diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-22 14:31:16 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-10-22 14:31:16 +0300 |
| commit | 905c1110b08f93a19661cf42a276c7ea90d0a0ff (patch) | |
| tree | 756d138db422392c00471ab06acdff92c5a9b69c /doc/user | |
| parent | 50d93f8d1686950fc58dda4823c4835fd0d8c14b (diff) | |
Add latest changes from gitlab-org/gitlab@12-4-stable-ee
Diffstat (limited to 'doc/user')
181 files changed, 2042 insertions, 894 deletions
diff --git a/doc/user/admin_area/appearance.md b/doc/user/admin_area/appearance.md new file mode 100644 index 00000000000..1fea6ab8b02 --- /dev/null +++ b/doc/user/admin_area/appearance.md @@ -0,0 +1,113 @@ +--- +type: howto +disqus_identifier: 'https://docs.gitlab.com/ee/customization/branded_login_page.html' +--- + +# GitLab Appearance **(CORE ONLY)** + +There are several options for customizing the appearance of a self hosted instance +of GitLab. These settings are accessed from the **Admin Area** in the **Appearance** +section. + +## Navigation bar + +By default, the navigation bar has the GitLab logo, but this can be customized with +any image desired. It is optimized for images 28px high (any width), but any image can be +used (less than 1MB) and it will automatically be resized. + + + +Once you select and upload an image, click **Update appearance settings** at the bottom +of the page to activate it in the GitLab instance. + +NOTE: **Note:** +GitLab pipeline emails will also display the custom logo. + +## Favicon + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/14497) in GitLab 11.0. + +By default, the favicon (used by the browser as the tab icon, as well as the CI status icon) +uses the GitLab logo, but this can be customized with any icon desired. It must be a +32x32 `.png` or `.ico` image. + + + +After you select and upload an icon, click **Update appearance settings** at the bottom +of the page to activate it in the GitLab instance. + +## System header and footer messages + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/5023) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.7. +> - [Added](https://gitlab.com/gitlab-org/gitlab-foss/issues/55057) to [GitLab Core](https://about.gitlab.com/pricing/) in 11.9. + +You can add a small header message, a small footer message, or both, to the interface +of your GitLab instance. These messages will appear on all projects and pages of the +instance, including the sign in / sign up page. The default color is white text on +an orange background, but this can be customized by clicking on **Customize colors**. + +Limited [markdown](../markdown.md) is supported, such as bold, italics, and links, for +example. Other markdown features, including lists, images and quotes, are not supported, +as the header and footer messages can only be a single line. + + + +If desired, you can select **Enable header and footer in emails** to have the text of +the header and footer added to all emails sent by the GitLab instance. + +After you add a message, click **Update appearance settings** at the bottom of the page +to activate it in the GitLab instance. + +## Sign in / Sign up pages + +You can replace the default message on the sign in / sign up page with your own message +and logo. You can make full use of [markdown](../markdown.md) in the description: + + + +The optimal size for the logo is 640x360px, but any image can be used (below 1MB) +and it will be resized automatically. The logo image will appear between the title and +the description, on the left of the sign-up page. + + + +After you add a message, click **Update appearance settings** at the bottom of the page +to activate it in the GitLab instance. You can also click on the **Sign-in page** button, +to review the saved appearance settings: + +NOTE: **Note:** +You can add also add a [customized help message](settings/help_page.md) below the sign in message. + +## New project pages + +You can add a new project guidelines message to the **New project page** within GitLab. +You can make full use of [markdown](../markdown.md) in the description: + + + +The message will be displayed below the **New Project** message, on the left side +of the **New project page**. + +After you add a message, click **Update appearance settings** at the bottom of the page +to activate it in the GitLab instance. You can also click on the **New project page** +button, which will bring you to the new project page so you can review the change. + + + +## Libravatar + +[Libravatar](https://www.libravatar.org) is supported by GitLab for avatar images, but you must +[manually enable Libravatar support on the GitLab instance](../../administration/libravatar.md) +in order to use the service. + +<!-- ## Troubleshooting + +Include any troubleshooting steps that you can foresee. If you know beforehand what issues +one might have when setting this up, or when something is changed, or on upgrading, it's +important to describe those, too. Think of things that may go wrong and include them here. +This is important to minimize requests for support, and to avoid doc comments with +questions that you know someone might ask. + +Each scenario can be a third-level heading, e.g. `### Getting error message X`. +If you have none to add when creating a doc, leave this section in place +but commented out to help encourage others to add to it in the future. --> diff --git a/doc/user/admin_area/geo_nodes.md b/doc/user/admin_area/geo_nodes.md index 817b44bfdc8..bbdb9cb07a6 100644 --- a/doc/user/admin_area/geo_nodes.md +++ b/doc/user/admin_area/geo_nodes.md @@ -16,7 +16,7 @@ All Geo nodes have the following settings: | Setting | Description | | --------| ----------- | | Primary | This marks a Geo Node as **primary** node. There can be only one **primary** node; make sure that you first add the **primary** node and then all the others. | -| Name | The unique identifier for the Geo node. Must match the setting `gitlab_rails[geo_node_name]` in `/etc/gitlab/gitlab.rb`. The setting defaults to `external_url` with a trailing slash. | +| Name | The unique identifier for the Geo node. Must match the setting `gitlab_rails['geo_node_name']` in `/etc/gitlab/gitlab.rb`. The setting defaults to `external_url` with a trailing slash. | | URL | The instance's user-facing URL. | The node you're reading from is indicated with a green `Current node` label, and @@ -71,7 +71,7 @@ terminated at the load balancer. In GitLab 11.11, **secondary** nodes can use identical external URLs as long as a unique `name` is set for each Geo node. The `gitlab.rb` setting -`gitlab_rails[geo_node_name]` must: +`gitlab_rails['geo_node_name']` must: - Be set for each GitLab instance that runs `unicorn`, `sidekiq`, or `geo_logcursor`. - Match a Geo node name. diff --git a/doc/user/admin_area/img/appearance_favicon_v12_3.png b/doc/user/admin_area/img/appearance_favicon_v12_3.png Binary files differnew file mode 100644 index 00000000000..b464c9087e9 --- /dev/null +++ b/doc/user/admin_area/img/appearance_favicon_v12_3.png diff --git a/doc/user/admin_area/img/appearance_header_footer_v12_3.png b/doc/user/admin_area/img/appearance_header_footer_v12_3.png Binary files differnew file mode 100644 index 00000000000..aed0ff820fb --- /dev/null +++ b/doc/user/admin_area/img/appearance_header_footer_v12_3.png diff --git a/doc/user/admin_area/img/appearance_header_logo_v12_3.png b/doc/user/admin_area/img/appearance_header_logo_v12_3.png Binary files differnew file mode 100644 index 00000000000..0da56d196c0 --- /dev/null +++ b/doc/user/admin_area/img/appearance_header_logo_v12_3.png diff --git a/doc/user/admin_area/img/appearance_new_project_preview_v12_3.png b/doc/user/admin_area/img/appearance_new_project_preview_v12_3.png Binary files differnew file mode 100644 index 00000000000..621e62e787b --- /dev/null +++ b/doc/user/admin_area/img/appearance_new_project_preview_v12_3.png diff --git a/doc/user/admin_area/img/appearance_new_project_v12_3.png b/doc/user/admin_area/img/appearance_new_project_v12_3.png Binary files differnew file mode 100644 index 00000000000..ae1a8ca0f85 --- /dev/null +++ b/doc/user/admin_area/img/appearance_new_project_v12_3.png diff --git a/doc/user/admin_area/img/appearance_sign_in_preview_v12_3.png b/doc/user/admin_area/img/appearance_sign_in_preview_v12_3.png Binary files differnew file mode 100644 index 00000000000..64bd62c2d32 --- /dev/null +++ b/doc/user/admin_area/img/appearance_sign_in_preview_v12_3.png diff --git a/doc/user/admin_area/img/appearance_sign_in_v12_3.png b/doc/user/admin_area/img/appearance_sign_in_v12_3.png Binary files differnew file mode 100644 index 00000000000..6abe10f8bea --- /dev/null +++ b/doc/user/admin_area/img/appearance_sign_in_v12_3.png diff --git a/doc/user/admin_area/index.md b/doc/user/admin_area/index.md index 9bc0f64b68d..c75a8bcac79 100644 --- a/doc/user/admin_area/index.md +++ b/doc/user/admin_area/index.md @@ -27,12 +27,12 @@ The Admin Area is made up of the following sections: | Applications | Create system [OAuth applications](../../integration/oauth_provider.md) for integrations with other services. | | Abuse Reports | Manage [abuse reports](abuse_reports.md) submitted by your users. | | License **(STARTER ONLY)** | Upload, display, and remove [licenses](license.md). | -| Push Rules **(STARTER)** | Configure pre-defined git [push rules](../../push_rules/push_rules.md) for projects. | +| Push Rules **(STARTER)** | Configure pre-defined Git [push rules](../../push_rules/push_rules.md) for projects. | | Geo **(PREMIUM ONLY)** | Configure and maintain [Geo nodes](geo_nodes.md). | | Deploy Keys | Create instance-wide [SSH deploy keys](../../ssh/README.md#deploy-keys). | | Service Templates | Create [service templates](../project/integrations/services_templates.md) for projects. | | Labels | Create and maintain [labels](labels.md) for your GitLab instance. | -| Appearance | Customize [GitLab's appearance](../../customization/index.md). | +| Appearance | Customize [GitLab's appearance](appearance.md). | | Settings | Modify the [settings](settings/index.md) for your GitLab instance. | ## Admin Dashboard @@ -105,8 +105,16 @@ You can administer all users in the GitLab instance from the Admin Area's Users To access the Users page, go to **Admin Area > Overview > Users**. -Click the **Active**, **Admins**, **2FA Enabled**, or **2FA Disabled**, **External**, or -**Without projects** tab to list only users of that criteria. +To list users matching a specific criteria, click on one of the following tabs on the **Users** page: + +- **Active** +- **Admins** +- **2FA Enabled** +- **2FA Disabled** +- **External** +- **Blocked** +- **Deactivated** +- **Without projects** For each user, their username, email address, are listed, also the date their account was created and the date of last activity. To edit a user, click the **Edit** button in that user's diff --git a/doc/user/admin_area/monitoring/health_check.md b/doc/user/admin_area/monitoring/health_check.md index f5e812cad1b..6439607de33 100644 --- a/doc/user/admin_area/monitoring/health_check.md +++ b/doc/user/admin_area/monitoring/health_check.md @@ -59,7 +59,7 @@ GitLab OK ## Readiness -The readiness probe checks whether the Gitlab instance is ready to use. It checks the dependent services (Database, Redis, Gitaly etc.) and gives a status for each. +The readiness probe checks whether the GitLab instance is ready to use. It checks the dependent services (Database, Redis, Gitaly etc.) and gives a status for each. ```text GET /-/readiness @@ -102,6 +102,9 @@ Example response: ## Liveness +DANGER: **Warning:** +In Gitlab [12.4](https://about.gitlab.com/upcoming-releases/) the response body of the Liveness check will change to match the example below. + The liveness probe checks whether the application server is alive. Unlike the [`health`](#health) check, this check hits the database. ```text @@ -116,28 +119,11 @@ curl 'https://gitlab.example.com/-/liveness' Example response: -On success, the endpoint will return a valid successful HTTP status code, and a response like below. +On success, the endpoint will return a `200` HTTP status code, and a response like below. ```json { - "db_check":{ - "status":"ok" - }, - "redis_check":{ - "status":"ok" - }, - "cache_check":{ - "status":"ok" - }, - "queues_check":{ - "status":"ok" - }, - "shared_state_check":{ - "status":"ok" - }, - "gitaly_check":{ - "status":"ok" - } + "status": "ok" } ``` diff --git a/doc/user/admin_area/settings/account_and_limit_settings.md b/doc/user/admin_area/settings/account_and_limit_settings.md index cdbc6346f3f..a1beee404eb 100644 --- a/doc/user/admin_area/settings/account_and_limit_settings.md +++ b/doc/user/admin_area/settings/account_and_limit_settings.md @@ -17,7 +17,7 @@ details. ## Repository size limit **(STARTER)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/740) in [GitLab Enterprise Edition 8.12](https://about.gitlab.com/2016/09/22/gitlab-8-12-released/#limit-project-size-ee). +> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/740) in [GitLab Enterprise Edition 8.12](https://about.gitlab.com/blog/2016/09/22/gitlab-8-12-released/#limit-project-size-ee). > Available in [GitLab Starter](https://about.gitlab.com/pricing/). Repositories within your GitLab instance can grow quickly, especially if you are diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md index 6ba027dc24a..c60b3323105 100644 --- a/doc/user/admin_area/settings/continuous_integration.md +++ b/doc/user/admin_area/settings/continuous_integration.md @@ -29,14 +29,38 @@ If you want to disable it for a specific project, you can do so in ## Maximum artifacts size **(CORE ONLY)** The maximum size of the [job artifacts](../../../administration/job_artifacts.md) -can be set in the Admin area of your GitLab instance. The value is in *MB* and -the default is 100MB per job; on GitLab.com it's [set to 1G](../../gitlab_com/index.md#gitlab-cicd). +can be set at: -To change it: +- The instance level. +- [From GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/issues/21688), the project and group level. -1. Go to **Admin area > Settings > Continuous Integration and Deployment**. -1. Change the value of maximum artifacts size (in MB). -1. Hit **Save changes** for the changes to take effect. +The value is: + +- In *MB* and the default is 100MB per job. +- [Set to 1G](../../gitlab_com/index.md#gitlab-cicd) on GitLab.com. + +To change it at the: + +- Instance level: + + 1. Go to **Admin area > Settings > Continuous Integration and Deployment**. + 1. Change the value of maximum artifacts size (in MB). + 1. Hit **Save changes** for the changes to take effect. + +- [Group level](../../group/index.md#group-settings) (this will override the instance setting): + + 1. Go to the group's **Settings > CI / CD > General Pipelines**. + 1. Change the value of **maximum artifacts size (in MB)**. + 1. Press **Save changes** for the changes to take effect. + +- [Project level](../../project/pipelines/settings.md) (this will override the instance and group settings): + + 1. Go to the project's **Settings > CI / CD > General Pipelines**. + 1. Change the value of **maximum artifacts size (in MB)**. + 1. Press **Save changes** for the changes to take effect. + +NOTE: **Note** +The setting at all levels is only available to GitLab administrators. ## Default artifacts expiration **(CORE ONLY)** diff --git a/doc/user/admin_area/settings/help_page.md b/doc/user/admin_area/settings/help_page.md new file mode 100644 index 00000000000..a2c99f94d8b --- /dev/null +++ b/doc/user/admin_area/settings/help_page.md @@ -0,0 +1,49 @@ +--- +type: howto +--- + +# Customizing the 'Help' and login page messages + +In large organizations, it is useful to have information about who to contact or where +to go for help. You can customize and display this information on the GitLab server's +`/help` page and on the GitLab login page. + +## Adding a help message to the help page + +You can add a help message, which will be shown on the GitLab `/help` page (e.g., +<https://gitlab.com/help>) in a new section at the top of the `/help` page: + +1. Navigate to **Admin area > Settings > Preferences**, then expand **Help page**. +1. Under **Help page text**, fill in the information you wish to display on `/help`. + +  + +1. Save your changes. You can now see the message on `/help`. + + + +## Adding a help message to the login page **(STARTER)** + +You can add a help message, which will be shown on the GitLab login page in a new section +titled `Need Help?`, located below the login page message: + +1. Navigate to **Admin area > Settings > Preferences**, then expand **Help page**. +1. Under **Help text**, fill in the information you wish to display on the login page. + +  + +1. Save your changes. + + + +<!-- ## Troubleshooting + +Include any troubleshooting steps that you can foresee. If you know beforehand what issues +one might have when setting this up, or when something is changed, or on upgrading, it's +important to describe those, too. Think of things that may go wrong and include them here. +This is important to minimize requests for support, and to avoid doc comments with +questions that you know someone might ask. + +Each scenario can be a third-level heading, e.g. `### Getting error message X`. +If you have none to add when creating a doc, leave this section in place +but commented out to help encourage others to add to it in the future. --> diff --git a/doc/user/admin_area/settings/img/access_restrictions.png b/doc/user/admin_area/settings/img/access_restrictions.png Binary files differdeleted file mode 100644 index 8c5336c7835..00000000000 --- a/doc/user/admin_area/settings/img/access_restrictions.png +++ /dev/null diff --git a/doc/user/admin_area/settings/img/bulk_push_event_v12_4.png b/doc/user/admin_area/settings/img/bulk_push_event_v12_4.png Binary files differnew file mode 100644 index 00000000000..38e666e32ac --- /dev/null +++ b/doc/user/admin_area/settings/img/bulk_push_event_v12_4.png diff --git a/doc/user/admin_area/settings/img/clone_panel_v12_4.png b/doc/user/admin_area/settings/img/clone_panel_v12_4.png Binary files differnew file mode 100644 index 00000000000..8aa0bd2f7d8 --- /dev/null +++ b/doc/user/admin_area/settings/img/clone_panel_v12_4.png diff --git a/doc/user/admin_area/settings/img/custom_git_clone_url_for_https_v12_4.png b/doc/user/admin_area/settings/img/custom_git_clone_url_for_https_v12_4.png Binary files differnew file mode 100644 index 00000000000..22cdd15cc0c --- /dev/null +++ b/doc/user/admin_area/settings/img/custom_git_clone_url_for_https_v12_4.png diff --git a/doc/user/admin_area/settings/img/help_page_help_page_text_ex_v12_3.png b/doc/user/admin_area/settings/img/help_page_help_page_text_ex_v12_3.png Binary files differnew file mode 100644 index 00000000000..9dc7ef28149 --- /dev/null +++ b/doc/user/admin_area/settings/img/help_page_help_page_text_ex_v12_3.png diff --git a/doc/user/admin_area/settings/img/help_page_help_page_text_v12_3.png b/doc/user/admin_area/settings/img/help_page_help_page_text_v12_3.png Binary files differnew file mode 100644 index 00000000000..59d3343db34 --- /dev/null +++ b/doc/user/admin_area/settings/img/help_page_help_page_text_v12_3.png diff --git a/doc/user/admin_area/settings/img/help_page_help_text_ex_v12_3.png b/doc/user/admin_area/settings/img/help_page_help_text_ex_v12_3.png Binary files differnew file mode 100644 index 00000000000..9de26ac0758 --- /dev/null +++ b/doc/user/admin_area/settings/img/help_page_help_text_ex_v12_3.png diff --git a/doc/user/admin_area/settings/img/help_page_help_text_v12_3.png b/doc/user/admin_area/settings/img/help_page_help_text_v12_3.png Binary files differnew file mode 100644 index 00000000000..1b6aad5753a --- /dev/null +++ b/doc/user/admin_area/settings/img/help_page_help_text_v12_3.png diff --git a/doc/user/admin_area/settings/img/import_sources.png b/doc/user/admin_area/settings/img/import_sources.png Binary files differdeleted file mode 100644 index 20829a27dd7..00000000000 --- a/doc/user/admin_area/settings/img/import_sources.png +++ /dev/null diff --git a/doc/user/admin_area/settings/img/protected_paths.png b/doc/user/admin_area/settings/img/protected_paths.png Binary files differnew file mode 100644 index 00000000000..7aa9124b845 --- /dev/null +++ b/doc/user/admin_area/settings/img/protected_paths.png diff --git a/doc/user/admin_area/settings/img/push_event_activities_limit_v12_4.png b/doc/user/admin_area/settings/img/push_event_activities_limit_v12_4.png Binary files differnew file mode 100644 index 00000000000..fd3775ac4d7 --- /dev/null +++ b/doc/user/admin_area/settings/img/push_event_activities_limit_v12_4.png diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md index 2a12614e325..4ca91ae5339 100644 --- a/doc/user/admin_area/settings/index.md +++ b/doc/user/admin_area/settings/index.md @@ -20,6 +20,9 @@ include: - [Visibility and access controls](visibility_and_access_controls.md) - [User and IP rate limits](user_and_ip_rate_limits.md) - [Custom templates repository](instance_template_repository.md) **(PREMIUM)** +- [Protected paths](protected_paths.md) **(CORE ONLY)** +- [Help messages for the `/help` page and the login page](help_page.md) +- [Push event activities limit and bulk push events](push_event_activities_limit.md) NOTE: **Note:** You can change the [first day of the week](../../profile/preferences.md) for the entire GitLab instance diff --git a/doc/user/admin_area/settings/protected_paths.md b/doc/user/admin_area/settings/protected_paths.md new file mode 100644 index 00000000000..21c8d79b138 --- /dev/null +++ b/doc/user/admin_area/settings/protected_paths.md @@ -0,0 +1,76 @@ +--- +type: reference +--- + +# Protected paths **(CORE ONLY)** + +GitLab protects the following paths with Rack Attack by default: + +``` +'/users/password', +'/users/sign_in', +'/api/#{API::API.version}/session.json', +'/api/#{API::API.version}/session', +'/users', +'/users/confirmation', +'/unsubscribes/', +'/import/github/personal_access_token' +``` + +GitLab responds with HTTP status code `429` to POST requests at protected paths +that exceed 10 requests per minute per IP address. + +This header is included in responses to blocked requests: + +``` +Retry-After: 60 +``` + +For example, the following are limited to a maximum 10 requests per minute: + +- User sign-in +- User sign-up (if enabled) +- User password reset + +After 10 requests, the client must wait 60 seconds before it can +try again. + +## Configure using GitLab UI + +> Introduced in [GitLab 12.4](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/31246). + +Throttling of protected paths is enabled by default and can be disabled or +customized on **Admin > Network > Protected Paths**, along with these options: + +- Maximum number of requests per period per user. +- Rate limit period in seconds. +- Paths to be protected. + + + +Requests over the rate limit are logged into `auth.log`. + +## Migrate settings from GitLab 12.3 and earlier + +Omnibus GitLab protected paths throttle is deprecated and is scheduled for removal in +GitLab 13.0. Please see the [GitLab issue](https://gitlab.com/gitlab-org/gitlab/issues/29952) and the [Omnibus GitLab issue](https://gitlab.com/gitlab-org/omnibus-gitlab/issues/4688) for more information. + +NOTE: **Note:** If Omnibus settings are present, applications settings will be automatically ignored to avoid generating multiple requests blocks. + +To migrate from Omnibus GitLab 12.3 and earlier settings: + +1. Disable the Protected Paths throttle from Omnibus, by changing `rack_attack_enabled` value to `false` on [`rack_attack.rb.erb`](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/templates/default/rack_attack.rb.erb#L18): + + ```ruby + rack_attack_enabled = false + ``` + +1. Customize and enable your protected paths settings by following [Configure using GitLab UI](#configure-using-gitlab-ui) section. + +1. Restart GitLab: + + ```bash + sudo gitlab-ctl restart + ``` + +That's it. Protected paths throttle are now managed by GitLab admin settings. diff --git a/doc/user/admin_area/settings/push_event_activities_limit.md b/doc/user/admin_area/settings/push_event_activities_limit.md new file mode 100644 index 00000000000..9850de0f4b3 --- /dev/null +++ b/doc/user/admin_area/settings/push_event_activities_limit.md @@ -0,0 +1,28 @@ +--- +type: reference +--- + +# Push event activities limit and bulk push events + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/31007) in GitLab 12.4. + +This allows you to set the number of changes (branches or tags) in a single push +to determine whether individual push events or bulk push event will be created. +Bulk push events will be created if it surpasses that value. + +For example, if 4 branches are pushed and the limit is currently set to 3, +you'll see the following in the activity feed: + + + +With this feature, when a single push includes a lot of changes (e.g. 1,000 +branches), only 1 bulk push event will be created instead of creating 1,000 push +events. This helps in maintaining good system performance and preventing spam on +the activity feed. + +This setting can be modified in **Admin Area > Settings > Network > Performance Optimization**. +This can also be configured via the [Application settings API](../../../api/settings.md#list-of-settings-that-can-be-accessed-via-api-calls) +as `push_event_activities_limit`. The default value is 3, but it can be greater +than or equal 0. + + diff --git a/doc/user/admin_area/settings/rate_limits_on_raw_endpoints.md b/doc/user/admin_area/settings/rate_limits_on_raw_endpoints.md index 3a6f3a8c20e..29a3591184b 100644 --- a/doc/user/admin_area/settings/rate_limits_on_raw_endpoints.md +++ b/doc/user/admin_area/settings/rate_limits_on_raw_endpoints.md @@ -7,7 +7,7 @@ type: reference > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/30829) in GitLab 12.2. This setting allows you to rate limit the requests to raw endpoints, defaults to `300` requests per minute. -It can be modified in **Admin Area > Network > Performance Optimization**. +It can be modified in **Admin Area > Settings > Network > Performance Optimization**. For example, requests over `300` per minute to `https://gitlab.com/gitlab-org/gitlab-foss/raw/master/app/controllers/application_controller.rb` will be blocked. Access to the raw file will be released after 1 minute. diff --git a/doc/user/admin_area/settings/user_and_ip_rate_limits.md b/doc/user/admin_area/settings/user_and_ip_rate_limits.md index b9d93bf3671..5d49d88d254 100644 --- a/doc/user/admin_area/settings/user_and_ip_rate_limits.md +++ b/doc/user/admin_area/settings/user_and_ip_rate_limits.md @@ -8,7 +8,7 @@ Rate limiting is a common technique used to improve the security and durability of a web application. For more details, see [Rate limits](../../../security/rate_limits.md). -The following limits can be enforced in **Admin Area > Network > User and +The following limits can be enforced in **Admin Area > Settings > Network > User and IP rate limits**: - Unauthenticated requests diff --git a/doc/user/admin_area/settings/visibility_and_access_controls.md b/doc/user/admin_area/settings/visibility_and_access_controls.md index ad08c852332..f718e31e8bd 100644 --- a/doc/user/admin_area/settings/visibility_and_access_controls.md +++ b/doc/user/admin_area/settings/visibility_and_access_controls.md @@ -4,15 +4,7 @@ type: reference # Visibility and access controls **(CORE ONLY)** -GitLab allows administrators to: - -- Control access and visibility to GitLab resources including branches and projects. -- Select from which hosting sites code can be imported into GitLab. -- Select the protocols permitted to access GitLab. -- Enable or disable repository mirroring. -- Prevent non-administrators from deleting projects - ([introduced](https://gitlab.com/gitlab-org/gitlab/issues/5615) in GitLab 12.0). - **(PREMIUM ONLY)** +GitLab allows administrators to enforce specific controls. To access the visibility and access control options: @@ -20,29 +12,111 @@ To access the visibility and access control options: 1. Go to **Admin Area > Settings > General**. 1. Expand the **Visibility and access controls** section. +## Default branch protection + +Branch protection specifies which roles can push to branches and which roles can delete +branches. + +To change the default branch protection: + +1. Select the desired option. +1. Click **Save changes**. + +For more details, see [Protected branches](../../project/protected_branches.md). + +## Default project creation protection + +Project creation protection specifies which roles can create projects. + +To change the default project creation protection: + +1. Select the desired option. +1. Click **Save changes**. + +For more details, see [Default project-creation level](../../group/index.md#default-project-creation-level). + +## Default project deletion protection + +By default, a project can be deleted by anyone with the **Owner** role, either at the project or +group level. + +To ensure only admin users can delete projects: + +1. Check the **Default project deletion protection** checkbox. +1. Click **Save changes**. + +## Default project visibility + +To set the default visibility levels for new projects: + +1. Select the desired default project visibility. +1. Click **Save changes**. + +For more details on project visibility, see [Public access](../../../public_access/public_access.md). + +## Default snippet visibility + +To set the default visibility levels for new snippets: + +1. Select the desired default snippet visibility. +1. Click **Save changes**. + +For more details on snippet visibility, see [Public access](../../../public_access/public_access.md). + +## Default group visibility + +To set the default visibility levels for new groups: + +1. Select the desired default group visibility. +1. Click **Save changes**. + +For more details on group visibility, see [Public access](../../../public_access/public_access.md). + +## Restricted visibility levels + +To set the available visibility levels for new projects and snippets: + +1. Check the desired visibility levels. +1. Click **Save changes**. + +For more details on project visibility, see [Public access](../../../public_access/public_access.md). + ## Import sources -Choose from which hosting sites users can -[import their projects](../../project/import/index.md). +To specify from which hosting sites users can [import their projects](../../project/import/index.md): + +1. Check the checkbox beside the name of each hosting site. +1. Click **Save changes**. + +## Project export - +To enable project export: + +1. Check the **Project export enabled** checkbox. +1. Click **Save changes**. + +For more details, see [Exporting a project and its data](../../../user/project/settings/import_export.md#exporting-a-project-and-its-data). ## Enabled Git access protocols -> [Introduced][ce-4696] in GitLab 8.10. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/4696) in GitLab 8.10. With GitLab's access restrictions, you can select with which protocols users can communicate with GitLab. -From the **Enabled Git access protocols** dropdown, select one of the following: +Disabling an access protocol does not block access to the server itself via those ports. The ports +used for the protocol, SSH or HTTP(S), will still be accessible. The GitLab restrictions apply at the +application level. -- Both SSH and HTTP(S) -- Only SSH -- Only HTTP(s) +To specify the enabled Git access protocols: - +1. Select the desired Git access protocols from the dropdown: + - Both SSH and HTTP(S) + - Only SSH + - Only HTTP(S) +1. Click **Save changes**. -When both SSH and HTTP(S) are enabled, your users can choose either protocol. +When both SSH and HTTP(S) are enabled, users can choose either protocol. When only one protocol is enabled: @@ -57,20 +131,53 @@ On top of these UI restrictions, GitLab will deny all Git actions on the protoco not selected. CAUTION: **Important:** -Starting with [GitLab 10.7][ce-18021], HTTP(s) protocol will be allowed for -git clone/fetch requests done by GitLab Runner from CI/CD Jobs, even if -_Only SSH_ was selected. +Starting with [GitLab 10.7](https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/18021), +HTTP(S) protocol will be allowed for Git clone or fetch requests done by GitLab Runner +from CI/CD jobs, even if _Only SSH_ was selected. -> **Note:** Please keep in mind that disabling an access protocol does not actually -block access to the server itself. The ports used for the protocol, be it SSH or -HTTP, will still be accessible. What GitLab does is restrict access on the -application level. +## Custom Git clone URL for HTTP(S) + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/18422) in GitLab 12.4. + +You can customize project Git clone URLs for HTTP(S). This will affect the clone +panel: + + + +For example, if: + +- Your GitLab instance is at `https://example.com`, then project clone URLs are like + `https://example.com/foo/bar.git`. +- You want clone URLs that look like `https://git.example.com/gitlab/foo/bar.git` instead, + you can set this setting to `https://git.example.com/gitlab/`. + + + +To specify a custom Git clone URL for HTTP(S): + +1. Enter a root URL for **Custom Git clone URL for HTTP(S)**. +1. Click on **Save changes**. + +NOTE: **Note:** +SSH clone URLs can be customized in `gitlab.rb` by setting `gitlab_rails['gitlab_ssh_host']` and +other related settings. + +## RSA, DSA, ECDSA, ED25519 SSH keys + +These options specify the permitted types and lengths for SSH keys. + +To specify a restriction for each key type: + +1. Select the desired option from the dropdown. +1. Click **Save changes**. + +For more details, see [SSH key restrictions](../../../security/ssh_keys_restrictions.md). ## Allow mirrors to be set up for projects -> [Introduced][ee-3586] in GitLab 10.3. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3586) in GitLab 10.3. -This option is enabled by default. By disabling it, both pull and push mirroring will no longer +This option is enabled by default. By disabling it, both [pull and push mirroring](../../../workflow/repository_mirroring.md) will no longer work in every repository and can only be re-enabled by an admin on a per-project basis.  @@ -86,7 +193,3 @@ questions that you know someone might ask. Each scenario can be a third-level heading, e.g. `### Getting error message X`. If you have none to add when creating a doc, leave this section in place but commented out to help encourage others to add to it in the future. --> - -[ce-4696]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/4696 -[ce-18021]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/18021 -[ee-3586]: https://gitlab.com/gitlab-org/gitlab/merge_requests/3586 diff --git a/doc/user/analytics/cycle_analytics.md b/doc/user/analytics/cycle_analytics.md index 7a966f92934..e17202645d3 100644 --- a/doc/user/analytics/cycle_analytics.md +++ b/doc/user/analytics/cycle_analytics.md @@ -1,7 +1,7 @@ # Cycle Analytics > - Introduced prior to GitLab 12.3 at the project level. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/12077) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3 at the group level. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/12077) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3 at the group level. Cycle Analytics measures the time spent to go from an [idea to production] - also known as cycle time - for each of your projects. Cycle Analytics displays the median time for an idea to @@ -169,14 +169,14 @@ For Cycle Analytics functionality introduced in GitLab 12.3 and later: Learn more about Cycle Analytics in the following resources: -- [Cycle Analytics feature page](https://about.gitlab.com/features/cycle-analytics/) -- [Cycle Analytics feature preview](https://about.gitlab.com/2016/09/16/feature-preview-introducing-cycle-analytics/) -- [Cycle Analytics feature highlight](https://about.gitlab.com/2016/09/21/cycle-analytics-feature-highlight/) +- [Cycle Analytics feature page](https://about.gitlab.com/product/cycle-analytics/) +- [Cycle Analytics feature preview](https://about.gitlab.com/blog/2016/09/16/feature-preview-introducing-cycle-analytics/) +- [Cycle Analytics feature highlight](https://about.gitlab.com/blog/2016/09/21/cycle-analytics-feature-highlight/) [ce-5986]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/5986 [ce-20975]: https://gitlab.com/gitlab-org/gitlab-foss/issues/20975 [environment]: ../../ci/yaml/README.md#environment [GitLab flow]: ../../workflow/gitlab_flow.md -[idea to production]: https://about.gitlab.com/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/#from-idea-to-production-with-gitlab +[idea to production]: https://about.gitlab.com/blog/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/#from-idea-to-production-with-gitlab [permissions]: ../permissions.md [yml]: ../../ci/yaml/README.md diff --git a/doc/user/analytics/productivity_analytics.md b/doc/user/analytics/productivity_analytics.md index a53ef56bbf7..09f83dcff4b 100644 --- a/doc/user/analytics/productivity_analytics.md +++ b/doc/user/analytics/productivity_analytics.md @@ -1,6 +1,6 @@ # Productivity Analytics **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/12079) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3 (enabled by feature flags `productivity_analytics`). +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/12079) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3 (enabled by default using the feature flags `productivity_analytics`, `productivity_analytics_scatterplot_enabled`). Track development velocity with Productivity Analytics. @@ -12,6 +12,8 @@ Software Development Life Cycle (SDLC) process, Productivity Analytics provides Productivity can slow down for many reasons ranging from degrading code base to quickly growing teams. In order to investigate, department or team leaders can start by visualizing the time it takes for merge requests to be merged. +By default, a data migration job covering three months of historical data will kick off when deploying Productivity Analytics for the first time. + ## Supported features Productivity Analytics allows GitLab users to: @@ -41,7 +43,7 @@ The following metrics and visualizations are available on a project or group lev - Number of files touched. - Scatterplot showing all MRs merged on a certain date, together with the days it took to complete the action and a 30 day rolling median. - Users can zoom in and out on specific days of interest. -- Table showing list of merge requests with their respective times and size metrics. +- Table showing the list of merge requests with their respective time duration metrics. - Users can sort by any of the above metrics. ## Permissions diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md index ad3f0663ed5..14dae56f087 100644 --- a/doc/user/application_security/container_scanning/index.md +++ b/doc/user/application_security/container_scanning/index.md @@ -87,7 +87,7 @@ The results will be saved as a that you can later download and analyze. Due to implementation limitations, we always take the latest Container Scanning artifact available. Behind the scenes, the -[GitLab Container Scanning analyzer](https://gitlab.com/gitlab-org/security-products/container-scanning) +[GitLab Klar analyzer](https://gitlab.com/gitlab-org/security-products/analyzers/klar/) is used and runs the scans. ## Example @@ -145,6 +145,23 @@ container_scanning: GIT_STRATEGY: fetch ``` +### Available variables + +Container Scanning can be [configured](#overriding-the-container-scanning-template) +using environment variables. + +| Environment Variable | Description | Default | +| ------ | ------ | ------ | +| `KLAR_TRACE` | Set to true to enable more verbose output from klar. | `"false"` | +| `DOCKER_USER` | Username for accessing a Docker registry requiring authentication. | `$CI_REGISTRY_USER` | +| `DOCKER_PASSWORD` | Password for accessing a Docker registry requiring authentication. | `$CI_REGISTRY_PASSWORD` | +| `CLAIR_OUTPUT` | Severity level threshold. Vulnerabilities with severity level higher than or equal to this threshold will be outputted. Supported levels are `Unknown`, `Negligible`, `Low`, `Medium`, `High`, `Critical` and `Defcon1`. | `Unknown` | +| `REGISTRY_INSECURE` | Allow [Klar](https://github.com/optiopay/klar) to access insecure registries (HTTP only). Should only be set to `true` when testing the image locally. | `"false"` | +| `CLAIR_VULNERABILITIES_DB_URL` | This variable is explicitly set in the [services section](https://gitlab.com/gitlab-org/gitlab/blob/30522ca8b901223ac8c32b633d8d67f340b159c1/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml#L17-19) of the `Container-Scanning.gitlab-ci.yml` file and defaults to `clair-vulnerabilities-db`. This value represents the address that the [postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db) is running on and **shouldn't be changed** unless you're running the image locally as described in the [Running the scanning tool](https://gitlab.com/gitlab-org/security-products/analyzers/klar/#running-the-scanning-tool) section of the [klar readme](https://gitlab.com/gitlab-org/security-products/analyzers/klar). | `clair-vulnerabilities-db` | +| `CI_APPLICATION_REPOSITORY` | Docker repository URL for the image to be scanned. | `$CI_REGISTRY_IMAGE/$CI_COMMIT_REF_SLUG` | +| `CI_APPLICATION_TAG` | Docker respository tag for the image to be scanned. | `$CI_COMMIT_SHA` | +| `CLAIR_DB_IMAGE_TAG` | The Docker image tag for the [postgres server hosting the vulnerabilities definitions](https://hub.docker.com/r/arminc/clair-db). It can be useful to override this value with a specific version, for example, to provide a consistent set of vulnerabilities for integration testing purposes. | `latest` | + ## Security Dashboard The Security Dashboard is a good place to get an overview of all the security diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index e90f219337b..951c4b9dd73 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -81,8 +81,15 @@ variables: There are two ways to define the URL to be scanned by DAST: -- Set the `DAST_WEBSITE` [variable](../../../ci/yaml/README.md#variables). -- Add it in an `environment_url.txt` file at the root of your project. +1. Set the `DAST_WEBSITE` [variable](../../../ci/yaml/README.md#variables). + +1. Add it in an `environment_url.txt` file at the root of your project. + This is great for testing in dynamic environments. In order to run DAST against + an app that is dynamically created during a Gitlab CI pipeline, have the app + persist its domain in an `environment_url.txt` file, and DAST will + automatically parse that file to find its scan target. + You can see an [example](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml) + of this in our Auto DevOps CI YML. If both values are set, the `DAST_WEBSITE` value will take precedence. diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index b2f754c17bd..9f87d79025e 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -55,7 +55,7 @@ The following languages and dependency managers are supported. |----------------------------- | --------- | ------------ | | Java ([Gradle](https://gradle.org/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab/issues/13075 "Dependency Scanning for Gradle" )) | not available | | Java ([Maven](https://maven.apache.org/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) | -| JavaScript ([npm](https://www.npmjs.com/), [yarn](https://yarnpkg.com/en/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium), [Retire.js](https://retirejs.github.io/retire.js) | +| JavaScript ([npm](https://www.npmjs.com/), [yarn](https://yarnpkg.com/en/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium), [Retire.js](https://retirejs.github.io/retire.js/) | | Go ([Golang](https://golang.org/)) | not currently ([issue](https://gitlab.com/gitlab-org/gitlab/issues/7132 "Dependency Scanning for Go")) | not available | | PHP ([Composer](https://getcomposer.org/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) | | Python ([pip](https://pip.pypa.io/en/stable/)) | yes | [gemnasium](https://gitlab.com/gitlab-org/security-products/gemnasium) | diff --git a/doc/user/application_security/img/dismissed_info.png b/doc/user/application_security/img/dismissed_info.png Binary files differdeleted file mode 100644 index b4470b664d2..00000000000 --- a/doc/user/application_security/img/dismissed_info.png +++ /dev/null diff --git a/doc/user/application_security/img/dismissed_info_v12_3.png b/doc/user/application_security/img/dismissed_info_v12_3.png Binary files differnew file mode 100644 index 00000000000..92037493eaa --- /dev/null +++ b/doc/user/application_security/img/dismissed_info_v12_3.png diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md index 0e52496ec43..e9f5898950e 100644 --- a/doc/user/application_security/index.md +++ b/doc/user/application_security/index.md @@ -57,7 +57,7 @@ This workflow comes with some drawbacks and there's a ## Interacting with the vulnerabilities -> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing) 10.8. +> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.8. CAUTION: **Warning:** This feature is currently [Alpha](https://about.gitlab.com/handbook/product/#alpha-beta-ga) and while you can start using it, it may receive important changes in the future. @@ -84,13 +84,15 @@ If you wish to undo this dismissal, you can click the **Undo dismiss** button. #### Adding a dismissal reason -> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.0. +> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0. When dismissing a vulnerability, it's often helpful to provide a reason for doing so. -If you press the comment button next to **Dismiss vulnerability** in the modal, a text box will appear, allowing you to add a comment with your dismissal. -This comment can not currently be edited or removed, but [future versions](https://gitlab.com/gitlab-org/gitlab/issues/11721) will add this functionality. +If you press the comment button next to **Dismiss vulnerability** in the modal, +a text box will appear, allowing you to add a comment with your dismissal. +Once added, you can edit it or delete it. This allows you to add and update +context for a vulnerability as you learn more over time. - + ### Creating an issue for a vulnerability @@ -110,7 +112,7 @@ the vulnerability will now have an associated issue next to the name. ### Solutions for vulnerabilities (auto-remediation) -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/5656) in [GitLab Ultimate](https://about.gitlab.com/pricing) 11.7. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/5656) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.7. Some vulnerabilities can be fixed by applying the solution that GitLab automatically generates. The following scanners are supported: @@ -134,7 +136,7 @@ generated by GitLab. To apply the fix: #### Creating a merge request from a vulnerability -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9224) in [GitLab Ultimate](https://about.gitlab.com/pricing) 11.9. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9224) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.9. In certain cases, GitLab will allow you to create a merge request that will automatically remediate the vulnerability. Any vulnerability that has a @@ -148,10 +150,10 @@ Clicking on this button will create a merge request to apply the solution onto t ## Security approvals in merge requests **(ULTIMATE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9928) in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.2. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9928) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.2. Merge Request Approvals can be configured to require approval from a member -of your security team when a vulnerability would be introduced by a merge request. +of your security team when a vulnerability, or a software license compliance violation would be introduced by a merge request. This threshold is defined as `high`, `critical`, or `unknown` severity. When any vulnerabilities are present within a merge request, an @@ -178,6 +180,29 @@ An approval will be optional when a security report: - Contains no new vulnerabilities. - Contains only new vulnerabilities of `low` or `medium` severity. +### Enabling License Approvals within a project + +To enable License Approvals, a [project approval rule](../project/merge_requests/merge_request_approvals.md#multiple-approval-rules-premium) +must be created with the case-sensitive name `License-Check`. This approval +group must be set with an "Approvals required" count greater than zero. + +Once this group has been added to your project, the approval rule will be enabled +for all Merge Requests. To configure how this rule behaves, you can choose which +licenses to `approve` or `blacklist` in the +[project policies for License Compliance](license_compliance/index.md#project-policies-for-license-compliance) section. + +Any code changes made will cause the count of approvals required to reset. + +An approval will be required when a license report: + +- Contains a dependency that includes a software license that is `blacklisted`. +- Is not generated during pipeline execution. + +An approval will be optional when a license report: + +- Contains no software license violations. +- Contains only new licenses that are `approved` or unknown. + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/application_security/license_compliance/index.md b/doc/user/application_security/license_compliance/index.md index fb361acf6e8..75a3b33e32e 100644 --- a/doc/user/application_security/license_compliance/index.md +++ b/doc/user/application_security/license_compliance/index.md @@ -60,7 +60,7 @@ The following languages and package managers are supported. | Elixir | [mix](https://elixir-lang.org/getting-started/mix-otp/introduction-to-mix.html) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) |[License Finder](https://github.com/pivotal/LicenseFinder)| | C++/C | [conan](https://conan.io/) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types))|[License Finder](https://github.com/pivotal/LicenseFinder)| | Scala | [sbt](https://www.scala-sbt.org/) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types))|[License Finder](https://github.com/pivotal/LicenseFinder)| -| Rust | [cargo](https://crates.io/) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types))|[License Finder](https://github.com/pivotal/LicenseFinder)| +| Rust | [cargo](https://crates.io) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types))|[License Finder](https://github.com/pivotal/LicenseFinder)| | PHP | [composer](https://getcomposer.org/) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types))|[License Finder](https://github.com/pivotal/LicenseFinder)| ## Requirements diff --git a/doc/user/application_security/sast/analyzers.md b/doc/user/application_security/sast/analyzers.md index a1bd00f34e3..76a566f7514 100644 --- a/doc/user/application_security/sast/analyzers.md +++ b/doc/user/application_security/sast/analyzers.md @@ -1,7 +1,3 @@ ---- -table_display_block: true ---- - # SAST Analyzers **(ULTIMATE)** SAST relies on underlying third party tools that are wrapped into what we call @@ -19,7 +15,7 @@ SAST supports the following official analyzers: - [`bandit`](https://gitlab.com/gitlab-org/security-products/analyzers/bandit) (Bandit) - [`brakeman`](https://gitlab.com/gitlab-org/security-products/analyzers/brakeman) (Brakeman) -- [`eslint`](https://gitlab.com/gitlab-org/security-products/analyzers/eslint) (ESLint (Javascript)) +- [`eslint`](https://gitlab.com/gitlab-org/security-products/analyzers/eslint) (ESLint (JavaScript)) - [`flawfinder`](https://gitlab.com/gitlab-org/security-products/analyzers/flawfinder) (Flawfinder) - [`gosec`](https://gitlab.com/gitlab-org/security-products/analyzers/gosec) (Gosec) - [`nodejs-scan`](https://gitlab.com/gitlab-org/security-products/analyzers/nodejs-scan) (NodeJsScan) diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index 0618c14a3d1..cb54d9f3853 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -45,12 +45,15 @@ The results are sorted by the priority of the vulnerability: ## Requirements -To run a SAST job, you need GitLab Runner with the +To run a SAST job, by default, you need GitLab Runner with the [`docker`](https://docs.gitlab.com/runner/executors/docker.html#use-docker-in-docker-with-privileged-mode) or [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html#running-privileged-containers-for-the-runners) executor running in privileged mode. If you're using the shared Runners on GitLab.com, this is enabled by default. +Privileged mode is not necessary if you've [disabled Docker in Docker +for SAST](#disabling-docker-in-docker-for-sast) + CAUTION: **Caution:** If you use your own Runners, make sure that the Docker version you have installed is **not** `19.03.00`. See [troubleshooting information](#error-response-from-daemon-error-processing-tar-file-docker-tar-relocation-error) for details. @@ -62,14 +65,14 @@ The following table shows which languages, package managers and frameworks are s | Language (package managers) / framework | Scan tool | Introduced in GitLab Version | |-----------------------------------------------------------------------------|----------------------------------------------------------------------------------------|------------------------------| | .NET | [Security Code Scan](https://security-code-scan.github.io) | 11.0 | -| Any | [Gitleaks](https://github.com/zricethezav/gitleaks) and [TruffleHog](https://github.com/dxa4481/truffleHog) | 11.9 | +| Any | [Gitleaks](https://github.com/zricethezav/gitleaks) and [TruffleHog](https://github.com/dxa4481/truffleHog) | 11.9 | | Apex (Salesforce) | [pmd](https://pmd.github.io/pmd/index.html) | 12.1 | -| C/C++ | [Flawfinder](https://www.dwheeler.com/flawfinder/) | 10.7 | +| C/C++ | [Flawfinder](https://dwheeler.com/flawfinder/) | 10.7 | | Elixir (Phoenix) | [Sobelow](https://github.com/nccgroup/sobelow) | 11.10 | | Go | [Gosec](https://github.com/securego/gosec) | 10.7 | | Groovy ([Ant](https://ant.apache.org/), [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/) and [SBT](https://www.scala-sbt.org/)) | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin | 11.3 (Gradle) & 11.9 (Ant, Maven, SBT) | | Java ([Ant](https://ant.apache.org/), [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/) and [SBT](https://www.scala-sbt.org/)) | [SpotBugs](https://spotbugs.github.io/) with the [find-sec-bugs](https://find-sec-bugs.github.io/) plugin | 10.6 (Maven), 10.8 (Gradle) & 11.9 (Ant, SBT) | -| Javascript | [ESLint security plugin](https://github.com/nodesecurity/eslint-plugin-security) | 11.8 | +| JavaScript | [ESLint security plugin](https://github.com/nodesecurity/eslint-plugin-security) | 11.8 | | Node.js | [NodeJsScan](https://github.com/ajinabraham/NodeJsScan) | 11.1 | | PHP | [phpcs-security-audit](https://github.com/FloeDesignTechnologies/phpcs-security-audit) | 10.8 | | Python ([pip](https://pip.pypa.io/en/stable/)) | [bandit](https://github.com/PyCQA/bandit) | 10.3 | @@ -110,10 +113,9 @@ is used to detect the languages/frameworks and in turn runs the matching scan to ### Customizing the SAST settings -The SAST settings can be changed through environment variables by using the +The SAST settings can be changed through [environment variables](#available-variables) +by using the [`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`. -These variables are documented in the -[SAST tool documentation](https://gitlab.com/gitlab-org/security-products/sast#settings). In the following example, we include the SAST template and at the same time we set the `SAST_GOSEC_LEVEL` variable to `2`: @@ -129,7 +131,22 @@ variables: Because the template is [evaluated before](../../../ci/yaml/README.md#include) the pipeline configuration, the last mention of the variable will take precedence. -#### Using a variable to pass username and password to a private Maven repository +### Overriding the SAST template + +If you want to override the job definition (for example, change properties like +`variables` or `dependencies`), you need to declare a `sast` job after the +template inclusion and specify any additional keys under it. For example: + +```yaml +include: + template: SAST.gitlab-ci.yml + +sast: + variables: + CI_DEBUG_TRACE: "true" +``` + +### Using a variable to pass username and password to a private Maven repository If you have a private Apache Maven repository that requires login credentials, you can use the `MAVEN_CLI_OPTS` [environment variable](#available-variables) @@ -137,28 +154,28 @@ to pass a username and password. You can set it under your project's settings so that your credentials aren't exposed in `.gitlab-ci.yml`. If the username is `myuser` and the password is `verysecret` then you would -set the following [variable](../../../ci/variables/README.md#via-the-ui) +[set the following variable](../../../ci/variables/README.md#via-the-ui) under your project's settings: | Type | Key | Value | | ---- | --- | ----- | | Variable | `MAVEN_CLI_OPTS` | `-Drepository.password=verysecret -Drepository.user=myuser` | -### Overriding the SAST template +### Disabling Docker in Docker for SAST -If you want to override the job definition (for example, change properties like -`variables` or `dependencies`), you need to declare a `sast` job after the -template inclusion and specify any additional keys under it. For example: +You can avoid the need for Docker in Docker by running the individual analyzers. +This does not require running the executor in privileged mode. For example: ```yaml include: template: SAST.gitlab-ci.yml -sast: - variables: - CI_DEBUG_TRACE: "true" +variables: + SAST_DISABLE_DIND: "true" ``` +This will create individual `<analyzer-name>-sast` jobs for each analyzer that runs in your CI/CD pipeline. + ### Available variables SAST can be [configured](#customizing-the-sast-settings) using environment variables. @@ -173,9 +190,10 @@ The following are Docker image-related variables. | `SAST_ANALYZER_IMAGE_PREFIX` | Override the name of the Docker registry providing the default images (proxy). Read more about [customizing analyzers](analyzers.md). | | `SAST_ANALYZER_IMAGE_TAG` | Override the Docker tag of the default images. Read more about [customizing analyzers](analyzers.md). | | `SAST_DEFAULT_ANALYZERS` | Override the names of default images. Read more about [customizing analyzers](analyzers.md). | +| `SAST_DISABLE_DIND` | Disable Docker in Docker and run analyzers [individually](#disabling-docker-in-docker-for-sast). | | `SAST_PULL_ANALYZER_IMAGES` | Pull the images from the Docker registry (set to 0 to disable). Read more about [customizing analyzers](analyzers.md). | -### Vulnerability filters +#### Vulnerability filters Some analyzers make it possible to filter out vulnerabilities under a given threshold. @@ -188,7 +206,7 @@ Some analyzers make it possible to filter out vulnerabilities under a given thre | `SAST_GOSEC_LEVEL` | 0 | Ignore gosec vulnerabilities under given confidence level. Integer, 0=Undefined, 1=Low, 2=Medium, 3=High. | | | `SAST_EXCLUDED_PATHS` | - | Exclude vulnerabilities from output based on the paths. This is a comma-separated list of patterns. Patterns can be globs, file or folder paths. Parent directories will also match patterns. | `SAST_EXCLUDED_PATHS=doc,spec` | -### Timeouts +#### Timeouts The following variables configure timeouts. @@ -198,7 +216,7 @@ The following variables configure timeouts. | `SAST_PULL_ANALYZER_IMAGE_TIMEOUT` | 5m | Time limit when pulling the image of an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". For example, "300ms", "1.5h" or "2h45m". | | `SAST_RUN_ANALYZER_TIMEOUT` | 20m | Time limit when running an analyzer. Timeouts are parsed using Go's [`ParseDuration`](https://golang.org/pkg/time/#ParseDuration). Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". For example, "300ms", "1.5h" or "2h45m".| -### Analyzer settings +#### Analyzer settings Some analyzers can be customized with environment variables. diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md index 999b98bfa3d..0e26206f070 100644 --- a/doc/user/application_security/security_dashboard/index.md +++ b/doc/user/application_security/security_dashboard/index.md @@ -36,7 +36,7 @@ To use the group, project or pipeline security dashboard: ## Pipeline Security Dashboard -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/13496) in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.3. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/13496) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.3. At the pipeline level, the Security Dashboard displays the vulnerabilities present in the branch of the project the pipeline was run against. @@ -46,7 +46,7 @@ Visit the page for any pipeline which has run any of the [supported reports](#su ## Project Security Dashboard -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6165) in [GitLab Ultimate](https://about.gitlab.com/pricing) 11.1. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6165) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.1. At the project level, the Security Dashboard displays the latest security reports for your project. Use it to find and fix vulnerabilities affecting the @@ -56,7 +56,7 @@ for your project. Use it to find and fix vulnerabilities affecting the ## Group Security Dashboard -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6709) in [GitLab Ultimate](https://about.gitlab.com/pricing) 11.5. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6709) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.5. The group Security Dashboard gives an overview of the vulnerabilities of all the projects in a group and its subgroups. diff --git a/doc/user/asciidoc.md b/doc/user/asciidoc.md index 862316b57da..b4d3cb58e97 100644 --- a/doc/user/asciidoc.md +++ b/doc/user/asciidoc.md @@ -6,7 +6,7 @@ Consult the [Asciidoctor User Manual](https://asciidoctor.org/docs/user-manual/) ## Syntax Here's a brief reference of the most commonly used AsciiDoc syntax. -You can find the full documentation for the AsciiDoc syntax at <https://asciidoctor.org/docs>. +You can find the full documentation for the AsciiDoc syntax at <https://asciidoctor.org/docs/>. ### Paragraphs @@ -44,7 +44,7 @@ monospaced font: An admonition paragraph grabs the reader's attention: ```asciidoc -NOTE: This is a brief reference, please read the full documentation at https://asciidoctor.org/docs. +NOTE: This is a brief reference, please read the full documentation at https://asciidoctor.org/docs/. TIP: Lists can be indented. Leading whitespace is not significant. ``` diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md index 8a53b4c0e47..dc6f859e881 100644 --- a/doc/user/clusters/applications.md +++ b/doc/user/clusters/applications.md @@ -62,7 +62,7 @@ can lead to confusion during deployments. > - Introduced in GitLab 10.2 for project-level clusters. > - Introduced in GitLab 11.6 for group-level clusters. -[Helm](https://docs.helm.sh/) is a package manager for Kubernetes and is +[Helm](https://helm.sh/docs/) is a package manager for Kubernetes and is required to install all the other applications. It is installed in its own pod inside the cluster which can run the `helm` CLI in a safe environment. @@ -86,11 +86,16 @@ NOTE: **Note:** The [jetstack/cert-manager](https://github.com/jetstack/cert-manager) chart is used to install this application with a -[`values.yaml`](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/vendor/cert_manager/values.yaml) +[`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/cert_manager/values.yaml) file. Prior to GitLab 12.3, the [stable/cert-manager](https://github.com/helm/charts/tree/master/stable/cert-manager) chart was used. +NOTE: **Note:** +If you have installed cert-manager prior to GitLab 12.3, Let's Encrypt will +[block requests from older versions of cert-manager](https://community.letsencrypt.org/t/blocking-old-cert-manager-versions/98753). +To resolve this, uninstall cert-manager (consider [backing up any additional configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html)), then install cert-manager again. + ### GitLab Runner > - Introduced in GitLab 10.6 for project-level clusters. @@ -106,11 +111,10 @@ mode** by default. Make sure you read the [security implications](../project/clusters/index.md#security-implications) before doing so. NOTE: **Note:** -The -[runner/gitlab-runner](https://gitlab.com/gitlab-org/charts/gitlab-runner) +The [`runner/gitlab-runner`](https://gitlab.com/gitlab-org/charts/gitlab-runner) chart is used to install this application with a -[`values.yaml`](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/vendor/runner/values.yaml) -file. +[`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/runner/values.yaml) +file. Customizing installation by modifying this file is not supported. ### Ingress @@ -123,23 +127,26 @@ web proxy for your applications and is useful if you want to use [Auto DevOps](../../topics/autodevops/index.md) or deploy your own web apps. NOTE: **Note:** -The -[stable/nginx-ingress](https://github.com/helm/charts/tree/master/stable/nginx-ingress) +The [`stable/nginx-ingress`](https://github.com/helm/charts/tree/master/stable/nginx-ingress) chart is used to install this application with a -[`values.yaml`](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/vendor/ingress/values.yaml) +[`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/ingress/values.yaml) file. -#### Modsecurity Application Firewall +#### Web Application Firewall (ModSecurity) > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/65192) in GitLab 12.3 (enabled using `ingress_modsecurity` [feature flag](../../development/feature_flags/development.md#enabling-a-feature-flag-in-development)). -GitLab supports +Out of the box, GitLab provides you real-time security monitoring with [`modsecurity`](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#modsecurity) -to check requests against [OWASP's Core Rule Set](https://www.modsecurity.org/CRS/Documentation/). + +Modsecurity is a toolkit for real-time web application monitoring, logging, +and access control. With GitLab's offering, the [OWASP's Core Rule Set](https://www.modsecurity.org/CRS/Documentation/), which provides generic attack detection capabilities, +is automatically applied. + This feature: - Runs in "Detection-only mode" unless configured otherwise. -- Is viewable by checking your ingress controller's `modsec` log for rule violations. +- Is viewable by checking your Ingress controller's `modsec` log for rule violations. For example: ```sh @@ -160,7 +167,7 @@ application for the changes to take effect. ### JupyterHub > - Introduced in GitLab 11.0 for project-level clusters. -> - Introduced in GitLab 12.3 for group-level clusters. +> - Introduced in GitLab 12.3 for group and instance-level clusters. [JupyterHub](https://jupyterhub.readthedocs.io/en/stable/) is a multi-user service for managing notebooks across a team. [Jupyter @@ -176,7 +183,7 @@ higher](../permissions.md) access to the associated project or group. We use a [custom Jupyter image](https://gitlab.com/gitlab-org/jupyterhub-user-image/blob/master/Dockerfile) that installs additional useful packages on top of the base Jupyter. You -will also see ready-to-use DevOps Runbooks built with Nurtch's [Rubix library](https://github.com/amit1rrr/rubix). +will also see ready-to-use DevOps Runbooks built with Nurtch's [Rubix library](https://github.com/Nurtch/rubix). More information on creating executable runbooks can be found in [our Runbooks @@ -185,15 +192,15 @@ Ingress must be installed and have an IP address assigned before JupyterHub can be installed. NOTE: **Note:** -The -[jupyter/jupyterhub](https://jupyterhub.github.io/helm-chart/) +The [`jupyter/jupyterhub`](https://jupyterhub.github.io/helm-chart/) chart is used to install this application with a -[`values.yaml`](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/vendor/jupyter/values.yaml) +[`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/jupyter/values.yaml) file. #### Jupyter Git Integration > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/28783) in GitLab 12.0 for project-level clusters. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/32512) in GitLab 12.3 for group and instance-level clusters. When installing JupyterHub onto your Kubernetes cluster, [JupyterLab's Git extension](https://github.com/jupyterlab/jupyterlab-git) is automatically provisioned and configured using the authenticated user's: @@ -223,7 +230,7 @@ You can clone repositories from the files tab in Jupyter: > - Introduced in GitLab 11.5 for project-level clusters. > - Introduced in GitLab 12.3 for group- and instance-level clusters. -[Knative](https://cloud.google.com/knative) provides a platform to +[Knative](https://cloud.google.com/knative/) provides a platform to create, deploy, and manage serverless workloads from a Kubernetes cluster. It is used in conjunction with, and includes [Istio](https://istio.io) to provide an external IP address for all @@ -234,12 +241,11 @@ domain where your applications will be exposed. Configure your DNS server to use the external IP address for that domain. For any application created and installed, they will be accessible as `<program_name>.<kubernetes_namespace>.<domain_name>`. This will require -your kubernetes cluster to have [RBAC +your Kubernetes cluster to have [RBAC enabled](../project/clusters/index.md#rbac-cluster-resources). NOTE: **Note:** -The -[knative/knative](https://storage.googleapis.com/triggermesh-charts) +The [`knative/knative`](https://storage.googleapis.com/triggermesh-charts) chart is used to install this application. ### Prometheus @@ -252,10 +258,9 @@ open-source monitoring and alerting system useful to supervise your deployed applications. NOTE: **Note:** -The -[stable/prometheus](https://github.com/helm/charts/tree/master/stable/prometheus) +The [`stable/prometheus`](https://github.com/helm/charts/tree/master/stable/prometheus) chart is used to install this application with a -[`values.yaml`](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/vendor/prometheus/values.yaml) +[`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/prometheus/values.yaml) file. ## Upgrading applications @@ -281,7 +286,7 @@ To upgrade an application: NOTE: **Note:** Upgrades will reset values back to the values built into the `runner` chart plus the values set by -[`values.yaml`](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/vendor/runner/values.yaml) +[`values.yaml`](https://gitlab.com/gitlab-org/gitlab/blob/master/vendor/runner/values.yaml) ## Uninstalling applications @@ -293,7 +298,7 @@ The applications below can be uninstalled. | ----------- | -------------- | ----- | | Cert-Manager | 12.2+ | The associated private key will be deleted and cannot be restored. Deployed applications will continue to use HTTPS, but certificates will not be renewed. Before uninstalling, you may wish to [back up your configuration](https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html) or [revoke your certificates](https://letsencrypt.org/docs/revoking/) | | GitLab Runner | 12.2+ | Any running pipelines will be canceled. | -| Helm | 12.2+ | The associated Tiller pod will be deleted and cannot be restored. | +| Helm | 12.2+ | The associated Tiller pod, the `gitlab-managed-apps` namespace, and all of its resources will be deleted and cannot be restored. | | Ingress | 12.1+ | The associated load balancer and IP will be deleted and cannot be restored. Furthermore, it can only be uninstalled if JupyterHub is not installed. | | JupyterHub | 12.1+ | All data not committed to GitLab will be deleted and cannot be restored. | | Knative | 12.1+ | The associated IP will be deleted and cannot be restored. | diff --git a/doc/user/clusters/environments.md b/doc/user/clusters/environments.md index 4aef871af55..f83be85726a 100644 --- a/doc/user/clusters/environments.md +++ b/doc/user/clusters/environments.md @@ -1,6 +1,7 @@ # Cluster Environments **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/13392) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/13392) for group-level clusters in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/14809) for instance-level clusters in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4. Cluster environments provide a consolidated view of which CI [environments](../../ci/environments.md) are deployed to the Kubernetes cluster and it: @@ -10,12 +11,6 @@ deployed to the Kubernetes cluster and it: ## Overview -NOTE: **Note:** -Cluster environments are only available for -[group-level clusters](../group/clusters/index.md). -Support for [instance-level](../instance/clusters/index.md) clusters is -[planned](https://gitlab.com/gitlab-org/gitlab-ce/issues/63985). - With cluster environments, you can gain insight into: - Which projects are deployed to the cluster. @@ -37,7 +32,7 @@ In order to: - Show pod usage correctly, you must [enable Deploy Boards](../project/deploy_boards.md#enabling-deploy-boards). -Once you have successful deployments to your group-level cluster: +Once you have successful deployments to your group-level or instance-level cluster: 1. Navigate to your group's **Kubernetes** page. 1. Click on the **Environments** tab. diff --git a/doc/user/clusters/management_project.md b/doc/user/clusters/management_project.md new file mode 100644 index 00000000000..37308ad7175 --- /dev/null +++ b/doc/user/clusters/management_project.md @@ -0,0 +1,101 @@ +# Cluster management project (alpha) + +CAUTION: **Warning:** +This is an _alpha_ feature, and it is subject to change at any time without +prior notice. + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/17866) in GitLab 12.4 + +A project can be designated as the management project for a cluster. +A management project can be used to run deployment jobs with +Kubernetes +[`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) +privileges. + +This can be useful for: + +- Creating pipelines to install cluster-wide applications into your cluster. +- Any jobs that require `cluster-admin` privileges. + +## Permissions + +Only the management project will receive `cluster-admin` privileges. All +other projects will continue to receive [namespace scoped `edit` level privileges](../project/clusters/index.md#rbac-cluster-resources). + +## Usage + +### Selecting a cluster management project + +This will be implemented as part of [this +issue](https://gitlab.com/gitlab-org/gitlab/issues/32810). + +### Configuring your pipeline + +After designating a project as the management project for the cluster, +write a [`.gitlab-ci,yml`](../../ci/yaml/README.md) in that project. For example: + +```yaml +configure cluster: + stage: deploy + script: kubectl get namespaces + environment: + name: production +``` + +### Setting the environment scope **(PREMIUM)** + +[Environment +scopes](../project/clusters/index.md#setting-the-environment-scope-premium) +are usable when associating multiple clusters to the same management +project. + +Each scope can only be used by a single cluster for a management project. + +For example, let's say the following Kubernetes clusters are associated +to a management project: + +| Cluster | Environment scope | +| ----------- | ----------------- | +| Development | `*` | +| Staging | `staging` | +| Production | `production` | + +The the following environments set in +[`.gitlab-ci.yml`](../../ci/yaml/README.md) will deploy to the +Development, Staging, and Production cluster respectively. + +```yaml +stages: +- deploy + +configure development cluster: + stage: deploy + script: kubectl get namespaces + environment: + name: development + +configure staging cluster: + stage: deploy + script: kubectl get namespaces + environment: + name: staging + +configure production cluster: + stage: deploy + script: kubectl get namespaces + environment: + name: production +``` + +## Disabling this feature + +This feature is enabled by default. To disable this feature, disable the +feature flag `:cluster_management_project`. + +To check if the feature flag is enabled on your GitLab instance, +please ask an administrator to execute the following in a Rails console: + +```ruby +Feature.enabled?