gitlab-triage 1.18.0 → 1.22.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '0609b18bd6e787fbf4e4c586b8631bc5f8c83c0a9c1a90047da3f953b558a6d6'
-  data.tar.gz: dec00b0fe73a998726c0c42a845aa5fa48e5b590597df4f054ed26200d4a47ca
+  metadata.gz: '0490c10fa9f789e91502f3cb74a56bf4a830d200a58310f3aaa0475683f0717b'
+  data.tar.gz: 347c7aa604de9c1b042caaa21b7f8daf7e300c8aea7af175913174c51f90ed2d
 SHA512:
-  metadata.gz: bb63d114b513c6a8705e47b432e5c7612fc4cbe9bf729d625286917b14341a0bfffc18ce70b06968a347b61ae8a2a629ed2c76f0e8d0c37b35a611c97b7d1045
-  data.tar.gz: e0752eb15014713b4ef6f1ad64494a6b3607348be75107a93a59e11659a2fa8fca4a80b4e45c8a9eca9fb7fe4ecd2dcd0923fd27bfae8d09de9ee3bf45c8e2f8
+  metadata.gz: c428c46630d38c57e6c7e9db9b4d05e7d3751863163497c19f45b114a0d7b280cfe891c6bf595997ed45505881bc5f7eec4ad59934fe26a6f03f59fe3e533d63
+  data.tar.gz: 86b73ca21f856a51c9f4d5d79e40d2470003527aeae3910f5313df11121e705d5a25698b2e129e905cec2fd17e1e3cbe193a4f84dba2eb69e3a6c0db7d6964a4

data/.gitignore

@@ -9,6 +9,7 @@
 /pkg/
 /spec/reports/
 /tmp/
+/doc/
 
 # rspec failure tracking
 .rspec_status

data/.gitlab/changelog_config.yml

@@ -0,0 +1,13 @@
+---
+# Settings for generating changelogs using the GitLab API. See
+# https://docs.gitlab.com/ee/api/repositories.html#generate-changelog-data for
+# more information.
+categories:
+  added: Added
+  fixed: Fixed
+  changed: Changed
+  deprecated: Deprecated
+  removed: Removed
+  security: Security
+  performance: Performance
+  other: Other

data/.gitlab/merge_request_templates/Release.md

@@ -1,35 +1,13 @@
-<!-- Replace `v4.5.0` with the previous release here, and `e18d76b309e42888759c1effe96767f13e34ae55`
-with the latest commit from https://gitlab.com/gitlab-org/gitlab-triage/commits/master that will be included in the release. -->
-- Diff: https://gitlab.com/gitlab-org/gitlab-triage/compare/v4.5.0...e18d76b309e42888759c1effe96767f13e34ae55
+<!-- Replace `<PREVIOUS_VERSION>` with the previous version number here, `<COMMIT_UPDATING_VERSION>` with the latest
+commit from this merge request, and `<NEW_VERSION>` with the upcoming version number. -->
+## Diff
 
-- Release notes:
+https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage/compare/v<PREVIOUS_VERSION>...<COMMIT_UPDATING_VERSION>
 
-<!-- Keep the sections order but remove the empty sections -->
+## Checklist
 
-```markdown
-### New features and features updates
+- [ ] Diff link is up-to-date.
+- [ ] Check the release notes: https://gitlab.com/api/v4/projects/3430480/repository/changelog?version=<NEW_VERSION>
+- [ ] Based on the diff and the release notes, `version.rb` is updated, according to [SemVer](https://semver.org).
 
-- !aaa <Title of the aaa MR>.
-
-### Fixes
-
-- !bbb <Title of the bbb MR>.
-
-### Doc changes
-
-- !ccc <Title of the ccc MR>.
-
-### Other changes (tooling, technical debt)
-
-- !ddd <Title of the ddd MR>.
-```
-
-- Checklist before merging:
-  - [ ] Diff link is up-to-date.
-  - [ ] Based on the diff, `lib/gitlab/triage/version.rb` is updated, according to [SemVer](https://semver.org).
-  - [ ] Release notes are accurate.
-
-- Checklist after merging:
-  - [ ] [Update the release notes for the newly created tag](docs/release_process.md#how-to).
-
-/label ~"Engineering Productivity" ~"ep::triage" ~tooling ~"tooling::workflow"
+/label ~"type::tooling" ~"tooling::workflow" ~"ep::triage"

data/.gitlab-ci.yml

@@ -129,5 +129,11 @@ dry-run:custom:
       allow_failure: true
 
 include:
+  - template: Security/Dependency-Scanning.gitlab-ci.yml
+  - template: Security/License-Scanning.gitlab-ci.yml
+  - template: Security/SAST.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml
   - project: 'gitlab-org/quality/pipeline-common'
-    file: '/ci/gem-release.yml'
+    file:
+      - '/ci/danger-review.yml'
+      - '/ci/gem-release.yml'

data/.ruby-version

@@ -0,0 +1 @@
+2.7.4

data/.tool-versions

@@ -0,0 +1 @@
+ruby 2.7.4

data/.yardopts

@@ -0,0 +1,4 @@
+--protected
+--private
+-
+LICENSE.md

data/Dangerfile

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+require 'gitlab-dangerfiles'
+
+Gitlab::Dangerfiles.for_project(self, &:import_defaults)

data/Gemfile

@@ -3,6 +3,13 @@ source 'https://rubygems.org'
 # Specify your gem's dependencies in gitlab-rubocop.gemspec
 gemspec
 
