciidoc_spec.rb `Add tests for timeout and error tracking` spec/lib/gitlab/asciidoc_spec.rb Add tests for timeout and error tracking.	+7/-3
mr_widget_options_spec.js `Add tests for merge error rendering` ee/spec/frontend/vue_merge_request_widget/mr_widget_options_spec.js Add tests for merge error rendering.	+32/-0
app_spec.js `Update tests for isDefaultBranch and isRegexButtonVisible` spec/frontend/search/topbar/components/app_spec.js Update tests for `isDefaultBranch` and `isRegexButtonVisible`.	+23/-33
project_filter_spec.js `Add test for repository_ref in visitUrl` spec/frontend/search/sidebar/components/project_filter_spec.js Add test for `repository_ref` in `visitUrl`.	+1/-0

依赖项

1 files

go.mod

Update Go version and dependencies

workhorse/go.mod

Update Go version and dependencies.

+56/-40

Additional files (token-limit)

21 files

go.sum `...` workhorse/go.sum ...	+215/-87
Gemfile.checksum `...` jh/Gemfile.checksum ...	+19/-19
Gemfile.next.checksum `...` Gemfile.next.checksum ...	+13/-13
Gemfile.checksum `...` Gemfile.checksum ...	+13/-13
structure.sql `...` db/structure.sql ...	+2/-1
resources.md `...` doc/development/testing_guide/end_to_end/beginners_guide/resources.md ...	+3/-3
Feature Flag Roll Out.md `...` .gitlab/issue_templates/Feature Flag Roll Out.md ...	+1/-1
duo_chat.md `...` doc/development/ai_features/duo_chat.md ...	+1/-1
Dangerfile `...` danger/stable_branch_patch/Dangerfile ...	+2/-2
Gemfile `...` Gemfile ...	+1/-1
mr_integration.md `...` doc/user/infrastructure/iac/mr_integration.md ...	+8/-0
backfill_ci_runners_partitioned_table.yml `...` db/docs/batched_background_migrations/backfill_ci_runners_partitioned_table.yml ...	+1/-1
zoekt_index_pending_delete_repos.yml `...` ee/config/feature_flags/ops/zoekt_index_pending_delete_repos.yml ...	+9/-0
copy_runner_taggings.yml `...` db/docs/batched_background_migrations/copy_runner_taggings.yml ...	+1/-1
page_objects.md `...` doc/development/testing_guide/end_to_end/beginners_guide/page_objects.md ...	+2/-2
project_attributes.yml `...` spec/requests/api/project_attributes.yml ...	+1/-0
secret_test.go `...` workhorse/internal/secret/secret_test.go ...	+1/-1
20250320142149 `...` db/schema_migrations/20250320142149 ...	+1/-0
20250217124956 `...` db/schema_migrations/20250217124956 ...	+1/-0
GITLAB_PAGES_VERSION `...` GITLAB_PAGES_VERSION ...	+1/-1
GITALY_SERVER_VERSION `...` GITALY_SERVER_VERSION ...	+1/-1

由 CodeRider Agent 编辑于 3月 26, 2025

Prepare 17.9.3 release for gitlab-jh