Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-03-02 00:16:08 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-03-02 00:16:08 +0300
commit: 70fe7ce74ba4a8430c88ec6e3f4c60475a69fe21 (patch)
tree: 1f4d4419e968dc5dd2ce0d75de9a94329d9a4035 /doc/user
parent: 08da8623a90545771482a17aa7761a139790823a (diff)
8 files changed, 67 insertions, 102 deletions
diff --git a/doc/user/application_security/dependency_scanning/analyzers.md b/doc/user/application_security/dependency_scanning/analyzers.md
index 551488c0dc0..665d29c4017 100644
--- a/doc/user/application_security/dependency_scanning/analyzers.md
+++ b/doc/user/application_security/dependency_scanning/analyzers.md
@@ -50,7 +50,7 @@ Any custom change to the official analyzers can be achieved by using a
 You can switch to a custom Docker registry that provides the official analyzer
 images under a different prefix. For instance, the following instructs Dependency
 Scanning to pull `my-docker-registry/gl-images/gemnasium`
-instead of `registry.gitlab.com/gitlab-org/security-products/analyzers/gemnasium`.
+instead of `registry.gitlab.com/security-products/gemnasium`.
 In `.gitlab-ci.yml` define:
 
 ```yaml
diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md
index 912e8513b0f..6757a043321 100644
--- a/doc/user/application_security/dependency_scanning/index.md
+++ b/doc/user/application_security/dependency_scanning/index.md
@@ -892,11 +892,11 @@ import the following default dependency scanning analyzer images from `registry.
 your [local Docker container registry](../../packages/container_registry/index.md):
 