+gem "yard"
+
 group :test do
   gem 'gitlab-styles', '~> 3.3.0'
 end
+
+group :development, :test, :danger do
+  gem 'gitlab-dangerfiles', '~> 2.6.1', require: false
+  gem 'guard-rspec', '~> 4.7.3', require: false
+end

data/README.md

@@ -1,4 +1,4 @@
-[![pipeline status](https://gitlab.com/gitlab-org/gitlab-triage/badges/master/pipeline.svg)](https://gitlab.com/gitlab-org/gitlab-triage/commits/master)
+[![pipeline status](https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage/badges/master/pipeline.svg)](https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage/-/commits/master)
 
 # GitLab Triage Project
 
@@ -12,12 +12,13 @@ The `gitlab-triage` gem aims to enable project managers and maintainers to
 automatically triage Issues and Merge Requests in GitLab projects or groups
 based on defined policies.
 
-See [Running locally](#running-locally) for how to specify a project or a
+See [Running with the installed gem](#running-with-the-installed-gem) for how to specify a project or a
 group.
 
 ### What is a triage policy?
 
 Triage policies are defined on a resource level basis, resources being:
+- Epics
 - Issues
 - Merge Requests
 
@@ -90,7 +91,7 @@ resource_rules:
           comment: |
             {{author}} This issue is unlabelled after 5 days. It needs attention. Please take care of this before the end of #{2.days.from_now.strftime('%Y-%m-%d')}
           summarize:
-            destination: gitlab-org/gitlab-triage
+            destination: gitlab-org/ruby/gems/gitlab-triage
             title: |
               #{resource[:type].capitalize} require labels
             item: |
@@ -159,6 +160,7 @@ Available condition types:
 - [`no_additional_labels` condition](#no-additional-labels-condition)
 - [`author_member` condition](#author-member-condition)
 - [`assignee_member` condition](#assignee-member-condition)
+- [`draft` condition](#draft-condition)
 - [`source_branch` condition](#source-branch-condition)
 - [`target_branch` condition](#target-branch-condition)
 - [`weight` condition](#weight-condition)
@@ -191,7 +193,14 @@ conditions:
 
 ##### Milestone condition
 
-Accepts the name of a milestone to filter upon.
+Accepts the name of a milestone to filter upon. Also accepts the following timebox values:
+
+- `none`
+- `any`
+- `upcoming`
+- `started`
+
+See the [`milestone_id` API field documentation](https://docs.gitlab.com/ee/api/issues.html) for their meaning.
 
 Example:
 
@@ -204,11 +213,12 @@ conditions:
 
 Accepts a string.
 
-| State           | Type    | Value     |
-| ---------       | ----    | ------    |
-| Closed issues   | string  | `closed`  |
-| Open issues     | string  | `opened`  |
-| Merged merge requests     | string  | `merged`  |
+| State             | Type    | Value    |
+| ---------         | ----    | ------   |
+| Closed issues/MRs | string  | `closed` |
+| Open issues/MRs   | string  | `opened` |
+| Locked issues     | string  | `locked` |
+| Merged merge requests | string  | `merged` |
 
 Example:
 
@@ -411,7 +421,6 @@ conditions:
 
 Accepts a boolean. If `true` the resource cannot have more labels than those specified by the `labels` condition.
 
-
 Example:
 
 ```yml
@@ -467,8 +476,23 @@ conditions:
     source_id: 9970
 ```
 
+##### Draft condition
+
+**This condition is only applicable for merge requests.**
+
+Accepts a boolean. If `true`, only draft MRs are returned. If `false`, only non-draft MRs are returned.
+
+Example:
+
+```yml
+conditions:
+  draft: true
+```
+
 ##### Source branch condition
 
+**This condition is only applicable for merge requests.**
+
 Accepts the name of a source branch to filter upon.
 
 Example:
@@ -480,6 +504,8 @@ conditions:
 
 ##### Target branch condition
 
+**This condition is only applicable for merge requests.**
+
 Accepts the name of a target branch to filter upon.
 
 Example:
@@ -491,8 +517,9 @@ conditions:
 
 ##### Weight condition
 
+**This condition is only applicable for issues.**
+
 Accepts a string per the [API documentation](https://docs.gitlab.com/ee/api/issues.html#list-issues).
-This condition is only applicable for issues (not merge requests).
 
 | State           | Type    | Value     |
 | ---------       | ----    | ------    |
@@ -716,8 +743,8 @@ The following placeholders are supported:
 - `downvotes`: the resources's downvotes count
 - `title`: the resource's title
 - `web_url`: the web URL pointing to the resource
-- `type`: the type of the resources. For now, only `issues` and
-  `merge_requests` are supported.
+- `full_reference`: the full reference of the resource as `namespace/project#12`, `namespace/project!42`, `namespace/project&72`
+- `type`: the type of the resources. For now, only `issues`, `merge_requests`, and `epics` are supported.
 