(:cluster_management_project) # Check if it's enabled or not. +Feature.disable(:cluster_management_project) # Disable the feature flag. +``` diff --git a/doc/user/discussions/index.md b/doc/user/discussions/index.md index 98f744e6e04..dcb75a19b2a 100644 --- a/doc/user/discussions/index.md +++ b/doc/user/discussions/index.md @@ -24,6 +24,9 @@ You can also reply to a comment notification email to reply to the comment if creates another standard comment. Replying to a threaded comment creates a reply in the thread. Email replies support [Markdown] and [quick actions], just as if you replied from the web. +NOTE: **Note:** +There is a limit of 5,000 comments for every object, for example: issue, epic, and merge request. + ## Resolvable comments and threads > **Notes:** diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md index 463ce2056fc..5912fc8e9f9 100644 --- a/doc/user/gitlab_com/index.md +++ b/doc/user/gitlab_com/index.md @@ -41,7 +41,7 @@ Host gitlab.com ## GitLab Pages -Below are the settings for [GitLab Pages]. +Below are the settings for [GitLab Pages](https://about.gitlab.com/product/pages/). | Setting | GitLab.com | Default | | --------------------------- | ---------------- | ------------- | @@ -103,13 +103,11 @@ Below are the shared Runners settings. | Setting | GitLab.com | Default | | ----------- | ----------------- | ---------- | -| [GitLab Runner] | [Runner versions dashboard][ci_version_dashboard] | - | +| [GitLab Runner] | [Runner versions dashboard](https://dashboards.gitlab.com/d/000000159/ci?from=now-1h&to=now&refresh=5m&orgId=1&panelId=12&fullscreen&theme=light) | - | | Executor | `docker+machine` | - | | Default Docker image | `ruby:2.5` | - | | `privileged` (run [Docker in Docker]) | `true` | `false` | -[ci_version_dashboard]: https://dashboards.gitlab.com/dashboard/db/ci?from=now-1h&to=now&refresh=5m&orgId=1&panelId=12&fullscreen&theme=light - ### `config.toml` The full contents of our `config.toml` are: @@ -174,14 +172,22 @@ sentry_dsn = "X" ## Sidekiq -GitLab.com runs [Sidekiq][sidekiq] with arguments `--timeout=4 --concurrency=4` +GitLab.com runs [Sidekiq](https://sidekiq.org) with arguments `--timeout=4 --concurrency=4` and the following environment variables: -| Setting | GitLab.com | Default | -|-------- |----------- |-------- | -| `SIDEKIQ_MEMORY_KILLER_MAX_RSS` | `1000000` | `2000000` | -| `SIDEKIQ_MEMORY_KILLER_SHUTDOWN_SIGNAL` | `SIGKILL` | - | -| `SIDEKIQ_LOG_ARGUMENTS` | `1` | - | +| Setting | GitLab.com | Default | +|-------- |----------- |-------- | +| `SIDEKIQ_DAEMON_MEMORY_KILLER` | - | - | +| `SIDEKIQ_MEMORY_KILLER_MAX_RSS` | `2000000` | `2000000` | +| `SIDEKIQ_MEMORY_KILLER_HARD_LIMIT_RSS` | - | - | +| `SIDEKIQ_MEMORY_KILLER_CHECK_INTERVAL` | - | `3` | +| `SIDEKIQ_MEMORY_KILLER_GRACE_TIME` | - | `900` | +| `SIDEKIQ_MEMORY_KILLER_SHUTDOWN_WAIT` | - | `30` | +| `SIDEKIQ_LOG_ARGUMENTS` | `1` | - | + +NOTE: **Note:** +The `SIDEKIQ_MEMORY_KILLER_MAX_RSS` setting is `16000000` on Sidekiq import +nodes and Sidekiq export nodes. ## Cron jobs @@ -267,7 +273,7 @@ released depending on the type of block, as described below. If you receive a `403 Forbidden` error for all requests to GitLab.com, please check for any automated processes that may be triggering a block. For -assistance, contact [GitLab Support](https://support.gitlab.com) +assistance, contact [GitLab Support](https://support.gitlab.com/hc/en-us) with details, such as the affected IP address. ### HAProxy API throttle @@ -308,9 +314,7 @@ This header is included in responses to blocked requests: Retry-After: 60 ``` -Source: - -- Search for `rate_limit_requests_per_period`, `rate_limit_period`, and `rack_attack_protected_paths` in [GitLab.com's current Rails app settings](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-cookbooks/gitlab/attributes/default.rb). +See [Protected Paths](../admin_area/settings/protected_paths.md) for more details. #### Git and container registry failed authentication ban @@ -347,47 +351,45 @@ publicly available at [chef cookbooks](https://gitlab.com/gitlab-cookbooks). We use Elasticsearch, logstash, and Kibana for part of our monitoring solution: -- [gitlab-cookbooks / gitlab-elk · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-elk) -- [gitlab-cookbooks / gitlab_elasticsearch · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab_elasticsearch) +- [`gitlab-cookbooks` / `gitlab-elk` · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-elk) +- [`gitlab-cookbooks` / `gitlab_elasticsearch` · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab_elasticsearch) ### Prometheus Prometheus complete our monitoring stack: -- [gitlab-cookbooks / gitlab-prometheus · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-prometheus) +- [`gitlab-cookbooks` / `gitlab-prometheus` · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-prometheus) ### Grafana For the visualization of monitoring data: -- [gitlab-cookbooks / gitlab-grafana · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-grafana) +- [`gitlab-cookbooks` / `gitlab-grafana` · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-grafana) ### Sentry Open source error tracking: -- [gitlab-cookbooks / gitlab-sentry · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-sentry) +- [`gitlab-cookbooks` / `gitlab-sentry` · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-sentry) ### Consul Service discovery: -- [gitlab-cookbooks / gitlab_consul · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab_consul) +- [`gitlab-cookbooks` / `gitlab_consul` · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab_consul) ### Haproxy High Performance TCP/HTTP Load Balancer: -- [gitlab-cookbooks / gitlab-haproxy · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-haproxy) +- [`gitlab-cookbooks` / `gitlab-haproxy` · GitLab](https://gitlab.com/gitlab-cookbooks/gitlab-haproxy) [autoscale mode]: https://docs.gitlab.com/runner/configuration/autoscale.html "How Autoscale works" -[runners-post]: https://about.gitlab.com/2016/04/05/shared-runners/ "Shared Runners on GitLab.com" +[runners-post]: https://about.gitlab.com/blog/2016/04/05/shared-runners/ "Shared Runners on GitLab.com" [GitLab Runner]: https://gitlab.com/gitlab-org/gitlab-runner -[altssh]: https://about.gitlab.com/2016/02/18/gitlab-dot-com-now-supports-an-alternate-git-plus-ssh-port/ "GitLab.com now supports an alternate git+ssh port" -[GitLab Pages]: https://about.gitlab.com/features/pages "GitLab Pages" +[altssh]: https://about.gitlab.com/blog/2016/02/18/gitlab-dot-com-now-supports-an-alternate-git-plus-ssh-port/ "GitLab.com now supports an alternate git+ssh port" [docker in docker]: https://hub.docker.com/_/docker/ "Docker in Docker at DockerHub" [mailgun]: https://www.mailgun.com/ "Mailgun website" -[sidekiq]: http://sidekiq.org/ "Sidekiq website" [unicorn-worker-killer]: https://rubygems.org/gems/unicorn-worker-killer "unicorn-worker-killer" [4010]: https://gitlab.com/gitlab-com/infrastructure/issues/4010 "Find a good value for maximum timeout for Shared Runners" [4070]: https://gitlab.com/gitlab-com/infrastructure/issues/4070 "Configure per-runner timeout for shared-runners-manager-X on GitLab.com" diff --git a/doc/user/group/clusters/index.md b/doc/user/group/clusters/index.md index 1eed1281bba..4742e7189b7 100644 --- a/doc/user/group/clusters/index.md +++ b/doc/user/group/clusters/index.md @@ -18,7 +18,7 @@ your group, enabling you to use the same cluster across multiple projects. GitLab can install and manage some applications in your group-level cluster. For more information on installing, upgrading, uninstalling, and troubleshooting applications for your group cluster, see -[Gitlab Managed Apps](../../clusters/applications.md). +[GitLab Managed Apps](../../clusters/applications.md). ## RBAC compatibility @@ -139,7 +139,9 @@ The result will then be: ## Cluster environments **(PREMIUM)** -Please see the documentation for [cluster environments](../../clusters/environments.md). +For a consolidated view of which CI [environments](../../../ci/environments.md) +are deployed to the Kubernetes cluster, see the documentation for +[cluster environments](../../clusters/environments.md). ## Security of Runners diff --git a/doc/user/group/custom_project_templates.md b/doc/user/group/custom_project_templates.md index 094732e6a93..e47a281141d 100644 --- a/doc/user/group/custom_project_templates.md +++ b/doc/user/group/custom_project_templates.md @@ -7,7 +7,7 @@ type: reference > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/6861) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.6. When you create a new [project](../project/index.md), creating it based on custom project templates is -a convenient bootstrap option. +a convenient option. Users can configure a GitLab group that serves as template source under a group's **Settings > General > Custom project templates**. diff --git a/doc/user/group/epics/img/child_epics_roadmap.png b/doc/user/group/epics/img/child_epics_roadmap.png Binary files differdeleted file mode 100644 index 819fed58989..00000000000 --- a/doc/user/group/epics/img/child_epics_roadmap.png +++ /dev/null diff --git a/doc/user/group/epics/img/epic_view.png b/doc/user/group/epics/img/epic_view.png Binary files differdeleted file mode 100644 index c55d302ec29..00000000000 --- a/doc/user/group/epics/img/epic_view.png +++ /dev/null diff --git a/doc/user/group/epics/img/epic_view_roadmap_v12.3.png b/doc/user/group/epics/img/epic_view_roadmap_v12.3.png Binary files differnew file mode 100755 index 00000000000..a17c56c618b --- /dev/null +++ b/doc/user/group/epics/img/epic_view_roadmap_v12.3.png diff --git a/doc/user/group/epics/img/epic_view_v12.3.png b/doc/user/group/epics/img/epic_view_v12.3.png Binary files differnew file mode 100755 index 00000000000..79758cf3d52 --- /dev/null +++ b/doc/user/group/epics/img/epic_view_v12.3.png diff --git a/doc/user/group/epics/img/epics_list_view.png b/doc/user/group/epics/img/epics_list_view.png Binary files differdeleted file mode 100644 index b30608d9d31..00000000000 --- a/doc/user/group/epics/img/epics_list_view.png +++ /dev/null diff --git a/doc/user/group/epics/img/epics_list_view_v12.3.png b/doc/user/group/epics/img/epics_list_view_v12.3.png Binary files differnew file mode 100755 index 00000000000..c6817a503e7 --- /dev/null +++ b/doc/user/group/epics/img/epics_list_view_v12.3.png diff --git a/doc/user/group/epics/index.md b/doc/user/group/epics/index.md index d04ecedc7a2..f9690d4edfe 100644 --- a/doc/user/group/epics/index.md +++ b/doc/user/group/epics/index.md @@ -10,13 +10,13 @@ Epics let you manage your portfolio of projects more efficiently and with less effort by tracking groups of issues that share a theme, across projects and milestones. - + ## Use cases - Suppose your team is working on a large feature that involves multiple discussions throughout different issues created in distinct projects within a [Group](../index.md). With Epics, you can track all the related activities that together contribute to that single feature. - Track when the work for the group of issues is targeted to begin, and when it is targeted to end. -- Discuss and collaborate on feature ideas and scope at a high-level. +- Discuss and collaborate on feature ideas and scope at a high level. ## Creating an epic @@ -24,78 +24,114 @@ A paginated list of epics is available in each group from where you can create a new epic. The list of epics includes also epics from all subgroups of the selected group. From your group page: -1. Go to **Epics** -1. Click the **New epic** button at the top right -1. Enter a descriptive title and hit **Create epic** +1. Go to **Epics**. +1. Click **New epic**. +1. Enter a descriptive title and click **Create epic**. -Once created, you will be taken to the view for that newly-created epic where -you can change its title, description, start date, and due date. +You will be taken to the new epic where can edit the following details: - +- Title +- Description +- Start date +- Due date +- Labels + +An epic's page contains the following tabs: + +- **Epics and Issues**: epics and issues added to this epic. Child epics, and their issues, are shown in a tree view. + - Click on the <kbd>></kbd> beside a parent epic to reveal the child epics and issues. +- **Roadmap**: a roadmap view of child epics which have start and due dates. + + ## Adding an issue to an epic +Any issue that belongs to a project in the epic's group, or any of the epic's +subgroups, are eligible to be added. New issues appear at the top of the list of issues in the **Epics and Issues** tab. + An epic contains a list of issues and an issue can be associated with at most -one epic. When on an epic, you can add its associated issues: +one epic. When you add an issue to an epic that is already associated with another epic, +the issue is automatically removed from the previous epic. + +To add an issue to an epic: -1. Click the plus icon (<kbd>+</kbd>) under the epic description. -1. Paste the link of the issue (you can hit <kbd>Spacebar</kbd> to add more than - one issues at a time). +1. Click **Add an issue**. +1. Paste the link of the issue. + - Press <kbd>Spacebar</kbd> and repeat this step if there are multiple issues. 1. Click **Add**. -Any issue belonging to a project in the epic's group or any of the epic's -subgroups are eligible to be added. To remove an issue from an epic, click -on the <kbd>x</kbd> button in the epic's issue list. +To remove an issue from an epic: -NOTE: **Note:** -When you add an issue or an epic to an epic that's already associated with another epic, -the issue or the epic is automatically removed from the previous epic. +1. Click on the <kbd>x</kbd> button in the epic's issue list. +1. Click **Remove** in the **Remove issue** warning message. ## Multi-level child epics > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/8333) in GitLab Ultimate 11.7. -Much like adding issues to an epic, an epic can have multiple child epics with -the maximum depth being 5. To add a child epic: +Any epic that belongs to a group, or subgroup of the parent epic's group, is +eligible to be added. New child epics appear at the top of the list of epics in the **Epics and Issues** tab. + +When you add a child epic that is already associated with another epic, +that epic is automatically removed from the previous epic. -1. Click the plus icon (<kbd>+</kbd>) under the epic description. +An epic can have multiple child epics with +the maximum depth being 5. + +To add a child epic: + +1. Click **Add an epic**. 1. Paste the link of the epic. + - Press <kbd>Spacebar</kbd> and repeat this step if there are multiple issues. 1. Click **Add**. -Any epic that belongs to a group or subgroup of the parent epic's group is -eligible to be added. To remove a child epic from a parent epic, -click on the <kbd>x</kbd> button in the parent epic's epic list. +To remove a child epic from a parent epic: + +1. Click on the <kbd>x</kbd> button in the parent epic's list of epics. +1. Click **Remove** in the **Remove epic** warning message. ## Start date and due date -For each of the dates in the sidebar of an epic, you can choose to either: +To set a **Start date** and **Due date** for an epic, you can choose either of the following: -- Enter a fixed value. -- Inherit a dynamic value called "From milestones". +- **Fixed**: Enter a fixed value. +- **From milestones:** Inherit a dynamic value from the issues added to the epic. -If you select "From milestones" for the start date, GitLab will automatically set the +If you select **From milestones** for the start date, GitLab will automatically set the date to be earliest start date across all milestones that are currently assigned -to the issues that are attached to the epic. Similarly, if you select "From milestones" +to the issues that are added to the epic. Similarly, if you select "From milestones" for the due date, GitLab will set it to be the latest due date across all milestones that are currently assigned to those issues. -These are dynamic dates in that if milestones are re-assigned to the issues, if the -milestone dates change, or if issues are added or removed from the epic, then -the re-calculation will happen immediately to set a new dynamic date. +These are dynamic dates which are recalculated immediately if any of the following occur: + +- Milestones are re-assigned to the issues. +- Milestone dates change. +- Issues are added or removed from the epic. -## Roadmap in epics +## Roadmap -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/7327) in [GitLab Ultimate](https://about.gitlab.com/pricing) 11.10. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/7327) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.10. If your epic contains one or more [child epics](#multi-level-child-epics) which -have a [start or due date](#start-date-and-due-date), then you can see a -[roadmap](../roadmap/index.md) view of the child epics under the parent epic itself. +have a [start or due date](#start-date-and-due-date), a +[roadmap](../roadmap/index.md) view of the child epics is listed under the parent epic. - + ## Reordering issues and child epics -Drag and drop to reorder issues and child epics. New issues and child epics added to an epic appear at the top of the list. +New issues and child epics are added to the top of their respective lists in the **Epics and Issues** tab. You can reorder the list of issues and the list of child epics. Issues and child epics cannot be intermingled. + +To reorder issues assigned to an epic: + +1. Go to the **Epics and Issues** tab. +1. Drag and drop issues into the desired order. + +To reorder child epics assigned to an epic: + +1. Go to the **Epics and Issues** tab. +1. Drag and drop epics into the desired order. ## Updating epics diff --git a/doc/user/group/index.md b/doc/user/group/index.md index 036730ba700..c4be08c842b 100644 --- a/doc/user/group/index.md +++ b/doc/user/group/index.md @@ -17,7 +17,7 @@ Find your groups by clicking **Groups > Your Groups** in the top navigation.  -> The **Groups** dropdown in the top navigation was [introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/36234) in [GitLab 11.1](https://about.gitlab.com/2018/07/22/gitlab-11-1-released/#groups-dropdown-in-navigation). +> The **Groups** dropdown in the top navigation was [introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/36234) in [GitLab 11.1](https://about.gitlab.com/blog/2018/07/22/gitlab-11-1-released/#groups-dropdown-in-navigation). The **Groups** page displays: @@ -178,18 +178,20 @@ There are two different ways to add a new project to a group: ### Default project-creation level -> [Introduced][ee-2534] in [GitLab Premium][ee] 10.5. -> Brought to [GitLab Starter][ee] in 10.7. -> [Moved](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/25975) to [GitLab Core](https://about.gitlab.com/pricing/) in 11.10. +> - [Introduced][ee-2534] in [GitLab Premium][ee] 10.5. +> - Brought to [GitLab Starter][ee] in 10.7. +> - [Moved](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/25975) to [GitLab Core](https://about.gitlab.com/pricing/) in 11.10. -Group owners and administrators can allow users with the -Developer role to create projects under groups. +By default, [Developers and Maintainers](../permissions.md#group-members-permissions) can create projects under a group. -By default, [Developers and Maintainers](../permissions.md#group-members-permissions) can create projects under a group. You can change this setting for a specific group within the group settings, or -you can set this option globally in the Admin area -at **Settings > General > Visibility and access controls** (you must be a GitLab administrator). +To change this setting for a specific group: -Available settings are `No one`, `Maintainers`, or `Developers + Maintainers`. +1. Go to the group's **Settings > General** page. +1. Expand the **Permissions, LFS, 2FA** section. +1. Select the desired option in the **Allowed to create projects** dropdown list. +1. Click **Save changes**. + +To change this setting globally, see [Default project creation protection](../admin_area/settings/visibility_and_access_controls.md#default-project-creation-protection). ## Transfer projects into groups @@ -334,10 +336,9 @@ This will disable the option for all users who previously had permissions to operate project memberships, so no new users can be added. Furthermore, any request to add a new user to a project through API will not be possible. -#### IP access restriction **(ULTIMATE ONLY)** +#### IP access restriction **(ULTIMATE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/1985) in -[GitLab Ultimate](https://about.gitlab.com/pricing/) 12.0. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/1985) in [GitLab Ultimate and Gold](https://about.gitlab.com/pricing/) 12.0. To make sure only people from within your organization can access particular resources, you have the option to restrict access to groups and their @@ -349,16 +350,20 @@ Add one or more whitelisted IP subnets using CIDR notation in comma separated fo coming from a different IP address won't be able to access the restricted content. -Restriction currently applies to UI and API access, Git actions via ssh are not restricted. +Restriction currently applies to: + +- UI. +- API access. +- [From GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/issues/32113), Git actions via SSH. + To avoid accidental lock-out, admins and group owners are are able to access the group regardless of the IP restriction. -#### Allowed domain restriction **(PREMIUM ONLY)** +#### Allowed domain restriction **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/7297) in -[GitLab Premium](https://about.gitlab.com/pricing/) 12.2. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/7297) in [GitLab Premium and Silver](https://about.gitlab.com/pricing/) 12.2. -You can restrict access to groups and their underlying projects by +You can restrict access to groups by allowing only users with email addresses in particular domains to be added to the group. Add email domains you want to whitelist and users with emails from different @@ -449,6 +454,11 @@ For performance reasons, we may delay the update up to 1 hour and 30 minutes. If your namespace shows `N/A` as the total storage usage, you can trigger a recalculation by pushing a commit to any project in that namespace. +### Maximum artifacts size **(CORE ONLY)** + +For information about setting a maximum artifact size for a group, see +[Maximum artifacts size](../admin_area/settings/continuous_integration.md#maximum-artifacts-size-core-only). + ## User contribution analysis **(STARTER)** With [GitLab Contribution Analytics](contribution_analytics/index.md), diff --git a/doc/user/group/roadmap/index.md b/doc/user/group/roadmap/index.md index a72cd990706..bcd79bd04bf 100644 --- a/doc/user/group/roadmap/index.md +++ b/doc/user/group/roadmap/index.md @@ -26,7 +26,7 @@ Epics in the view can be sorted by: Each option contains a button that toggles the sort order between **ascending** and **descending**. The sort option and order will be persisted when browsing Epics, including the [epics list view](../epics/index.md). -Roadmaps can also be [visualized inside an epic](../epics/index.md#roadmap-in-epics). +Roadmaps can also be [visualized inside an epic](../epics/index.md#roadmap). ## Timeline duration diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md index 90e4dacbd76..ecf2934b877 100644 --- a/doc/user/group/saml_sso/index.md +++ b/doc/user/group/saml_sso/index.md @@ -64,7 +64,10 @@ GitLab.com uses the SAML NameID to identify users. The NameID element: - Is a required field in the SAML response. - Must be unique to each user. -- Must be a persistent value that will never change, such as a unique ID or username. Email could also be used as the NameID, but only if it can be guaranteed to never change. +- Must be a persistent value that will never change, such as a randomly generated unique user ID. +- Is case sensitive. The NameID must match exactly on subsequent login attempts, so should not rely on user input that could change between upper and lower case. + +We strongly recommend against using Email as the NameID as it is hard to guarantee it will never change, for example when a person's name changes. Similarly usernames should be avoided if possible. ### Assertions @@ -97,16 +100,37 @@ Once you've set up your identity provider to work with GitLab, you'll need to co ## Providers +NOTE: **Note:** GitLab is unable to provide support for IdPs that are not listed here. + | Provider | Documentation | |----------|---------------| | ADFS (Active Directory Federation Services) | [Create a Relying Party Trust](https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/create-a-relying-party-trust) | -| Azure | [Configuring single sign-on to applications](https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-custom-apps) | +| Azure | [Configuring single sign-on to applications](https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-single-sign-on-non-gallery-applications) | | Auth0 | [Auth0 as Identity Provider](https://auth0.com/docs/protocols/saml/saml-idp-generic) | | G Suite | [Set up your own custom SAML application](https://support.google.com/a/answer/6087519?hl=en) | | JumpCloud | [Single Sign On (SSO) with GitLab](https://support.jumpcloud.com/customer/en/portal/articles/2810701-single-sign-on-sso-with-gitlab) | -| Okta | [Setting up a SAML application in Okta](https://developer.okta.com/standards/SAML/setting_up_a_saml_application_in_okta) | +| Okta | [Setting up a SAML application in Okta](https://developer.okta.com/docs/guides/saml-application-setup/overview/) | | OneLogin | [Use the OneLogin SAML Test Connector](https://onelogin.service-now.com/support?id=kb_article&sys_id=93f95543db109700d5505eea4b96198f) | -| Ping Identity | [Add and configure a new SAML application](https://docs.pingidentity.com/bundle/p1_enterpriseConfigSsoSaml_cas/page/enableAppWithoutURL.html) | +| Ping Identity | [Add and configure a new SAML application](https://support.pingidentity.com/s/document-item?bundleId=pingone&topicId=xsh1564020480660-1.html) | + +When [configuring your identify provider](#configuring-your-identity-provider), please consider the notes below for specific providers to help avoid common issues and as a guide for terminology used. + +### OneLogin setup notes + +NOTE: **Note:** +The GitLab app listed in the directory is for self-managed GitLab instances. Please use a generic SAML Test Connector. + +| GitLab Setting | OneLogin Field | +|--------------|----------------| +| Identifier | Audience | +| Assertion consumer service URL | Recipient | +| Assertion consumer service URL | ACS (Consumer) URL | +| Assertion consumer service URL (escaped version) | ACS (Consumer) URL Validator | +| GitLab single sign on URL | Login URL | + +Recommended `NameID` value: `OneLogin ID`. + +Set parameters according to the [assertions table](#assertions). ## Linking SAML to your existing GitLab.com account @@ -148,14 +172,41 @@ For example, to unlink the `MyOrg` account, the following **Disconnect** button | Issuer | How GitLab identifies itself to the identity provider. Also known as a "Relying party trust identifier". | | Certificate fingerprint | Used to confirm that communications over SAML are secure by checking that the server is signing communications with the correct certificate. Also known as a certificate thumbprint. | -<!-- ## Troubleshooting +## Troubleshooting + +### SAML debugging tools + +SAML responses are base64 encoded, so we recommend the following browser plugins to decode them on the fly: + +- [SAML tracer for Firefox](https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/) +- [Chrome SAML Panel](https://chrome.google.com/webstore/detail/saml-chrome-panel/paijfdbeoenhembfhkhllainmocckace?hl=en) + +Specific attention should be paid to: + +- The [NameID](#nameid), which we use to identify which user is signing in. If the user has previously signed in, this [must match the value we have stored](#verifying-nameid). +- The presence of a `X509Certificate`, which we require to verify the response signature. +- The `SubjectConfirmation` and `Conditions`, which can cause errors if misconfigured. + +### Verifying NameID + +In troubleshooting the Group SAML setup, any authenticated user can use the API to verify the NameID GitLab already has linked to the user by visiting [https://gitlab.com/api/v4/user](https://gitlab.com/api/v4/user) and checking the `extern_uid` under identities. + +This can then be compared to the [NameID](#nameid) being sent by the Identity Provider by decoding the message with a [SAML debugging tool](#saml-debugging-tools). We require that these match in order to identify users. + +### Message: "SAML authentication failed: Extern uid has already been taken" + +This error suggests you are signed in as a GitLab user but have already linked your SAML identity to a different GitLab user. Sign out and then try to sign in again using the SSO SAML link, which should log you into GitLab with the linked user account. + +If you do not wish to use that GitLab user with the SAML login, you can [unlink the GitLab account from the group's SAML](#unlinking-accounts). + +### Message: "SAML authentication failed: User has already been taken" + +The user you are signed in with already has SAML linked to a different identity. This might mean you've attempted to link multiple SAML identities to the same user for a given Identity Provider. This could also be a symptom of the Identity Provider returning an inconsistent [NameID](#nameid). + +To change which identity you sign in with, you can [unlink the previous SAML identity](#unlinking-accounts) from this GitLab account. + +### Message: "SAML authentication failed: Extern uid has already been taken, User has already been taken" -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. +Getting both of these errors at the same time suggests the NameID capitalization provided by the Identity Provider didn't exactly match the previous value for that user. -Each scenario can be a third-level heading, e.g. `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +This can be prevented by configuring the [NameID](#nameid) to return a consistent value. Fixing this for an individual user involves [unlinking SAML in the GitLab account](#unlinking-accounts), although this will cause group membership and Todos to be lost. diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md index eec929e3309..a3606fadb89 100644 --- a/doc/user/group/subgroups/index.md +++ b/doc/user/group/subgroups/index.md @@ -4,8 +4,7 @@ type: reference, howto, concepts # Subgroups -NOTE: **Note:** -[Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/2772) in GitLab 9.0. +>[Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/2772) in GitLab 9.0. Subgroups, also known as nested groups or hierarchical groups, allow you to have up to 20 levels of groups. @@ -68,9 +67,9 @@ Another example of GitLab as a company would be the following: The maximum subgroups a group can have, including the first one in the hierarchy, is 21. -Actions such as transferring or importing a project inside subgroups, work like -when performing these actions the traditional way with the `group/project` -structure. +When performing actions such as transferring or importing a project between +subgroups, the behavior is the same as when performing these actions at the +`group/project` level. ## Creating a subgroup @@ -117,6 +116,10 @@ When you add a member to a subgroup, they inherit the membership and permission level from the parent group. This model allows access to nested groups if you have membership in one of its parents. +Jobs for pipelines in subgroups can use [Runners](../../../ci/runners/README.md) registered to the parent group. This means secrets configured for the parent group are available to subgroup jobs. + +In addition, maintainers of projects that belong to subgroups can see the details of Runners registered to parent groups. + The group permissions for a member can be changed only by Owners, and only on the **Members** page of the group the member was added. diff --git a/doc/user/img/markdown_audio.mp3 b/doc/user/img/markdown_audio.mp3 Binary files differnew file mode 100644 index 00000000000..8946c3b3b10 --- /dev/null +++ b/doc/user/img/markdown_audio.mp3 diff --git a/doc/user/index.md b/doc/user/index.md index e1833cab6b8..ee5d4a0a07b 100644 --- a/doc/user/index.md +++ b/doc/user/index.md @@ -26,11 +26,11 @@ For more information, see [All GitLab Features](https://about.gitlab.com/feature To get familiar with the concepts needed to develop code on GitLab, read the following articles: -- [Demo: Mastering Code Review With GitLab](https://about.gitlab.com/2017/03/17/demo-mastering-code-review-with-gitlab/). -- [GitLab Workflow: An Overview](https://about.gitlab.com/2016/10/25/gitlab-workflow-an-overview/#gitlab-workflow-use-case-scenario). -- [Tutorial: It's all connected in GitLab](https://about.gitlab.com/2016/03/08/gitlab-tutorial-its-all-connected/): an overview on code collaboration with GitLab. -- [Trends in Version Control Land: Microservices](https://about.gitlab.com/2016/08/16/trends-in-version-control-land-microservices/). -- [Trends in Version Control Land: Innersourcing](https://about.gitlab.com/2016/07/07/trends-version-control-innersourcing/). +- [Demo: Mastering Code Review With GitLab](https://about.gitlab.com/blog/2017/03/17/demo-mastering-code-review-with-gitlab/). +- [GitLab Workflow: An Overview](https://about.gitlab.com/blog/2016/10/25/gitlab-workflow-an-overview/#gitlab-workflow-use-case-scenario). +- [Tutorial: It's all connected in GitLab](https://about.gitlab.com/blog/2016/03/08/gitlab-tutorial-its-all-connected/): an overview on code collaboration with GitLab. +- [Trends in Version Control Land: Microservices](https://about.gitlab.com/blog/2016/08/16/trends-in-version-control-land-microservices/). +- [Trends in Version Control Land: Innersourcing](https://about.gitlab.com/blog/2016/07/07/trends-version-control-innersourcing/). ## Use cases @@ -88,7 +88,7 @@ it all at once, from one single project. Use built-in [GitLab CI/CD](../ci/README.md) to test, build, and deploy your applications directly from GitLab. No third-party integrations needed. -- [GitLab Auto Deploy](../ci/autodeploy/index.md): Deploy your application out-of-the-box with GitLab Auto Deploy. +- [GitLab Auto Deploy](../topics/autodevops/index.md#auto-deploy): Deploy your application out-of-the-box with GitLab Auto Deploy. - [Review Apps](../ci/review_apps/index.md): Live-preview the changes introduced by a merge request with Review Apps. - [GitLab Pages](project/pages/index.md): Publish your static site directly from GitLab with GitLab Pages. You can build, test, and deploy any Static Site Generator with Pages. diff --git a/doc/user/instance/clusters/index.md b/doc/user/instance/clusters/index.md index 56693a1db1f..3d9a1eb219e 100644 --- a/doc/user/instance/clusters/index.md +++ b/doc/user/instance/clusters/index.md @@ -20,3 +20,9 @@ GitLab will try match to clusters in the following order: To be selected, the cluster must be enabled and match the [environment selector](../../../ci/environments.md#scoping-environments-with-specs). + +## Cluster environments **(PREMIUM)** + +For a consolidated view of which CI [environments](../../../ci/environments.md) +are deployed to the Kubernetes cluster, see the documentation for +[cluster environments](../../clusters/environments.md). diff --git a/doc/user/markdown.md b/doc/user/markdown.md index 3f77431aa69..0b4bb43b4bf 100644 --- a/doc/user/markdown.md +++ b/doc/user/markdown.md @@ -14,7 +14,7 @@ NOTE: **Note:** We encourage you to view this document as [rendered by GitLab it GitLab uses "GitLab Flavored Markdown" (GFM). It extends the [CommonMark specification](https://spec.commonmark.org/current/) (which is based on standard Markdown) in several ways to add additional useful functionality. -It was inspired by [GitHub Flavored Markdown](https://help.github.com/articles/basic-writing-and-formatting-syntax/). +It was inspired by [GitHub Flavored Markdown](https://help.github.com/en/articles/basic-writing-and-formatting-syntax). You can use GFM in the following areas: @@ -108,7 +108,7 @@ changing how standard markdown is used: | [code blocks](#code-spans-and-blocks) | [colored code and syntax highlighting](#colored-code-and-syntax-highlighting) | | [emphasis](#emphasis) | [multiple underscores in words](#multiple-underscores-in-words-and-mid-word-emphasis) | [headers](#headers) | [linkable Header IDs](#header-ids-and-links) | -| [images](#images) | [embedded videos](#videos) | +| [images](#images) | [embedded videos](#videos) and [audio](#audio) | | [linebreaks](#line-breaks) | [more linebreak control](#newlines) | | [links](#links) | [automatically linking URLs](#url-auto-linking) | @@ -352,7 +352,7 @@ However the wrapping tags cannot be mixed: > If this is not rendered correctly, [view it in GitLab itself](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/user/markdown.md#math). -It is possible to have math written with LaTeX syntax rendered using [KaTeX](https://github.com/Khan/KaTeX). +It is possible to have math written with LaTeX syntax rendered using [KaTeX](https://github.com/KaTeX/KaTeX). Math written between dollar signs `$` will be rendered inline with the text. Math written inside a [code block](#code-spans-and-blocks) with the language declared as `math`, will be rendered @@ -379,7 +379,7 @@ a^2+b^2=c^2 _Be advised that KaTeX only supports a [subset](https://katex.org/docs/supported.html) of LaTeX._ NOTE: **Note:** This also works for the asciidoctor `:stem: latexmath`. For details see -the [asciidoctor user manual](http://asciidoctor.org/docs/user-manual/#activating-stem-support). +the [asciidoctor user manual](https://asciidoctor.org/docs/user-manual/#activating-stem-support). ### Special GitLab references @@ -641,7 +641,7 @@ Tildes are OK too. GitLab uses the [Rouge Ruby library](http://rouge.jneen.net/) for more colorful syntax highlighting in code blocks. For a list of supported languages visit the -[Rouge project wiki](https://github.com/jneen/rouge/wiki/List-of-supported-languages-and-lexers). +[Rouge project wiki](https://github.com/rouge-ruby/rouge/wiki/List-of-supported-languages-and-lexers). Syntax highlighting is only supported in code blocks, it is not possible to highlight code when it is inline. @@ -899,13 +899,30 @@ Here's a sample video:  +#### Audio + +> If this is not rendered correctly, [view it in GitLab itself](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/user/markdown.md#audio). + +Similar to videos, link tags for files with an audio extension are automatically converted to +an audio player. The valid audio extensions are `.mp3`, `.ogg`, and `.wav`: + +```md +Here's a sample audio clip: + + +``` + +Here's a sample audio clip: + + + ### Inline HTML > To see the markdown rendered within HTML in the second example, [view it in GitLab itself](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/user/markdown.md#inline-html). You can also use raw HTML in your Markdown, and it'll usually work pretty well. -See the documentation for HTML::Pipeline's [SanitizationFilter](http://www.rubydoc.info/gems/html-pipeline/1.11.0/HTML/Pipeline/SanitizationFilter#WHITELIST-constant) +See the documentation for HTML::Pipeline's [SanitizationFilter](https://www.rubydoc.info/gems/html-pipeline/1.11.0/HTML/Pipeline/SanitizationFilter#WHITELIST-constant) class for the list of allowed HTML tags and attributes. In addition to the default `SanitizationFilter` whitelist, GitLab allows `span`, `abbr`, `details` and `summary` elements. @@ -1109,8 +1126,8 @@ Using references: Some text to show that the reference links can follow later. -[arbitrary case-insensitive reference text]: https://www.mozilla.org -[1]: http://slashdot.org +[arbitrary case-insensitive reference text]: https://www.mozilla.org/en-US/ +[1]: https://slashdot.org [link text itself]: https://www.reddit.com ``` @@ -1132,8 +1149,8 @@ Using references: Some text to show that the reference links can follow later. -[arbitrary case-insensitive reference text]: https://www.mozilla.org -[1]: http://slashdot.org +[arbitrary case-insensitive reference text]: https://www.mozilla.org/en-US/ +[1]: https://slashdot.org [link text itself]: https://www.reddit.com NOTE: **Note:** Relative links do not allow the referencing of project files in a wiki @@ -1147,7 +1164,7 @@ GFM will autolink almost any URL you put into your text: ```markdown - https://www.google.com -- https://google.com/ +- https://www.google.com - ftp://ftp.us.debian.org/debian/ - smb://foo/bar/baz - irc://irc.freenode.net/ @@ -1155,7 +1172,7 @@ GFM will autolink almost any URL you put into your text: ``` - <https://www.google.com> -- <https://google.com/> +- <https://www.google.com> - <ftp://ftp.us.debian.org/debian/> - <smb://foo/bar/baz> - <irc://irc.freenode.net/> @@ -1305,7 +1322,7 @@ Example: ```markdown | header 1 | header 2 | header 3 | -| --- | ------ |----------| +| --- | ------ |---------:| | cell 1 | cell 2 | cell 3 | | cell 4 | cell 5 is longer | cell 6 is much longer than the others, but that's ok. It will eventually wrap the text when the cell is too large for the display size. | | cell 7 | | cell <br> 9 | diff --git a/doc/user/packages/conan_repository/img/conan_package_view.png b/doc/user/packages/conan_repository/img/conan_package_view.png Binary files differnew file mode 100644 index 00000000000..79a188d7856 --- /dev/null +++ b/doc/user/packages/conan_repository/img/conan_package_view.png diff --git a/doc/user/packages/conan_repository/index.md b/doc/user/packages/conan_repository/index.md new file mode 100644 index 00000000000..f81756f7979 --- /dev/null +++ b/doc/user/packages/conan_repository/index.md @@ -0,0 +1,135 @@ +# GitLab Conan Repository **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/8248) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4. + +With the GitLab Conan Repository, every +project can have its own space to store Conan packages. + + + +## Enabling the Conan Repository + +NOTE: **Note:** +This option is available only if your GitLab administrator has +[enabled support for the Conan Repository](../../../administration/packages/index.md).