Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-02-11 00:09:24 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-02-11 00:09:24 +0300
commit: 02c3b2af448be6a5004e8d833cbcbf8e5f185210 (patch)
tree: 27359dc5c21a8901c9eb95a0101cb97087b1f4ac /doc/user
parent: 577bb49691b11bc8ebae3a4966153ed39af60d87 (diff)
5 files changed, 82 insertions, 26 deletions
diff --git a/doc/user/admin_area/img/impersonate_user_button_v13_8.png b/doc/user/admin_area/img/impersonate_user_button_v13_8.png
new file mode 100644
index 00000000000..2c44c2bd28c
--- /dev/null
+++ b/doc/user/admin_area/img/impersonate_user_button_v13_8.png
diff --git a/doc/user/admin_area/index.md b/doc/user/admin_area/index.md
index f9702dd0d32..fc0c43f6667 100644
--- a/doc/user/admin_area/index.md
+++ b/doc/user/admin_area/index.md
@@ -144,6 +144,19 @@ To search for users, enter your criteria in the search field. The user search is
 insensitive, and applies partial matching to name and username. To search for an email address,
 you must provide the complete email address.
 
+#### User impersonation
+
+An administrator can "impersonate" any other user, including other administrator users.
+This allows the administrator to "see what the user sees," and take actions on behalf of the user.
+You can impersonate a user in the following ways:
+
+- Through the UI, by selecting **Admin Area > Overview > Users > [Select a user] > Impersonate**.
+- With the API, using [impersonation tokens](../../api/README.md#impersonation-tokens).
+
+All impersonation activities are [captured with audit events](../../administration/audit_events.md#impersonation-data).
+
+![user impersonation button](img/impersonate_user_button_v13_8.png)
+
 #### Users statistics
 
 The **Users statistics** page provides an overview of user accounts by role. These statistics are
diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md
index 4a7fbec43e8..ae4234faa6e 100644
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -776,7 +776,7 @@ A site profile contains the following:
 - **Profile name**: A name you assign to the site to be scanned.
 - **Target URL**: The URL that DAST runs against.
 
-## Site profile validation
+### Site profile validation
 
 > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/233020) in GitLab 13.8.
 
@@ -799,37 +799,51 @@ To create a site profile:
 
 1. From your project's home page, go to **Security & Compliance > Configuration**.
 1. Select **Manage** in the **DAST Profiles** row.
-1. Select **New Profile > Site Profile**.
-1. Type in a unique **Profile name** and **Target URL** then select **Save profile**.
+1. Select **New > Site Profile**.
+1. Complete the fields then select **Save profile**.
+
+The site profile is created.
 
 ### Edit a site profile
 
 To edit an existing site profile:
 
 1. From your project's home page, go to **Security & Compliance > Configuration**.
-1. Select **Manage** in the **DAST Profiles** row.
-1. Select **Edit** in the row of the profile to edit.
-1. Edit the **Profile name** and **Target URL**, then select **Save profile**.
+1. In the **DAST Profiles** row select **Manage**.
+1. Select the **Site Profiles** tab.
+1. In the profile's row select the **More actions** (**{ellipsis_v}**) menu, then select **Edit**.
+1. Edit the fields then select **Save profile**.
+
+The site profile is updated with the edited details.
 
 ### Delete a site profile
 
 To delete an existing site profile:
 
 1. From your project's home page, go to **Security & Compliance > Configuration**.
-1. Select **Manage** in the **DAST Profiles** row.
-1. Select **{remove}** (Delete profile) in the row of the profile to delete.
+1. In the **DAST Profiles** row select **Manage**.
+1. Select the **Site Profiles** tab.
+1. In the profile's row select the **More actions** (**{ellipsis_v}**) menu, then select **Delete**.
+1. Select **Delete** to confirm the deletion.
+
+The site profile is deleted.
 
 ### Validate a site profile
 
+Prerequisites:
+
+- A site profile.
+
 To validate a site profile:
 
 1. From your project's home page, go to **Security & Compliance > Configuration**.
-1. Select **Manage** in the **DAST Profiles** row.
-1. Select **Validate target site** beside the profile to validate.
+1. In the **DAST Profiles** row select **Manage**.
+1. Select the **Site Profiles** tab.
+1. In the profile's row select **Validate** or **Retry validation**.
 1. Select the validation method.
    1. For **Text file validation**:
       1. Download the validation file listed in **Step 2**.
-      1. Upload the validation file to the host. You can upload the file to the location in
+      1. Upload the validation file to the host. Upload the file to the location in
          **Step 3** or any location you prefer.
       1. Select **Validate**.
    1. For **Header validation**:
@@ -840,22 +854,23 @@ To validate a site profile:
 
 The site is validated and an active scan can run against it.
 
-If a validated site profile's target URL is edited, the site is no longer validated.
+If a validated site profile's target URL is edited, the site's validation status is revoked.
 
-### Revoke a site validation
+### Revoke a site profile's validation status
 
-To revoke validation from a site profile:
+Note that all site profiles with the same URL have their validation status revoked.
+
+To revoke a site profile's validation status:
 
 1. From your project's home page, go to **Security & Compliance > Configuration**.
-1. Select **Manage** in the **DAST Profiles** row.
+1. In the **DAST Profiles** row select **Manage**.
 1. Select **Revoke validation** beside the validated profile.
-1. Select **Revoke validation**.
 