 If the resource doesn't respond to the placeholder, or if the field is `nil`,
 the placeholder is not replaced.
@@ -827,8 +854,7 @@ The following placeholders are supported for `summary`:
 
 - `title`: The title of the generated issue
 - `items`: Concatenated markdown separated by a newline for each `item`
-- `type`: The resource type for the summary. For now `issues` or
-  `merge_requests`
+- `type`: The resource type for the summary. For now `issues`, `merge_requests`, or `epics`,
 
 > **Note:**
 > - Both `item` and `summary` fields act like a [comment action](#comment-action),
@@ -957,17 +983,6 @@ resource_rules:
   issues:
     summaries:
       - name: Newest and oldest issues summary
-        actions:
-          summarize:
-            title: "Newest and oldest {{type}} summary"
-            summary: |
-              Please triage the following {{type}}:
-
-              {{items}}
-
-              Please take care of them before the end of #{7.days.from_now.strftime('%Y-%m-%d')}
-
-              /label ~"needs attention"
         rules:
           - name: New issues
             conditions:
@@ -993,6 +1008,17 @@ resource_rules:
                   Please triage the following old {{type}}:
 
                   {{items}}
+        actions:
+          summarize:
+            title: "Newest and oldest {{type}} summary"
+            summary: |
+              Please triage the following {{type}}:
+
+              {{items}}
+
+              Please take care of them before the end of #{7.days.from_now.strftime('%Y-%m-%d')}
+
+              /label ~"needs attention"
 ```
 
 Which could generate an issue like:
@@ -1032,7 +1058,7 @@ Here's a list of currently available Ruby expression API:
 
 | Name                    | Return type     | Description |
 | ----                    | ----            | ----        |
-| resource                | Hash            | The hash containing the raw data of the resource |
+| resource                | Hash            | The hash containing the raw data of the resource. Note that `resource[:type]` is the type of the policy (`issues`, `merge_requests`, or `epics`), not the API `type` field. |
 | author                  | String          | The username of the resource author |
 | milestone               | Milestone       | The milestone attached to the resource |
 | labels                  | [Label]         | A list of labels, having only names |
@@ -1041,7 +1067,7 @@ Here's a list of currently available Ruby expression API:
 | label_events            | [LabelEvent]    | A list of label events on the resource |
 | instance_version        | InstanceVersion | The version for the GitLab instance we're triaging with |
 | project_path            | String          | The path with namespace to the issues or merge requests project |
-| full_resource_reference | String          | A full reference incuding project path to the issue or merge request |
+| full_resource_reference | String          | A full reference including project path to the issue or merge request |
 
 ##### Methods for `MergeRequest` (merge request context)
 
@@ -1130,7 +1156,7 @@ Usage: gitlab-triage [options]
         --init-ci                    Initialize the project with a .gitlab-ci.yml file
 ```
 
-#### Running locally
+#### Running with the installed gem
 
 Triaging against a specific project:
 
@@ -1152,6 +1178,16 @@ gitlab-triage --dry-run --token $GITLAB_API_TOKEN --all-projects
 
 > **Note:** The `--all-projects` option will process all resources for all projects visible to the specified `$GITLAB_API_TOKEN`
 
+#### Running from source
+
+Execute the `gitlab-triage` script from the `./bin` directory.
+
+For example- after cloning this project, from the root `gitlab-triage` directory:
+
+```
+bundle exec bin/gitlab-triage --dry-run --token $GITLAB_API_TOKEN --source-id gitlab-org/triage
+```
+
 #### Running on GitLab CI pipeline
 
 You can enforce policies using a scheduled pipeline:

data/gitlab-triage.gemspec

@@ -9,17 +9,26 @@ Gem::Specification.new do |spec|
   spec.email         = ['gitlab_rubygems@gitlab.com']
 
   spec.summary       = 'GitLab triage automation project.'
-  spec.homepage      = 'https://gitlab.com/gitlab-org/gitlab-triage'
+  spec.homepage      = 'https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage'
   spec.license       = 'MIT'
+  spec.required_ruby_version = Gem::Requirement.new(">= 2.5.0")
 
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(docs|test|spec|features)/})
+  spec.metadata["allowed_push_host"] = "https://rubygems.org"
+
+  spec.metadata["homepage_uri"] = spec.homepage
+  spec.metadata["source_code_uri"] = "https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage"
+  spec.metadata["changelog_uri"] = "https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage/-/releases"
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match?(%r{^(docs?|spec|tmp)/}) }
   end
   spec.bindir        = 'bin'
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
-  spec.add_dependency 'activesupport', '~> 5.1'
+  spec.add_dependency 'activesupport', '>= 5.1'
   spec.add_dependency 'globalid', '~> 0.4'
   spec.add_dependency 'graphql-client', '~> 0.16'
   spec.add_dependency 'httparty', '~> 0.17'

data/lib/gitlab/triage/command_builders/text_content_builder.rb

@@ -29,6 +29,7 @@ module Gitlab
           downvotes: "{{downvotes}}",
           title: "{{title}}",
           web_url: "{{web_url}}",
+          full_reference: "{{references.full}}",
           type: "{{type}}",
           items: "{{items}}"
         }.freeze
@@ -120,7 +121,7 @@ module Gitlab
           return attributes unless redact_confidential_attributes?
 