**(PREMIUM ONLY)** + +After the Conan Repository is enabled, it will be available for all new projects +by default. To enable it for existing projects, or if you want to disable it: + +1. Navigate to your project's **Settings > General > Permissions**. +1. Find the Packages feature and enable or disable it. +1. Click on **Save changes** for the changes to take effect. + +You should then be able to see the **Packages** section on the left sidebar. + +Before proceeding to authenticating with the GitLab Conan Repository, you should +get familiar with the package naming convention. + +## Authenticating to the GitLab Conan Repository + +You will need to generate a [personal access token](../../../user/profile/personal_access_tokens.md) for repository authentication. + +Now you can run conan commands using your token. + +`CONAN_LOGIN_USERNAME=<gitlab-username> CONAN_PASSWORD=<personal_access_token> conan upload Hello/0.2@user/channel --remote=gitlab` +`CONAN_LOGIN_USERNAME=<gitlab-username> CONAN_PASSWORD=<personal_access_token> conan search Hello* --all --remote=gitlab` + +Alternatively, you can set the `CONAN_LOGIN_USERNAME` and `CONAN_PASSWORD` in your local conan config to be used when connecting to the `gitlab` remote. The examples here show the username and password inline. + +Next, you'll need to set your Conan remote to point to the GitLab Package Registry. + +## Setting the Conan remote to the GitLab Package Registry + +After you authenticate to the [GitLab Conan Repository](#authenticating-to-the-gitlab-conan-repository), +you can set the Conan remote: + +```sh +conan remote add gitlab https://gitlab.example.com/api/v4/packages/conan +``` + +Once the remote is set, you can use the remote when running Conan commands: + +```sh +conan search Hello* --all --remote=gitlab +``` + +## Supported CLI commands + +The GitLab Conan repository supports the following Conan CLI commands: + +- `conan upload`: Upload your recipe and package files to the GitLab Package Registry. +- `conan install`: Install a conan package from the GitLab Package Registry, this includes using the `conan.txt` file. +- `conan search`: Search the GitLab Package Registry for public packages, and private packages you have permission to view. +- `conan info`: View the info on a given package from the GitLab Package Registry. +- `conan remove`: Delete the package from the GitLab Package Registry. + +## Uploading a package + +First you need to [create your Conan package locally](https://docs.conan.io/en/latest/creating_packages/getting_started.html). In order to work with the GitLab Package Registry, a specific [naming convention](#package-recipe-naming-convention) must be followed. + +Ensure you have a project created on GitLab and that the personal access token you are using has the correct permissions for write access to the container registry by selecting the `api` [scope](../../../user/profile/personal_access_tokens.md#limiting-scopes-of-a-personal-access-token). + +You can upload your package to the GitLab Package Registry using the `conan upload` command: + +```sh +CONAN_LOGIN_USERNAME=<gitlab-username> CONAN_PASSWORD=<personal_access_token> conan upload Hello/0.1@my-group+my-project/beta --all --remote=gitlab +``` + +### Package recipe naming convention + +Standard Conan recipe convention looks like `package_name/version@username/channel`. + +**Recipe usernames must be the `+` separated project path**. The package +name may be anything, but it is preferred that the project name be used unless +it is not possible due to a naming collision. For example: + +| Project | Package | Supported | +| ---------------------------------- | ----------------------------------------------- | --------- | +| `foo/bar` | `my-package/1.0.0@foo+bar/stable` | Yes | +| `foo/bar-baz/buz` | `my-package/1.0.0@foo+bar-baz+buz/stable` | Yes | +| `gitlab-org/gitlab-ce` | `my-package/1.0.0@gitlab-org+gitlab-ce/stable` | Yes | +| `gitlab-org/gitlab-ce` | `my-package/1.0.0@foo/stable` | No | + +NOTE: **Note:** +A future iteration will extend support to [project and group level](https://gitlab.com/gitlab-org/gitlab/issues/11679) remotes which will allow for more flexible naming conventions. + +## Installing a package + +Add the conan package to the `[requires]` section of your `conan.txt` file and they will be installed when you run `conan install` within your project. + +## Removing a package + +There are two ways to remove a Conan package from the GitLab Package Registry. + +- **Using the Conan client in the command line:** + + ```sh + CONAN_LOGIN_USERNAME=<gitlab-username> CONAN_PASSWORD=<personal_access_token> conan remove Hello/0.2@user/channel -r gitlab + ``` + + NOTE: **Note:** + This command will remove all recipe and binary package files from the Package Registry. + +- **GitLab project interface**: in the packages view of your project page, you can delete packages by clicking the red trash icons. + +## Searching the GitLab Package Registry for Conan packages + +The `conan search` command can be run searching by full or partial package name, or by exact recipe. + +To search using a partial name, use the wildcard symbol `*`, which should be placed at the end of your search (e.g., `my-packa*`): + +```sh +CONAN_LOGIN_USERNAME=<gitlab-username> CONAN_PASSWORD=<personal_access_token> conan search Hello --all --remote=gitlab +CONAN_LOGIN_USERNAME=<gitlab-username> CONAN_PASSWORD=<personal_access_token> conan search He* --all --remote=gitlab +CONAN_LOGIN_USERNAME=<gitlab-username> CONAN_PASSWORD=<personal_access_token> conan search Hello/1.0.0@my-group+my-project/stable --all --remote=gitlab +``` + +The scope of your search will include all projects you have permission to access, this includes your private projects as well as all public projects. + +## Fetching Conan package info from the GitLab Package Registry + +The `conan info` command will return info about a given package: + +```sh +CONAN_LOGIN_USERNAME=<gitlab-username> CONAN_PASSWORD=<personal_access_token> conan info Hello/1.0.0@my-group+my-project/stable -r gitlab +``` diff --git a/doc/user/packages/index.md b/doc/user/packages/index.md index 506eb5703a6..9873bd80e8b 100644 --- a/doc/user/packages/index.md +++ b/doc/user/packages/index.md @@ -10,6 +10,7 @@ The Packages feature allows GitLab to act as a repository for the following: | ------------------- | ----------- | --------------------------- | | [Container Registry](container_registry/index.md) | The GitLab Container Registry enables every project in GitLab to have its own space to store [Docker](https://www.docker.com/) images. | 8.8+ | | [Dependency Proxy](dependency_proxy/index.md) **(PREMIUM)** | The GitLab Dependency Proxy sets up a local proxy for frequently used upstream images/packages. | 11.11+ | +| [Conan Repository](conan_repository/index.md) **(PREMIUM)** | The GitLab Conan Repository enables every project in GitLab to have its own space to store [Conan](https://conan.io/) packages. | 12.4+ | | [Maven Repository](maven_repository/index.md) **(PREMIUM)** | The GitLab Maven Repository enables every project in GitLab to have its own space to store [Maven](https://maven.apache.org/) packages. | 11.3+ | | [NPM Registry](npm_registry/index.md) **(PREMIUM)** | The GitLab NPM Registry enables every project in GitLab to have its own space to store [NPM](https://www.npmjs.com/) packages. | 11.7+ | diff --git a/doc/user/packages/maven_repository/index.md b/doc/user/packages/maven_repository/index.md index 0c0b44b3cd8..8ed10c09891 100644 --- a/doc/user/packages/maven_repository/index.md +++ b/doc/user/packages/maven_repository/index.md @@ -170,7 +170,7 @@ the `distributionManagement` section: <repositories> <repository> <id>gitlab-maven</id> - <url>https://gitlab.com/api/v4/groups/my-group/-/packages/maven</url> + <url>https://gitlab.com/api/v4/groups/GROUP_ID/-/packages/maven</url> </repository> </repositories> <distributionManagement> diff --git a/doc/user/packages/npm_registry/index.md b/doc/user/packages/npm_registry/index.md index 6d11ab603ef..5f5d86ab17e 100644 --- a/doc/user/packages/npm_registry/index.md +++ b/doc/user/packages/npm_registry/index.md @@ -84,6 +84,28 @@ NOTE: **Note:** If you encounter an error message with [Yarn](https://yarnpkg.com/en/), see the [troubleshooting section](#troubleshooting). +### Using variables to avoid hard-coding auth token values + +To avoid hard-coding the `authToken` value, you may use a variables in its place. +In your `.npmrc` file, you would add: + +```ini +@foo:registry=https://gitlab.com/api/v4/packages/npm/ +//gitlab.com/api/v4/packages/npm/:_authToken=${NPM_TOKEN} +//gitlab.com/api/v4/projects/<your_project_id>/packages/npm/:_authToken=${NPM_TOKEN} +``` + +Then, you could run `npm publish` either locally or via GitLab CI/CD: + +- **Locally:** Export `NPM_TOKEN` before publishing: + + ```sh + NPM_TOKEN=<your_token> npm publish + ``` + +- **GitLab CI/CD:** Set an `NPM_TOKEN` [variable](../../../ci/variables/README.md) + under your project's **Settings > CI/CD > Variables**. + ## Uploading packages Before you will be able to upload a package, you need to specify the registry @@ -145,3 +167,29 @@ with your with your OAuth or personal access token): ```text //gitlab.com/api/v4/projects/:_authToken=<your_oauth_token> ``` + +### `npm publish` targets default NPM registry (`registry.npmjs.org`) + +Ensure that your package scope is set consistently in your `package.json` and `.npmrc` files. + +For example, if your project name in GitLab is `foo/my-package`, then your `package.json` file +should look like: + +```json +{ + "name": "@foo/my-package", + "version": "1.0.0", + "description": "Example package for GitLab NPM registry", + "publishConfig": { + "@foo:registry":"https://gitlab.com/api/v4/projects/<your_project_id>/packages/npm/" + } +} +``` + +And the `.npmrc` file should look like: + +```ini +//gitlab.com/api/v4/projects/<your_project_id>/packages/npm/:_authToken=<your_oauth_token> +//gitlab.com/api/v4/packages/npm/:_authToken=<your_oauth_token> +@foo:registry=https://gitlab.com/api/v4/packages/npm/ +``` diff --git a/doc/user/permissions.md b/doc/user/permissions.md index 4f660d07071..90874eca2eb 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -24,7 +24,7 @@ For information on eligible approvers for Merge Requests, see ## Principles behind permissions -See our [product handbook on permissions](https://about.gitlab.com/handbook/product#permissions-in-gitlab) +See our [product handbook on permissions](https://about.gitlab.com/handbook/product/#permissions-in-gitlab) ## Instance-wide user permissions @@ -48,13 +48,13 @@ The following table depicts the various user permission levels in a project. | View Insights charts **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ | | View approved/blacklisted licenses **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ | | View License Compliance reports **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | -| View Security reports **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | +| View Security reports **(ULTIMATE)** | ✓ (*3*) | ✓ | ✓ | ✓ | ✓ | | View Dependency list **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View licenses in Dependency list **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View [Design Management](project/issues/design_management.md) pages **(PREMIUM)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View project code | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | Pull project code | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | -| View GitLab Pages protected by [access control](project/pages/introduction.md#gitlab-pages-access-control-core-only) | ✓ | ✓ | ✓ | ✓ | ✓ | +| View GitLab Pages protected by [access control](project/pages/introduction.md#gitlab-pages-access-control-core) | ✓ | ✓ | ✓ | ✓ | ✓ | | View wiki pages | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | See a list of jobs | ✓ (*3*) | ✓ | ✓ | ✓ | ✓ | | See a job log | ✓ (*3*) | ✓ | ✓ | ✓ | ✓ | @@ -76,8 +76,8 @@ The following table depicts the various user permission levels in a project. | See a list of merge requests | | ✓ | ✓ | ✓ | ✓ | | View project statistics | | ✓ | ✓ | ✓ | ✓ | | View Error Tracking list | | ✓ | ✓ | ✓ | ✓ | -| Pull from [Maven repository](packages/maven_repository/index.md) or [NPM registry](packages/npm_registry/index.md) **(PREMIUM)** | | ✓ | ✓ | ✓ | ✓ | -| Publish to [Maven repository](packages/maven_repository/index.md) or [NPM registry](packages/npm_registry/index.md) **(PREMIUM)** | | | ✓ | ✓ | ✓ | +| Pull from [Conan repository](packages/conan_repository/index.md), [Maven repository](packages/maven_repository/index.md), or [NPM registry](packages/npm_registry/index.md) **(PREMIUM)** | | ✓ | ✓ | ✓ | ✓ | +| Publish to [Conan repository](packages/conan_repository/index.md), [Maven repository](packages/maven_repository/index.md), or [NPM registry](packages/npm_registry/index.md) **(PREMIUM)** | | | ✓ | ✓ | ✓ | | Upload [Design Management](project/issues/design_management.md) files **(PREMIUM)** | | | ✓ | ✓ | ✓ | | Create new branches | | | ✓ | ✓ | ✓ | | Push to non-protected branches | | | ✓ | ✓ | ✓ | @@ -125,6 +125,7 @@ The following table depicts the various user permission levels in a project. | Manage Error Tracking | | | | ✓ | ✓ | | Delete wiki pages | | | | ✓ | ✓ | | View project Audit Events | | | | ✓ | ✓ | +| Manage [push rules](../push_rules/push_rules.md) | | | | ✓ | ✓ | | Switch visibility level | | | | | ✓ | | Transfer project to another namespace | | | | | ✓ | | Remove project | | | | | ✓ | @@ -133,10 +134,10 @@ The following table depicts the various user permission levels in a project. | Force push to protected branches (*4*) | | | | | | | Remove protected branches (*4*) | | | | | | -- (*1*): All users are able to perform this action on public and internal projects, but not private projects. +- (*1*): Guest users are able to perform this action on public and internal projects, but not private projects. - (*2*): Guest users can only view the confidential issues they created themselves - (*3*): If **Public pipelines** is enabled in **Project Settings > CI/CD** -- (*4*): Not allowed for Guest, Reporter, Developer, Maintainer, or Owner +- (*4*): Not allowed for Guest, Reporter, Developer, Maintainer, or Owner. See [Protected Branches](./project/protected_branches.md). ## Project features permissions @@ -210,7 +211,7 @@ group. | View group epic **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ | | Create/edit group epic **(ULTIMATE)** | | ✓ | ✓ | ✓ | ✓ | | Manage group labels | | ✓ | ✓ | ✓ | ✓ | -| Create project in group | | | ✓ | ✓ | ✓ | +| Create project in group | | | ✓ (3) | ✓ (3) | ✓ (3) | | Create/edit/delete group milestones | | | ✓ | ✓ | ✓ | | Enable/disable a dependency proxy **(PREMIUM)** | | | ✓ | ✓ | ✓ | | Use security dashboard **(ULTIMATE)** | | | ✓ | ✓ | ✓ | @@ -222,10 +223,14 @@ group. | Edit epic comments (posted by any user) **(ULTIMATE)** | | | | ✓ (2) | ✓ (2) | | View group Audit Events | | | | | ✓ | | Disable notification emails | | | | | ✓ | +| View/manage group-level Kubernetes cluster | | | | ✓ | ✓ | - (1): Groups can be set to [allow either Owners or Owners and Maintainers to create subgroups](group/subgroups/index.md#creating-a-subgroup) - (2): Introduced in GitLab 12.2. +- (3): Default project creation role can be changed at: + - The [instance level](admin_area/settings/visibility_and_access_controls.md#default-project-creation-protection). + - The [group level](group/index.html#default-project-creation-level). ### Subgroup permissions @@ -236,57 +241,83 @@ nested groups if you have membership in one of its parents. To learn more, read through the documentation on [subgroups memberships](group/subgroups/index.md#membership). -## Guest User - -When a user is given `Guest` permissions on a project and/or group, and holds no -higher permission level on any other project or group on the instance, the user -is considered a guest user by GitLab and will not consume a license seat. -There is no other specific "guest" designation for newly created users. - -If the user is assigned a higher role on any projects or groups, the user will -take a license seat. If a user creates a project, the user becomes a `Maintainer` -on the project, resulting in the use of a license seat. To prevent a guest user -from creating projects, you can edit the user profile to mark the user as -[External](#external-users-permissions). - -## External users permissions +## External users **(CORE ONLY)** In cases where it is desired that a user has access only to some internal or private projects, there is the option of creating **External Users**. This feature may be useful when for example a contractor is working on a given project and should only have access to that project. -External users can only access projects to which they are explicitly granted -access, thus hiding all other internal or private ones from them. Access can be -granted by adding the user as member to the project or group. +External users: + +- Cannot create groups or projects. +- Can only access projects to which they are explicitly granted access, + thus hiding all other internal or private ones from them (like being + logged out). +Access can be granted by adding the user as member to the project or group. They will, like usual users, receive a role in the project or group with all -the abilities that are mentioned in the table above. They cannot however create -groups or projects, and they have the same access as logged out users in all -other cases. +the abilities that are mentioned in the [permissions table above](#project-members-permissions). +For example, if an external user is added as Guest, and your project is +private, they will not have access to the code; you would need to grant the external +user access at the Reporter level or above if you want them to have access to the code. You should +always take into account the +[project's visibility and permissions settings](project/settings/index.md#sharing-and-permissions) +as well as the permission level of the user. -An administrator can flag a user as external [through the API](../api/users.md) -or by checking the checkbox on the admin panel. As an administrator, navigate -to **Admin > Users** to create a new user or edit an existing one. There, you -will find the option to flag the user as external. +NOTE: **Note:** +External users still count towards a license seat. + +An administrator can flag a user as external by either of the following methods: + +- Either [through the API](../api/users.md#user-modification). +- Or by navigating to the **Admin area > Overview > Users** to create a new user + or edit an existing one. There, you will find the option to flag the user as + external. -By default new users are not set as external users. This behavior can be changed -by an administrator under **Admin > Application Settings**. +### Setting new users to external -### Default internal users +By default, new users are not set as external users. This behavior can be changed +by an administrator under the **Admin Area > Settings > General > Account and limit** page. -The "Internal users" field allows specifying an e-mail address regex pattern to identify default internal users. +If you change the default behavior of creating new users as external, you will +have the option to narrow it down by defining a set of internal users. +The **Internal users** field allows specifying an email address regex pattern to +identify default internal users. New users whose email address matches the regex +pattern will be set to internal by default rather than an external collaborator. -New users whose email address matches the regex pattern will be set to internal by default rather than an external collaborator. +The regex pattern format is Ruby, but it needs to be convertible to JavaScript, +and the ignore case flag will be set (`/regex pattern/i`). Here are some examples: -The regex pattern format is Ruby, but it needs to be convertible to JavaScript, and the ignore case flag will be set, e.g. "/regex pattern/i". +- Use `\.internal@domain\.com$` to mark email addresses ending with + `.internal@domain.com` as internal. +- Use `^(?:(?!\.ext@domain\.com).)*$\r?` to mark users with email addresses + NOT including `.ext@domain.com` as internal. -Here are some examples: +CAUTION: **Warning:** +Be aware that this regex could lead to a +[regular expression denial of service (ReDoS) attack](https://en.wikipedia.org/wiki/ReDoS). -- Use `\.internal@domain\.com$` to mark email addresses ending with ".internal@domain.com" internal. -- Use `^(?:(?!\.ext@domain\.com).)*$\r?` to mark users with email addresses NOT including .ext@domain.com internal. +## Free Guest users **(ULTIMATE)** -Please be aware that this regex could lead to a DOS attack, [see](https://en.wikipedia.org/wiki/ReDoS?) ReDos on Wikipedia. +When a user is given Guest permissions on a project, group, or both, and holds no +higher permission level on any other project or group on the GitLab instance, +the user is considered a guest user by GitLab and will not consume a license seat. +There is no other specific "guest" designation for newly created users. + +If the user is assigned a higher role on any projects or groups, the user will +take a license seat. If a user creates a project, the user becomes a Maintainer +on the project, resulting in the use of a license seat. Also, note that if your +project is internal or private, Guest users will have all the abilities that are +mentioned in the [permissions table above](#project-members-permissions) (they +will not be able to browse the project's repository for example). + +TIP: **Tip:** +To prevent a guest user from creating projects, as an admin, you can edit the +user's profile to mark the user as [external](#external-users-core-only). +Beware though that even if a user is external, if they already have Reporter or +higher permissions in any project or group, they will **not** be counted as a +free guest user. ## Auditor users **(PREMIUM ONLY)** diff --git a/doc/user/profile/account/delete_account.md b/doc/user/profile/account/delete_account.md index 9b72956a55e..65896bd19cd 100644 --- a/doc/user/profile/account/delete_account.md +++ b/doc/user/profile/account/delete_account.md @@ -42,6 +42,53 @@ a user can be blocked directly from the Admin area. To do this: 1. Selecting a user. 1. Under the **Account** tab, click **Block user**. +### Deactivating a user + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/63921) in GitLab 12.4. + +A user can be deactivated from the Admin area. Deactivating a user is functionally identical to blocking a user, with the following differences: + +- It does not prohibit the user from logging back in via the UI. +- Once a deactivated user logs back into the GitLab UI, their account is set to active. + +A deactivated user: + +- Cannot access Git repositories or the API. +- Will not receive any notifications from GitLab. +- Will not be able to use [slash commands](../../../integration/slash_commands.md). + +Personal projects, group and user history of the deactivated user will be left intact. + +NOTE: **Note:** +A deactivated user does not consume a [seat](../../../subscriptions/index.md#managing-subscriptions). + +To do this: + +1. Navigate to **Admin Area > Overview > Users**. +1. Select a user. +1. Under the **Account** tab, click **Deactivate user**. + +Please note that for the deactivation option to be visible to an admin, the user: + +- Must be currently active. +- Should not have any activity in the last 14 days. + +### Activating a user + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/63921) in GitLab 12.4. + +A deactivated user can be activated from the Admin area. Activating a user sets their account to active state. + +To do this: + +1. Navigate to **Admin Area > Overview > Users**. +1. Click on the **Deactivated** tab. +1. Select a user. +1. Under the **Account** tab, click **Activate user**. + +TIP: **Tip:** +A deactivated user can also activate their account by themselves by simply logging back via the UI. + ## Associated Records > - Introduced for issues in diff --git a/doc/user/profile/account/two_factor_authentication.md b/doc/user/profile/account/two_factor_authentication.md index f7ba921aa7d..108d4f0b387 100644 --- a/doc/user/profile/account/two_factor_authentication.md +++ b/doc/user/profile/account/two_factor_authentication.md @@ -107,7 +107,7 @@ prompted to download a set of set recovery codes. Should you ever lose access to your one time password authenticator, you can use one of them to log in to your account. We suggest copying them, printing them, or downloading them using the **Download codes** button for storage in a safe place. If you choose to -download them, the file will be called **gitlab-recovery-codes.txt**. +download them, the file will be called `gitlab-recovery-codes.txt`. If you lose the recovery codes or just want to generate new ones, you can do so [using SSH](#generate-new-recovery-codes-using-ssh). @@ -244,6 +244,12 @@ Sign in and re-enable two-factor authentication as soon as possible. - The user logs out and attempts to log in via `second.host.xyz` - U2F authentication fails, because the U2F key has only been registered on `first.host.xyz`. +## Troubleshooting + +If you are receiving an `invalid pin code` error, this may indicate that there is a time sync issue between the authentication application and the GitLab instance itself. + +Most authentication apps have a feature in the settings for syncing the time for the codes themselves. For Google Authenticator for example, go to `Settings > Time correction for codes`. + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md index 4c99d58e51d..980a7d5968d 100644 --- a/doc/user/profile/personal_access_tokens.md +++ b/doc/user/profile/personal_access_tokens.md @@ -47,8 +47,8 @@ the following table. | `api` | [GitLab 8.15](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/5951) | Grants complete read/write access to the API, including all groups and projects, the container registry, and the package registry. | | `read_registry` | [GitLab 9.3](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/11845) | Allows to read (pull) [container registry] images if a project is private and authorization is required. | | `sudo` | [GitLab 10.2](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/14838) | Allows performing API actions as any user in the system (if the authenticated user is an admin). | -| `read_repository` | [GitLab 10.7](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/17894) | Allows read-only access (pull) to the repository through git clone. | -| `write_repository` | [GitLab 11.11](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/26021) | Allows read-write access (pull, push) to the repository through git clone. Required for accessing Git repositories over HTTP when 2FA is enabled. | +| `read_repository` | [GitLab 10.7](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/17894) | Allows read-only access (pull) to the repository through `git clone`. | +| `write_repository` | [GitLab 11.11](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/26021) | Allows read-write access (pull, push) to the repository through `git clone`. Required for accessing Git repositories over HTTP when 2FA is enabled. | [2fa]: ../account/two_factor_authentication.md [api]: ../../api/README.md diff --git a/doc/user/project/canary_deployments.md b/doc/user/project/canary_deployments.md index 95ed511d0b3..3a19c29b241 100644 --- a/doc/user/project/canary_deployments.md +++ b/doc/user/project/canary_deployments.md @@ -44,7 +44,7 @@ Canary deployments require that you properly configure Deploy Boards: 1. Follow the steps to [enable Deploy Boards](deploy_boards.md#enabling-deploy-boards). 1. To track canary deployments you need to label your Kubernetes deployments and - pods with `track: canary`. To get started quickly, you can use the [Auto Deploy](../../ci/autodeploy/index.md) + pods with `track: canary`. To get started quickly, you can use the [Auto Deploy](../../topics/autodevops/index.md#auto-deploy) template for canary deployments that GitLab provides. Depending on the deploy, the label should be either `stable` or `canary`. @@ -66,5 +66,5 @@ can easily notice them. [ee-1659]: https://gitlab.com/gitlab-org/gitlab/issues/1659 [kube-canary]: https://kubernetes.io/docs/concepts/cluster-administration/manage-deployment/#canary-deployments [deploy board]: deploy_boards.md -[cd-blog]: https://about.gitlab.com/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/ +[cd-blog]: https://about.gitlab.com/blog/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/ [kube-net]: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies diff --git a/doc/user/project/clusters/eks_and_gitlab/index.md b/doc/user/project/clusters/eks_and_gitlab/index.md index 28f3420de35..22576b84926 100644 --- a/doc/user/project/clusters/eks_and_gitlab/index.md +++ b/doc/user/project/clusters/eks_and_gitlab/index.md @@ -192,7 +192,7 @@ deployment of the other applications. Next, if you would like the deployed app to be reachable on the internet, deploy the Ingress. Note that this will also cause an -[Elastic Load Balancer](https://aws.amazon.com/documentation/elastic-load-balancing/) +[Elastic Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/) to be created, which will incur additional AWS costs. Once installed, you may see a `?` for "Ingress IP Address". This is because the diff --git a/doc/user/project/clusters/img/kubernetes_pod_logs.png b/doc/user/project/clusters/img/kubernetes_pod_logs.png Binary files differdeleted file mode 100644 index e664a47386a..00000000000 --- a/doc/user/project/clusters/img/kubernetes_pod_logs.png +++ /dev/null diff --git a/doc/user/project/clusters/img/kubernetes_pod_logs_v12_4.png b/doc/user/project/clusters/img/kubernetes_pod_logs_v12_4.png Binary files differnew file mode 100644 index 00000000000..73c2ecd182a --- /dev/null +++ b/doc/user/project/clusters/img/kubernetes_pod_logs_v12_4.png diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md index 97fa973d3e3..9ecb785d6fe 100644 --- a/doc/user/project/clusters/index.md +++ b/doc/user/project/clusters/index.md @@ -61,7 +61,7 @@ GitLab makes it easy to view the logs of running pods in connected Kubernetes cl ### Kubernetes monitoring Automatically detect and monitor Kubernetes metrics. Automatic monitoring of -[NGINX ingress](../integrations/prometheus_library/nginx.md) is also supported. +[NGINX Ingress](../integrations/prometheus_library/nginx.md) is also supported. [Read more about Kubernetes monitoring](../integrations/prometheus_library/kubernetes.md) @@ -112,7 +112,7 @@ There are two options when adding a new cluster to your project: TIP: **Tip:** Every new Google Cloud Platform (GCP) account receives [$300 in credit upon sign up](https://console.cloud.google.com/freetrial), and in partnership with Google, GitLab is able to offer an additional $200 for new GCP accounts to get started with GitLab's -Google Kubernetes Engine Integration. All you have to do is [follow this link](https://goo.gl/AaJzRW) and apply for credit. +Google Kubernetes Engine Integration. All you have to do is [follow this link](https://cloud.google.com/partners/partnercredit/?PCN=a0n60000006Vpz4AAC) and apply for credit. NOTE: **Note:** The [Google authentication integration](../../../integration/google.md) must @@ -154,6 +154,7 @@ new Kubernetes cluster to your project: - **Number of nodes** - Enter the number of nodes you wish the cluster to have. - **Machine type** - The [machine type](https://cloud.google.com/compute/docs/machine-types) of the Virtual Machine instance that the cluster will be based on. + - **Enable Cloud Run on GKE (beta)** - Check this if you want to use Cloud Run on GKE for this cluster. See the [Cloud Run on GKE section](#cloud-run-on-gke) for more information. - **GitLab-managed cluster** - Leave this checked if you want GitLab to manage namespaces and service accounts for this cluster. See the [Managed clusters section](#gitlab-managed-clusters) for more information. 1. Finally, click the **Create Kubernetes cluster** button. @@ -339,6 +340,15 @@ functionalities needed to successfully build and deploy a containerized application. Bear in mind that the same credentials are used for all the applications running on the cluster. +### Cloud Run on GKE + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/16566) in GitLab 12.4. + +You can choose to use Cloud Run on GKE in place of installing Knative and Istio +separately after the cluster has been created. This means that Cloud Run +(Knative), Istio, and HTTP Load Balancing will be enabled on the cluster at +create time and cannot be [installed or uninstalled](../../clusters/applications.md) separately. + ### GitLab-managed clusters > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/22011) in GitLab 11.5. @@ -370,7 +380,7 @@ Specifying a base domain will automatically set `KUBE_INGRESS_BASE_DOMAIN` as an If you are using [Auto DevOps](../../../topics/autodevops/index.md), this domain will be used for the different stages. For example, Auto Review Apps and Auto Deploy. -The domain should have a wildcard DNS configured to the Ingress IP address. After ingress has been installed (see [Installing Applications](#installing-applications)), +The domain should have a wildcard DNS configured to the Ingress IP address. After Ingress has been installed (see [Installing Applications](#installing-applications)), you can either: - Create an `A` record that points to the Ingress IP address with your domain provider. @@ -380,8 +390,8 @@ you can either: When creating a cluster in GitLab, you will be asked if you would like to create either: -- An [Attribute-based access control (ABAC)](https://kubernetes.io/docs/admin/authorization/abac/) cluster. -- A [Role-based access control (RBAC)](https://kubernetes.io/docs/admin/authorization/rbac/) cluster. +- An [Attribute-based access control (ABAC)](https://kubernetes.io/docs/reference/access-authn-authz/abac/) cluster. +- A [Role-based access control (RBAC)](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) cluster. NOTE: **Note:** [RBAC](#rbac-cluster-resources) is recommended and the GitLab default. @@ -538,7 +548,7 @@ differentiate the new cluster with the rest. GitLab can install and manage some applications in your project-level cluster. For more information on installing, upgrading, uninstalling, and troubleshooting applications for your project cluster, see -[Gitlab Managed Apps](../../clusters/applications.md). +[GitLab Managed Apps](../../clusters/applications.md). ### Getting the external endpoint @@ -555,7 +565,7 @@ address or a hostname associated with your load balancer. > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/17052) in GitLab 10.6. -After you install [Ingress or Knative](#installing-applications), Gitlab attempts to determine the external endpoint +After you install [Ingress or Knative](#installing-applications), GitLab attempts to determine the external endpoint and it should be available within a few minutes. If the endpoint doesn't appear and your cluster runs on Google Kubernetes Engine: diff --git a/doc/user/project/clusters/kubernetes_pod_logs.md b/doc/user/project/clusters/kubernetes_pod_logs.md index 82f658ce724..4036eaf0bfb 100644 --- a/doc/user/project/clusters/kubernetes_pod_logs.md +++ b/doc/user/project/clusters/kubernetes_pod_logs.md @@ -17,8 +17,14 @@ Everything you need to build, test, deploy, and run your app at scale. 1. On the **Environments** page, you should see the status of the environment's pods with [Deploy Boards](../deploy_boards.md). 1. When mousing over the list of pods, a tooltip will appear with the exact pod name and status.  -1. Click on the desired pod to bring up the logs view, which will contain the last 500 lines for that pod. Support for pods with multiple containers is coming [in a future release](https://gitlab.com/gitlab-org/gitlab/issues/6502). -  +1. Click on the desired pod to bring up the logs view, which will contain the last 500 lines for that pod. + You may switch between the following in this view: + - Pods. + - [From GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/issues/5769), environments. + + Support for pods with multiple containers is coming [in a future release](https://gitlab.com/gitlab-org/gitlab/issues/6502). + +  ## Requirements diff --git a/doc/user/project/clusters/runbooks/index.md b/doc/user/project/clusters/runbooks/index.md index 7e5c1b3d4ed..7b17ec68234 100644 --- a/doc/user/project/clusters/runbooks/index.md +++ b/doc/user/project/clusters/runbooks/index.md @@ -38,7 +38,7 @@ To create an executable runbook, you will need: The simplest way to get started is to add a cluster using [GitLab's GKE integration](../index.md#add-new-gke-cluster). 1. **Helm Tiller** - Helm is a package manager for Kubernetes and is required to install all the other applications. It is installed in its own pod inside the cluster which - can run the helm CLI in a safe environment. + can run the Helm CLI in a safe environment. 1. **Ingress** - Ingress can provide load balancing, SSL termination, and name-based virtual hosting. It acts as a web proxy for your applications. 1. **JupyterHub** - [JupyterHub](https://jupyterhub.readthedocs.io/) is a multi-user service for managing notebooks across @@ -48,9 +48,9 @@ To create an executable runbook, you will need: ## Nurtch Nurtch is the company behind the [Rubix library](https://github.com/Nurtch/rubix). Rubix is -an open-source python library that makes it easy to perform common DevOps tasks inside Jupyter Notebooks. +an open-source Python library that makes it easy to perform common DevOps tasks inside Jupyter Notebooks. Tasks such as plotting Cloudwatch metrics and rolling your ECS/Kubernetes app are simplified -down to a couple of lines of code. See the [Nurtch Documentation](http://docs.nurtch.com/en/latest) +down to a couple of lines of code. See the [Nurtch Documentation](http://docs.nurtch.com/en/latest/) for more information. ## Configure an executable runbook with GitLab diff --git a/doc/user/project/clusters/serverless/index.md b/doc/user/project/clusters/serverless/index.md index 5d91b01e5b0..9a9857bd5da 100644 --- a/doc/user/project/clusters/serverless/index.md +++ b/doc/user/project/clusters/serverless/index.md @@ -9,12 +9,12 @@ Serverless is currently in [alpha](https://about.gitlab.com/handbook/product/#al Serverless architectures offer Operators and Developers the ability write highly scalable applications without provisioning a single server. -Gitlab supports several ways deploy Serverless applications in both Kubernetes Environments and also major cloud FAAS environments. +GitLab supports several ways deploy Serverless applications in both Kubernetes Environments and also major cloud FAAS environments. Currently we support: - [Knative](#knative): Build Knative applications with Knative and gitlabktl on GKE -- [AWS Lambda](aws.md): Create serverless applications via the Serverless Framework and gitlab-ci +- [AWS Lambda](aws.md): Create serverless applications via the Serverless Framework and GitLab CI ## Knative @@ -31,7 +31,7 @@ With GitLab Serverless, you can deploy both functions-as-a-service (FaaS) and se ## Prerequisites -To run Knative on Gitlab, you will need: +To run Knative on GitLab, you will need: 1. **Existing GitLab project:** You will need a GitLab project to associate all resources. The simplest way to get started: @@ -82,10 +82,10 @@ The minimum recommended cluster size to run Knative is 3-nodes, 6 vCPUs, and 22. For clusters created on GKE, see [GKE Cluster Access](https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl), for other platforms [Install kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/). -1. The ingress is now available at this address and will route incoming requests to the proper service based on the DNS +1. The Ingress is now available at this address and will route incoming requests to the proper service based on the DNS name in the request. To support this, a wildcard DNS A record should be created for the desired domain name. For example, if your Knative base domain is `knative.info` then you need to create an A record or CNAME record with domain `*.knative.info` - pointing the ip address or hostname of the ingress. + pointing the ip address or hostname of the Ingress.  diff --git a/doc/user/project/code_owners.md b/doc/user/project/code_owners.md index 0d422612f02..476f513480c 100644 --- a/doc/user/project/code_owners.md +++ b/doc/user/project/code_owners.md @@ -1,8 +1,13 @@ +--- +type: reference +--- + # Code Owners **(STARTER)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/6916) in [GitLab Starter](https://about.gitlab.com/pricing/) 11.3. > - [Support for group namespaces](https://gitlab.com/gitlab-org/gitlab-foss/issues/53182) added in GitLab Starter 12.1. +> - Code Owners for Merge Request approvals was [introduced](https://gitlab.com/gitlab-org/gitlab/issues/4418) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.9. You can use a `CODEOWNERS` file to specify users or [shared groups](members/share_project_with_groups.md) @@ -10,9 +15,9 @@ that are responsible for certain files in a repository. You can choose and add the `CODEOWNERS` file in three places: -- to the root directory of the repository -- inside the `.gitlab/` directory -- inside the `docs/` directory +- To the root directory of the repository +- Inside the `.gitlab/` directory +- Inside the `docs/` directory The `CODEOWNERS` file is scoped to a branch, which means that with the introduction of new files, the person adding the new content can @@ -23,6 +28,18 @@ When a file matches multiple entries in the `CODEOWNERS` file, the users from all entries are displayed on the blob page of the given file. +## Approvals by Code Owners + +Once you've set Code Owners to a project, you can configure it to +receive approvals: + +- As [merge request eligible approvers](merge_requests/merge_request_approvals.md#code-owners-as-eligible-approvers-starter). **(STARTER)** +- As required approvers for [protected branches](protected_branches.md#protected-branches-approval-by-code-owners-premium). **(PREMIUM)** + +Once set, Code Owners are displayed in merge requests widgets: + + + ## The syntax of Code Owners files Files can be specified using the same kind of patterns you would use diff --git a/doc/user/project/deploy_boards.md b/doc/user/project/deploy_boards.md index 23d11c87676..b14d7f821bb 100644 --- a/doc/user/project/deploy_boards.md +++ b/doc/user/project/deploy_boards.md @@ -29,9 +29,9 @@ to the latest release. Since Deploy Boards are tightly coupled with Kubernetes, there is some required knowledge. In particular you should be familiar with: -- [Kubernetes pods](https://kubernetes.io/docs/user-guide/pods) +- [Kubernetes pods](https://kubernetes.io/docs/concepts/workloads/pods/pod/) - [Kubernetes labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) -- [Kubernetes namespaces](https://kubernetes.io/docs/user-guide/namespaces/) +- [Kubernetes namespaces](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) - [Kubernetes canary deployments](https://kubernetes.io/docs/concepts/cluster-administration/manage-deployment/#canary-deployments) ## Use cases @@ -91,7 +91,8 @@ To display the Deploy Boards for a specific [environment] you should: Matching based on the Kubernetes `app` label was removed in [GitLab 12.1](https://gitlab.com/gitlab-org/gitlab/merge_requests/14020). To migrate, please apply the required annotations (see above) and - re-deploy your application. + re-deploy your application. If you are using Auto DevOps, this will + be done automatically and no action is necessary.  