-The site profile's validation is revoked. An active scan cannot be run against it or any other profile with the same URL.
+The site profile's validation status is revoked.
 
 #### Validated site profile headers
 
-The following are code samples of how you could provide the required site profile header in your
+The following are code samples of how you can provide the required site profile header in your
 application.
 
 ##### Ruby on Rails example for on-demand scan
@@ -900,27 +915,26 @@ app.get('/dast-website-target', function(req, res) {
 ## Scanner profile
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/222767) in GitLab 13.4.
+> - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/225804) in GitLab 13.5: scan mode, AJAX spider, debug messages.
 
 A scanner profile defines the scanner settings used to run an on-demand scan:
 
 - **Profile name:** A name you give the scanner profile. For example, "Spider_15".
+- **Scan mode:** A passive scan monitors all HTTP messages (requests and responses) sent to the target. An active scan attacks the target to find potential vulnerabilities.
 - **Spider timeout:** The maximum number of minutes allowed for the spider to traverse the site.
 - **Target timeout:** The maximum number of seconds DAST waits for the site to be available before
   starting the scan.
-- **Scan mode:** A passive scan monitors all HTTP messages (requests and responses) sent to the target. An active scan attacks the target to find potential vulnerabilities.
 - **AJAX spider:**  Run the AJAX spider, in addition to the traditional spider, to crawl the target site.
 - **Debug messages:** Include debug messages in the DAST console output.
 
-Scan mode, AJAX spider, Debug messages are [added in GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/225804)
-
 ### Create a scanner profile
 
 To create a scanner profile:
 
 1. From your project's home page, go to **Security & Compliance > Configuration**.
-1. Click **Manage** in the **DAST Profiles** row.
-1. Click **New Profile > Scanner Profile**.
-1. Enter a unique **Profile name**, the desired **Spider timeout**, and the **Target timeout**.
+1. In the **DAST Profiles** row select **Manage**.
+1. Select **New > Scanner Profile**.
+1. Complete the form. For details of each field, see [Scanner profile](#scanner-profile).
 1. Click **Save profile**.
 
 ### Edit a scanner profile
@@ -929,7 +943,12 @@ To edit a scanner profile:
 
 1. From your project's home page, go to **Security & Compliance > Configuration**.
 1. Click **Manage** in the **DAST Profiles** row.
-1. Click **Edit** in the scanner profile's row.
+1. Select the **Scanner Profiles** tab.
+1. In the scanner's row select the **More actions** (**{ellipsis_v}**) menu, then select **Edit**.
+1. Edit the form.
+1. Select **Save profile**.
+
+The scanner profile is updated with the edited details.
 
 ### Delete a scanner profile
 
@@ -937,7 +956,11 @@ To delete a scanner profile:
 
 1. From your project's home page, go to **Security & Compliance > Configuration**.
 1. Click **Manage** in the **DAST Profiles** row.
-1. Click **{remove}** (Delete profile) in the scanner profile's row.
+1. Select the **Scanner Profiles** tab.
+1. In the scanner's row select the **More actions** (**{ellipsis_v}**) menu, then select **Delete**.
+1. Select **Delete**.
+
+The scanner profile is deleted.
 
 ## Reports
 
diff --git a/doc/user/project/clusters/add_remove_clusters.md b/doc/user/project/clusters/add_remove_clusters.md
index 0ff22b47e10..718c60ccf0e 100644
--- a/doc/user/project/clusters/add_remove_clusters.md
+++ b/doc/user/project/clusters/add_remove_clusters.md
@@ -387,3 +387,13 @@ If you encounter this error while adding a Kubernetes cluster, ensure you're
 properly pasting the service token. Some shells may add a line break to the
 service token, making it invalid. Ensure that there are no line breaks by
 pasting your token into an editor and removing any additional spaces.
+
+You may also experience this error if your certificate is not valid. To check that your certificate's
+subject alternative names contain the correct domain for your cluster's API, run this:
+
+```shell
+echo | openssl s_client -showcerts -connect kubernetes.example.com:443 2>/dev/null |
+openssl x509 -inform pem -noout -text
+```
+
+Note that the `-connect` argument expects a `host:port` combination. For example, `https://kubernetes.example.com` would be `kubernetes.example.com:443`.
diff --git a/doc/user/project/releases/index.md b/doc/user/project/releases/index.md
index d03cc0495c1..b5751797870 100644
--- a/doc/user/project/releases/index.md
+++ b/doc/user/project/releases/index.md
@@ -475,6 +475,16 @@ terminal.
 Read the [Release CLI documentation](https://gitlab.com/gitlab-org/release-cli/-/blob/master/docs/index.md)
 for details.
 
+## Release Metrics **(PREMIUM)**
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259703) in GitLab Premium 13.9.
+
+Group-level release metrics are available by navigating to **Group > Analytics > CI/CD**.
+These metrics include:
+
+- Total number of releases in the group
+- Percentage of projects in the group that have at least one release
+
 <!-- ## Troubleshooting
 
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-02-11 00:09:24 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-02-11 00:09:24 +0300
commit	02c3b2af448be6a5004e8d833cbcbf8e5f185210 (patch)
tree	27359dc5c21a8901c9eb95a0101cb97087b1f4ac /doc/user
parent	577bb49691b11bc8ebae3a4966153ed39af60d87 (diff)