           case path
-          when 'web_url', 'items', 'type'
+          when 'web_url', 'items', 'type', 'references.full'
             attributes # No need to redact them
           else
             [Resource::Base::CONFIDENTIAL_TEXT]

data/lib/gitlab/triage/engine.rb

@@ -37,6 +37,7 @@ module Gitlab
         issues: %w[opened closed],
         merge_requests: %w[opened closed merged]
       }.with_indifferent_access.freeze
+      MILESTONE_TIMEBOX_VALUES = %w[none any upcoming started].freeze
       EpicsTriagingForProjectImpossibleError = Class.new(StandardError)
 
       def initialize(policies:, options:, network_adapter_class: DEFAULT_NETWORK_ADAPTER, graphql_network_adapter_class: DEFAULT_GRAPHQL_ADAPTER)
@@ -62,16 +63,16 @@ module Gitlab
         puts Gitlab::Triage::UI.header("Triaging the `#{options.source_id}` #{options.source.to_s.singularize}", char: '=')
         puts
 
-        resource_rules.each do |resource_type, resource|
+        resource_rules.each do |resource_type, policy_definition|
           if resource_type == 'epics' && options.source != :groups
             raise(EpicsTriagingForProjectImpossibleError, "Epics can only be triaged at the group level. Please set the `--source groups` option.")
           end
 
-          puts Gitlab::Triage::UI.header("Processing rules for #{resource_type}", char: '-')
+          puts Gitlab::Triage::UI.header("Processing summaries & rules for #{resource_type}", char: '-')
           puts
 
-          process_summaries(resource_type, resource[:summaries])
-          process_rules(resource_type, resource[:rules])
+          process_summaries(resource_type, policy_definition[:summaries])
+          process_rules(resource_type, policy_definition[:rules])
         end
       end
 
@@ -127,71 +128,165 @@ module Gitlab
         rule.fetch(:limits) { {} }
       end
 
-      def process_summaries(resource_type, summaries)
-        return if summaries.blank?
-
-        summaries.each do |summary|
-          process_summary(resource_type, summary)
+      # Process an array of +summary_definitions+.
+      #
+      # @example Example of an array of summary definitions (shown as YAML for readability).
+      #
+      #   - name: Newest and oldest issues summary
+      #     rules:
+      #       - name: New issues
+      #         conditions:
+      #           state: opened
+      #         limits:
+      #           most_recent: 2
+      #         actions:
+      #           summarize:
+      #             item: "- [ ] [{{title}}]({{web_url}}) {{labels}}"
+      #             summary: |
+      #               Please triage the following new {{type}}:
+      #               {{items}}
+      #     actions:
+      #       summarize:
+      #         title: "Newest and oldest {{type}} summary"
+      #         summary: |
+      #           Please triage the following {{type}}:
+      #           {{items}}
+      #           Please take care of them before the end of #{7.days.from_now.strftime('%Y-%m-%d')}
+      #           /label ~"needs attention"
+      #
+      # @param summary_definitions [Array<Hash>] An array usually given as YAML in a triage policy file.
+      #
+      # @return [nil]
+      def process_summaries(resource_type, summary_definitions)
+        return if summary_definitions.blank?
+
+        summary_definitions.each do |summary_definition|
+          process_summary(resource_type, summary_definition)
         end
       end
 
-      def process_rules(resource_type, rules)
-        return if rules.blank?
-
-        rules.each do |rule|
-          resources_for_rule(resource_type, rule) do |resources|
+      # Process an array of +rule_definitions+.
+      #
+      # @example Example of an array of rule definitions.
+      #
+      #   [{ name: "New issues", conditions: { state: opened }, limits: { most_recent: 2 }, actions: { labels: ["needs attention"] } }]
+      #
+      # @param rule_definitions [Array<Hash>] An array usually given as YAML in a triage policy file.
+      #
+      # @return [nil]
+      def process_rules(resource_type, rule_definitions)
+        return if rule_definitions.blank?
+
+        rule_definitions.each do |rule_definition|
+          resources_for_rule(resource_type, rule_definition) do |resources|
             policy = Policies::RulePolicy.new(
-              resource_type, rule, resources, network)
+              resource_type, rule_definition, resources, network)
 
             process_action(policy)
           end
         end
       end
 
-      def process_summary(resource_type, summary)
-        puts Gitlab::Triage::UI.header("Processing summary: **#{summary[:name]}**", char: '~')
+      # Process a +summary_definition+.
+      #
+      # @example Example of a summary definition hash (shown as YAML for readability).
+      #
+      #   name: Newest and oldest issues summary
+      #   rules:
+      #     - name: New issues
+      #       conditions:
+      #         state: opened
+      #       limits:
+      #         most_recent: 2
+      #       actions:
+      #         summarize:
+      #           item: "- [ ] [{{title}}]({{web_url}}) {{labels}}"
+      #           summary: |
+      #             Please triage the following new {{type}}:
+      #             {{items}}
+      #   actions:
+      #     summarize:
+      #       title: "Newest and oldest {{type}} summary"
+      #       summary: |
+      #         Please triage the following {{type}}:
+      #         {{items}}
+      #         Please take care of them before the end of #{7.days.from_now.strftime('%Y-%m-%d')}
+      #         /label ~"needs attention"
+      #
+      # @param resource_type [String] The resource type, e.g. +issues+ or +merge_requests+.
+      # @param summary_definition [Hash] A hash usually given as YAML in a triage policy file:
+      #
+      # @return [nil]
+      def process_summary(resource_type, summary_definition)
+        puts Gitlab::Triage::UI.header("Processing summary: **#{summary_definition[:name]}**", char: '~')
         puts
 