diff --git a/doc/user/project/deploy_tokens/index.md b/doc/user/project/deploy_tokens/index.md index 6dcf56da4f0..5c3c2188629 100644 --- a/doc/user/project/deploy_tokens/index.md +++ b/doc/user/project/deploy_tokens/index.md @@ -71,7 +71,7 @@ To read the container registry images, you'll need to: 1. Log in to GitLab’s Container Registry using the deploy token: ```sh -docker login registry.example.com -u <username> -p <deploy_token> +docker login -u <username> -p <deploy_token> registry.example.com ``` Just replace `<username>` and `<deploy_token>` with the proper values. Then you can simply diff --git a/doc/user/project/highlighting.md b/doc/user/project/highlighting.md index 73a2d176b54..a715a313adf 100644 --- a/doc/user/project/highlighting.md +++ b/doc/user/project/highlighting.md @@ -1,8 +1,6 @@ -[Rouge]: https://rubygems.org/gems/rouge - # Syntax Highlighting -GitLab provides syntax highlighting on all files and snippets through the [Rouge][] rubygem. It will try to guess what language to use based on the file extension, which most of the time is sufficient. +GitLab provides syntax highlighting on all files and snippets through the [Rouge](https://rubygems.org/gems/rouge) rubygem. It will try to guess what language to use based on the file extension, which most of the time is sufficient. If GitLab is guessing wrong, you can override its choice of language using the `gitlab-language` attribute in `.gitattributes`. For example, if you are working in a Prolog project and using the `.pl` file extension (which would normally be highlighted as Perl), you can add the following to your `.gitattributes` file: @@ -12,7 +10,7 @@ If GitLab is guessing wrong, you can override its choice of language using the ` When you check in and push that change, all `*.pl` files in your project will be highlighted as Prolog. -The paths here are simply git's builtin [`.gitattributes` interface](https://git-scm.com/docs/gitattributes). So, if you were to invent a file format called a `Nicefile` at the root of your project that used ruby syntax, all you need is: +The paths here are simply Git's built-in [`.gitattributes` interface](https://git-scm.com/docs/gitattributes). So, if you were to invent a file format called a `Nicefile` at the root of your project that used ruby syntax, all you need is: ``` conf /Nicefile gitlab-language=ruby diff --git a/doc/user/project/img/code_owners_approval_new_protected_branch_v12_4.png b/doc/user/project/img/code_owners_approval_new_protected_branch_v12_4.png Binary files differnew file mode 100755 index 00000000000..f813b60dcd9 --- /dev/null +++ b/doc/user/project/img/code_owners_approval_new_protected_branch_v12_4.png diff --git a/doc/user/project/img/code_owners_approval_protected_branch_v12_4.png b/doc/user/project/img/code_owners_approval_protected_branch_v12_4.png Binary files differnew file mode 100755 index 00000000000..59da6874d14 --- /dev/null +++ b/doc/user/project/img/code_owners_approval_protected_branch_v12_4.png diff --git a/doc/user/project/img/code_owners_mr_widget_v12_4.png b/doc/user/project/img/code_owners_mr_widget_v12_4.png Binary files differnew file mode 100644 index 00000000000..7f7b15ee017 --- /dev/null +++ b/doc/user/project/img/code_owners_mr_widget_v12_4.png diff --git a/doc/user/project/img/issue_boards_multi_select.png b/doc/user/project/img/issue_boards_multi_select.png Binary files differnew file mode 100644 index 00000000000..34ec0c1c58e --- /dev/null +++ b/doc/user/project/img/issue_boards_multi_select.png diff --git a/doc/user/project/img/protected_branches_list_v12_3.png b/doc/user/project/img/protected_branches_list_v12_3.png Binary files differindex 365d8d99e5a..2353ddd23be 100644 --- a/doc/user/project/img/protected_branches_list_v12_3.png +++ b/doc/user/project/img/protected_branches_list_v12_3.png diff --git a/doc/user/project/img/protected_branches_page_v12_3.png b/doc/user/project/img/protected_branches_page_v12_3.png Binary files differindex 17f19642552..9a194c85c41 100644 --- a/doc/user/project/img/protected_branches_page_v12_3.png +++ b/doc/user/project/img/protected_branches_page_v12_3.png diff --git a/doc/user/project/import/bitbucket.md b/doc/user/project/import/bitbucket.md index e509e333313..77fc2761e07 100644 --- a/doc/user/project/import/bitbucket.md +++ b/doc/user/project/import/bitbucket.md @@ -56,10 +56,10 @@ namespace that started the import process.  1. Click on the projects that you'd like to import or **Import all projects**. - You can also select the namespace under which each project will be - imported. + You can also filter projects by name and select the namespace under which + each project will be imported. -  +  [bb-import]: ../../../integration/bitbucket.md [social sign-in]: ../../profile/account/social_sign_in.md diff --git a/doc/user/project/import/bitbucket_server.md b/doc/user/project/import/bitbucket_server.md index 7f2c6005cd4..f10bbaa707d 100644 --- a/doc/user/project/import/bitbucket_server.md +++ b/doc/user/project/import/bitbucket_server.md @@ -4,7 +4,7 @@ in GitLab 11.2. NOTE: **Note:** -The Bitbucket Server importer does not work with Bitbucket Cloud (aka bitbucket.org). +The Bitbucket Server importer does not work with [Bitbucket Cloud](https://bitbucket.org). Use the [Bitbucket Cloud importer](bitbucket.md) for that. Import your projects from Bitbucket Server to GitLab with minimal effort. diff --git a/doc/user/project/import/cvs.md b/doc/user/project/import/cvs.md index cabd0eef8d6..3b2404912f7 100644 --- a/doc/user/project/import/cvs.md +++ b/doc/user/project/import/cvs.md @@ -64,5 +64,5 @@ Here's a few links to get you started with the migration: - [Migrate using the `cvs-fast-export` tool](http://www.catb.org/~esr/reposurgeon/dvcs-migration-guide.html) ([_source code_](https://gitlab.com/esr/cvs-fast-export)) - [Stack Overflow post on importing the CVS repo](https://stackoverflow.com/a/11490134/974710) -- [Convert a CVS repository to Git](http://www.techrepublic.com/blog/linux-and-open-source/convert-cvs-repositories-to-git/) -- [Man page of the `git-cvsimport` tool](https://www.kernel.org/pub/software/scm/git/docs/git-cvsimport.html) +- [Convert a CVS repository to Git](https://www.techrepublic.com/blog/linux-and-open-source/convert-cvs-repositories-to-git/) +- [Man page of the `git-cvsimport` tool](https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-cvsimport.html) diff --git a/doc/user/project/import/gemnasium.md b/doc/user/project/import/gemnasium.md index 3217bbc4772..f1121745c7e 100644 --- a/doc/user/project/import/gemnasium.md +++ b/doc/user/project/import/gemnasium.md @@ -53,7 +53,7 @@ Otherwise, you must configure your `.gitlab-ci.yml` according to the ### If your project is hosted on GitHub (`https://github.com` / GitHub Enterprise) -Since [GitLab 10.6 comes with GitHub integration](https://about.gitlab.com/features/github/), +Since [GitLab 10.6 comes with GitHub integration](https://about.gitlab.com/solutions/github/), GitLab users can now create a CI/CD project in GitLab connected to an external GitHub.com or GitHub Enterprise repository. This will automatically prompt GitLab CI/CD to run whenever code is pushed to GitHub and post CI/CD results @@ -81,7 +81,7 @@ back to both GitLab and GitHub when completed. Optional step: If you set this up on GitLab.com, make sure the project is public (in the project settings) if your GitHub project is public, since - the security feature is available only for [GitLab Ultimate](https://about.gitlab.com/pricing). + the security feature is available only for [GitLab Ultimate](https://about.gitlab.com/pricing/). 1. To set up the dependency scanning job, corresponding to what Gemnasium was doing, you must create a `.gitlab-ci.yml` file, or update it according to diff --git a/doc/user/project/import/gitea.md b/doc/user/project/import/gitea.md index f5746a0fb31..f883e4474e2 100644 --- a/doc/user/project/import/gitea.md +++ b/doc/user/project/import/gitea.md @@ -43,8 +43,8 @@ Click on the **Gitea** link and the import authorization process will start. With this method, you will perform a one-off authorization with Gitea to grant GitLab access your repositories: -1. Go to <https://you-gitea-instance/user/settings/applications> (replace - `you-gitea-instance` with the host of your Gitea instance). +1. Go to `https://your-gitea-instance/user/settings/applications` (replace + `your-gitea-instance` with the host of your Gitea instance). 1. Click **Generate New Token**. 1. Enter a token description. 1. Click **Generate Token**. @@ -66,10 +66,14 @@ From there, you can see the import statuses of your Gitea repositories. - whereas those that are not yet imported will have an **Import** button on the right side of the table. -If you want, you can import all your Gitea projects in one go by hitting -**Import all projects** in the upper left corner. +You also can: - +- Import all your Gitea projects in one go by hitting **Import all projects** in + the upper left corner +- Filter projects by name. If filter is applied, hitting **Import all projects** + will only import matched projects + + --- diff --git a/doc/user/project/import/github.md b/doc/user/project/import/github.md index dad53a600dc..0aeca7f73ad 100644 --- a/doc/user/project/import/github.md +++ b/doc/user/project/import/github.md @@ -42,7 +42,7 @@ assignees in the database of the GitLab instance (note that pull requests are ca For this association to succeed, prior to the import, each GitHub author and assignee in the repository must have either previously logged in to a GitLab account using the GitHub icon **or** have a GitHub account with -a [public email address](https://help.github.com/articles/setting-your-commit-email-address-on-github/) that +a [public email address](https://help.github.com/en/articles/setting-your-commit-email-address) that matches their GitLab account's email address. If a user referenced in the project is not found in GitLab's database, the project creator (typically the user @@ -71,7 +71,7 @@ Before you begin, ensure that any GitHub users who you want to map to GitLab use - A GitLab account that has logged in using the GitHub icon \- or - -- A GitLab account with an email address that matches the [public email address](https://help.github.com/articles/setting-your-commit-email-address-on-github/) of the GitHub user +- A GitLab account with an email address that matches the [public email address](https://help.github.com/en/articles/setting-your-commit-email-address) of the GitHub user User-matching attempts occur in that order, and if a user is not identified either way, the activity is associated with the user account that is performing the import. @@ -82,7 +82,7 @@ If you are using a self-hosted GitLab instance or if you are importing from GitH 1. From the top navigation bar, click **+** and select **New project**. 1. Select the **Import project** tab and then select **GitHub**. -1. Select the first button to **List your GitHub repositories**. You are redirected to a page on github.com to authorize the GitLab application. +1. Select the first button to **List your GitHub repositories**. You are redirected to a page on [GitHub](https://github.com) to authorize the GitLab application. 1. Click **Authorize gitlabhq**. You are redirected back to GitLab's Import page and all of your GitHub repositories are listed. 1. Continue on to [selecting which repositories to import](#selecting-which-repositories-to-import). @@ -115,11 +115,14 @@ your GitHub repositories are listed. 1. By default, the proposed repository namespaces match the names as they exist in GitHub, but based on your permissions, you can choose to edit these names before you proceed to import any of them. -1. Select the **Import** button next to any number of repositories, or select **Import all repositories**. +1. Select the **Import** button next to any number of repositories, or select **Import all repositories**. Additionally, + you can filter projects by name. If filter is applied, **Import all repositories** only imports matched repositories. 1. The **Status** column shows the import status of each repository. You can choose to leave the page open and it will update in realtime or you can return to it later. 1. Once a repository has been imported, click its GitLab path to open its GitLab URL. + + ## Mirroring and pipeline status sharing Depending your GitLab tier, [project mirroring](../../../workflow/repository_mirroring.md) can be set up to keep diff --git a/doc/user/project/import/img/bitbucket_import_select_project.png b/doc/user/project/import/img/bitbucket_import_select_project.png Binary files differdeleted file mode 100644 index 1bca6166ec8..00000000000 --- a/doc/user/project/import/img/bitbucket_import_select_project.png +++ /dev/null diff --git a/doc/user/project/import/img/bitbucket_import_select_project_v12_3.png b/doc/user/project/import/img/bitbucket_import_select_project_v12_3.png Binary files differnew file mode 100644 index 00000000000..1f1febd9068 --- /dev/null +++ b/doc/user/project/import/img/bitbucket_import_select_project_v12_3.png diff --git a/doc/user/project/import/img/import_projects_from_gitea_importer_v12_3.png b/doc/user/project/import/img/import_projects_from_gitea_importer_v12_3.png Binary files differnew file mode 100644 index 00000000000..d8ae1a54851 --- /dev/null +++ b/doc/user/project/import/img/import_projects_from_gitea_importer_v12_3.png diff --git a/doc/user/project/import/img/import_projects_from_github_importer.png b/doc/user/project/import/img/import_projects_from_github_importer.png Binary files differdeleted file mode 100644 index d8effaf6075..00000000000 --- a/doc/user/project/import/img/import_projects_from_github_importer.png +++ /dev/null diff --git a/doc/user/project/import/img/import_projects_from_github_importer_v12_3.png b/doc/user/project/import/img/import_projects_from_github_importer_v12_3.png Binary files differnew file mode 100644 index 00000000000..6a53d9e6d1d --- /dev/null +++ b/doc/user/project/import/img/import_projects_from_github_importer_v12_3.png diff --git a/doc/user/project/import/index.md b/doc/user/project/import/index.md index ecd491d8e5b..571968dd065 100644 --- a/doc/user/project/import/index.md +++ b/doc/user/project/import/index.md @@ -1,7 +1,7 @@ # Migrating projects to a GitLab instance -1. [From Bitbucket Cloud (aka bitbucket.org)](bitbucket.md) -1. [From Bitbucket Server (aka Stash)](bitbucket_server.md) +1. [From Bitbucket Cloud](bitbucket.md) +1. [From Bitbucket Server (also known as Stash)](bitbucket_server.md) 1. [From ClearCase](clearcase.md) 1. [From CVS](cvs.md) 1. [From FogBugz](fogbugz.md) @@ -24,7 +24,7 @@ There is also the option of [connecting your external repository to get CI/CD be ## Migrating from self-hosted GitLab to GitLab.com -If you only need to migrate git repos, you can [import each project by URL](repo_by_url.md), but issues and merge requests can't be imported. +If you only need to migrate Git repos, you can [import each project by URL](repo_by_url.md), but issues and merge requests can't be imported. If you want to retain all metadata like issues and merge requests, you can use the [import/export feature](../settings/import_export.md) to export projects from self-hosted GitLab and import those projects into GitLab.com. @@ -34,7 +34,7 @@ This approach assumes all users from the self-hosted instance have already been If the users haven't been migrated yet, the user conducting the import will take the place of all references to the missing user(s). -If you need to migrate all data over, you can leverage our [api](../../../api/README.md) to migrate from self-hosted to GitLab.com. +If you need to migrate all data over, you can leverage our [API](../../../api/README.md) to migrate from self-hosted to GitLab.com. The order of assets to migrate from a self-hosted instance to GitLab is the following: 1. [Users](../../../api/users.md) diff --git a/doc/user/project/import/perforce.md b/doc/user/project/import/perforce.md index a1ea716b606..a08488a4baf 100644 --- a/doc/user/project/import/perforce.md +++ b/doc/user/project/import/perforce.md @@ -45,8 +45,8 @@ submit back from Git to Perforce. Here's a few links to get you started: -- [git-p4 manual page](https://www.kernel.org/pub/software/scm/git/docs/git-p4.html) -- [git-p4 example usage](https://git.wiki.kernel.org/index.php/Git-p4_Usage) +- [`git-p4` manual page](https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-p4.html) +- [`git-p4` example usage](https://git.wiki.kernel.org/index.php/Git-p4_Usage) - [Git book migration guide](https://git-scm.com/book/en/v2/Git-and-Other-Systems-Migrating-to-Git#_perforce_import) Note that `git p4` and `git filter-branch` are not very good at diff --git a/doc/user/project/import/svn.md b/doc/user/project/import/svn.md index 267dca5bf4d..6b22c5f2fd0 100644 --- a/doc/user/project/import/svn.md +++ b/doc/user/project/import/svn.md @@ -97,7 +97,7 @@ subgit import $GIT_REPO_PATH ### SubGit licensing Running SubGit in a mirror mode requires a -[registration](https://subgit.com/pricing/). Registration is free for open +[registration](https://subgit.com/pricing). Registration is free for open source, academic and startup projects. We're currently working on deeper GitLab/SubGit integration. You may track our diff --git a/doc/user/project/index.md b/doc/user/project/index.md index 2700d43ed10..7ae288996da 100644 --- a/doc/user/project/index.md +++ b/doc/user/project/index.md @@ -59,10 +59,10 @@ When you create a project in GitLab, you'll have access to a large number of **GitLab CI/CD:** -- [GitLab CI/CD](../../ci/README.md): GitLab's built-in [Continuous Integration, Delivery, and Deployment](https://about.gitlab.com/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/) tool +- [GitLab CI/CD](../../ci/README.md): GitLab's built-in [Continuous Integration, Delivery, and Deployment](https://about.gitlab.com/blog/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/) tool - [Container Registry](../packages/container_registry/index.md): Build and push Docker images out-of-the-box - - [Auto Deploy](../../ci/autodeploy/index.md): Configure GitLab CI/CD + - [Auto Deploy](../../topics/autodevops/index.md#auto-deploy): Configure GitLab CI/CD to automatically set up your app's deployment - [Enable and disable GitLab CI](../../ci/enable_or_disable_ci.md) - [Pipelines](../../ci/pipelines.md): Configure and visualize @@ -95,6 +95,7 @@ When you create a project in GitLab, you'll have access to a large number of - [Releases](releases/index.md): a way to track deliverables in your project as snapshot in time of the source, build output, and other metadata or artifacts associated with a released version of your code. +- [Conan packages](../packages/conan_repository/index.md): your private Conan repository in GitLab. **(PREMIUM)** - [Maven packages](../packages/maven_repository/index.md): your private Maven repository in GitLab. **(PREMIUM)** - [NPM packages](../packages/npm_registry/index.md): your private NPM package registry in GitLab. **(PREMIUM)** - [Code owners](code_owners.md): specify code owners for certain files **(STARTER)** @@ -129,7 +130,7 @@ Read through the documentation on [project settings](settings/index.md). - [Import a project](import/index.md) from: - [GitHub to GitLab](import/github.md) - - [BitBucket to GitLab](import/bitbucket.md) + - [Bitbucket to GitLab](import/bitbucket.md) - [Gitea to GitLab](import/gitea.md) - [FogBugz to GitLab](import/fogbugz.md) - [Export a project from GitLab](settings/import_export.md#exporting-a-project-and-its-data) @@ -154,6 +155,26 @@ when a project is part of a group (under a If you choose to leave a project you will no longer be a project member, therefore, unable to contribute. +## Project's landing page + +The project's landing page shows different information depending on +the project's visibility settings and user permissions. + +For public projects, and to members of internal and private projects +with [permissions to view the project's code](../permissions.md#project-members-permissions): + +- The content of a + [`README` or an index file](repository/#repository-readme-and-index-files) + is displayed (if any), followed by the list of directories within the + project's repository. +- If the project doesn't contain either of these files, the + visitor will see the list of files and directories of the repository. + +For users without permissions to view the project's code: + +- The wiki homepage is displayed, if any. +- The list of issues within the project is displayed. + ## Redirects when changing repository paths When a repository path changes, it is essential to smoothly transition from the @@ -214,10 +235,10 @@ A project alias can be only created via API and only by GitLab administrators. Follow the [Project Aliases API documentation](../../api/project_aliases.md) for more details. -Once an alias has been created for a project (e.g., an alias `gitlab-ce` for the -project `https://gitlab.com/gitlab-org/gitlab-foss`), the repository can be cloned -using the alias (e.g `git clone git@gitlab.com:gitlab-ce.git` instead of -`git clone git@gitlab.com:gitlab-org/gitlab-ce.git`). +Once an alias has been created for a project (e.g., an alias `gitlab` for the +project `https://gitlab.com/gitlab-org/gitlab`), the repository can be cloned +using the alias (e.g `git clone git@gitlab.com:gitlab.git` instead of +`git clone git@gitlab.com:gitlab-org/gitlab.git`). ## Project APIs diff --git a/doc/user/project/insights/index.md b/doc/user/project/insights/index.md index 76a6a96eec5..ec3831f2d27 100644 --- a/doc/user/project/insights/index.md +++ b/doc/user/project/insights/index.md @@ -58,9 +58,9 @@ For example, here's a single definition for Insights that will display one page ```yaml bugsCharts: - title: 'Charts for Bugs' + title: "Charts for bugs" charts: - - title: Monthly Bugs Created (bar) + - title: "Monthly bugs created" type: bar query: issuable_type: issue @@ -76,7 +76,7 @@ Each chart definition is made up of a hash composed of key-value pairs. For example, here's single chart definition: ```yaml -- title: Monthly Bugs Created (bar) +- title: "Monthly bugs created" type: bar query: issuable_type: issue @@ -111,7 +111,7 @@ For example: ```yaml monthlyBugsCreated: - title: Monthly Bugs Created (bar) + title: "Monthly bugs created" ``` ### `type` @@ -122,7 +122,7 @@ For example: ```yaml monthlyBugsCreated: - title: Monthly Bugs Created (bar) + title: "Monthly bugs created" type: bar ``` @@ -145,7 +145,7 @@ Example: ```yaml monthlyBugsCreated: - title: Monthly Bugs Created (bar) + title: "Monthly bugs created" type: bar query: issuable_type: issue @@ -174,7 +174,7 @@ Supported values are: Filter by the state of the queried "issuable". -If you omit it, the `opened` state filter will be applied. +By default, the `opened` state filter will be applied. Supported values are: @@ -188,14 +188,14 @@ Supported values are: Filter by labels applied to the queried "issuable". -If you omit it, no labels filter will be applied. All the defined labels must be +By default, no labels filter will be applied. All the defined labels must be applied to the "issuable" in order for it to be selected. Example: ```yaml monthlyBugsCreated: - title: Monthly regressions Created (bar) + title: "Monthly regressions created" type: bar query: issuable_type: issue @@ -209,14 +209,14 @@ monthlyBugsCreated: Group "issuable" by the configured labels. -If you omit it, no grouping will be done. When using this keyword, you need to +By default, no grouping will be done. When using this keyword, you need to set `type` to either `line` or `stacked-bar`. Example: ```yaml weeklyBugsBySeverity: - title: Weekly Bugs By Severity (stacked bar) + title: "Weekly bugs by severity" type: stacked-bar query: issuable_type: issue @@ -248,7 +248,7 @@ The unit is related to the `query.group_by` you defined. For instance if you defined `query.group_by: 'day'` then `query.period_limit: 365` would mean "Gather and display data for the last 365 days". -If you omit it, default values will be applied depending on the `query.group_by` +By default, default values will be applied depending on the `query.group_by` you defined. | `query.group_by` | Default value | @@ -257,14 +257,63 @@ you defined. | `week` | 4 | | `month` | 12 | +### `projects` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/10904) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.4. + +You can limit where the "issuables" can be queried from: + +- If `.gitlab/insights.yml` is used for a [group's insights](../../group/insights/index.md#configure-your-insights), with `projects`, you can limit the projects to be queried. By default, all projects under the group will be used. +- If `.gitlab/insights.yml` is used for a project's insights, specifying any other projects will yield no results. By default, the project itself will be used. + +#### `projects.only` + +The `projects.only` option specifies the projects which the "issuables" +should be queried from. + +Projects listed here will be ignored when: + +- They don't exist. +- The current user doesn't have sufficient permissions to read them. +- They are outside of the group. + +In the following `insights.yml` example, we specify the projects +the queries will be used on. This example is useful when setting +a group's insights: + +```yaml +monthlyBugsCreated: + title: "Monthly bugs created" + type: bar + query: + issuable_type: issue + issuable_state: opened + filter_labels: + - bug + projects: + only: + - 3 # You can use the project ID + - groupA/projectA # Or full project path + - groupA/subgroupB/projectC # Projects in subgroups can be included + - groupB/project # Projects outside the group will be ignored +``` + ## Complete example ```yaml +.projectsOnly: &projectsOnly + projects: + only: + - 3 + - groupA/projectA + - groupA/subgroupB/projectC + bugsCharts: - title: 'Charts for Bugs' + title: "Charts for bugs" charts: - - title: Monthly Bugs Created (bar) + - title: "Monthly bugs created" type: bar + <<: *projectsOnly query: issuable_type: issue issuable_state: opened @@ -272,8 +321,10 @@ bugsCharts: - bug group_by: month period_limit: 24 - - title: Weekly Bugs By Severity (stacked bar) + + - title: "Weekly bugs by severity" type: stacked-bar + <<: *projectsOnly query: issuable_type: issue issuable_state: opened @@ -286,8 +337,10 @@ bugsCharts: - S4 group_by: week period_limit: 104 - - title: Monthly Bugs By Team (line) + + - title: "Monthly bugs by team" type: line + <<: *projectsOnly query: issuable_type: merge_request issuable_state: opened diff --git a/doc/user/project/integrations/bamboo.md b/doc/user/project/integrations/bamboo.md index 94e0c9fd886..ec9b8bd8bb2 100644 --- a/doc/user/project/integrations/bamboo.md +++ b/doc/user/project/integrations/bamboo.md @@ -25,9 +25,9 @@ need to be configured in a Bamboo build plan before GitLab can integrate. whitelist of IP addresses that are allowed to trigger Bamboo builds. 1. Save the trigger. 1. In the left pane, select a build stage. If you have multiple build stages - you want to select the last stage that contains the git checkout task. + you want to select the last stage that contains the Git checkout task. 1. Select the 'Miscellaneous' tab. -1. Under 'Pattern Match Labelling' put '${bamboo.repository.revision.number}' +1. Under 'Pattern Match Labelling' put `${bamboo.repository.revision.number}` in the 'Labels' box. 1. Save diff --git a/doc/user/project/integrations/generic_alerts.md b/doc/user/project/integrations/generic_alerts.md index 37fe5132ec2..ec43696fdee 100644 --- a/doc/user/project/integrations/generic_alerts.md +++ b/doc/user/project/integrations/generic_alerts.md @@ -1,6 +1,6 @@ # Generic alerts integration **(ULTIMATE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/13203) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.3. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/13203) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.3. GitLab can accept alerts from any source via a generic webhook receiver. When you set up the generic alerts integration, a unique endpoint will @@ -13,11 +13,11 @@ authored by the GitLab Alert Bot. ## Setting up generic alerts -To set up the generic alerts integration: +To set up the generic alerts integration: -1. Navigate to **Settings > Integrations** in a project. +1. Navigate to **Settings > Integrations** in a project. 1. Click on **Alert endpoint**. -1. Toggle the **Active** alert setting. The `URL` and `Authorization Key` for the webhook configuration can be found there. +1. Toggle the **Active** alert setting. The `URL` and `Authorization Key` for the webhook configuration can be found there. ## Customizing the payload @@ -35,7 +35,11 @@ You can customize the payload by sending the following parameters. All fields ar Example request: ```sh -curl --request POST --data '{"title": "Incident title"}' --header "Authorization: Bearer <autorization_key>" <url> +curl --request POST \ + --data '{"title": "Incident title"}' \ + --header "Authorization: Bearer <autorization_key>" \ + --header "Content-Type: application/json" \ + <url> ``` The `<autorization_key>` and `<url>` values can be found when [setting up generic alerts](#setting-up-generic-alerts). diff --git a/doc/user/project/integrations/gitlab_slack_application.md b/doc/user/project/integrations/gitlab_slack_application.md index 91de64be1fa..50adb5993e5 100644 --- a/doc/user/project/integrations/gitlab_slack_application.md +++ b/doc/user/project/integrations/gitlab_slack_application.md @@ -53,11 +53,11 @@ The only difference with the [manually configurable Slack slash commands][slack- is that all the commands should be prefixed with the `/gitlab` keyword. We are working on making this configurable in the future. -For example, to show the issue number `1001` under the `gitlab-org/gitlab-ce` +For example, to show the issue number `1001` under the `gitlab-org/gitlab` project, you would do: ``` -/gitlab gitlab-org/gitlab-ce issue show 1001 +/gitlab gitlab-org/gitlab issue show 1001 ``` [slack-docs]: https://get.slack.help/hc/en-us/articles/202035138-Adding-apps-to-your-team diff --git a/doc/user/project/integrations/hipchat.md b/doc/user/project/integrations/hipchat.md index 7a0540aa9e3..85c3eda1208 100644 --- a/doc/user/project/integrations/hipchat.md +++ b/doc/user/project/integrations/hipchat.md @@ -18,7 +18,7 @@ allow GitLab to send messages only to *one* room. ### Complete these steps in HipChat -1. Go to: <https://admin.hipchat.com/admin> +1. Go to: `https://admin.hipchat.com/admin` 1. Click on "Group Admin" -> "Integrations". 1. Find "Build Your Own!" and click "Create". 1. Select the desired room, name the integration "GitLab", and click "Create". diff --git a/doc/user/project/integrations/img/prometheus_add_metric.png b/doc/user/project/integrations/img/prometheus_add_metric.png Binary files differindex e85670e1a13..9afeb535123 100644 --- a/doc/user/project/integrations/img/prometheus_add_metric.png +++ b/doc/user/project/integrations/img/prometheus_add_metric.png diff --git a/doc/user/project/integrations/img/prometheus_alert.png b/doc/user/project/integrations/img/prometheus_alert.png Binary files differindex a37f0477fd9..ffa1008ff51 100644 --- a/doc/user/project/integrations/img/prometheus_alert.png +++ b/doc/user/project/integrations/img/prometheus_alert.png diff --git a/doc/user/project/integrations/img/prometheus_dashboard.png b/doc/user/project/integrations/img/prometheus_dashboard.png Binary files differindex 1fa36ca2675..24d855eb50c 100644 --- a/doc/user/project/integrations/img/prometheus_dashboard.png +++ b/doc/user/project/integrations/img/prometheus_dashboard.png diff --git a/doc/user/project/integrations/irker.md b/doc/user/project/integrations/irker.md index 4fb753d1707..22228025969 100644 --- a/doc/user/project/integrations/irker.md +++ b/doc/user/project/integrations/irker.md @@ -15,7 +15,7 @@ repository on <https://gitlab.com/esr/irker>: git clone https://gitlab.com/esr/irker.git ``` -Once you have downloaded the code, you can run the python script named `irkerd`. +Once you have downloaded the code, you can run the Python script named `irkerd`. This script is the gateway script, it acts both as an IRC client, for sending messages to an IRC server obviously, and as a TCP server, for receiving messages from the GitLab service. diff --git a/doc/user/project/integrations/jira.md b/doc/user/project/integrations/jira.md index 1b8af89de61..6d2a0563ec1 100644 --- a/doc/user/project/integrations/jira.md +++ b/doc/user/project/integrations/jira.md @@ -21,13 +21,13 @@ Here's how the integration responds when you take the following actions in GitLa - GitLab hyperlinks to the Jira issue. - The Jira issue adds an issue link to the commit/MR in GitLab. - The Jira issue adds a comment reflecting the comment made in GitLab, the comment author, and a link to the commit/MR in GitLab. -- **Mention that a commit or MR 'closes', 'resolves', or 'fixes' a Jira issue ID**. When the commit is made on master or the change is merged to master: +- **Mention that a commit or MR 'closes', 'resolves', or 'fixes' a Jira issue ID**. When the commit is made on the project's default branch (usually master) or the change is merged to the default branch: - GitLab's merge request page displays a note that it "Closed" the Jira issue, with a link to the issue. (Note: Before the merge, an MR will display that it "Closes" the Jira issue.) - The Jira issue shows the activity and the Jira issue is closed, or otherwise transitioned. -You can also use [Jira's Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-298976812.html) +You can also use [Jira's Smart Commits](https://confluence.atlassian.com/fisheye/using-smart-commits-960155400.html) directly from GitLab, as covered in the article -[How and why to integrate GitLab with Jira](https://www.programmableweb.com/news/how-and-why-to-integrate-gitlab-Jira/how-to/2017/04/25). +[How and why to integrate GitLab with Jira](https://www.programmableweb.com/news/how-and-why-to-integrate-gitlab-jira/how-to/2017/04/25). ## Configuration @@ -45,7 +45,7 @@ In order to enable the Jira service in GitLab, you need to first configure the p #### Jira Server -When connecting to **Jira Server**, which supports basic authentication, a **username and password** are required. Note that connecting to a Jira server via CAS is not possible. [Set up a user in Jira Server](jira_server_configuration.md) first and then proceed to [Configuring GitLab](#configuring-gitlab). +When connecting to **Jira Server**, which supports basic authentication, a **username and password** are required. Note that connecting to Jira Server via CAS is not possible. [Set up a user in Jira Server](jira_server_configuration.md) first and then proceed to [Configuring GitLab](#configuring-gitlab). #### Jira Cloud @@ -205,4 +205,4 @@ authenticate with the Jira site. You will need to log in to your Jira instance and complete the CAPTCHA. [services-templates]: services_templates.md -[jira-repo-old-docs]: https://gitlab.com/gitlab-org/gitlab-foss/blob/8-13-stable/doc/project_services/jira.md +[jira-repo-old-docs]: https://gitlab.com/gitlab-org/gitlab/blob/8-13-stable/doc/project_services/jira.md diff --git a/doc/user/project/integrations/jira_cloud_configuration.md b/doc/user/project/integrations/jira_cloud_configuration.md index 1d5a4a3d4c7..9fa92f19e4f 100644 --- a/doc/user/project/integrations/jira_cloud_configuration.md +++ b/doc/user/project/integrations/jira_cloud_configuration.md @@ -15,6 +15,6 @@ below to create one:  -1. Click **Copy to clipboard**, or click **View** and write down the new API token. It is required when [configuring GitLab](jira.md#configuring-gitlab). +1. Click **Copy**, or click **View** and write down the new API token. It is required when [configuring GitLab](jira.md#configuring-gitlab). The Jira configuration is complete. You need the newly created token, and the associated email address, when [configuring GitLab](jira.md#configuring-gitlab) in the next section. diff --git a/doc/user/project/integrations/mattermost_slash_commands.md b/doc/user/project/integrations/mattermost_slash_commands.md index a3a2568445e..563cad717e2 100644 --- a/doc/user/project/integrations/mattermost_slash_commands.md +++ b/doc/user/project/integrations/mattermost_slash_commands.md @@ -131,12 +131,12 @@ The available slash commands are: | Command | Description | Example | | ------- | ----------- | ------- | -| <kbd>/<trigger> issue new <title> <kbd>⇧ Shift</kbd>+<kbd>↵ Enter</kbd> <description></kbd> | Create a new issue in the project that `<trigger>` is tied to. `<description>` is optional. | <samp>/gitlab issue new We need to change the homepage</samp> | -| <kbd>/<trigger> issue show <issue-number></kbd> | Show the issue with ID `<issue-number>` from the project that `<trigger>` is tied to. | <samp>/gitlab issue show 42</samp> | -| <kbd>/<trigger> deploy <environment> to <environment></kbd> | Start the CI job that deploys from one environment to another, for example `staging` to `production`. CI/CD must be [properly configured][ciyaml]. | <samp>/gitlab deploy staging to production</samp> | +| <kbd>/<trigger> issue new <title> <kbd>⇧ Shift</kbd>+<kbd>↵ Enter</kbd> <description></kbd> | Create a new issue in the project that `<trigger>` is tied to. `<description>` is optional. | `/gitlab issue new We need to change the homepage` | +| <kbd>/<trigger> issue show <issue-number></kbd> | Show the issue with ID `<issue-number>` from the project that `<trigger>` is tied to. | `/gitlab issue show 42` | +| <kbd>/<trigger> deploy <environment> to <environment></kbd> | Start the CI job that deploys from one environment to another, for example `staging` to `production`. CI/CD must be [properly configured][ciyaml]. | `/gitlab deploy staging to production` | To see a list of available commands to interact with GitLab, type the -trigger word followed by <kbd>help</kbd>. Example: <samp>/gitlab help</samp> +trigger word followed by <kbd>help</kbd>. Example: `/gitlab help`  diff --git a/doc/user/project/integrations/project_services.md b/doc/user/project/integrations/project_services.md index 168ec1b15ea..e385ee53636 100644 --- a/doc/user/project/integrations/project_services.md +++ b/doc/user/project/integrations/project_services.md @@ -56,6 +56,16 @@ Click on the service links to see further configuration instructions and details | [Redmine](redmine.md) | Redmine issue tracker | | [YouTrack](youtrack.md) | YouTrack issue tracker | +## Push hooks limit + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/31009) in GitLab 12.4. + +If a single push includes changes to more than three branches or tags, services +supported by `push_hooks` and `tag_push_hooks` events won't be executed. + +The number of branches or tags supported can be changed via +[`push_event_hooks_limit` application setting](../../../api/settings.md#list-of-settings-that-can-be-accessed-via-api-calls). + ## Services templates Services templates is a way to set some predefined values in the Service of diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md index 1ecefa210a0..d7666d00e76 100644 --- a/doc/user/project/integrations/prometheus.md +++ b/doc/user/project/integrations/prometheus.md @@ -115,7 +115,7 @@ You can view the performance dashboard for an environment by [clicking on the mo > [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/3799) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.6. -Custom metrics can be monitored by adding them on the Prometheus integration page. Once saved, they will be displayed on the environment performance dashboard provided that either: +Custom metrics can be monitored by adding them on the monitoring dashboard page. Once saved, they will be displayed on the environment performance dashboard provided that either: - A [connected Kubernetes cluster](../clusters/index.md#adding-and-removing-clusters) with the environment scope of `*` is used and [Prometheus installed on the cluster](#enabling-prometheus-integration), or - Prometheus is [manually configured](#manual-configuration-of-prometheus). @@ -300,8 +300,12 @@ Data from Prometheus charts on the metrics dashboard can be downloaded as CSV. For managed Prometheus instances using auto configuration, alerts for metrics [can be configured](#adding-additional-metrics-premium) directly in the performance dashboard. -To set an alert, click on the alarm icon in the top right corner of the metric you want to create the alert for. A dropdown -will appear, with options to set the threshold and operator. Click **Add** to save and activate the alert. +To set an alert: + +1. Click on the ellipsis icon in the top right corner of the metric you want to create the alert for. +1. Choose **Alerts** +1. Set threshold and operator. +1. Click **Add** to save and activate the alert.  @@ -441,7 +445,7 @@ If the "No data found" screen continues to appear, it could be due to: [run a query](prometheus_library/kubernetes.html#metrics-supported), replacing `$CI_ENVIRONMENT_SLUG` with the name of your environment. -[autodeploy]: ../../../ci/autodeploy/index.md +[autodeploy]: ../../../topics/autodevops/index.md#auto-deploy [kubernetes]: https://kubernetes.io [kube]: ./kubernetes.md [prometheus-k8s-sd]: https://prometheus.io/docs/operating/configuration/#<kubernetes_sd_config> diff --git a/doc/user/project/integrations/prometheus_library/nginx_ingress.md b/doc/user/project/integrations/prometheus_library/nginx_ingress.md index 1966fc1d289..d630956c109 100644 --- a/doc/user/project/integrations/prometheus_library/nginx_ingress.md +++ b/doc/user/project/integrations/prometheus_library/nginx_ingress.md @@ -4,7 +4,7 @@ NOTE: **Note:** NGINX Ingress versions prior to 0.16.0 offer an included [VTS Prometheus metrics exporter](nginx_ingress_vts.md), which exports metrics different than the built-in metrics. -GitLab has support for automatically detecting and monitoring the Kubernetes NGINX ingress controller. This is provided by leveraging the built-in Prometheus metrics included starting with [version 0.16.0](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#0160). +GitLab has support for automatically detecting and monitoring the Kubernetes NGINX Ingress controller. This is provided by leveraging the built-in Prometheus metrics included with Kubernetes NGINX Ingress controller [version 0.16.0](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#0160) onward. ## Requirements @@ -18,7 +18,7 @@ GitLab has support for automatically detecting and monitoring the Kubernetes NGI | Latency (ms) | `sum(rate(nginx_ingress_controller_ingress_upstream_latency_seconds_sum{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) / sum(rate(nginx_ingress_controller_ingress_upstream_latency_seconds_count{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) * 1000` | | HTTP Error Rate (%) | `sum(rate(nginx_ingress_controller_requests{status=~"5.*",namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) / sum(rate(nginx_ingress_controller_requests{namespace="%{kube_namespace}",ingress=~".*%{ci_environment_slug}.*"}[2m])) * 100` | -## Configuring NGINX ingress monitoring +## Configuring NGINX Ingress monitoring If you have deployed NGINX Ingress using GitLab's [Kubernetes cluster integration](../../clusters/index.md#installing-applications), it will [automatically be monitored](#about-managed-nginx-ingress-deployments) by Prometheus. @@ -30,7 +30,7 @@ For other deployments, there is [some configuration](#manually-setting-up-nginx- ### About managed NGINX Ingress deployments -NGINX Ingress is deployed into the `gitlab-managed-apps` namespace, using the [official Helm chart](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress). NGINX Ingress will be [externally reachable via the Load Balancer's Endpoint](../../clusters/index.md#getting-the-external-endpoint). +NGINX Ingress is deployed into the `gitlab-managed-apps` namespace, using the [official Helm chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress). NGINX Ingress will be [externally reachable via the Load Balancer's Endpoint](../../clusters/index.md#getting-the-external-endpoint). NGINX is configured for Prometheus monitoring, by setting: @@ -42,14 +42,14 @@ When used in conjunction with the GitLab deployed Prometheus service, response m ### Manually setting up NGINX Ingress for Prometheus monitoring -Version 0.9.0 and above of [NGINX ingress](https://github.com/kubernetes/ingress-nginx) have built-in support for exporting Prometheus metrics. To enable, a ConfigMap setting must be passed: `enable-vts-status: "true"`. Once enabled, a Prometheus metrics endpoint will start running on port 10254. +Version 0.9.0 and above of [NGINX Ingress](https://github.com/kubernetes/ingress-nginx) have built-in support for exporting Prometheus metrics. To enable, a ConfigMap setting must be passed: `enable-vts-status: "true"`. Once enabled, a Prometheus metrics endpoint will start running on port 10254. -Next, the ingress needs to be annotated for Prometheus monitoring. Two new annotations need to be added: +Next, the Ingress needs to be annotated for Prometheus monitoring. Two new annotations need to be added: - `prometheus.io/scrape: "true"` - `prometheus.io/port: "10254"` -Managing these settings depends on how NGINX ingress has been deployed. If you have deployed via the [official Helm chart](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress), metrics can be enabled with `controller.stats.enabled` along with the required annotations. Alternatively it is possible edit the NGINX ingress YML directly in the [Kubernetes dashboard](https://github.com/kubernetes/dashboard). +Managing these settings depends on how NGINX Ingress has been deployed. If you have deployed via the [official Helm chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress), metrics can be enabled with `controller.stats.enabled` along with the required annotations. Alternatively it is possible to edit the NGINX Ingress YML directly in the [Kubernetes dashboard](https://github.com/kubernetes/dashboard). ## Specifying the Environment label diff --git a/doc/user/project/integrations/prometheus_library/nginx_ingress_vts.md b/doc/user/project/integrations/prometheus_library/nginx_ingress_vts.md index 0c848496149..83eac44666c 100644 --- a/doc/user/project/integrations/prometheus_library/nginx_ingress_vts.md +++ b/doc/user/project/integrations/prometheus_library/nginx_ingress_vts.md @@ -4,7 +4,7 @@ NOTE: **Note:** [NGINX Ingress version 0.16](nginx_ingress.md) and above have built-in Prometheus metrics, which are different than the VTS based metrics. -GitLab has support for automatically detecting and monitoring the Kubernetes NGINX ingress controller. This is provided by leveraging the included VTS Prometheus metrics exporter in [version 0.9.0](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#09-beta1) through [0.15.x](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#0150). +GitLab has support for automatically detecting and monitoring the Kubernetes NGINX Ingress controller. This is provided by leveraging the included VTS Prometheus metrics exporter in [version 0.9.0](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#09-beta1) through [0.15.x](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#0150). ## Requirements @@ -18,7 +18,7 @@ GitLab has support for automatically detecting and monitoring the Kubernetes NGI | Latency (ms) | `avg(nginx_upstream_response_msecs_avg{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"})` | | HTTP Error Rate (%) | `sum(rate(nginx_upstream_responses_total{status_code="5xx", upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) / sum(rate(nginx_upstream_responses_total{upstream=~"%{kube_namespace}-%{ci_environment_slug}-.*"}[2m])) * 100` | -## Configuring NGINX ingress monitoring +## Configuring NGINX Ingress monitoring If you have deployed NGINX Ingress using GitLab's [Kubernetes cluster integration](../../clusters/index.md#installing-applications), it will [automatically be monitored](#about-managed-nginx-ingress-deployments) by Prometheus. @@ -30,7 +30,7 @@ For other deployments, there is [some configuration](#manually-setting-up-nginx- ### About managed NGINX Ingress deployments -NGINX Ingress is deployed into the `gitlab-managed-apps` namespace, using the [official Helm chart](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress). NGINX Ingress will be [externally reachable via the Load Balancer's Endpoint](../../clusters/index.md#getting-the-external-endpoint). +NGINX Ingress is deployed into the `gitlab-managed-apps` namespace, using the [official Helm chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress). NGINX Ingress will be [externally reachable via the Load Balancer's Endpoint](../../clusters/index.md#getting-the-external-endpoint). NGINX is configured for Prometheus monitoring, by setting: @@ -42,14 +42,14 @@ When used in conjunction with the GitLab deployed Prometheus service, response m ### Manually setting up NGINX Ingress for Prometheus monitoring -Version 0.9.0 and above of [NGINX ingress](https://github.com/kubernetes/ingress-nginx) have built-in support for exporting Prometheus metrics. To enable, a ConfigMap setting must be passed: `enable-vts-status: "true"`. Once enabled, a Prometheus metrics endpoint will start running on port 10254. +Version 0.9.0 and above of [NGINX Ingress](https://github.com/kubernetes/ingress-nginx) has built-in support for exporting Prometheus metrics. To enable, a ConfigMap setting must be passed: `enable-vts-status: "true"`. Once enabled, a Prometheus metrics endpoint will start running on port 10254. -Next, the ingress needs to be annotated for Prometheus monitoring. Two new annotations need to be added: +Next, the Ingress needs to be annotated for Prometheus monitoring. Two new annotations need to be added: - `prometheus.io/scrape: "true"` - `prometheus.io/port: "10254"` -Managing these settings depends on how NGINX ingress has been deployed. If you have deployed via the [official Helm chart](https://github.com/kubernetes/charts/tree/master/stable/nginx-ingress), metrics can be enabled with `controller.stats.enabled` along with the required annotations. Alternatively it is possible edit the NGINX ingress YML directly in the [Kubernetes dashboard](https://github.com/kubernetes/dashboard). +Managing these settings depends on how NGINX Ingress has been deployed. If you have deployed via the [official Helm chart](https://github.com/helm/charts/tree/master/stable/nginx-ingress), metrics can be enabled with `controller.stats.enabled` along with the required annotations. Alternatively it is possible edit the NGINX Ingress YAML directly in the [Kubernetes dashboard](https://github.com/kubernetes/dashboard). ## Specifying the Environment label diff --git a/doc/user/project/integrations/redmine.md b/doc/user/project/integrations/redmine.md index 25b000b2753..56e219fade5 100644 --- a/doc/user/project/integrations/redmine.md +++ b/doc/user/project/integrations/redmine.md @@ -14,7 +14,7 @@ Once you have configured and enabled Redmine you'll see the Redmine link on the GitLab project pages that takes you to the appropriate Redmine project. - As an example, below is a configuration for a project named gitlab-ci. + As an example, below is a configuration for a project named `gitlab-ci`.  diff --git a/doc/user/project/integrations/webhooks.md b/doc/user/project/integrations/webhooks.md index ae6a215fc34..d0f538a4b52 100644 --- a/doc/user/project/integrations/webhooks.md +++ b/doc/user/project/integrations/webhooks.md @@ -53,7 +53,7 @@ Navigate to the webhooks page by going to your project's [Slack](https://api.slack.com/incoming-webhooks) every time a job fails. - You can [integrate with Twilio to be notified via SMS](https://www.datadoghq.com/blog/send-alerts-sms-customizable-webhooks-twilio/) every time an issue is created for a specific project or group within GitLab -- You can use them to [automatically assign labels to merge requests](https://about.gitlab.com/2016/08/19/applying-gitlab-labels-automatically/). +- You can use them to [automatically assign labels to merge requests](https://about.gitlab.com/blog/2016/08/19/applying-gitlab-labels-automatically/). ## Webhook endpoint tips @@ -107,6 +107,9 @@ detailed commit data is expensive. Note that despite only 20 commits being present in the `commits` attribute, the `total_commits_count` attribute will contain the actual total. +Also, if a single push includes changes for more than three (by default, depending on +[`push_event_hooks_limit` setting](../../../api/settings.md#list-of-settings-that-can-be-accessed-via-api-calls)) branches, this hook won't be executed. + **Request header**: ``` @@ -190,6 +193,10 @@ X-Gitlab-Event: Push Hook Triggered when you create (or delete) tags to the repository. +NOTE: **Note:** +If a single push includes changes for more than three (by default, depending on +[`push_event_hooks_limit` setting](../../../api/settings.md#list-of-settings-that-can-be-accessed-via-api-calls)) tags, this hook won't be executed. + **Request header**: ``` @@ -1251,8 +1258,8 @@ its description: ``` It will appear in the webhook body as the below (assuming that GitLab is -installed at gitlab.example.com, and the project is at -example-group/example-project): +installed at `gitlab.example.com`, and the project is at +`example-group/example-project`): ```markdown  diff --git a/doc/user/project/issue_board.md b/doc/user/project/issue_board.md index 0c0068ddd09..103d50a94e8 100644 --- a/doc/user/project/issue_board.md +++ b/doc/user/project/issue_board.md @@ -1,6 +1,6 @@ # Issue Boards -> [Introduced][ce-5554] in [GitLab 8.11](https://about.gitlab.com/2016/08/22/gitlab-8-11-released/#issue-board). +> [Introduced][ce-5554] in [GitLab 8.11](https://about.gitlab.com/blog/2016/08/22/gitlab-8-11-released/#issue-board). ## Overview @@ -125,9 +125,9 @@ Cards finished by the UX team will automatically appear in the **Frontend** colu NOTE: **Note:** For a broader use case, please see the blog post -[GitLab Workflow, an Overview](https://about.gitlab.com/2016/10/25/gitlab-workflow-an-overview/#gitlab-workflow-use-case-scenario). +[GitLab Workflow, an Overview](https://about.gitlab.com/blog/2016/10/25/gitlab-workflow-an-overview/#gitlab-workflow-use-case-scenario). For a real use case example, you can read why -[Codepen decided to adopt Issue Boards](https://about.gitlab.com/2017/01/27/codepen-welcome-to-gitlab/#project-management-everything-in-one-place) +[Codepen decided to adopt Issue Boards](https://about.gitlab.com/blog/2017/01/27/codepen-welcome-to-gitlab/#project-management-everything-in-one-place) to improve their workflow with multiple boards. #### Quick assignments @@ -180,9 +180,21 @@ These are shortcuts to your last 4 visited boards. When you're revisiting an issue board in a project or group with multiple boards, GitLab will automatically load the last board you visited. +### Multi-select Issue Cards + +As the name suggest, multi-select issue cards allows more than one issue card +to be dragged and dropped across different lists. This becomes helpful while +moving and grooming a lot of issues at once. + +You can multi-select an issue card by pressing `CTRL` + `Left mouse click` on +Windows or `CMD` + `Left mouse click` on MacOS. Once done, start by dragging one +of the issue card you have selected and drop it in the new list you want. + + + ### Configurable Issue Boards **(STARTER)** -> Introduced in [GitLab Starter Edition 10.2](https://about.gitlab.com/2017/11/22/gitlab-10-2-released/#issue-boards-configuration). +> Introduced in [GitLab Starter Edition 10.2](https://about.gitlab.com/blog/2017/11/22/gitlab-10-2-released/#issue-boards-configuration). An Issue Board can be associated with a GitLab [Milestone](milestones/index.md#milestones), [Labels](labels.md), Assignee and Weight @@ -202,7 +214,7 @@ If you don't have editing permission in a board, you're still able to see the co ### Focus mode **(STARTER)** -> Introduced in [GitLab Starter 9.1](https://about.gitlab.com/2017/04/22/gitlab-9-1-released/#issue-boards-focus-mode-ees-eep). +> Introduced in [GitLab Starter 9.1](https://about.gitlab.com/blog/2017/04/22/gitlab-9-1-released/#issue-boards-focus-mode-ees-eep). Click the button at the top right to toggle focus mode on and off. In focus mode, the navigation UI is hidden, allowing you to focus on issues in the board. @@ -218,7 +230,7 @@ especially in combination with [assignee lists](#assignee-lists-premium). ### Group Issue Boards **(PREMIUM)** -> Introduced in [GitLab Premium 10.0](https://about.gitlab.com/2017/09/22/gitlab-10-0-released/#group-issue-boards). +> Introduced in [GitLab Premium 10.0](https://about.gitlab.com/blog/2017/09/22/gitlab-10-0-released/#group-issue-boards). Accessible at the group navigation level, a group issue board offers the same features as a project-level board, but it can display issues from all projects in that @@ -227,7 +239,7 @@ boards. When updating milestones and labels for an issue through the sidebar upd group-level objects are available. NOTE: **Note:** -Multiple group issue boards were originally introduced in [GitLab 10.0 Premium](https://about.gitlab.com/2017/09/22/gitlab-10-0-released/#group-issue-boards) and +Multiple group issue boards were originally introduced in [GitLab 10.0 Premium](https://about.gitlab.com/blog/2017/09/22/gitlab-10-0-released/#group-issue-boards) and one group issue board per group was made available in GitLab 10.6 Core.  diff --git a/doc/user/project/issues/crosslinking_issues.md b/doc/user/project/issues/crosslinking_issues.md index ec9eb7b62bb..ba442ed0a38 100644 --- a/doc/user/project/issues/crosslinking_issues.md +++ b/doc/user/project/issues/crosslinking_issues.md @@ -26,7 +26,7 @@ git commit -m "this is my commit message. Related to https://gitlab.com/<usernam Of course, you can replace `gitlab.com` with the URL of your own GitLab instance. NOTE: **Note:** Linking your first commit to your issue is going to be relevant -for tracking your process with [GitLab Cycle Analytics](https://about.gitlab.com/features/cycle-analytics/). +for tracking your process with [GitLab Cycle Analytics](https://about.gitlab.com/product/cycle-analytics/). It will measure the time taken for planning the implementation of that issue, which is the time between creating an issue and making the first commit. diff --git a/doc/user/project/issues/csv_export.md b/doc/user/project/issues/csv_export.md index 6ad96f41572..fb7fdde7b94 100644 --- a/doc/user/project/issues/csv_export.md +++ b/doc/user/project/issues/csv_export.md @@ -1,6 +1,6 @@ # Export Issues to CSV **(STARTER)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/1126) in [GitLab Starter 9.0](https://about.gitlab.com/2017/03/22/gitlab-9-0-released/#export-issues-ees-eep). +> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/1126) in [GitLab Starter 9.0](https://about.gitlab.com/blog/2017/03/22/gitlab-9-0-released/#export-issues-ees-eep). Issues can be exported as CSV from GitLab and are sent to your default notification email as an attachment. @@ -28,7 +28,7 @@ Among numerous use cases for exporting issues for CSV, we can name a few: ## Choosing which issues to include -From the issues page you can narrow down which issues to export using the search bar, along with the All/Open/Closed tabs. All issues returned will be exported, including those not shown on the first page. +After selecting a project, from the issues page you can narrow down which issues to export using the search bar, along with the All/Open/Closed tabs. All issues returned will be exported, including those not shown on the first page.  @@ -72,4 +72,5 @@ Data will be encoded with a comma as the column delimiter, with `"` used to quot ## Limitations -As the issues will be sent as an email attachment, there is a limit on how much data can be exported. Currently this limit is 15MB to ensure successful delivery across a range of email providers. If this limit is reached we suggest narrowing the search before export, perhaps by exporting open and closed issues separately. +- Export Issues to CSV is not available at the Group's Issues List. +- As the issues will be sent as an email attachment, there is a limit on how much data can be exported. Currently this limit is 15MB to ensure successful delivery across a range of email providers. If this limit is reached we suggest narrowing the search before export, perhaps by exporting open and closed issues separately. diff --git a/doc/user/project/issues/design_management.md b/doc/user/project/issues/design_management.md index 9850b401b6f..169da7049a6 100644 --- a/doc/user/project/issues/design_management.md +++ b/doc/user/project/issues/design_management.md @@ -38,7 +38,6 @@ to be enabled: - Files uploaded must have a file extension of either `png`, `jpg`, `jpeg`, `gif`, `bmp`, `tiff` or `ico`. The [`svg` extension is not yet supported](https://gitlab.com/gitlab-org/gitlab/issues/12771). - Design uploads are limited to 10 files at a time. -- [Designs cannot yet be deleted](https://gitlab.com/gitlab-org/gitlab/issues/11089). - Design Management is [not yet supported in the project export](https://gitlab.com/gitlab-org/gitlab/issues/11090). - Design Management data @@ -48,6 +47,8 @@ to be enabled: when an issue is deleted. - Design Management [isn't supported by Geo](https://gitlab.com/groups/gitlab-org/-/epics/1633) yet. +- Only the latest version of the designs can be deleted. +- Deleted designs cannot be recovered but you can see them on previous designs versions. ## The Design Management page @@ -62,15 +63,18 @@ To upload design images, click the **Upload Designs** button and select images t Designs with the same filename as an existing uploaded design will create a new version of the design, and will replace the previous version. +Designs cannot be added if the issue has been moved, or its +[discussion is locked](../../discussions/#lock-discussions). + ## Viewing designs -Images on the Design Management page can be enlarged by clicking on them. +Images on the Design Management page can be enlarged by clicking on them. The number of comments on a design — if any — is listed to the right of the design filename. Clicking on this number enlarges the design just like clicking anywhere else on the design. When a design is added or modified, an icon is displayed on the item -to help summarize changes between versions. +to help summarize changes between versions. | Indicator | Example | | --------- | ------- | @@ -78,6 +82,34 @@ to help summarize changes between versions. | Modified (in the selected version) |  | | Added (in the selected version) |  | +## Deleting designs + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/11089) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4. + +There are two ways to delete designs: manually delete them +individually, or select a few of them to delete at once, +as shown below. + +To delete a single design, click it to view it enlarged, +then click the trash icon on the top right corner and confirm +the deletion by clicking the **Delete** button on the modal window: + + + +To delete multiple designs at once, on the design's list view, +first select the designs you want to delete: + + + +Once selected, click the **Delete selected** button to confirm the deletion: + + + +NOTE: **Note:** +Only the latest version of the designs can be deleted. +Deleted designs are not permanently lost; they can be +viewed by browsing previous versions. + ## Adding annotations to designs When a design image is displayed, you can add annotations to it by clicking on diff --git a/doc/user/project/issues/img/confirm_design_deletion_v12_4.png b/doc/user/project/issues/img/confirm_design_deletion_v12_4.png Binary files differnew file mode 100644 index 00000000000..b1a55c639ca --- /dev/null +++ b/doc/user/project/issues/img/confirm_design_deletion_v12_4.png diff --git a/doc/user/project/issues/img/delete_multiple_designs_v12_4.png b/doc/user/project/issues/img/delete_multiple_designs_v12_4.png Binary files differnew file mode 100644 index 00000000000..b421a5577df --- /dev/null +++ b/doc/user/project/issues/img/delete_multiple_designs_v12_4.png diff --git a/doc/user/project/issues/img/delete_single_design_v12_4.png b/doc/user/project/issues/img/delete_single_design_v12_4.png Binary files differnew file mode 100644 index 00000000000..0ca03b48e76 --- /dev/null +++ b/doc/user/project/issues/img/delete_single_design_v12_4.png diff --git a/doc/user/project/issues/img/select_all_designs_v12_4.png b/doc/user/project/issues/img/select_all_designs_v12_4.png Binary files differnew file mode 100644 index 00000000000..b08b04c1214 --- /dev/null +++ b/doc/user/project/issues/img/select_all_designs_v12_4.png diff --git a/doc/user/project/issues/img/select_designs_v12_4.png b/doc/user/project/issues/img/select_designs_v12_4.png Binary files differnew file mode 100644 index 00000000000..a53bd516300 --- /dev/null +++ b/doc/user/project/issues/img/select_designs_v12_4.png diff --git a/doc/user/project/issues/index.md b/doc/user/project/issues/index.md index eaf4922bec9..6abd6fd7047 100644 --- a/doc/user/project/issues/index.md +++ b/doc/user/project/issues/index.md @@ -20,7 +20,7 @@ you can also view all the issues collectively at the group level. - Accepting feature proposals, questions, support requests, or bug reports - Elaborating on new code implementations -See also [Always start a discussion with an issue](https://about.gitlab.com/2016/03/03/start-with-an-issue/). +See also [Always start a discussion with an issue](https://about.gitlab.com/blog/2016/03/03/start-with-an-issue/). ## Parts of an issue diff --git a/doc/user/project/issues/issue_data_and_actions.md b/doc/user/project/issues/issue_data_and_actions.md index 5313975908b..01f4eb5b912 100644 --- a/doc/user/project/issues/issue_data_and_actions.md +++ b/doc/user/project/issues/issue_data_and_actions.md @@ -141,9 +141,9 @@ for the issue. This will automatically enable if you participate in the issue in #### 14. Reference -- A quick "copy to clipboard" button for that issue's reference, which looks like `foo/bar#xxx`, - where `foo` is the `username` or `groupname`, `bar` is the `project-name`, and - `xxx` is the issue number. +- A quick "copy" button for that issue's reference, which looks like + `foo/bar#xxx`, where `foo` is the `username` or `groupname`, `bar` is the + `project-name`, and `xxx` is the issue number. #### 15. Edit diff --git a/doc/user/project/issues/multiple_assignees_for_issues.md b/doc/user/project/issues/multiple_assignees_for_issues.md index a1b16457a0d..b442f70a061 100644 --- a/doc/user/project/issues/multiple_assignees_for_issues.md +++ b/doc/user/project/issues/multiple_assignees_for_issues.md @@ -2,7 +2,7 @@ > **Note:** [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/1904) -in [GitLab Starter 9.2](https://about.gitlab.com/2017/05/22/gitlab-9-2-released/#multiple-assignees-for-issues). +in [GitLab Starter 9.2](https://about.gitlab.com/blog/2017/05/22/gitlab-9-2-released/#multiple-assignees-for-issues). ## Overview diff --git a/doc/user/project/labels.md b/doc/user/project/labels.md index 32c8c4d0453..cfd6d4eaf4b 100644 --- a/doc/user/project/labels.md +++ b/doc/user/project/labels.md @@ -2,9 +2,9 @@ ## Overview -Labels allow you to categorize issues or merge requests using descriptive titles like +Labels allow you to categorize epics, issues, and merge requests using descriptive titles like `bug`, `feature request`, or `docs`. Each label also has a customizable color. They -allow you to quickly and dynamically filter and manage issues or merge requests you +allow you to quickly and dynamically filter and manage epics, issues and merge requests you care about, and are visible throughout GitLab in most places where issues and merge requests are located. @@ -12,8 +12,8 @@ requests are located. In GitLab, you can create project and group labels: -- **Project labels** can be assigned to issues or merge requests in that project only. -- **Group labels** can be assigned to any issue or merge request in any project in +- **Project labels** can be assigned to epics, issues and merge requests in that project only. +- **Group labels** can be assigned to any epics, issue and merge request in any project in that group, or any subgroups of the group. ## Scoped labels **(PREMIUM)** @@ -21,7 +21,7 @@ In GitLab, you can create project and group labels: > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9175) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10. Scoped labels allow teams to use the simple and familiar label feature to -annotate their issues, merge requests, and epics to achieve custom fields and +annotate their epics, issues, merge requests, and epics to achieve custom fields and custom workflow states by leveraging a special label title syntax. A scoped label is a kind of label defined by a special double-colon syntax @@ -141,11 +141,8 @@ action cannot be reversed and the changes are permanent. ## Assigning labels from the sidebar -Every issue and merge request can be assigned any number of labels. The labels are -visible on every issue and merge request page, in the sidebar. They are also visible on: - -- Every issue and merge request page in the sidebar. -- The issue board. +Every epic, issue, and merge request can be assigned any number of labels. The labels are +visible on every epic, issue and merge request page, in the sidebar and on your issue boards. From the sidebar, you can assign or unassign a label to the object (i.e. label or unlabel it). You can also perform this as a [quick action](quick_actions.md), @@ -166,11 +163,11 @@ GitLab will check both the label titles and descriptions for the search. ## Filtering by label -The following can be filtered labels: +The following can be filtered by labels: +- Epic lists **(ULTIMATE)** - Issue lists - Merge Request lists -- Epic lists **(ULTIMATE)** - Issue Boards ### Filtering in list pages @@ -180,7 +177,7 @@ The following can be filtered labels: - Group labels (including subgroup ancestors) - Project labels -- From the group issue list page and the group merge request list page, you can +- From the group epic lists page, issue list page and the group merge request list page, you can [filter](../search/index.md#issues-and-merge-requests) by: - Group labels (including subgroup ancestors and subgroup descendants) - Project labels @@ -214,7 +211,7 @@ The following can be filtered labels: From the project label list page and the group label list page, you can subscribe to [notifications](../../workflow/notifications.md) of a given label, to alert you -that the label has been assigned to an issue or merge request. +that the label has been assigned to an epic, issue, and merge request.  @@ -226,7 +223,7 @@ that the label has been assigned to an issue or merge request. > - Priority sorting is based on the highest priority label only. [This discussion](https://gitlab.com/gitlab-org/gitlab-foss/issues/18554) considers changing this. Labels can have relative priorities, which are used in the "Label priority" and -"Priority" sort orders of the issue and merge request list pages. +"Priority" sort orders of the epic, issue, and merge request list pages. From the project label list page, star a label to indicate that it has a priority. @@ -242,8 +239,8 @@ on the project label list page.  -On the merge request and issue pages, for both groups and projects, you can sort by `Label priority` -and `Priority`, which account for objects (issues and merge requests) that have prioritized +On the epic, merge request and issue pages, for both groups and projects, you can sort by `Label priority` +and `Priority`, which account for objects (epic, issues, and merge requests) that have prioritized labels assigned to them. If you sort by `Label priority`, GitLab considers this sort comparison order: diff --git a/doc/user/project/merge_requests/allow_collaboration.md b/doc/user/project/merge_requests/allow_collaboration.md index 3a389eb1e3a..083a117600b 100644 --- a/doc/user/project/merge_requests/allow_collaboration.md +++ b/doc/user/project/merge_requests/allow_collaboration.md @@ -52,7 +52,7 @@ Here's how the process would look like:  -1. Use the copy to clipboard button to copy the first command and paste them +1. Use the copy button to copy the first command and paste them in your terminal: ```sh diff --git a/doc/user/project/merge_requests/browser_performance_testing.md b/doc/user/project/merge_requests/browser_performance_testing.md index de8a47f3d73..3cfc30a68e9 100644 --- a/doc/user/project/merge_requests/browser_performance_testing.md +++ b/doc/user/project/merge_requests/browser_performance_testing.md @@ -44,7 +44,7 @@ For instance, consider the following workflow: First of all, you need to define a job in your `.gitlab-ci.yml` file that generates the [Performance report artifact](../../../ci/yaml/README.md#artifactsreportsperformance-premium). For more information on how the Performance job should look like, check the -example on [Testing Browser Performance](../../../ci/examples/browser_performance.md). +example on [Configuring Browser Performance Testing](#configuring-browser-performance-testing). GitLab then checks this report, compares key performance metrics for each page between the source and target branches, and shows the information right on the merge request. @@ -60,11 +60,6 @@ report will be shown properly. ## Configuring Browser Performance Testing -NOTE: **Note:** -The job definition shown below is supported in GitLab 11.5 and later versions. -It also requires GitLab Runner 11.5 or later. For earlier versions, use the -[previous job definitions](#previous-job-definitions). - This example shows how to run the [sitespeed.io container](https://hub.docker.com/r/sitespeedio/sitespeed.io/) on your code by using GitLab CI/CD and [sitespeed.io](https://www.sitespeed.io) using Docker-in-Docker. @@ -73,29 +68,35 @@ First, you need GitLab Runner with [docker-in-docker build](../../../ci/docker/using_docker_build.md#use-docker-in-docker-workflow-with-docker-executor). Once you set up the Runner, add a new job to `.gitlab-ci.yml` that generates the -expected report: +expected report. + +For GitLab 12.4 and later, to define the `performance` job, you must +[include](../../../ci/yaml/README.md#includetemplate) the +[`Browser-Performance.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Verify/Browser-Performance.gitlab-ci.yml) +that's provided as a part of your GitLab installation. +For GitLab versions earlier than 12.4, you can copy and use the job as defined +in that template. + +CAUTION: **Caution:** +The job definition provided by the template does not support Kubernetes yet. For a complete example of a more complex setup +that works in Kubernetes, see [here](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Jobs/Browser-Performance-Testing.gitlab-ci.yml). + +Add the following to your `.gitlab-ci.yml` file: ```yaml +include: + template: Verify/Browser-Performance.gitlab-ci.yml + performance: - stage: performance - image: docker:git variables: URL: https://example.com - services: - - docker:stable-dind - script: - - mkdir gitlab-exporter - - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js - - mkdir sitespeed-results - - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:6.3.1 --plugins.add ./gitlab-exporter --outputFolder sitespeed-results $URL - - mv sitespeed-results/data/performance.json performance.json - artifacts: - paths: - - sitespeed-results/ - reports: - performance: performance.json ``` +CAUTION: **Caution:** +The job definition provided by the template is supported in GitLab 11.5 and later versions. +It also requires GitLab Runner 11.5 or later. For earlier versions, use the +[previous job definitions](#previous-job-definitions). + The above example will create a `performance` job in your CI/CD pipeline and will run sitespeed.io against the webpage you defined in `URL` to gather key metrics. The [GitLab plugin for sitespeed.io](https://gitlab.com/gitlab-org/gl-performance) @@ -106,6 +107,20 @@ take the latest Performance artifact available. The full HTML sitespeed.io report will also be saved as an artifact, and if you have [GitLab Pages](../pages/index.md) enabled, it can be viewed directly in your browser. +It is also possible to customize options by setting the `SITESPEED_OPTIONS` variable. +For example, this is how to override the number of runs sitespeed.io +will make on the given URL: + +```yaml +include: + template: Verify/Browser-Performance.gitlab-ci.yml + +performance: + variables: + URL: https://example.com + SITESPEED_OPTIONS: -n 5 +``` + For further customization options for sitespeed.io, including the ability to provide a list of URLs to test, please see the [Sitespeed.io Configuration](https://www.sitespeed.io/documentation/sitespeed.io/configuration/) documentation. @@ -126,8 +141,9 @@ set this up: as an artifact is as simple as `echo $CI_ENVIRONMENT_URL > environment_url.txt` in your job's `script`. 1. In the `performance` job, read the previous artifact into an environment - variable, like `$CI_ENVIRONMENT_URL`, and use it to parameterize the test - URLs. + variable, in this case `$URL` because this is what our sitespeed.io command + uses for the URL parameter. Because Review App URLs are dynamic, we define + the `URL` variable through `before_script` instead of `variables`. 1. You can now run the sitespeed.io container against the desired hostname and paths. @@ -138,6 +154,9 @@ stages: - deploy - performance +include: + template: Verify/Browser-Performance.gitlab-ci.yml + review: stage: deploy environment: @@ -155,28 +174,12 @@ review: - master performance: - stage: performance - image: docker:git - services: - - docker:stable-dind dependencies: - review - script: - - export CI_ENVIRONMENT_URL=$(cat environment_url.txt) - - mkdir gitlab-exporter - - wget -O ./gitlab-exporter/index.js https://gitlab.com/gitlab-org/gl-performance/raw/master/index.js - - mkdir sitespeed-results - - docker run --shm-size=1g --rm -v "$(pwd)":/sitespeed.io sitespeedio/sitespeed.io:6.3.1 --plugins.add ./gitlab-exporter --outputFolder sitespeed-results "$CI_ENVIRONMENT_URL" - - mv sitespeed-results/data/performance.json performance.json - artifacts: - paths: - - sitespeed-results/ - reports: - performance: performance.json + before_script: + - export URL=$(cat environment_url.txt) ``` -A complete example can be found in our [Auto DevOps CI YML](https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml). - ### Previous job definitions CAUTION: **Caution:** diff --git a/doc/user/project/merge_requests/code_quality.md b/doc/user/project/merge_requests/code_quality.md index 3c667755787..92681e741de 100644 --- a/doc/user/project/merge_requests/code_quality.md +++ b/doc/user/project/merge_requests/code_quality.md @@ -66,6 +66,13 @@ will scan your source code for code quality issues. The report will be saved as that you can later download and analyze. Due to implementation limitations we always take the latest Code Quality artifact available. +The included `code_quality` job is running in the `test` stage, so it needs to be included in your CI config, like so: + +```yaml +stages: + - test +``` + TIP: **Tip:** This information will be automatically extracted and shown right in the merge request widget. diff --git a/doc/user/project/merge_requests/img/cross_project_dependencies_edit_inaccessible_v12_2.png b/doc/user/project/merge_requests/img/cross_project_dependencies_edit_inaccessible_v12_2.png Binary files differdeleted file mode 100644 index 2dc02634fd8..00000000000 --- a/doc/user/project/merge_requests/img/cross_project_dependencies_edit_inaccessible_v12_2.png +++ /dev/null diff --git a/doc/user/project/merge_requests/img/cross_project_dependencies_edit_v12_2.png b/doc/user/project/merge_requests/img/cross_project_dependencies_edit_v12_2.png Binary files differdeleted file mode 100644 index 362e7e0ead2..00000000000 --- a/doc/user/project/merge_requests/img/cross_project_dependencies_edit_v12_2.png +++ /dev/null diff --git a/doc/user/project/merge_requests/img/dependencies_edit_inaccessible_v12_4.png b/doc/user/project/merge_requests/img/dependencies_edit_inaccessible_v12_4.png Binary files differnew file mode 100644 index 00000000000..3699ffd16b4 --- /dev/null +++ b/doc/user/project/merge_requests/img/dependencies_edit_inaccessible_v12_4.png diff --git a/doc/user/project/merge_requests/img/dependencies_edit_v12_4.png b/doc/user/project/merge_requests/img/dependencies_edit_v12_4.png Binary files differnew file mode 100644 index 00000000000..beb452e80cf --- /dev/null +++ b/doc/user/project/merge_requests/img/dependencies_edit_v12_4.png diff --git a/doc/user/project/merge_requests/img/cross_project_dependencies_view_v12_2.png b/doc/user/project/merge_requests/img/dependencies_view_v12_2.png Binary files differindex e00231c839b..e00231c839b 100644 --- a/doc/user/project/merge_requests/img/cross_project_dependencies_view_v12_2.png +++ b/doc/user/project/merge_requests/img/dependencies_view_v12_2.png diff --git a/doc/user/project/merge_requests/img/mr_approvals_by_code_owners_v12_4.png b/doc/user/project/merge_requests/img/mr_approvals_by_code_owners_v12_4.png Binary files differnew file mode 100755 index 00000000000..c704129685f --- /dev/null +++ b/doc/user/project/merge_requests/img/mr_approvals_by_code_owners_v12_4.png diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md index 3f563d58287..2ab7c3fb15b 100644 --- a/doc/user/project/merge_requests/index.md +++ b/doc/user/project/merge_requests/index.md @@ -47,7 +47,7 @@ With **[GitLab Enterprise Edition][ee]**, you can also: - Analyze your dependencies for vulnerabilities with [Dependency Scanning](../../application_security/dependency_scanning/index.md) **(ULTIMATE)** - Analyze your Docker images for vulnerabilities with [Container Scanning](../../application_security/container_scanning/index.md) **(ULTIMATE)** - Determine the performance impact of changes with [Browser Performance Testing](#browser-performance-testing-premium) **(PREMIUM)** -- Specify merge order dependencies with [Cross-project Merge Request Dependencies](#cross-project-merge-request-dependencies-premium) **(PREMIUM)** +- Specify merge order dependencies with [Merge Request Dependencies](#merge-request-dependencies-premium) **(PREMIUM)** ## Use cases @@ -70,7 +70,7 @@ B. Consider you're a web developer writing a webpage for your company's website: 1. Your changes are previewed with [Review Apps](../../../ci/review_apps/index.md) 1. You request your web designers for their implementation 1. You request the [approval](merge_request_approvals.md) from your manager **(STARTER)** -1. Once approved, your merge request is [squashed and merged](squash_and_merge.md), and [deployed to staging with GitLab Pages](https://about.gitlab.com/2016/08/26/ci-deployment-and-environments/) +1. Once approved, your merge request is [squashed and merged](squash_and_merge.md), and [deployed to staging with GitLab Pages](https://about.gitlab.com/blog/2016/08/26/ci-deployment-and-environments/) 1. Your production team [cherry picks](#cherry-pick-changes) the merge commit into production ## Merge requests per project @@ -221,7 +221,7 @@ to learn more. ## Multiple assignees **(STARTER)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/2004) -in [GitLab Starter 11.11](https://about.gitlab.com/pricing). +in [GitLab Starter 11.11](https://about.gitlab.com/pricing/). Multiple people often review merge requests at the same time. GitLab allows you to have multiple assignees for merge requests to indicate everyone that is reviewing or accountable for it. @@ -290,140 +290,10 @@ apply the patches. The target branch can be specified using the [`/target_branch` quick action](../quick_actions.md). If the source branch already exists, the patches will be applied on top of it. -## Git push options +## Use Git push options with merge requests -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/26752) in GitLab 11.10. - -NOTE: **Note:** -Git push options are only available with Git 2.10 or newer. With Git older than 2.18 -`git push --push-option=...