 ```plaintext
-registry.gitlab.com/gitlab-org/security-products/analyzers/gemnasium:2
-registry.gitlab.com/gitlab-org/security-products/analyzers/gemnasium-maven:2
-registry.gitlab.com/gitlab-org/security-products/analyzers/gemnasium-python:2
-registry.gitlab.com/gitlab-org/security-products/analyzers/retire.js:2
-registry.gitlab.com/gitlab-org/security-products/analyzers/bundler-audit:2
+registry.gitlab.com/security-products/gemnasium:2
+registry.gitlab.com/security-products/gemnasium-maven:2
+registry.gitlab.com/security-products/gemnasium-python:2
+registry.gitlab.com/security-products/retire.js:2
+registry.gitlab.com/security-products/bundler-audit:2
 ```
 
 The process for importing Docker images into a local offline Docker registry depends on
diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md
index 6a0b81335fd..632c5804afb 100644
--- a/doc/user/application_security/index.md
+++ b/doc/user/application_security/index.md
@@ -110,11 +110,9 @@ For more details about each of the security scanning tools, see their respective
 
 ### Override the default registry base address
 
-By default, GitLab security scanners use `registry.gitlab.com/gitlab-org/security-products/analyzers` as the
+By default, GitLab security scanners use `registry.gitlab.com/security-products` as the
 base address for Docker images. You can override this globally by setting the CI/CD variable
-`SECURE_ANALYZERS_PREFIX` to another location. Note that this affects all scanners at once, except
-the container-scanning analyzer which uses
-`registry.gitlab.com/security-products/container-scanning` as its registry.
+`SECURE_ANALYZERS_PREFIX` to another location. Note that this affects all scanners at once.
 
 ### Use security scanning tools with merge request pipelines
 
diff --git a/doc/user/application_security/offline_deployments/index.md b/doc/user/application_security/offline_deployments/index.md
index 915e43d0fa5..7aeb094093c 100644
--- a/doc/user/application_security/offline_deployments/index.md
+++ b/doc/user/application_security/offline_deployments/index.md
@@ -179,7 +179,7 @@ set -ux
 
 # Specify needed analyzer images
 analyzers=${SAST_ANALYZERS:-"bandit eslint gosec"}
-gitlab=registry.gitlab.com/gitlab-org/security-products/analyzers/
+gitlab=registry.gitlab.com/security-products/
 
 for i in "${analyzers[@]}"
 do
diff --git a/doc/user/clusters/management_project_template.md b/doc/user/clusters/management_project_template.md
index 47c743e1c60..9338d9b8603 100644
--- a/doc/user/clusters/management_project_template.md
+++ b/doc/user/clusters/management_project_template.md
@@ -4,93 +4,57 @@ group: Configure
 info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
 ---
 
-# Manage cluster applications **(FREE)**
+# Sample GitLab CI/CD project for Kubernetes **(FREE)**
 
 > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25318) in GitLab 12.10 with Helmfile support via Helm v2.
 > - Helm v2 support was [dropped](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/63577) in GitLab 14.0. Use Helm v3 instead.
 > - [Migrated](https://gitlab.com/gitlab-org/project-templates/cluster-management/-/merge_requests/24) to the GitLab agent in GitLab 14.5.
 
-Use a repository to install, manage, and deploy clusters applications through code.
+GitLab provides a cluster management project template, which you use
+to create a project. The project includes cluster applications that integrate with GitLab
+and extend GitLab functionality. You can use the pattern shown in the project to extend
+your custom cluster applications.
 
-## Cluster Management Project Template
+## Use one project for the agent and your manifests
 
-The Cluster Management Project Template provides you a baseline to get
-started and flexibility to customize your project to your cluster's needs.
-For instance, you can:
+If you **have not yet** used the agent to connect your cluster with GitLab:
 
-- Extend the CI/CD configuration.
-- Configure the built-in cluster applications.
-- Remove the built-in cluster applications you don't need.
-- Add other cluster applications using the same structure as the ones already available.
+1. [Create a project from the cluster management project template](#create-a-project-based-on-the-cluster-management-project-template).
+1. [Configure the project for the agent](agent/install/index.md).
+1. In your project's settings, create an
+   [environment variable](../../ci/variables/index.md#add-a-cicd-variable-to-a-project) named `$KUBE_CONTEXT`
+   and set the value to `path/to/agent-configuration-project:your-agent-name`.
+1. [Configure the files](#configure-the-project) as needed.
 
-The template contains the following [components](#configure-the-available-components):
+## Use separate projects for the agent and your manifests
 
-- A pre-configured `.gitlab-ci.yml`file so that you can configure CI/CD pipelines using [the agent for Kubernetes](agent/ci_cd_tunnel.md).
-- A pre-configured [Helmfile](https://github.com/roboll/helmfile) so that
-you can manage cluster applications with [Helm v3](https://helm.sh/).
-- An `applications` directory with a `helmfile.yaml` configured for each
-application available in the template.
+If you have already configured the agent and connected a cluster with GitLab:
 
-## Use the agent with the Cluster Management Project Template
+1. [Create a project from the cluster management project template](#create-a-project-based-on-the-cluster-management-project-template).
+1. In the project where you configured your agent,
+   [grant the agent access to the new project](agent/ci_cd_tunnel.md#authorize-the-agent).
+1. In the new project, create an
+   [environment variable](../../ci/variables/index.md#add-a-cicd-variable-to-a-project) named `$KUBE_CONTEXT`
+   and set the value to `path/to/agent-configuration-project:your-agent-name`.
+1. In the new project, [configure the files](#configure-the-project) as needed.
 
-To use a new project created from the Cluster Management Project Template
-with a cluster connected to GitLab through the [GitLab agent](agent/index.md),
-you have two options:
+## Create a project based on the cluster management project template
 
-- [Use one single project](#single-project) to configure the agent and manage cluster applications.
-- [Use separate projects](#separate-projects) - one to configure the agent and another to manage cluster applications.
+To create a project from the cluster management project template:
 
-### Single project
+1. On the top bar, select **Menu > Projects > Create new project**.
+1. Select **Create from template**.
+1. From the list of templates, next to **GitLab Cluster Management**, select **Use template**.
+1. Enter the project details.
+1. Select **Create project**.
 
-This setup is particularly useful when you haven't connected your cluster
-to GitLab through the agent yet and you want to use the Cluster Management
-Project Template to manage cluster applications.
+If you use self-managed GitLab, your instance might not include the latest version of the template.
+In that case, select **Import project**, **Repo by URL** and for the **Git repository URL**, enter
+`https://gitlab.com/gitlab-org/project-templates/cluster-management.git`.
 
-To use one single project to configure the agent and to manage cluster applications:
+## Configure the project
 
-1. [Create a new project from the Cluster Management Project Template](#create-a-new-project-based-on-the-cluster-management-template).
-1. Configure the new project as the [agent's configuration repository](agent/repository.md)
-(where the agent is registered and its `config.yaml` is stored).