-        summary_parts_for_rules(resource_type, summary[:rules]) do |resources|
+        summary_parts_for_rules(resource_type, summary_definition[:rules]) do |summary_resources|
           policy = Policies::SummaryPolicy.new(
-            resource_type, summary, resources, network)
+            resource_type, summary_definition, summary_resources, network)
 
           process_action(policy)
         end
       end
 
-      def summary_parts_for_rules(resource_type, rules)
+      # Transform an array of +rule_definitions+ into a +PoliciesResources::SummaryResources.new(rule => rule_resources)+ object.
+      #
+      # @example Example of an array of rule definitions.
+      #
+      #   [{ name: "New issues", conditions: { state: opened }, limits: { most_recent: 2 }, actions: { labels: ["needs attention"] } }]
+      #
+      # @param resource_type [String] The resource type, e.g. +issues+ or +merge_requests+.
+      # @param rule_definitions [Array<Hash>] An array of rule definitions, e.g.
+      #                                       +[{ name: 'Foo', conditions: { milestone: 'v1' } }, { name: 'Foo', conditions: { state: 'opened' } }]+.
+      #
+      # @yieldparam summary_resources [PoliciesResources::SummaryResources] An object which contains a +{ rule_definition => resources }+ hash.
+      # @yieldreturn [nil]
+      #
+      # @return [nil]
+      def summary_parts_for_rules(resource_type, rule_definitions)
         # { summary_rule => resources }
-        parts = rules.inject({}) do |result, rule|
-          resources_and_conditions =
-            to_enum(:resources_for_rule, resource_type, rule)
-
-          resources_and_conditions
-            .inject(result) do |result, (resources, conditions)|
-              # { expanded_summary_rule => resources }
-              result.merge(rule.merge(conditions: conditions) => resources)
-            end
+        parts = rule_definitions.each_with_object({}) do |rule_definition, result|
+          to_enum(:resources_for_rule, resource_type, rule_definition).each do |rule_resources, expanded_conditions|
+            # We replace the non-expanded rule conditions with the expanded ones
+            result.merge!(rule_definition.merge(conditions: expanded_conditions) => rule_resources)
+          end
+
+          result
         end
 
         yield(PoliciesResources::SummaryResources.new(parts))
       end
 
-      def resources_for_rule(resource_type, rule)
-        puts Gitlab::Triage::UI.header("Gathering resources for rule: **#{rule[:name]}**", char: '-')
-
-        ExpandCondition.perform(rule_conditions(rule)) do |conditions|
+      # Transform a non-expanded +rule_definition+ into a +PoliciesResources::RuleResources.new(resources)+ object.
+      #
+      # @example Example of a rule definition hash.
+      #
+      #   { name: "New issues", conditions: { state: opened }, limits: { most_recent: 2 }, actions: { labels: ["needs attention"] } }
+      #
+      # @param resource_type [String] The resource type, e.g. +issues+ or +merge_requests+.
+      # @param rule_definition [Hash] A rule definition, e.g. +{ name: 'Foo', conditions: { milestone: 'v1' } }+.
+      #
+      # @yieldparam rule_resources [PoliciesResources::RuleResources] An object which contains an array of resources.
+      # @yieldparam expanded_conditions [Hash] A hash of expanded conditions.
+      # @yieldreturn [nil]
+      #
+      # @return [nil]
+      def resources_for_rule(resource_type, rule_definition)
+        puts Gitlab::Triage::UI.header("Gathering resources for rule: **#{rule_definition[:name]}**", char: '-')
+
+        ExpandCondition.perform(rule_conditions(rule_definition)) do |expanded_conditions|
           # retrieving the resources for every rule is inefficient
           # however, previous rules may affect those upcoming
           resources = []
 
-          if rule[:api] == 'graphql'
-            graphql_query = build_graphql_query(resource_type, conditions, true)
+          if rule_definition[:api] == 'graphql'
+            graphql_query = build_graphql_query(resource_type, expanded_conditions, true)
             resources = graphql_network.query(graphql_query, source: source_full_path)
           else
-            resources = network.query_api(build_get_url(resource_type, conditions))
+            resources = network.query_api(build_get_url(resource_type, expanded_conditions))
             iids = resources.pluck('iid').map(&:to_s)
 
-            graphql_query = build_graphql_query(resource_type, conditions)
+            graphql_query = build_graphql_query(resource_type, expanded_conditions)
             graphql_resources = graphql_network.query(graphql_query, source: source_full_path, iids: iids) if graphql_query.any?
 
             decorate_resources_with_graphql_data(resources, graphql_resources)
@@ -202,28 +297,19 @@ module Gitlab
 
           puts "\n\n* Found #{resources.count} resources..."
           print "* Filtering resources..."
-          resources = filter_resources(resources, conditions)
+          resources = filter_resources(resources, expanded_conditions)
           puts "\n* Total after filtering: #{resources.count} resources"
           print "* Limiting resources..."
-          resources = limit_resources(resources, rule_limits(rule))
+          resources = limit_resources(resources, rule_limits(rule_definition))
           puts "\n* Total after limiting: #{resources.count} resources"
           puts
 