` should be used instead of `git push -o ...`. - -GitLab supports using -[Git push options](https://git-scm.com/docs/git-push#Documentation/git-push.txt--oltoptiongt) -to perform the following actions against merge requests at the same time -as pushing changes: - -- Create a new merge request for the pushed branch. -- Set the target of the merge request to a particular branch. -- Set the merge request to merge when its pipeline succeeds. -- Set the merge request to remove the source branch when it's merged. -- Set the title of the merge request to a particular title. -- Set the description of the merge request to a particular description. -- Add or remove labels from the merge request. - -### Create a new merge request using git push options - -To create a new merge request for a branch, use the -`merge_request.create` push option: - -```sh -git push -o merge_request.create -``` - -### Set the target branch of a merge request using git push options - -To update an existing merge request's target branch, use the -`merge_request.target=<branch_name>` push option: - -```sh -git push -o merge_request.target=branch_name -``` - -You can also create a merge request and set its target branch at the -same time using a `-o` flag per push option: - -```sh -git push -o merge_request.create -o merge_request.target=branch_name -``` - -### Set merge when pipeline succeeds using git push options - -To set an existing merge request to -[merge when its pipeline succeeds](merge_when_pipeline_succeeds.md), use -the `merge_request.merge_when_pipeline_succeeds` push option: - -```sh -git push -o merge_request.merge_when_pipeline_succeeds -``` - -You can also create a merge request and set it to merge when its -pipeline succeeds at the same time using a `-o` flag per push option: - -```sh -git push -o merge_request.create -o merge_request.merge_when_pipeline_succeeds -``` - -### Set removing the source branch using git push options - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/64320) in GitLab 12.2. - -To set an existing merge request to remove the source branch when the -merge request is merged, the -`merge_request.remove_source_branch` push option can be used: - -```sh -git push -o merge_request.remove_source_branch -``` - -You can also use this push option in addition to the -`merge_request.create` push option. - -### Set merge request title using git push options - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/64320) in GitLab 12.2. - -To set the title of an existing merge request, use -the `merge_request.title` push option: - -```sh -git push -o merge_request.title="The title I want" -``` - -You can also use this push option in addition to the -`merge_request.create` push option. - -### Set merge request description using git push options - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/64320) in GitLab 12.2. - -To set the description of an existing merge request, use -the `merge_request.description` push option: - -```sh -git push -o merge_request.description="The description I want" -``` - -You can also use this push option in addition to the -`merge_request.create` push option. - -### Add or remove labels using git push options - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/31831) in GitLab 12.3. - -You can add or remove labels from merge requests using push options. - -For example, to add two labels to an existing merge request, use the -`merge_request.label` push option: - -```sh -git push -o merge_request.label="label1" -o merge_request.label="label2" -``` - -To remove two labels from an existing merge request, use -the `merge_request.unlabel` push option: - -```sh -git push -o merge_request.unlabel="label1" -o merge_request.unlabel="label2" -``` - -You can also use these push options in addition to the -`merge_request.create` push option. - -To create a merge request and add two labels to it, use: - -```sh -git push -o merge_request.create -o merge_request.label="label1" -o merge_request.label="label2" -``` +Use [Git push options](../push_options.md) to create or update merge requests when +pushing changes to GitLab with Git, without needing to use the GitLab interface. ## Find the merge request that introduced a change @@ -465,11 +335,11 @@ have been marked as a **Work In Progress**. ## Merge Requests for Confidential Issues Create [merge requests to resolve confidential issues](../issues/confidential_issues.md#merge-requests-for-confidential-issues) -for preventing leakage or early release of sentive data through regular merge requests. +for preventing leakage or early release of sensitive data through regular merge requests. ## Merge request approvals **(STARTER)** -> Included in [GitLab Starter][products]. +> Included in [GitLab Starter](https://about.gitlab.com/product/). If you want to make sure every merge request is approved by one or more people, you can enforce this workflow by using merge request approvals. Merge request @@ -480,7 +350,7 @@ list of approvers that will need to approve every merge request in a project. ## Code Quality **(STARTER)** -> Introduced in [GitLab Starter][products] 9.3. +> Introduced in [GitLab Starter](https://about.gitlab.com/product/) 9.3. If you are using [GitLab CI][ci], you can analyze your source code quality using the [Code Climate][cc] analyzer [Docker image][cd]. Going a step further, GitLab @@ -490,7 +360,7 @@ can show the Code Climate report right in the merge request widget area. ## Metrics Reports **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9788) in [GitLab Premium][products] 11.10. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9788) in [GitLab Premium](https://about.gitlab.com/product/) 11.10. Requires GitLab Runner 11.10 and above. If you are using [GitLab CI][ci], you can configure your job to output custom @@ -501,7 +371,7 @@ that it's fast and easy to identify changes to important metrics. ## Browser Performance Testing **(PREMIUM)** -> Introduced in [GitLab Premium][products] 10.3. +> Introduced in [GitLab Premium](https://about.gitlab.com/product/) 10.3. If your application offers a web interface and you are using [GitLab CI/CD][ci], you can quickly determine the performance impact of pending code changes. GitLab uses [Sitespeed.io][sitespeed], a free and open source tool for measuring the performance of web sites, to analyze the performance of specific pages. @@ -509,9 +379,9 @@ GitLab runs the [Sitespeed.io container][sitespeed-container] and displays the d [Read more about Browser Performance Testing.](browser_performance_testing.md) -## Cross-project Merge Request Dependencies **(PREMIUM)** +## Merge Request Dependencies **(PREMIUM)** -> Introduced in [GitLab Premium][products] 12.2. +> Introduced in [GitLab Premium](https://about.gitlab.com/product/) 12.2. A single logical change may be split across several merge requests, across several projects. When this happens, the order in which MRs are merged is @@ -522,7 +392,7 @@ this relationship in place, the merge request cannot be merged until all of its dependencies have also been merged, helping to maintain the consistency of a single logical change. -[Read more about cross-project merge request dependencies.](merge_request_dependencies.md) +[Read more about merge request dependencies.](merge_request_dependencies.md) ## Security reports **(ULTIMATE)** @@ -570,7 +440,7 @@ whitespace changes. ## Live preview with Review Apps -If you configured [Review Apps](https://about.gitlab.com/features/review-apps/) for your project, +If you configured [Review Apps](https://about.gitlab.com/product/review-apps/) for your project, you can preview the changes submitted to a feature-branch through a merge request in a per-branch basis. No need to checkout the branch, install and preview locally; all your changes will be available to preview by anyone with the Review Apps link. @@ -666,7 +536,7 @@ tricks to checkout a merge request locally. Please note that you can checkout a merge request locally even if the source project is a fork (even a private fork) of the target project. -#### Checkout locally by adding a git alias +#### Checkout locally by adding a Git alias Add the following alias to your `~/.gitconfig`: @@ -736,10 +606,8 @@ And to check out a particular merge request: git checkout origin/merge-requests/1 ``` -all the above can be done with [git-mr] script. +All the above can be done with the [`git-mr`](https://gitlab.com/glensc/git-mr) script. -[git-mr]: https://gitlab.com/glensc/git-mr -[products]: https://about.gitlab.com/products/ "GitLab products page" [protected branches]: ../protected_branches.md [ci]: ../../../ci/README.md [cc]: https://codeclimate.com/ diff --git a/doc/user/project/merge_requests/merge_request_approvals.md b/doc/user/project/merge_requests/merge_request_approvals.md index 6f8d821e1c6..2aa92ba2316 100644 --- a/doc/user/project/merge_requests/merge_request_approvals.md +++ b/doc/user/project/merge_requests/merge_request_approvals.md @@ -4,7 +4,7 @@ type: reference, concepts # Merge request approvals **(STARTER)** -> Introduced in [GitLab Enterprise Edition 7.12](https://about.gitlab.com/2015/06/22/gitlab-7-12-released/#merge-request-approvers-ee-only). +> Introduced in [GitLab Enterprise Edition 7.12](https://about.gitlab.com/blog/2015/06/22/gitlab-7-12-released/#merge-request-approvers-ee-only). Merge request approvals enable enforced code review by requiring specified people to approve a merge request before it can be unblocked for merging. @@ -66,13 +66,7 @@ suitable to your workflow: ## Editing approvals **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/1979) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8. - -CAUTION: **Caution:** -There was a [regression affecting this feature in 11.8](https://gitlab.com/gitlab-org/gitlab/merge_requests/9648). We recommend upgrading _at least_ to version 11.8.2. to avoid any issues. - -NOTE: **Note:** -In 11.8 this feature does not work in [private groups](https://gitlab.com/gitlab-org/gitlab/issues/10356). +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/1979) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10. For GitLab Premium, [multiple approver rules](#multiple-approval-rules-premium) can be configured. To configure the merge request approval rules: @@ -87,7 +81,7 @@ request approval rules: ## Multiple approval rules **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/1979) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/1979) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10. For GitLab Premium, a merge request's overall approval status is determined by a set of rules. Each rule contains: @@ -107,7 +101,7 @@ any [eligible approver](#eligible-approvers) may approve. The following can approve merge requests: - Users being added as approvers at project or merge request level. -- [Code owners](../code_owners.md) related to the merge request ([introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/7933) in [GitLab Starter](https://about.gitlab.com/pricing/) 11.5). +- [Code owners](#code-owners-as-eligible-approvers-starter) to the files changed by the merge request. An individual user can be added as an approver for a project if they are a member of: @@ -125,6 +119,31 @@ if [**Prevent author approval**](#allowing-merge-request-authors-to-approve-thei and [**Prevent committers approval**](#prevent-approval-of-merge-requests-by-their-committers) (disabled by default) are enabled on the project settings. +### Code Owners as eligible approvers **(STARTER)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/merge_requests/7933) in [GitLab Starter](https://about.gitlab.com/pricing/) 11.5. + +Once you've added [Code Owners](../code_owners.md) to your +repository, the owners to the corresponding files will become +eligible approvers, together with members with Developer or +higher permissions. + +To enable this merge request approval rule: + +1. Navigate to your project's **Settings > General** and expand +**Merge request approvals**. +1. Locate **All members with Developer role or higher and code owners (if any)** and click **Edit** to choose the number of approvals required. + + + +Once set, merge requests can only be merged once approved by the +number of approvals you've set. GitLab will accept approvals from +users with Developer or higher permissions, as well as by Code Owners, +indistinguishably. + +Alternatively, you can **require** +[Code Owner's approvals for Protected Branches](../protected_branches.md#protected-branches-approval-by-code-owners-premium). **(PREMIUM)** + ### Implicit approvers If the number of required approvals is greater than the number of approvers, @@ -168,26 +187,6 @@ are other conditions that may block it, such as merge conflicts, [pending discussions](../../discussions/index.md#only-allow-merge-requests-to-be-merged-if-all-threads-are-resolved) or a [failed CI/CD pipeline](merge_when_pipeline_succeeds.md). -## Code Owners approvals **(PREMIUM)** - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/4418) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.9. - -It is possible to require at least one approval for each entry in the -[`CODEOWNERS` file](../code_owners.md) that matches a file changed in -the merge request. To enable this feature: - -1. Navigate to your project's **Settings > General** and expand - **Merge request approvals**. -1. Tick the **Require approval from code owners** checkbox. -1. Click **Save changes**. - -When this feature is enabled, all merge requests will need approval -from one code owner per matched rule before it can be merged. - -NOTE: **Note:** Only the `CODEOWNERS` file on the default branch is evaluated for -Merge Request approvals. If `CODEOWNERS` is changed on a non-default branch, those -changes will not affect approvals until merged to the default branch. - ## Overriding the merge request approvals default settings > Introduced in GitLab Enterprise Edition 9.4. @@ -329,7 +328,7 @@ the dropdown) `approver` and select the user. ## Security approvals in merge requests **(ULTIMATE)** -> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing) 12.2. +> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.2. Merge Request Approvals can be configured to require approval from a member of your security team when a vulnerability would be introduced by a merge request. @@ -337,6 +336,16 @@ of your security team when a vulnerability would be introduced by a merge reques For more information, see [Security approvals in merge requests](../../application_security/index.md#security-approvals-in-merge-requests-ultimate). +## License compliance approvals in merge requests **(ULTIMATE)** + +> Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.3. + +Merge Request Approvals can be configured to require approval from a member +of your security team when a blacklisted software license would be introduced by a merge request. + +For more information, see +[Security approvals in merge requests](../../application_security/index.md#security-approvals-in-merge-requests-ultimate). + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/project/merge_requests/merge_request_dependencies.md b/doc/user/project/merge_requests/merge_request_dependencies.md index c982bd7f78d..c99e6663093 100644 --- a/doc/user/project/merge_requests/merge_request_dependencies.md +++ b/doc/user/project/merge_requests/merge_request_dependencies.md @@ -2,14 +2,17 @@ type: reference, concepts --- -# Cross-project Merge Request dependencies **(PREMIUM)** +# Merge Request dependencies **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9688) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.2. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/9688) in +[GitLab Premium](https://about.gitlab.com/pricing/) 12.2. +> - [Renamed](https://gitlab.com/gitlab-org/gitlab/merge_requests/17291) from +"Cross-project dependencies" to "Merge Requests dependencies" in +[GitLab Premium](https://about.gitlab.com/pricing/) 12.4. -Cross-project merge request dependencies allows a required order of merging -between merge requests in different projects to be expressed. If a -merge request "depends on" another, then it cannot be merged until its -dependency is itself merged. +Merge request dependencies allows a required order of merging +between merge requests to be expressed. If a merge request "depends on" another, +then it cannot be merged until its dependency is itself merged. NOTE: **Note:** Merge requests dependencies are a **PREMIUM** feature, but this restriction is @@ -58,20 +61,20 @@ instead. To continue the above example, you can configure a dependency when creating the new merge request in `awesome-project` (or by editing it, if it already exists). The dependency needs to be configured on the **dependent** merge -request. There is a "Cross-project dependencies" section in the form: +request. There is a **Merge request dependencies** section in the form: - + Anyone who can edit a merge request can change the list of dependencies. New dependencies can be added by reference, or by URL. To remove a dependency, press the **X** by its reference. -As dependencies are specified across projects, it's possible that someone else +As dependencies can be specified across projects, it's possible that someone else has added a dependency for a merge request in a project you don't have access to. These are shown as a simple count: - + If necessary, you can remove all the dependencies like this by pressing the **X**, just as you would for a single, visible dependency. @@ -82,7 +85,7 @@ or **Cancel** to return without making any changes. The list of configured dependencies, and the status of each one, is shown in the merge request widget: - + Until all dependencies have, themselves, been merged, the **Merge** button will be disabled for the dependent merge request. In @@ -97,9 +100,9 @@ merge. ## Limitations -- API support: [gitlab-ee#12551](https://gitlab.com/gitlab-org/gitlab/issues/12551) -- Dependencies are not preserved across project export/import: [gitlab-ee#12549](https://gitlab.com/gitlab-org/gitlab/issues/12549) -- Complex merge order dependencies are not supported: [gitlab-ee#11393](https://gitlab.com/gitlab-org/gitlab/issues/11393) +- API support: [issue #12551](https://gitlab.com/gitlab-org/gitlab/issues/12551) +- Dependencies are not preserved across project export/import: [issue #12549](https://gitlab.com/gitlab-org/gitlab/issues/12549) +- Complex merge order dependencies are not supported: [issue #11393](https://gitlab.com/gitlab-org/gitlab/issues/11393) The last item merits a little more explanation. Dependencies between merge requests can be described as a graph of relationships. The simplest possible diff --git a/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md b/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md index b717cb0ec24..dab2184448a 100644 --- a/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md +++ b/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md @@ -36,11 +36,19 @@ changes to be reviewed. ## Only allow merge requests to be merged if the pipeline succeeds You can prevent merge requests from being merged if their pipeline did not succeed -or if there are threads to be resolved. +or if there are threads to be resolved. This works for both: -Navigate to your project's settings page and expand the **Merge requests** section. -In the **Merge checks** subsection, select the **Pipelines must succeed** check -box and hit **Save** for the changes to take effect. +- GitLab CI/CD pipelines +- Pipelines run from an [external CI integration](../integrations/project_services.md#services) + +As a result, [disabling GitLab CI/CD pipelines](../../../ci/enable_or_disable_ci.md) +will not disable this feature, as it will still be possible to use pipelines from external +CI providers with this feature. To enable it, you must: + +1. Navigate to your project's **Settings > General** page. +1. Expand the **Merge requests** section. +1. In the **Merge checks** subsection, select the **Pipelines must succeed** checkbox. +1. Press **Save** for the changes to take effect. NOTE: **Note:** This setting also prevents merge requests from being merged if there is no pipeline. diff --git a/doc/user/project/milestones/index.md b/doc/user/project/milestones/index.md index 453983fa882..105854ccd33 100644 --- a/doc/user/project/milestones/index.md +++ b/doc/user/project/milestones/index.md @@ -130,13 +130,13 @@ These features are only available for project milestones and not group milestone ### Project Burndown Charts **(STARTER)** -For project milestones in [GitLab Starter](https://about.gitlab.com/pricing), a [burndown chart](burndown_charts.md) is in the milestone view, showing the progress of completing a milestone. +For project milestones in [GitLab Starter](https://about.gitlab.com/pricing/), a [burndown chart](burndown_charts.md) is in the milestone view, showing the progress of completing a milestone.  ### Group Burndown Charts **(PREMIUM)** -For group milestones in [GitLab Premium](https://about.gitlab.com/pricing), a [burndown chart](burndown_charts.md) is in the milestone view, showing the progress of completing a milestone. +For group milestones in [GitLab Premium](https://about.gitlab.com/pricing/), a [burndown chart](burndown_charts.md) is in the milestone view, showing the progress of completing a milestone. ### Milestone sidebar diff --git a/doc/user/project/new_ci_build_permissions_model.md b/doc/user/project/new_ci_build_permissions_model.md index 0e60c4eca75..5f3bb83df70 100644 --- a/doc/user/project/new_ci_build_permissions_model.md +++ b/doc/user/project/new_ci_build_permissions_model.md @@ -47,7 +47,7 @@ It is important to note that we have a few types of users: Administrator will have to be a member of it in order to have access to it via another project's job. -- **External users**: CI jobs created by [external users](../permissions.md#external-users-permissions) will have +- **External users**: CI jobs created by [external users](../permissions.md#external-users-core-only) will have access only to projects to which user has at least reporter access. This rules out accessing all internal projects by default. @@ -58,7 +58,7 @@ Let's consider the following scenario: hosted in private repositories and you have multiple CI jobs that make use of these repositories. -1. You invite a new [external user](../permissions.md#external-users-permissions). CI jobs created by that user do not +1. You invite a new [external user](../permissions.md#external-users-core-only). CI jobs created by that user do not have access to internal repositories, because the user also doesn't have the access from within GitLab. You as an employee have to grant explicit access for this user. This allows us to prevent from accidental data leakage. diff --git a/doc/user/project/operations/feature_flags.md b/doc/user/project/operations/feature_flags.md index 97b3ca0067e..08df92959c3 100644 --- a/doc/user/project/operations/feature_flags.md +++ b/doc/user/project/operations/feature_flags.md @@ -174,9 +174,9 @@ Official clients: Community contributed clients: -- [stiano/unleash-client-dotnet](https://github.com/stiano/unleash-client-dotnet) (.Net Core) -- [onybo/unleash-client-core](https://github.com/onybo/unleash-client-core) (.Net Core) -- [aes/unleash-client-python](https://github.com/aes/unleash-client-python) (Python 3) +- [Unleash FeatureToggle Client for .Net](https://github.com/stiano/unleash-client-dotnet) +- [Unofficial .Net Core Unleash client](https://github.com/onybo/unleash-client-core) +- [Unleash client for Python 3](https://github.com/aes/unleash-client-python) ### Golang application example diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/dns_concepts.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/dns_concepts.md index dc75eb450a3..e561da423f4 100644 --- a/doc/user/project/pages/custom_domains_ssl_tls_certification/dns_concepts.md +++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/dns_concepts.md @@ -27,16 +27,16 @@ to do it for you. To help you out, we've gathered some instructions on how to do that for the most popular hosting services: -- [Amazon](http://docs.aws.amazon.com/gettingstarted/latest/swh/getting-started-configure-route53.html) +- [Amazon](https://docs.aws.amazon.com/AmazonS3/latest/dev/website-hosting-custom-domain-walkthrough.html) - [Bluehost](https://my.bluehost.com/cgi/help/559) - [CloudFlare](https://support.cloudflare.com/hc/en-us/articles/200169096-How-do-I-add-A-records-) -- [cPanel](https://documentation.cpanel.net/display/ALD/Edit+DNS+Zone) +- [cPanel](https://documentation.cpanel.net/display/84Docs/Edit+DNS+Zone) - [DreamHost](https://help.dreamhost.com/hc/en-us/articles/215414867-How-do-I-add-custom-DNS-records-) - [Go Daddy](https://www.godaddy.com/help/add-an-a-record-19238) -- [Hostgator](http://support.hostgator.com/articles/changing-dns-records) +- [Hostgator](https://www.hostgator.com/help/article/changing-dns-records) - [Inmotion hosting](https://my.bluehost.com/cgi/help/559) - [Media Temple](https://mediatemple.net/community/products/dv/204403794/how-can-i-change-the-dns-records-for-my-domain) -- [Microsoft](https://msdn.microsoft.com/en-us/library/bb727018.aspx) +- [Microsoft](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/bb727018(v=technet.10)) If your hosting service is not listed above, you can just try to search the web for `how to add dns record on <my hosting service>`. diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md index 849cd1a8ee4..326a2d302d2 100644 --- a/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md +++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/index.md @@ -67,10 +67,10 @@ Root domains (`example.com`) require: - A [DNS A record](dns_concepts.md#a-record) pointing your domain to the Pages server. - A [TXT record](dns_concepts.md#txt-record) to verify your domain's ownership. -| From | DNS Record | To | -| ---- | ---------- | -- | -| example.com | A | 35.185.44.232 | -| _gitlab-pages-verification-code.example.com | TXT | gitlab-pages-verification-code=00112233445566778899aabbccddeeff | +| From | DNS Record | To | +| --------------------------------------------- | ---------- | --------------- | +| `example.com` | A | `35.185.44.232` | +| `_gitlab-pages-verification-code.example.com` | TXT | `gitlab-pages-verification-code=00112233445566778899aabbccddeeff` | For projects on GitLab.com, this IP is `35.185.44.232`. For projects living in other GitLab instances (CE or EE), please contact @@ -95,10 +95,10 @@ Subdomains (`subdomain.example.com`) require: - A DNS [CNAME record](dns_concepts.md#cname-record) record pointing your subdomain to the Pages server. - A DNS [TXT record](dns_concepts.md#txt-record) to verify your domain's ownership. -| From | DNS Record | To | -| ---- | ---------- | -- | -| subdomain.example.com | CNAME | namespace.gitlab.io | -| _gitlab-pages-verification-code.subdomain.example.com | TXT | gitlab-pages-verification-code=00112233445566778899aabbccddeeff | +| From | DNS Record | To | +| ------------------------------------------------------- | ---------- | --------------------- | +| `subdomain.example.com` | CNAME | `namespace.gitlab.io` | +| `_gitlab-pages-verification-code.subdomain.example.com` | TXT | `gitlab-pages-verification-code=00112233445566778899aabbccddeeff` | Note that, whether it's a user or a project website, the `CNAME` should point to your Pages domain (`namespace.gitlab.io`), @@ -117,13 +117,13 @@ They require: - A DNS CNAME record for the subdomain. - A DNS TXT record for each. -| From | DNS Record | To | -| ---- | ---------- | -- | -| example.com | A | 35.185.44.232 | -| _gitlab-pages-verification-code.example.com | TXT | gitlab-pages-verification-code=00112233445566778899aabbccddeeff | -|---+---| -| www.example.com | CNAME | namespace.gitlab.io | -| _gitlab-pages-verification-code.www.example.com | TXT | gitlab-pages-verification-code=00112233445566778899aabbccddeeff | +| From | DNS Record | To | +| ------------------------------------------------- | ---------- | ---------------------- | +| `example.com` | A | `35.185.44.232` | +| `_gitlab-pages-verification-code.example.com` | TXT | `gitlab-pages-verification-code=00112233445566778899aabbccddeeff` | +|--------------------------------------------+--------------------------------------------| +| `www.example.com` | CNAME | `namespace.gitlab.io` | +| `_gitlab-pages-verification-code.www.example.com` | TXT | `gitlab-pages-verification-code=00112233445566778899aabbccddeeff` | If you're using CloudFlare, check [Redirecting `www.domain.com` to `domain.com` with Cloudflare](#redirecting-wwwdomaincom-to-domaincom-with-cloudflare). @@ -135,8 +135,8 @@ If you're using CloudFlare, check > - **Do not** add any special chars after the default Pages domain. E.g., don't point `subdomain.domain.com` to or `namespace.gitlab.io/`. Some domain hosting providers may request a trailling dot (`namespace.gitlab.io.`), though. -> - GitLab Pages IP on GitLab.com [was changed](https://about.gitlab.com/2017/03/06/we-are-changing-the-ip-of-gitlab-pages-on-gitlab-com/) in 2017. -> - GitLab Pages IP on GitLab.com [has changed](https://about.gitlab.com/2018/07/19/gcp-move-update/#gitlab-pages-and-custom-domains) +> - GitLab Pages IP on GitLab.com [was changed](https://about.gitlab.com/blog/2017/03/06/we-are-changing-the-ip-of-gitlab-pages-on-gitlab-com/) in 2017. +> - GitLab Pages IP on GitLab.com [has changed](https://about.gitlab.com/blog/2018/07/19/gcp-move-update/#gitlab-pages-and-custom-domains) from `52.167.214.135` to `35.185.44.232` in 2018. #### 4. Verify the domain's ownership @@ -162,7 +162,7 @@ from the GitLab project. > - Domain verification is **required for GitLab.com users**; for GitLab self-managed instances, your GitLab administrator has the option to [disabled custom domain verification](../../../../administration/pages/index.md#custom-domain-verification). -> - [DNS propagation may take some time (up to 24h)](http://www.inmotionhosting.com/support/domain-names/dns-nameserver-changes/domain-names-dns-changes), +> - [DNS propagation may take some time (up to 24h)](https://www.inmotionhosting.com/support/domain-names/dns-nameserver-changes/domain-names-dns-changes), although it's usually a matter of minutes to complete. Until it does, verification will fail and attempts to visit your domain will respond with a 404. > - Once your domain has been verified, leave the verification record @@ -221,7 +221,7 @@ To secure your custom domain with GitLab Pages you can opt by: the part of the encryption keychain that identifies the CA. Usually it's combined with the PEM certificate, but there are some cases in which you need to add them manually. - [CloudFlare certs](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/) + [CloudFlare certs](https://about.gitlab.com/blog/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/) are one of these cases. - **A private key**, it's an encrypted key which validates your PEM against your domain. @@ -238,7 +238,7 @@ To secure your custom domain with GitLab Pages you can opt by: 1. Add the PEM certificate to its corresponding field. 1. If your certificate is missing its intermediate, copy and paste the root certificate (usually available from your CA website) - and paste it in the [same field as your PEM certificate](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/), + and paste it in the [same field as your PEM certificate](https://about.gitlab.com/blog/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/), just jumping a line between them. 1. Copy your private key and paste it in the last field. diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md index ef5466f03c4..c9b504dc6ee 100644 --- a/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md +++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md @@ -57,7 +57,7 @@ Once you've met the requirements, to enable Let's Encrypt integration: 1. Click **Save changes**. Once enabled, GitLab will obtain a LE certificate and add it to the -associated Pages domain. It will be also renewed automatically by GitLab. +associated Pages domain. It also will be renewed automatically by GitLab. > **Notes:** > diff --git a/doc/user/project/pages/custom_domains_ssl_tls_certification/ssl_tls_concepts.md b/doc/user/project/pages/custom_domains_ssl_tls_certification/ssl_tls_concepts.md index ee0550bfca2..ac0a1f1ceba 100644 --- a/doc/user/project/pages/custom_domains_ssl_tls_certification/ssl_tls_concepts.md +++ b/doc/user/project/pages/custom_domains_ssl_tls_certification/ssl_tls_concepts.md @@ -31,7 +31,7 @@ security measure, necessary just for big companies, like banks and shoppings sit with financial transactions. Now we have a different picture. [According to Josh Aas](https://letsencrypt.org/2015/10/29/phishing-and-malware.html), Executive Director at [ISRG](https://en.wikipedia.org/wiki/Internet_Security_Research_Group): -> _We’ve since come to realize that HTTPS is important for almost all websites. It’s important for any website that allows people to log in with a password, any website that [tracks its users](https://www.washingtonpost.com/news/the-switch/wp/2013/12/10/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking/) in any way, any website that [doesn’t want its content altered](http://arstechnica.com/tech-policy/2014/09/why-comcasts-javascript-ad-injections-threaten-security-net-neutrality/), and for any site that offers content people might not want others to know they are consuming. We’ve also learned that any site not secured by HTTPS [can be used to attack other sites](https://krebsonsecurity.com/2015/04/dont-be-fodder-for-chinas-great-cannon/)._ +> _We’ve since come to realize that HTTPS is important for almost all websites. It’s important for any website that allows people to log in with a password, any website that [tracks its users](https://www.washingtonpost.com/news/the-switch/wp/2013/12/10/nsa-uses-google-cookies-to-pinpoint-targets-for-hacking/) in any way, any website that [doesn’t want its content altered](https://arstechnica.com/tech-policy/2014/09/why-comcasts-javascript-ad-injections-threaten-security-net-neutrality/), and for any site that offers content people might not want others to know they are consuming. We’ve also learned that any site not secured by HTTPS [can be used to attack other sites](https://krebsonsecurity.com/2015/04/dont-be-fodder-for-chinas-great-cannon/)._ Therefore, the reason why certificates are so important is that they encrypt the connection between the **client** (you, me, your visitors) @@ -54,7 +54,7 @@ reiterating the importance of HTTPS. ## Issuing Certificates GitLab Pages accepts certificates provided in the [PEM](https://support.quovadisglobal.com/kb/a37/what-is-pem-format.aspx) format, issued by -[Certificate Authorities (CAs)](https://en.wikipedia.org/wiki/Certificate_authority) or as +[Certificate Authorities](https://en.wikipedia.org/wiki/Certificate_authority) or as [self-signed certificates](https://en.wikipedia.org/wiki/Self-signed_certificate). Note that [self-signed certificates are typically not used](https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/self-signed-certificates-secure-so-why-ban/) for public websites for security reasons and to ensure that browsers trust your site's certificate. @@ -72,4 +72,4 @@ source, and free to use. See [GitLab Pages integration with Let's Encrypt](../cu Similarly popular are [certificates issued by CloudFlare](https://www.cloudflare.com/ssl/), which also offers a [free CDN service](https://blog.cloudflare.com/cloudflares-free-cdn-and-you/). Their certs are valid up to 15 years. See the tutorial on -[how to add a CloudFlare Certificate to your GitLab Pages website](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/). +[how to add a CloudFlare Certificate to your GitLab Pages website](https://about.gitlab.com/blog/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/). diff --git a/doc/user/project/pages/getting_started_part_four.md b/doc/user/project/pages/getting_started_part_four.md index 80fa64b162d..27bd9da8d18 100644 --- a/doc/user/project/pages/getting_started_part_four.md +++ b/doc/user/project/pages/getting_started_part_four.md @@ -38,7 +38,7 @@ Explaining [every detail of GitLab CI/CD](../../../ci/yaml/README.md) and GitLab Runner is out of the scope of this guide, but we'll need to understand just a few things to be able to write our own `.gitlab-ci.yml` or tweak an existing one. It's an -[Yaml](http://docs.ansible.com/ansible/YAMLSyntax.html) file, +[Yaml](https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html) file, with its own syntax. You can always check your CI syntax with the [GitLab CI Lint Tool](https://gitlab.com/ci/lint). @@ -127,7 +127,7 @@ pages: The script above would be enough to build your Jekyll site with GitLab Pages. But, from Jekyll 3.4.0 on, its default template originated by `jekyll new project` requires -[Bundler](http://bundler.io/) to install Jekyll dependencies +[Bundler](https://bundler.io) to install Jekyll dependencies and the default theme. To adjust our script to meet these new requirements, we only need to install and build Jekyll with Bundler: @@ -385,10 +385,10 @@ to understand how to go even further on your scripts. - On this blog post, understand the concept of [using GitLab CI `environments` to deploy your - web app to staging and production](https://about.gitlab.com/2016/08/26/ci-deployment-and-environments/). + web app to staging and production](https://about.gitlab.com/blog/2016/08/26/ci-deployment-and-environments/). - On this post, learn [how to run jobs sequentially, - in parallel, or build a custom pipeline](https://about.gitlab.com/2016/07/29/the-basics-of-gitlab-ci/) + in parallel, or build a custom pipeline](https://about.gitlab.com/blog/2016/07/29/the-basics-of-gitlab-ci/) - On this blog post, we go through the process of - [pulling specific directories from different projects](https://about.gitlab.com/2016/12/07/building-a-new-gitlab-docs-site-with-nanoc-gitlab-ci-and-gitlab-pages/) - to deploy this website you're looking at, docs.gitlab.com. -- On this blog post, we teach you [how to use GitLab Pages to produce a code coverage report](https://about.gitlab.com/2016/11/03/publish-code-coverage-report-with-gitlab-pages/). + [pulling specific directories from different projects](https://about.gitlab.com/blog/2016/12/07/building-a-new-gitlab-docs-site-with-nanoc-gitlab-ci-and-gitlab-pages/) + to deploy this website you're looking at, <https://docs.gitlab.com>. +- On this blog post, we teach you [how to use GitLab Pages to produce a code coverage report](https://about.gitlab.com/blog/2016/11/03/publish-code-coverage-report-with-gitlab-pages/). diff --git a/doc/user/project/pages/getting_started_part_one.md b/doc/user/project/pages/getting_started_part_one.md index 45fdab1ca3a..0b1cae9ab4c 100644 --- a/doc/user/project/pages/getting_started_part_one.md +++ b/doc/user/project/pages/getting_started_part_one.md @@ -5,7 +5,7 @@ type: concepts, reference # Static sites and GitLab Pages domains -On this docucument, learn how to name your project for GitLab Pages +On this document, learn how to name your project for GitLab Pages according to your intended website's URL. ## Static sites @@ -97,7 +97,7 @@ _Read on about [Projects for GitLab Pages and URL structure](getting_started_par ### Further reading -- Read through this technical overview on [Static versus Dynamic Websites](https://about.gitlab.com/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/) -- Understand [how modern Static Site Generators work](https://about.gitlab.com/2016/06/10/ssg-overview-gitlab-pages-part-2/) and what you can add to your static site -- You can use [any SSG with GitLab Pages](https://about.gitlab.com/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/) +- Read through this technical overview on [Static versus Dynamic Websites](https://about.gitlab.com/blog/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/) +- Understand [how modern Static Site Generators work](https://about.gitlab.com/blog/2016/06/10/ssg-overview-gitlab-pages-part-2/) and what you can add to your static site +- You can use [any SSG with GitLab Pages](https://about.gitlab.com/blog/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/) - Fork an [example project](https://gitlab.com/pages) to build your website based upon diff --git a/doc/user/project/pages/getting_started_part_two.md b/doc/user/project/pages/getting_started_part_two.md index cb80bf1c433..ff752917087 100644 --- a/doc/user/project/pages/getting_started_part_two.md +++ b/doc/user/project/pages/getting_started_part_two.md @@ -122,7 +122,7 @@ where you'll find its default URL. > **Notes:** > -> - GitLab Pages [supports any SSG](https://about.gitlab.com/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/), but, +> - GitLab Pages [supports any SSG](https://about.gitlab.com/blog/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/), but, > if you don't find yours among the templates, you'll need > to configure your own `.gitlab-ci.yml`. To do that, please > read through the article [Creating and Tweaking GitLab CI/CD for GitLab Pages](getting_started_part_four.md). New SSGs are very welcome among diff --git a/doc/user/project/pages/index.md b/doc/user/project/pages/index.md index 41a89a2130d..7d533c6f9d1 100644 --- a/doc/user/project/pages/index.md +++ b/doc/user/project/pages/index.md @@ -64,7 +64,7 @@ To publish a website with Pages, you can use any Static Site Generator (SSG), such as Jekyll, Hugo, Middleman, Harp, Hexo, and Brunch, just to name a few. You can also publish any website written directly in plain HTML, CSS, and JavaScript.