-1. From your project's settings, add a [new environment variable](../../ci/variables/index.md#add-a-cicd-variable-to-a-project) `$KUBE_CONTEXT` and set it to `path/to/agent-configuration-project:your-agent-name`.
-1. [Configure the components](#configure-the-available-components) inherited from the template.
-
-### Separate projects
-
-This setup is particularly useful **when you already have a cluster** connected
-to GitLab through the agent and want to use the Cluster Management
-Project Template to manage cluster applications.
-
-To use one project to configure the agent ("project A") and another project to
-manage cluster applications ("project B"), follow the steps below.
-
-We assume that you already have a cluster connected through the agent and
-[configured through the agent's configuration repository](agent/repository.md)
-("project A").
-
-1. [Create a new project from the Cluster Management Project Template](#create-a-new-project-based-on-the-cluster-management-template).
-This new project is "project B".
-1. In your "project A", [grant the agent access to the new project (B)](agent/ci_cd_tunnel.md#authorize-the-agent).
-1. From the "project's B" settings, add a [new environment variable](../../ci/variables/index.md#add-a-cicd-variable-to-a-project) `$KUBE_CONTEXT` and set it to `path/to/agent-configuration-project:your-agent-name`.
-1. In "project B", [configure the components](#configure-the-available-components) inherited from the template.
-
-## Create a new project based on the Cluster Management Template
-
-To get started, create a new project based on the Cluster Management
-project template to use as a cluster management project.
-
-You can either create the new project from the template or import the
-project from the URL. Importing the project is useful if you are using
-a GitLab self-managed instance that may not have the latest version of
-the template.
-
-To [create the new project](../project/working_with_projects.md#create-a-project):
-
-- From the template: select the **GitLab Cluster Management** project template.
-- Importing from the URL: use `https://gitlab.com/gitlab-org/project-templates/cluster-management.git`.
-
-## Configure the available components
-
-Use the available components to configure your cluster applications:
+After you use the cluster management template to create a project, you can configure:
 
 - [The `.gitlab-ci.yml` file](#the-gitlab-ciyml-file).
 - [The main `helmfile.yml` file](#the-main-helmfileyml-file).
@@ -98,22 +62,22 @@ Use the available components to configure your cluster applications:
 
 ### The `.gitlab-ci.yml` file
 
-The base image used in your pipeline is built by the [cluster-applications](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications)
-project. This image consists of a set of Bash utility scripts to support [Helm v3 releases](https://helm.sh/docs/intro/using_helm/#three-big-concepts):
+The `.gitlab-ci.yml` file:
 
-- `gl-fail-if-helm2-releases-exist {namespace}`: It tries to detect whether you have apps deployed through Helm v2
-  releases for a given namespace. If so, it will fail the pipeline and ask you to manually
-  [migrate your Helm v2 releases to Helm v3](https://helm.sh/docs/topics/v2_v3_migration/).
-- `gl-ensure-namespace {namespace}`: It creates the given namespace if it does not exist and adds the necessary label
-  for the [Cilium](https://github.com/cilium/cilium/) app network policies to work.
-- `gl-adopt-resource-with-helm-v3 {arguments}`: Used only internally in the [cert-manager's](https://cert-manager.io/) Helmfile to
-  facilitate the GitLab Managed Apps adoption.
-- `gl-adopt-crds-with-helm-v3 {arguments}`: Used only internally in the [cert-manager's](https://cert-manager.io/) Helmfile to
-  facilitate the GitLab Managed Apps adoption.
-- `gl-helmfile {arguments}`: A thin wrapper that triggers the [Helmfile](https://github.com/roboll/helmfile) command.
+- Ensures you are on Helm version 3.
+- Deploys the enabled applications from the project.
+
+You can edit and extend the pipeline definitions.
+
+The base image used in the pipeline is built by the
+[cluster-applications](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications) project.
+This image contains a set of Bash utility scripts to support [Helm v3 releases](https://helm.sh/docs/intro/using_helm/#three-big-concepts).
 
 ### The main `helmfile.yml` file
 
+The template contains a [Helmfile](https://github.com/roboll/helmfile) you can use to manage
+cluster applications with [Helm v3](https://helm.sh/).
+
 This file has a list of paths to other Helmfiles for each app. They're all commented out by default, so you must uncomment
 the paths for the apps that you would like to use in your cluster.
 
@@ -124,6 +88,9 @@ from your cluster. [Read more](https://github.com/roboll/helmfile) about how Hel
 
 ### Built-in applications
 
+The template contains an `applications` directory with a `helmfile.yaml` configured for each
+application in the template.
+
 The [built-in supported applications](https://gitlab.com/gitlab-org/project-templates/cluster-management/-/tree/master/applications) are:
 
 - [Apparmor](../infrastructure/clusters/manage/management_project_applications/apparmor.md)
@@ -138,8 +105,8 @@ The [built-in supported applications](https://gitlab.com/gitlab-org/project-temp
 - [Sentry](../infrastructure/clusters/manage/management_project_applications/sentry.md)
 - [Vault](../infrastructure/clusters/manage/management_project_applications/vault.md)
 
-#### Customize your applications
+Each application has an `applications/{app}/values.yaml` file.
+For GitLab Runner, the file is `applications/{app}/values.yaml.gotmpl`.
 
-Each app has an `applications/{app}/values.yaml` file (`applications/{app}/values.yaml.gotmpl` in case of GitLab Runner). This is the
-place where you can define default values for your app's Helm chart. Some apps already have defaults
-pre-defined by GitLab.
+In this file, you can define default values for your app's Helm chart.
+Some apps already have defaults defined.
diff --git a/doc/user/clusters/migrating_from_gma_to_project_template.md b/doc/user/clusters/migrating_from_gma_to_project_template.md
index b2ba1bef338..ef804331026 100644
--- a/doc/user/clusters/migrating_from_gma_to_project_template.md
+++ b/doc/user/clusters/migrating_from_gma_to_project_template.md
@@ -20,7 +20,7 @@ To migrate from GitLab Managed Apps to a Cluster Management Project,
 follow the steps below.
 See also [video walk-throughs](#video-walk-throughs) with examples.
 
-1. Create a new project based on the [Cluster Management Project template](management_project_template.md#create-a-new-project-based-on-the-cluster-management-template).
+1. Create a new project based on the [Cluster Management Project template](management_project_template.md#create-a-project-based-on-the-cluster-management-project-template).
 1. [Associate your new Cluster Management Project with your cluster](management_project.md#associate-the-cluster-management-project-with-the-cluster).
 1. Detect apps deployed through Helm v2 releases by using the pre-configured [`.gitlab-ci.yml`](management_project_template.md#the-gitlab-ciyml-file) file:
    - In case you had overwritten the default GitLab Managed Apps namespace, edit `.gitlab-ci.yml`,
diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md
index 5758c8d81f4..504f798c439 100644
--- a/doc/user/compliance/license_compliance/index.md
+++ b/doc/user/compliance/license_compliance/index.md
@@ -650,7 +650,7 @@ import the following default License Compliance analyzer images from `registry.g
 offline [local Docker container registry](../../packages/container_registry/index.md):
 