-          yield(PoliciesResources::RuleResources.new(resources), conditions)
+          yield(PoliciesResources::RuleResources.new(resources), expanded_conditions)
         end
       end
 
       def attach_resource_type(resources, resource_type)
         resources.each { |resource| resource[:type] = resource_type }
-        # TODO:                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-        # We should not overwrite the attribute here, but we need to
-        # fix it first. We should instead use something like
-        # gitlab_triage_resource_type so it won't conflict with the
-        # existing fields.
-        # And we need to retain the backward compatibility that using
-        # {{type}} will give us this value, rather than from the REST API,
-        # which will give us ISSUE from:
-        # https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59648
       end
 
       def decorate_resources_with_graphql_data(resources, graphql_resources)
@@ -308,19 +394,20 @@ module Gitlab
             allowed_values: ALLOWED_STATE_VALUES[resource_type])
         end
 
-        condition_builders << APIQueryBuilders::SingleQueryParamBuilder.new('milestone', Array(conditions[:milestone])[0]) if conditions[:milestone]
-        condition_builders << APIQueryBuilders::SingleQueryParamBuilder.new('source_branch', conditions[:source_branch]) if conditions[:source_branch]
-        condition_builders << APIQueryBuilders::SingleQueryParamBuilder.new('target_branch', conditions[:target_branch]) if conditions[:target_branch]
+        condition_builders << milestone_condition_builder(resource_type, conditions[:milestone]) if conditions[:milestone]
 
         if conditions[:date] && APIQueryBuilders::DateQueryParamBuilder.applicable?(conditions[:date])
           condition_builders << APIQueryBuilders::DateQueryParamBuilder.new(conditions.delete(:date))
         end
 
-        if conditions[:weight] && resource_type.to_sym == :issues
-          condition_builders << APIQueryBuilders::SingleQueryParamBuilder.new('weight', conditions[:weight])
+        case resource_type&.to_sym
+        when :issues
+          condition_builders.concat(issues_resource_query(conditions))
+        when :merge_requests
+          condition_builders.concat(merge_requests_resource_query(conditions))
         end
 
-        condition_builders.each do |condition_builder|
+        condition_builders.compact.each do |condition_builder|
           params[condition_builder.param_name] = condition_builder.param_content
         end
 
@@ -334,6 +421,50 @@ module Gitlab
         ).build
       end
 
+      def milestone_condition_builder(resource_type, milestone_condition)
+        milestone_value = Array(milestone_condition)[0].to_s # back-compatibility
+        return if milestone_value.empty?
+
+        # Issues API should use the `milestone_id` param for timebox values, and `milestone` for milestone title
+        args =
+          if resource_type.to_sym == :issues && MILESTONE_TIMEBOX_VALUES.include?(milestone_value.downcase)
+            ['milestone_id', milestone_value.titleize] # The API only accepts titleized values.
+          else
+            ['milestone', milestone_value]
+          end
+
+        APIQueryBuilders::SingleQueryParamBuilder.new(*args)
+      end
+
+      def issues_resource_query(conditions)
+        [].tap do |condition_builders|
+          condition_builders << APIQueryBuilders::SingleQueryParamBuilder.new('weight', conditions[:weight]) if conditions[:weight]
+        end
+      end
+
+      def merge_requests_resource_query(conditions)
+        [].tap do |condition_builders|
+          condition_builders << APIQueryBuilders::SingleQueryParamBuilder.new('source_branch', conditions[:source_branch]) if conditions[:source_branch]
+          condition_builders << APIQueryBuilders::SingleQueryParamBuilder.new('target_branch', conditions[:target_branch]) if conditions[:target_branch]
+          condition_builders << draft_condition_builder(conditions[:draft]) if conditions.key?(:draft)
+        end
+      end
+
+      def draft_condition_builder(draft_condittion)
+        # Issues API only accepts 'yes' and 'no' as strings: https://docs.gitlab.com/ee/api/merge_requests.html
+        wip =
+          case draft_condittion
+          when true
+            'yes'
+          when false
+            'no'
+          else
+            raise ArgumentError, 'The "draft" condition only accepts true or false.'
+          end
+
+        APIQueryBuilders::SingleQueryParamBuilder.new('wip', wip)
+      end
+
       def build_graphql_query(resource_type, conditions, graphql_only = false)
         Gitlab::Triage::GraphqlQueries::QueryBuilder
           .new(options.source, resource_type, conditions, graphql_only: graphql_only)

data/lib/gitlab/triage/entity_builders/issue_builder.rb

@@ -49,7 +49,8 @@ module Gitlab
         end
 
         def description_resource
-          title_resource.merge(title: title, items: items)
+          title_resource.merge(
+            title: title, items: items, resources: @resources)
         end
 
         def items

data/lib/gitlab/triage/graphql_queries/query_builder.rb

@@ -66,7 +66,7 @@ module Gitlab
             fields << 'assignees { nodes { id name username } }' if conditions.key?(:assignee_member)
             fields << 'upvotes' if conditions.dig(:upvotes, :attribute).to_s == 'upvotes'
             fields << 'downvotes' if conditions.dig(:upvotes, :attribute).to_s == 'downvotes'
-            fields << 'mergedAt' if resource_type == 'merge_requests'
+            fields.push('draft', 'mergedAt') if resource_type == 'merge_requests'
           end
 
           fields
@@ -82,21 +82,64 @@ module Gitlab
             condition_queries << QueryParamBuilders::BaseParamBuilder.new('milestoneTitle', condition_params) if condition.to_s == 'milestone'
             condition_queries << QueryParamBuilders::BaseParamBuilder.new('state', condition_params, with_quotes: false) if condition.to_s == 'state'
 