</p> <p>Pages does <strong>not</strong> support dynamic server-side processing, for instance, as <code>.php</code> and <code>.asp</code> requires. See this article to learn more about -<a href="https://about.gitlab.com/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/">static websites vs dynamic websites</a>.</p> +<a href="https://about.gitlab.com/blog/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/">static websites vs dynamic websites</a>.</p> </div> <div class="col-md-3"><img src="img/ssgs_pages.png" alt="Examples of SSGs supported by Pages" class="image-noshadow middle display-block"></div> </div> @@ -146,11 +146,11 @@ To learn more about configuration options for GitLab Pages, read the following: |---+---| | [Custom domains and SSL/TLS Certificates](custom_domains_ssl_tls_certification/index.md) | How to add custom domains and subdomains to your website, configure DNS records and SSL/TLS certificates. | | [Let's Encrypt integration](custom_domains_ssl_tls_certification/lets_encrypt_integration.md) | Secure your Pages sites with Let's Encrypt certificates automatically obtained and renewed by GitLab. | -| [CloudFlare certificates](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/) | Secure your Pages site with CloudFlare certificates. | +| [CloudFlare certificates](https://about.gitlab.com/blog/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/) | Secure your Pages site with CloudFlare certificates. | |---+---| -| [Static vs dynamic websites](https://about.gitlab.com/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/) | A conceptual overview on static versus dynamic sites. | -| [Modern static site generators](https://about.gitlab.com/2016/06/10/ssg-overview-gitlab-pages-part-2/) | A conceptual overview on SSGs. | -| [Build any SSG site with GitLab Pages](https://about.gitlab.com/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/) | An overview on using SSGs for GitLab Pages. | +| [Static vs dynamic websites](https://about.gitlab.com/blog/2016/06/03/ssg-overview-gitlab-pages-part-1-dynamic-x-static/) | A conceptual overview on static versus dynamic sites. | +| [Modern static site generators](https://about.gitlab.com/blog/2016/06/10/ssg-overview-gitlab-pages-part-2/) | A conceptual overview on SSGs. | +| [Build any SSG site with GitLab Pages](https://about.gitlab.com/blog/2016/06/17/ssg-overview-gitlab-pages-part-3-examples-ci/) | An overview on using SSGs for GitLab Pages. | ## Advanced use @@ -158,11 +158,11 @@ There are quite some great examples of GitLab Pages websites built for some specific reasons. These examples can teach you some advanced techniques to use and adapt to your own needs: -- [Posting to your GitLab Pages blog from iOS](https://about.gitlab.com/2016/08/19/posting-to-your-gitlab-pages-blog-from-ios/). -- [GitLab CI: Run jobs sequentially, in parallel, or build a custom pipeline](https://about.gitlab.com/2016/07/29/the-basics-of-gitlab-ci/). -- [GitLab CI: Deployment & environments](https://about.gitlab.com/2016/08/26/ci-deployment-and-environments/). -- [Building a new GitLab docs site with Nanoc, GitLab CI, and GitLab Pages](https://about.gitlab.com/2016/12/07/building-a-new-gitlab-docs-site-with-nanoc-gitlab-ci-and-gitlab-pages/). -- [Publish code coverage reports with GitLab Pages](https://about.gitlab.com/2016/11/03/publish-code-coverage-report-with-gitlab-pages/). +- [Posting to your GitLab Pages blog from iOS](https://about.gitlab.com/blog/2016/08/19/posting-to-your-gitlab-pages-blog-from-ios/). +- [GitLab CI: Run jobs sequentially, in parallel, or build a custom pipeline](https://about.gitlab.com/blog/2016/07/29/the-basics-of-gitlab-ci/). +- [GitLab CI: Deployment & environments](https://about.gitlab.com/blog/2016/08/26/ci-deployment-and-environments/). +- [Building a new GitLab docs site with Nanoc, GitLab CI, and GitLab Pages](https://about.gitlab.com/blog/2016/12/07/building-a-new-gitlab-docs-site-with-nanoc-gitlab-ci-and-gitlab-pages/). +- [Publish code coverage reports with GitLab Pages](https://about.gitlab.com/blog/2016/11/03/publish-code-coverage-report-with-gitlab-pages/). ## Admin GitLab Pages for self-managed instances @@ -173,5 +173,5 @@ the [admin guide](../../../administration/pages/index.md). ## More information about GitLab Pages -- Announcement (2016-12-24): ["We're bringing GitLab Pages to CE"](https://about.gitlab.com/2016/12/24/were-bringing-gitlab-pages-to-community-edition/) -- Announcement (2017-03-06): ["We are changing the IP of GitLab Pages on GitLab.com"](https://about.gitlab.com/2017/03/06/we-are-changing-the-ip-of-gitlab-pages-on-gitlab-com/) +- Announcement (2016-12-24): ["We're bringing GitLab Pages to CE"](https://about.gitlab.com/blog/2016/12/24/were-bringing-gitlab-pages-to-community-edition/) +- Announcement (2017-03-06): ["We are changing the IP of GitLab Pages on GitLab.com"](https://about.gitlab.com/blog/2017/03/06/we-are-changing-the-ip-of-gitlab-pages-on-gitlab-com/) diff --git a/doc/user/project/pages/introduction.md b/doc/user/project/pages/introduction.md index e197d7c588f..86257e2aa03 100644 --- a/doc/user/project/pages/introduction.md +++ b/doc/user/project/pages/introduction.md @@ -67,15 +67,10 @@ Some static site generators provide plugins for that functionality so that you don't have to create and edit HTML files manually. For example, Jekyll has the [redirect-from plugin](https://github.com/jekyll/jekyll-redirect-from). -## GitLab Pages Access Control **(CORE ONLY)** +## GitLab Pages Access Control **(CORE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/33422) in GitLab 11.5. -NOTE: **Note:** -GitLab Pages access control is not activated on GitLab.com. You can check its -progress on the -[infrastructure issue tracker](https://gitlab.com/gitlab-com/gl-infra/infrastructure/issues/5576). - You can enable Pages access control on your project, so that only [members of your project](../../permissions.md#project-members-permissions) (at least Guest) can access your website: diff --git a/doc/user/project/pipelines/job_artifacts.md b/doc/user/project/pipelines/job_artifacts.md index 703b0a94470..794c3030c6a 100644 --- a/doc/user/project/pipelines/job_artifacts.md +++ b/doc/user/project/pipelines/job_artifacts.md @@ -50,12 +50,9 @@ For more examples on artifacts, follow the [artifacts reference in ## Browsing artifacts -> With GitLab 9.2, PDFs, images, videos and other formats can be previewed -> directly in the job artifacts browser without the need to download them. -> With [GitLab 10.1][ce-14399], HTML files in a public project can be previewed -> directly in a new tab without the need to download them when -> [GitLab Pages](../../../administration/pages/index.md) is enabled. -> The same holds for textual formats (currently supported extensions: `.txt`, `.json`, and `.log`). +> - From GitLab 9.2, PDFs, images, videos and other formats can be previewed directly in the job artifacts browser without the need to download them. +> - Introduced in [GitLab 10.1][ce-14399], HTML files in a public project can be previewed directly in a new tab without the need to download them when [GitLab Pages](../../../administration/pages/index.md) is enabled. The same applies for textual formats (currently supported extensions: `.txt`, `.json`, and `.log`). +> - Introduced in [GitLab 12.4][gitlab-16675], artifacts in private projects can be previewed when [GitLab Pages access control](../../../administration/pages/index.md#access-control) is enabled. After a job finishes, if you visit the job's specific page, there are three buttons. You can download the artifacts archive or browse its contents, whereas @@ -68,7 +65,7 @@ The archive browser shows the name and the actual file size of each file in the archive. If your artifacts contained directories, then you are also able to browse inside them. -Below you can see how browsing looks like. In this case we have browsed inside +Below you can see what browsing looks like. In this case we have browsed inside the archive and at this point there is one directory, a couple files, and one HTML file that you can view directly online when [GitLab Pages](../../../administration/pages/index.md) is enabled (opens in a new tab). @@ -123,18 +120,18 @@ https://example.com/<namespace>/<project>/-/jobs/artifacts/<ref>/raw/<path_to_fi ``` For example, to download the latest artifacts of the job named `coverage` of -the `master` branch of the `gitlab-ce` project that belongs to the `gitlab-org` +the `master` branch of the `gitlab` project that belongs to the `gitlab-org` namespace, the URL would be: ``` -https://gitlab.com/gitlab-org/gitlab-foss/-/jobs/artifacts/master/download?job=coverage +https://gitlab.com/gitlab-org/gitlab/-/jobs/artifacts/master/download?job=coverage ``` To download the file `coverage/index.html` from the same artifacts use the following URL: ``` -https://gitlab.com/gitlab-org/gitlab-foss/-/jobs/artifacts/master/raw/coverage/index.html?job=coverage +https://gitlab.com/gitlab-org/gitlab/-/jobs/artifacts/master/raw/coverage/index.html?job=coverage ``` There is also a URL to browse the latest job artifacts: @@ -146,7 +143,7 @@ https://example.com/<namespace>/<project>/-/jobs/artifacts/<ref>/browse?job=<job For example: ``` -https://gitlab.com/gitlab-org/gitlab-foss/-/jobs/artifacts/master/browse?job=coverage +https://gitlab.com/gitlab-org/gitlab/-/jobs/artifacts/master/browse?job=coverage ``` There is also a URL to specific files, including html files that @@ -160,7 +157,7 @@ For example, when a job `coverage` creates the artifact `htmlcov/index.html`, you can access it at: ``` -https://gitlab.com/gitlab-org/gitlab-foss/-/jobs/artifacts/master/file/htmlcov/index.html?job=coverage +https://gitlab.com/gitlab-org/gitlab/-/jobs/artifacts/master/file/htmlcov/index.html?job=coverage ``` The latest builds are also exposed in the UI in various places. Specifically, @@ -198,6 +195,7 @@ In order to retrieve a job artifact of a different project, you might need to us [expiry date]: ../../../ci/yaml/README.md#artifactsexpire_in [ce-14399]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/14399 +[gitlab-16675]: https://gitlab.com/gitlab-org/gitlab/merge_requests/16675 <!-- ## Troubleshooting diff --git a/doc/user/project/pipelines/schedules.md b/doc/user/project/pipelines/schedules.md index bb3e37ef2bf..bffb0b58230 100644 --- a/doc/user/project/pipelines/schedules.md +++ b/doc/user/project/pipelines/schedules.md @@ -84,7 +84,7 @@ For example, only two pipelines will be created per day if: To change the Sidekiq worker's frequency: 1. Edit the `gitlab_rails['pipeline_schedule_worker_cron']` value in your instance's `gitlab.rb` file. -1. [Restart GitLab](../../../administration/restart_gitlab.md). +1. [Reconfigure GitLab](../../../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. For GitLab.com, refer to the [dedicated settings page](../../gitlab_com/index.md#cron-jobs). diff --git a/doc/user/project/pipelines/settings.md b/doc/user/project/pipelines/settings.md index 26ea328c730..6480c7e0af9 100644 --- a/doc/user/project/pipelines/settings.md +++ b/doc/user/project/pipelines/settings.md @@ -21,8 +21,8 @@ from GitLab in a job. There are two options. Using: - `git clone`, which is slower since it clones the repository from scratch - for every job, ensuring that the project workspace is always pristine. -- `git fetch`, which is faster as it re-uses the project workspace (falling + for every job, ensuring that the local working copy is always pristine. +- `git fetch`, which is faster as it re-uses the local working copy (falling back to clone if it doesn't exist). The default Git strategy can be overridden by the [GIT_STRATEGY variable](../../../ci/yaml/README.md#git-strategy) @@ -60,14 +60,19 @@ if the job surpasses the threshold, it is marked as failed. Project defined timeout (either specific timeout set by user or the default 60 minutes timeout) may be [overridden on Runner level](../../../ci/runners/README.html#setting-maximum-job-timeout-for-a-runner). -## Custom CI config path +## Maximum artifacts size **(CORE ONLY)** + +For information about setting a maximum artifact size for a project, see +[Maximum artifacts size](../../admin_area/settings/continuous_integration.md#maximum-artifacts-size-core-only). + +## Custom CI configuration path > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/12509) in GitLab 9.4. By default we look for the `.gitlab-ci.yml` file in the project's root directory. If you require a different location **within** the repository, -you can set a custom filepath that will be used to lookup the config file, -this filepath should be **relative** to the root. +you can set a custom path that will be used to look up the configuration file, +this path should be **relative** to the root. Here are some valid examples: @@ -80,7 +85,7 @@ The path can be customized at a project level. To customize the path: 1. Go to the project's **Settings > CI / CD**. 1. Expand the **General pipelines** section. -1. Provide a value in the **Custom CI config path** field. +1. Provide a value in the **Custom CI configuration path** field. 1. Click **Save changes**. ## Test coverage parsing @@ -92,7 +97,7 @@ job log using a regular expression. In the pipelines settings, search for the  Leave blank if you want to disable it or enter a ruby regular expression. You -can use <http://rubular.com> to test your regex. +can use <https://rubular.com> to test your regex. If the pipeline succeeds, the coverage is shown in the merge request widget and in the jobs table. @@ -122,37 +127,40 @@ lein cloverage | perl -pe 's/\e\[?.*?[\@-~]//g' ## Visibility of pipelines -Access to pipelines and job details (including output of logs and artifacts) -is checked against your current user access level and the **Public pipelines** -project setting under your project's **Settings > CI/CD > General pipelines settings**. +Pipeline visibility is determined by: + +- Your current [user access level](../../permissions.md). +- The **Public pipelines** project setting under your project's **Settings > CI/CD > General pipelines**. + +This also determines the visibility of these related features: + +- Job output logs +- Job artifacts +- The [pipeline security dashboard](../../application_security/security_dashboard/index.md#pipeline-security-dashboard) **(ULTIMATE)** If **Public pipelines** is enabled (default): -- For **public** projects, anyone can view the pipelines and access the job details - (output logs and artifacts). +- For **public** projects, anyone can view the pipelines and related features. - For **internal** projects, any logged in user can view the pipelines - and access the job details - (output logs and artifacts). -- For **private** projects, any member (guest or higher) can view the pipelines - and access the job details - (output logs and artifacts). + and related features. +- For **private** projects, any project member (guest or higher) can view the pipelines + and related features. If **Public pipelines** is disabled: - For **public** projects, anyone can view the pipelines, but only members - (reporter or higher) can access the job details (output logs and artifacts). + (reporter or higher) can access the related features. - For **internal** projects, any logged in user can view the pipelines. - However, only members (reporter or higher) can access the job details (output logs - and artifacts). -- For **private** projects, only members (reporter or higher) - can view the pipelines and access the job details (output logs and artifacts). + However, only members (reporter or higher) can access the job related features. +- For **private** projects, only project members (reporter or higher) + can view the pipelines or access the related features. ## Auto-cancel pending pipelines > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/9362) in GitLab 9.1. If you want to auto-cancel all pending non-HEAD pipelines on branch, when -new pipeline will be created (after your git push or manually from UI), +new pipeline will be created (after your Git push or manually from UI), check **Auto-cancel pending pipelines** checkbox and save the changes. ## Pipeline Badges diff --git a/doc/user/project/protected_branches.md b/doc/user/project/protected_branches.md index cf4afef15cd..b7c9faeb1df 100644 --- a/doc/user/project/protected_branches.md +++ b/doc/user/project/protected_branches.md @@ -23,6 +23,8 @@ A GitLab admin is allowed to push to the protected branches. See the [Changelog](#changelog) section for changes over time. +The default branch protection level is set in the [Admin Area](../admin_area/settings/visibility_and_access_controls.md#default-branch-protection). + ## Configuring protected branches To protect a branch, you need to have at least Maintainer permission level. Note @@ -41,7 +43,7 @@ that the `master` branch is protected by default. ## Using the Allowed to merge and Allowed to push settings -> [Introduced][ce-5081] in GitLab 8.11. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/5081) in GitLab 8.11. Since GitLab 8.11, we added another layer of branch protection which provides more granular management of protected branches. The "Developers can push" @@ -71,7 +73,7 @@ they are set to "Maintainers" by default. ## Restricting push and merge access to certain users **(STARTER)** -> [Introduced][ce-5081] in [GitLab Starter][ee] 8.11. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/5081) in [GitLab Starter](https://about.gitlab.com/pricing/) 8.11. With GitLab Enterprise Edition you can restrict access to protected branches by choosing a role (Maintainers, Developers) as well as certain users. From the @@ -86,7 +88,7 @@ Click **Protect** and the branch will appear in the "Protected branch" list. ## Wildcard protected branches -> [Introduced][ce-4665] in GitLab 8.10. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/4665) in GitLab 8.10. You can specify a wildcard protected branch, which will protect all branches matching the wildcard. For example: @@ -131,12 +133,12 @@ To create a new branch through the user interface: ## Deleting a protected branch -> [Introduced][ce-21393] in GitLab 9.3. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/21393) in GitLab 9.3. From time to time, it may be required to delete or clean up branches that are protected. -User with [Maintainer permissions][perm] and up can manually delete protected +User with [Maintainer permissions](../permissions.md) and up can manually delete protected branches via GitLab's web interface: 1. Visit **Repository > Branches** @@ -150,6 +152,35 @@ Deleting a protected branch is only allowed via the web interface, not via Git. This means that you can't accidentally delete a protected branch from your command line or a Git client application. +## Protected Branches approval by Code Owners **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/13251) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.4. + +It is possible to require at least one approval by a +[Code Owner](code_owners.md) to a file changed by the +merge request. You can either set Code Owners approvals +at the time you protect a new branch, or set it to a branch +already protected, as described below. + +To protect a new branch and enable Code Owner's approval: + +1. Navigate to your project's **Settings > Repository** and expand **Protected branches**. +1. Scroll down to **Protect a branch**, select a **Branch** or wildcard you'd like to protect, select who's **Allowed to merge** and **Allowed to push**, and toggle the **Require approval from code owners** slider. +1. Click **Protect**. + + + +To enable Code Owner's approval to branches already protected: + +1. Navigate to your project's **Settings > Repository** and expand **Protected branches**. +1. Scroll down to **Protected branch** and toggle the **Code owner approval** slider for the chosen branch. + + + +When enabled, all merge requests targeting these branches will require approval +by a Code Owner per matched rule before they can be merged. +Additionally, direct pushes to the protected branch are denied if a rule is matched. + ## Running pipelines on protected branches The permission to merge or push to protected branches is used to define if a user can @@ -166,23 +197,16 @@ for details about the pipelines security model. **9.2** -- Allow deletion of protected branches via the web interface [gitlab-org/gitlab-ce#21393][ce-21393] +- Allow deletion of protected branches via the web interface ([issue #21393](https://gitlab.com/gitlab-org/gitlab-foss/issues/21393)). **8.11** -- Allow creating protected branches that can't be pushed to [gitlab-org/gitlab-ce!5081][ce-5081] +- Allow creating protected branches that can't be pushed to ([merge request !5081](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/5081)). **8.10** -- Allow developers to merge into a protected branch without having push access [gitlab-org/gitlab-ce!4892][ce-4892] -- Allow specifying protected branches using wildcards [gitlab-org/gitlab-ce!4665][ce-4665] - -[ce-4665]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/4665 "Allow specifying protected branches using wildcards" -[ce-4892]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/4892 "Allow developers to merge into a protected branch without having push access" -[ce-5081]: https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/5081 "Allow creating protected branches that can't be pushed to" -[ce-21393]: https://gitlab.com/gitlab-org/gitlab-foss/issues/21393 -[perm]: ../permissions.md -[ee]: https://about.gitlab.com/pricing/ +- Allow developers without push access to merge into a protected branch ([merge request !4892](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/4892)). +- Allow specifying protected branches using wildcards ([merge request !4665](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/4665)). <!-- ## Troubleshooting diff --git a/doc/user/project/push_options.md b/doc/user/project/push_options.md new file mode 100644 index 00000000000..51c46dbd1d4 --- /dev/null +++ b/doc/user/project/push_options.md @@ -0,0 +1,77 @@ +--- +type: reference +--- + +# Push Options + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/15643) in GitLab 11.7. + +GitLab supports using [Git push options](https://git-scm.com/docs/git-push#Documentation/git-push.txt--oltoptiongt) +to perform various actions at the same time as pushing changes. + +Currently, there are push options available for: + +- [Skipping CI jobs](#push-options-for-gitlab-cicd) +- [Merge requests](#push-options-for-merge-requests) + +NOTE: **Note:** +Git push options are only available with Git 2.10 or newer. + +For Git versions 2.10 to 2.17 use `--push-option`: + +```shell +git push --push-option=<push_option> +``` + +For version 2.18 and later, you can use the above format, or the shorter `-o`: + +```shell +git push -o <push_option> +``` + +## Push options for GitLab CI/CD + +If the `ci.skip` push option is used, the commit will be pushed, but no [CI pipeline](../../ci/pipelines.md) +will be created. + +| Push option | Description | +| ----------- | ----------- | +| `ci.skip` | Do not create a CI pipeline for the latest push. | + +For example: + +```shell +git push -o ci.skip +``` + +## Push options for merge requests + +You can use Git push options to perform certain actions for merge requests at the same +time as pushing changes: + +| Push option | Description | Introduced in version | +| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------- | --------------------- | +| `merge_request.create` | Create a new merge request for the pushed branch. | [11.10](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/26752) | +| `merge_request.target=<branch_name>` | Set the target of the merge request to a particular branch. | [11.10](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/26752) | +| `merge_request.merge_when_pipeline_succeeds` | Set the merge request to [merge when its pipeline succeeds](merge_requests/merge_when_pipeline_succeeds.md). | [11.10](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/26752) | +| `merge_request.remove_source_branch` | Set the merge request to remove the source branch when it's merged. | [12.2](https://gitlab.com/gitlab-org/gitlab-foss/issues/64320) | +| `merge_request.title="<title>"` | Set the title of the merge request. Ex: `git push -o merge_request.title="The title I want"`. | [12.2](https://gitlab.com/gitlab-org/gitlab-foss/issues/64320) | +| `merge_request.description="<description>"` | Set the description of the merge request. Ex: `git push -o merge_request.description="The description I want"`. | [12.2](https://gitlab.com/gitlab-org/gitlab-foss/issues/64320) | +| `merge_request.label="<label>"` | Add labels to the merge request. If the label does not exist, it will be created. For example, for two labels: `git push -o merge_request.label="label1" -o merge_request.label="label2"`. | [12.3](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/31831) | +| `merge_request.unlabel="<label>"` | Remove labels from the merge request. For example, for two labels: `git push -o merge_request.unlabel="label1" -o merge_request.unlabel="label2"`. | [12.3](https://gitlab.com/gitlab-org/gitlab-foss/merge_requests/31831) | + +If you use a push option that requires text with spaces in it, you need to enclose it +in quotes (`"`). You can omit the quotes if there are no spaces. Some examples: + +```shell +git push -o merge_request.label="Label with spaces" +git push -o merge_request.label=Label-with-no-spaces +``` + +You can combine push options to accomplish multiple tasks at once, by using +multiple `-o` (or `--push-option`) flags. For example, if you want to create a new +merge request, and target a branch named `my-target-branch`: + +```shell +git push -o merge_request.create -o merge_request.target=my-target-branch +``` diff --git a/doc/user/project/quick_actions.md b/doc/user/project/quick_actions.md index 0078e9ea417..61bc66a6a69 100644 --- a/doc/user/project/quick_actions.md +++ b/doc/user/project/quick_actions.md @@ -64,8 +64,8 @@ The following quick actions are applicable to descriptions, discussions and thre | `/create_merge_request <branch name>` | ✓ | | | Create a new merge request starting from the current issue | | `/relate #issue1 #issue2` | ✓ | | | Mark issues as related **(STARTER)** | | `/move <path/to/project>` | ✓ | | | Move this issue to another project | -| `/zoom <Zoom URL>` | ✓ | | | Add Zoom meeting to this issue. ([Introduced in GitLab 12.3](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16609) enabled by feature flag `issue_zoom_integration`) | -| `/remove_zoom` | ✓ | | | Remove Zoom meeting from this issue. ([Introduced in GitLab 12.3](https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/16609) enabled by feature flag `issue_zoom_integration`) | +| `/zoom <Zoom URL>` | ✓ | | | Add Zoom meeting to this issue. ([Introduced in GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/merge_requests/16609)) | +| `/remove_zoom` | ✓ | | | Remove Zoom meeting from this issue. ([Introduced in GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/merge_requests/16609)) | | `/target_branch <local branch name>` | | ✓ | | Set target branch | | `/wip` | | ✓ | | Toggle the Work In Progress status | | `/approve` | | ✓ | | Approve the merge request | diff --git a/doc/user/project/releases/img/custom_notifications_new_release_v12_4.png b/doc/user/project/releases/img/custom_notifications_new_release_v12_4.png Binary files differnew file mode 100644 index 00000000000..6b4231d5804 --- /dev/null +++ b/doc/user/project/releases/img/custom_notifications_new_release_v12_4.png diff --git a/doc/user/project/releases/index.md b/doc/user/project/releases/index.md index d5ac6f99e7f..ceb077ab8af 100644 --- a/doc/user/project/releases/index.md +++ b/doc/user/project/releases/index.md @@ -65,6 +65,18 @@ project.  +## Notification for Releases + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/26001) in GitLab 12.4. + +You can be notified by email when a new Release is created for your project. + +To subscribe to these notifications, navigate to your **Project**'s landing page, then click on the +bell icon. Choose **Custom** from the dropdown menu. The +following modal window will be then displayed, from which you can select **New release** to complete your subscription to new Releases notifications. + + + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/project/repository/reducing_the_repo_size_using_git.md b/doc/user/project/repository/reducing_the_repo_size_using_git.md index fb07981e033..1187a44fda8 100644 --- a/doc/user/project/repository/reducing_the_repo_size_using_git.md +++ b/doc/user/project/repository/reducing_the_repo_size_using_git.md @@ -19,7 +19,8 @@ Unfortunately, it's not so easy and that workflow won't work. Deleting files in a commit doesn't actually reduce the size of the repo since the earlier commits and blobs are still around. What you need to do is rewrite history with Git's [`filter-branch` option](https://git-scm.com/book/en/v2/Git-Tools-Rewriting-History#The-Nuclear-Option:-filter-branch), -or a tool like the [BFG Repo-Cleaner](https://rtyley.github.io/bfg-repo-cleaner/). +or an open source community-maintained tool like the +[BFG](https://rtyley.github.io/bfg-repo-cleaner/). Note that even with that method, until `git gc` runs on the GitLab side, the "removed" commits and blobs will still be around. You also need to be able to @@ -34,8 +35,9 @@ temporarily increase it for you, your only option is to prune all the unneeded stuff locally, and then create a new project on GitLab and start using that instead. -If you can continue to use the original project, we recommend [using the -BFG Repo-Cleaner](#using-the-bfg-repo-cleaner). It's faster and simpler than +If you can continue to use the original project, we recommend [using +BFG](#using-the-bfg-repo-cleaner), a tool that's built and +maintained by the open source community. It's faster and simpler than `git filter-branch`, and GitLab can use its account of what has changed to clean up its own internal state, maximizing the space saved. @@ -54,7 +56,7 @@ removed from the repository. > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/19376) in GitLab 11.6. -1. [Install BFG](https://rtyley.github.io/bfg-repo-cleaner/). +1. [Install BFG](https://rtyley.github.io/bfg-repo-cleaner/) from its open source community repository. 1. Navigate to your repository: @@ -99,7 +101,7 @@ removed from the repository.  Upload the `object-id-map.old-new.txt` file and press **Start cleanup**. - This will remove any internal git references to the old commits, and run + This will remove any internal Git references to the old commits, and run `git gc` against the repository. You will receive an email once it has completed. diff --git a/doc/user/project/repository/web_editor.md b/doc/user/project/repository/web_editor.md index a3cfa48e27e..944720c3863 100644 --- a/doc/user/project/repository/web_editor.md +++ b/doc/user/project/repository/web_editor.md @@ -117,7 +117,7 @@ the description field will automatically display the [issue closing pattern](../ merge request is merged. [project-services-doc]: ../integrations/project_services.md -[auto-deploy-doc]: ../../../ci/autodeploy/index.md +[auto-deploy-doc]: ../../../topics/autodevops/index.md#auto-deploy ### Create a new branch from a project's dashboard diff --git a/doc/user/project/service_desk.md b/doc/user/project/service_desk.md index 3f3536838e7..0ca34c4ed02 100644 --- a/doc/user/project/service_desk.md +++ b/doc/user/project/service_desk.md @@ -1,6 +1,6 @@ # Service Desk **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/149) in [GitLab Premium 9.1](https://about.gitlab.com/2017/04/22/gitlab-9-1-released/#service-desk-eep). +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/149) in [GitLab Premium 9.1](https://about.gitlab.com/blog/2017/04/22/gitlab-9-1-released/#service-desk-eep). ## Overview @@ -18,7 +18,7 @@ As Service Desk is built right into GitLab itself, the complexity and inefficien of multiple tools and external integrations are eliminated, significantly shortening the cycle time from feedback to software update. -For an overview, check the video demonstration on [GitLab Service Desk](https://about.gitlab.com/2017/05/09/demo-service-desk/). +For an overview, check the video demonstration on [GitLab Service Desk](https://about.gitlab.com/blog/2017/05/09/demo-service-desk/). ## Use cases @@ -50,7 +50,7 @@ users will only see the thread through email. > **Note:** Service Desk is enabled on GitLab.com. If you're a -[Silver subscriber](https://about.gitlab.com/gitlab-com/), +[Silver subscriber](https://about.gitlab.com/pricing/#gitlab-com), you can skip the step 1 below; you only need to enable it per project. 1. [Set up incoming email](../../administration/incoming_email.md#set-it-up) for the GitLab instance. This must diff --git a/doc/user/project/settings/img/sharing_and_permissions_settings.png b/doc/user/project/settings/img/sharing_and_permissions_settings.png Binary files differdeleted file mode 100644 index 6cb89c6ea1d..00000000000 --- a/doc/user/project/settings/img/sharing_and_permissions_settings.png +++ /dev/null diff --git a/doc/user/project/settings/img/sharing_and_permissions_settings_v12_3.png b/doc/user/project/settings/img/sharing_and_permissions_settings_v12_3.png Binary files differnew file mode 100644 index 00000000000..cf7fdfe4cce --- /dev/null +++ b/doc/user/project/settings/img/sharing_and_permissions_settings_v12_3.png diff --git a/doc/user/project/settings/import_export.md b/doc/user/project/settings/import_export.md index 948102110f3..9449ab6d10f 100644 --- a/doc/user/project/settings/import_export.md +++ b/doc/user/project/settings/import_export.md @@ -65,6 +65,7 @@ The following items will be exported: - Project configuration, including services - Issues with comments, merge requests with diffs and comments, labels, milestones, snippets, and other project entities +- Design Management files and data **(PREMIUM)** - LFS objects - Issue boards diff --git a/doc/user/project/settings/index.md b/doc/user/project/settings/index.md index 66a861faf93..131999dbf60 100644 --- a/doc/user/project/settings/index.md +++ b/doc/user/project/settings/index.md @@ -24,7 +24,7 @@ The project description also partially supports [standard markdown](../../markdo Set up your project's access, [visibility](../../../public_access/public_access.md), and enable [Container Registry](../../packages/container_registry/index.md) for your projects: - + If Issues are disabled, or you can't access Issues because you're not a project member, then Labels and Milestones links will be missing from the sidebar UI. diff --git a/doc/user/reserved_names.md b/doc/user/reserved_names.md index 16d032217b3..b160cb03f94 100644 --- a/doc/user/reserved_names.md +++ b/doc/user/reserved_names.md @@ -4,7 +4,8 @@ Not all project & group names are allowed because they would conflict with existing routes used by GitLab. For a list of words that are not allowed to be used as group or project names, see the -[`path_regex.rb` file][reserved] under the `TOP_LEVEL_ROUTES`, `PROJECT_WILDCARD_ROUTES` and `GROUP_ROUTES` lists: +[`path_regex.rb` file](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/path_regex.rb) +under the `TOP_LEVEL_ROUTES`, `PROJECT_WILDCARD_ROUTES` and `GROUP_ROUTES` lists: - `TOP_LEVEL_ROUTES`: are names that are reserved as usernames or top level groups - `PROJECT_WILDCARD_ROUTES`: are names that are reserved for child groups or projects. @@ -40,52 +41,50 @@ It is currently not possible to create a project with the following names: Currently the following names are reserved as top level groups: -- \- -- .well-known -- 404.html -- 422.html -- 500.html -- 502.html -- 503.html -- abuse_reports -- admin -- api -- apple-touch-icon-precomposed.png -- apple-touch-icon.png -- assets -- autocomplete -- ci -- dashboard -- deploy.html -- explore -- favicon.ico -- favicon.png -- files -- groups -- health_check -- help -- import -- invites -- jwt -- login -- notification_settings -- oauth -- profile -- projects -- public -- robots.txt -- s -- search -- sent_notifications -- slash-command-logo.png -- snippets -- unsubscribes -- uploads -- users -- v2 +- `\-` +- `.well-known` +- `404.html` +- `422.html` +- `500.html` +- `502.html` +- `503.html` +- `abuse_reports` +- `admin` +- `api` +- `apple-touch-icon-precomposed.png` +- `apple-touch-icon.png` +- `assets` +- `autocomplete` +- `ci` +- `dashboard` +- `deploy.html` +- `explore` +- `favicon.ico` +- `favicon.png` +- `files` +- `groups` +- `health_check` +- `help` +- `import` +- `invites` +- `jwt` +- `login` +- `notification_settings` +- `oauth` +- `profile` +- `projects` +- `public` +- `robots.txt` +- `s` +- `search` +- `sent_notifications` +- `slash-command-logo.png` +- `snippets` +- `unsubscribes` +- `uploads` +- `users` +- `v2` These group names are unavailable as subgroup names: -- \- - -[reserved]: https://gitlab.com/gitlab-org/gitlab-foss/blob/master/lib/gitlab/path_regex.rb +- `\-` diff --git a/doc/user/snippets.md b/doc/user/snippets.md index e55a407295e..77997c53210 100644 --- a/doc/user/snippets.md +++ b/doc/user/snippets.md @@ -70,8 +70,8 @@ To embed a snippet, first make sure that: - In **Project > Settings > Permissions**, the snippets permissions are set to **Everyone with access** -Once the above conditions are met, the "Embed" section will appear in your snippet -where you can simply click on the "Copy to clipboard" button. This copies a one-line +Once the above conditions are met, the "Embed" section will appear in your +snippet where you can simply click on the "Copy" button. This copies a one-line script that you can add to any website or blog post. Here's how an example code looks like: |