 ```plaintext
-registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:latest
+registry.gitlab.com/security-products/license-finder:latest
 ```
 
 The process for importing Docker images into a local offline Docker registry depends on
@@ -853,7 +853,7 @@ A full list of variables can be found in [CI/CD variables](#available-cicd-varia
 To find out what tools are pre-installed in the `license_scanning` Docker image use the following command:
 
 ```shell
-$ docker run --entrypoint='' registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:3 /bin/bash -lc 'asdf list'
+$ docker run --entrypoint='' registry.gitlab.com/security-products/license-finder:3 /bin/bash -lc 'asdf list'
 golang
   1.14
 gradle
@@ -880,7 +880,7 @@ sbt
 To interact with the `license_scanning` runtime environment use the following command:
 
 ```shell
-$ docker run -it --entrypoint='' registry.gitlab.com/gitlab-org/security-products/analyzers/license-finder:3 /bin/bash -l
+$ docker run -it --entrypoint='' registry.gitlab.com/security-products/license-finder:3 /bin/bash -l
 root@6abb70e9f193:~#
 ```
 
diff --git a/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md b/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md
index 0cff98fb324..01530422e4a 100644
--- a/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md
+++ b/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md
@@ -74,7 +74,7 @@ Follow the process to [migrate from GitLab Managed Apps to the cluster managemen
 
 ## Migrate a cluster management project
 
-See [how to use a cluster management project with the GitLab agent](../../clusters/management_project_template.md#use-the-agent-with-the-cluster-management-project-template).
+See [how to use a cluster management project with the GitLab agent](../../clusters/management_project_template.md).
 
 ## Migrate cluster monitoring features
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-03-02 00:16:08 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-03-02 00:16:08 +0300
commit	70fe7ce74ba4a8430c88ec6e3f4c60475a69fe21 (patch)
tree	1f4d4419e968dc5dd2ce0d75de9a94329d9a4035 /doc/user
parent	08da8623a90545771482a17aa7761a139790823a (diff)