-            if resource_type == 'merge_requests'
-              condition_queries << QueryParamBuilders::LabelsParamBuilder.new('labels', condition_params) if condition.to_s == 'labels'
-              condition_queries << QueryParamBuilders::BaseParamBuilder.new('sourceBranch', condition_params) if condition.to_s == 'source_branch'
-              condition_queries << QueryParamBuilders::BaseParamBuilder.new('targetBranch', condition_params) if condition.to_s == 'target_branch'
-            end
-
-            if resource_type == 'issues'
-              condition_queries << QueryParamBuilders::LabelsParamBuilder.new('labelName', condition_params) if condition.to_s == 'labels'
+            case resource_type
+            when 'issues'
+              condition_queries << issues_label_query(condition, condition_params)
+            when 'merge_requests'
+              condition_queries << merge_requests_label_query(condition, condition_params)
+              condition_queries << merge_requests_resource_query(condition, condition_params)
             end
           end
 
           condition_queries
+            .compact
             .map(&:build_param)
             .join
         end
+
+        def issues_label_query(condition, condition_params)
+          args =
+            case condition.to_s
+            when 'forbidden_labels'
+              ['labelName', condition_params, { negated: true }]
+            when 'labels'
+              ['labelName', condition_params]
+            else
+              return nil
+            end
+
+          QueryParamBuilders::LabelsParamBuilder.new(*args)
+        end
+
+        def merge_requests_resource_query(condition, condition_params)
+          args =
+            case condition.to_s
+            when 'source_branch'
+              ['sourceBranches', condition_params]
+            when 'target_branch'
+              ['targetBranches', condition_params]
+            when 'draft'
+              ['draft', condition_params, { with_quotes: false }]
+            else
+              return nil
+            end
+
+          QueryParamBuilders::BaseParamBuilder.new(*args)
+        end
+
+        def merge_requests_label_query(condition, condition_params)
+          args =
+            case condition.to_s
+            when 'forbidden_labels'
+              ['labels', condition_params, { negated: true }]
+            when 'labels'
+              ['labels', condition_params]
+            else
+              return nil
+            end
+
+          QueryParamBuilders::LabelsParamBuilder.new(*args)
+        end
       end
     end
   end

data/lib/gitlab/triage/graphql_queries/query_param_builders/base_param_builder.rb

@@ -5,18 +5,23 @@ module Gitlab
     module GraphqlQueries
       module QueryParamBuilders
         class BaseParamBuilder
-          attr_reader :param_name, :param_contents, :with_quotes
+          attr_reader :param_name, :param_contents, :with_quotes, :negated
 
-          def initialize(param_name, param_contents, with_quotes: true)
+          def initialize(param_name, param_contents, with_quotes: true, negated: false)
             @param_name = param_name
             @param_contents = param_contents.to_s.strip
             @with_quotes = with_quotes
+            @negated = negated
           end
 
           def build_param
             contents = with_quotes ? Utils.graphql_quote(param_contents) : param_contents
 
-            ", #{param_name}: #{contents}"
+            if negated
+              ", not: { #{param_name}: #{contents} }"
+            else
+              ", #{param_name}: #{contents}"
+            end
           end
         end
       end

data/lib/gitlab/triage/graphql_queries/query_param_builders/labels_param_builder.rb

@@ -6,10 +6,10 @@ module Gitlab
     module GraphqlQueries
       module QueryParamBuilders
         class LabelsParamBuilder < BaseParamBuilder
-          def initialize(param_name, labels)
+          def initialize(param_name, labels, negated: false)
             label_param_content = labels.map { |label| Utils.graphql_quote(label) }.join(', ').then { |content| "[#{content}]" }
 
-            super(param_name, label_param_content, with_quotes: false)
+            super(param_name, label_param_content, with_quotes: false, negated: negated)
           end
         end
       end

data/lib/gitlab/triage/network.rb

@@ -49,7 +49,7 @@ module Gitlab
           when Hash
             resources << results
           else
-            raise Errors::Network::UnexpectedResponse, "Unexpected response: #{results.inspect}"
+            raise_unexpected_response(results)
           end
 
           rate_limit_debug(response) if options.debug
@@ -73,7 +73,14 @@ module Gitlab
         rate_limit_debug(response) if options.debug
         rate_limit_wait(response)
 
-        response.delete(:results).with_indifferent_access
+        results = response.delete(:results)
+
+        case results
+        when Hash
+          results.with_indifferent_access
+        else
+          raise_unexpected_response(results)
+        end
       rescue Net::ReadTimeout
         {}
       end
@@ -95,6 +102,10 @@ module Gitlab
         puts Gitlab::Triage::UI.debug "Rate limit almost exceeded, sleeping for #{response[:ratelimit_reset_at] - Time.now} seconds" if options.debug
         sleep(1) until Time.now >= response[:ratelimit_reset_at]
       end
+
+      def raise_unexpected_response(results)
+        raise Errors::Network::UnexpectedResponse, "Unexpected response: #{results.inspect}"
+      end
     end
   end
 end

data/lib/gitlab/triage/resource/epic.rb

@@ -14,10 +14,6 @@ module Gitlab
             request_group(resource[:group_id])[:full_path]
         end
         alias_method :group_path, :project_path
-
-        def reference
-          '&'
-        end
       end
     end
   end

data/lib/gitlab/triage/resource/issue.rb

@@ -8,10 +8,6 @@ module Gitlab
     module Resource
       class Issue < Base
         include Shared::Issuable
-
-        def reference
-          '#'
-        end
       end
     end
   end

data/lib/gitlab/triage/resource/merge_request.rb

@@ -9,10 +9,6 @@ module Gitlab
       class MergeRequest < Base
         include Shared::Issuable
 
-        def reference
-          '!'
-        end
-
         def first_contribution?
           if resource.key?(:first_contribution)
             resource[:first_contribution]

data/lib/gitlab/triage/resource/shared/issuable.rb

@@ -32,6 +32,8 @@ module Gitlab
             @labels_with_details ||= label_events
               .select { |event| event.action == 'add' && event.label }
               .map(&:label)
+              .sort_by(&:added_at)
+              .reverse
               .uniq(&:name)
               .select { |label| resource[:labels].include?(label.name) }
           end
@@ -55,12 +57,7 @@ module Gitlab
           end
 
           def full_resource_reference
-            @full_resource_reference ||=
-              "#{project_path}#{reference}#{resource[:iid]}"
-          end
-
-          def reference
-            raise NotImplementedError
+            @full_resource_reference ||= resource.dig(:references, :full)
           end
 
           def root_id(

data/lib/gitlab/triage/url_builders/url_builder.rb

@@ -13,6 +13,8 @@ module Gitlab
           @sub_resource_type = options.fetch(:sub_resource_type, nil)
           @resource_id = options.fetch(:resource_id, nil)
           @params = options.fetch(:params, [])
+
+          @params = @params.merge(scope: :all) if @all
         end
 
         def build

data/lib/gitlab/triage/version.rb

@@ -2,6 +2,6 @@
 
 module Gitlab
   module Triage
-    VERSION = '1.18.0'
+    VERSION = '1.22.0'
   end
 end

data/support/.gitlab-ci.example.yml

@@ -8,7 +8,7 @@ dry-run:triage:
   script:
     - gem install gitlab-triage
     - gitlab-triage --help
-    - gitlab-triage --dry-run --token $GITLAB_API_TOKEN --source projects --source-id $CI_PROJECT_PATH
+    - gitlab-triage --dry-run --token $GITLAB_API_TOKEN --host-url $CI_SERVER_URL --source projects --source-id $CI_PROJECT_PATH
   when: manual
   except:
     - schedules
@@ -17,6 +17,6 @@ run:triage:
   stage: triage
   script:
     - gem install gitlab-triage
-    - gitlab-triage --token $GITLAB_API_TOKEN --source projects --source-id $CI_PROJECT_PATH
+    - gitlab-triage --token $GITLAB_API_TOKEN --host-url $CI_SERVER_URL --source projects --source-id $CI_PROJECT_PATH
   only:
     - schedules

metadata

@@ -1,27 +1,27 @@
 --- !ruby/object:Gem::Specification
 name: gitlab-triage
 version: !ruby/object:Gem::Version
-  version: 1.18.0
+  version: 1.22.0
 platform: ruby
 authors:
 - GitLab
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-05-31 00:00:00.000000000 Z
+date: 2022-01-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '5.1'
 - !ruby/object:Gem::Dependency
@@ -148,9 +148,14 @@ files:
 - ".gitignore"
 - ".gitlab-ci.yml"
 - ".gitlab/CODEOWNERS"
+- ".gitlab/changelog_config.yml"
 - ".gitlab/merge_request_templates/Release.md"
 - ".rubocop.yml"
+- ".ruby-version"
+- ".tool-versions"
+- ".yardopts"
 - CONTRIBUTING.md
+- Dangerfile
 - Gemfile
 - Guardfile
 - LICENSE.md
@@ -233,10 +238,14 @@ files:
 - lib/gitlab/triage/version.rb
 - support/.gitlab-ci.example.yml
 - support/.triage-policies.example.yml
-homepage: https://gitlab.com/gitlab-org/gitlab-triage
+homepage: https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage
 licenses:
 - MIT
-metadata: {}
+metadata:
+  allowed_push_host: https://rubygems.org
+  homepage_uri: https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage
+  source_code_uri: https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage
+  changelog_uri: https://gitlab.com/gitlab-org/ruby/gems/gitlab-triage/-/releases
 post_install_message: 
 rdoc_options: []
 require_paths:
@@ -245,7 +254,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="