diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-13 12:09:23 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-13 12:09:23 +0300 |
| commit | 4cb5e5011abfe8d50ac3a7ebd0018c563c6d7af4 (patch) | |
| tree | 82591df15758864325897043f855b4e4dfcb6a56 /doc | |
| parent | 0301a0cad0063d76b1607358dc6c711ea043fdda (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
60 files changed, 209 insertions, 115 deletions
diff --git a/doc/.linting/vale/styles/gitlab/SentenceSpacing.yml b/doc/.linting/vale/styles/gitlab/SentenceSpacing.yml index 0fc8bfedadc..b061f7f6f9e 100644 --- a/doc/.linting/vale/styles/gitlab/SentenceSpacing.yml +++ b/doc/.linting/vale/styles/gitlab/SentenceSpacing.yml @@ -1,12 +1,15 @@ --- -# Checks the presence of more than one space between sentences or clauses. +# Check for the following in common content scenarios: +# +# - No spaces. +# - More than one space. # # For a list of all options, see https://errata-ai.github.io/vale/styles/ extends: existence -message: "'%s' should have one space between sentences or clauses." +message: '"%s" must contain one and only one space.' link: https://docs.gitlab.com/ee/development/documentation/styleguide.html#punctuation -level: warning +level: error nonword: true tokens: - '[a-z][.?!,][A-Z]' - - '[.?!,] {2,}[\w]' + - '[\w.?!,\(\)\-":] {2,}[\w.?!,\(\)\-":]' diff --git a/doc/README.md b/doc/README.md index 44d8b3b1932..198f37c9ea1 100644 --- a/doc/README.md +++ b/doc/README.md @@ -109,7 +109,7 @@ The following documentation relates to the DevOps **Plan** stage: | Plan Topics | Description | |:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------| | [Burndown Charts](user/project/milestones/burndown_charts.md) **(STARTER)** | Watch your project's progress throughout a specific milestone. | -| [Discussions](user/discussions/index.md) | Threads, comments, and resolvable threads in issues, commits, and merge requests. | +| [Discussions](user/discussions/index.md) | Threads, comments, and resolvable threads in issues, commits, and merge requests. | | [Due Dates](user/project/issues/due_dates.md) | Keep track of issue deadlines. | | [Epics](user/group/epics/index.md) **(ULTIMATE)** | Tracking groups of issues that share a theme. | | [Issues](user/project/issues/index.md), including [confidential issues](user/project/issues/confidential_issues.md),<br/>[issue and merge request templates](user/project/description_templates.md),<br/>and [moving issues](user/project/issues/managing_issues.md#moving-issues) | Project issues and restricting access to issues as well as creating templates for submitting new issues and merge requests. Also, moving issues between projects. | diff --git a/doc/administration/auth/how_to_configure_ldap_gitlab_ce/index.md b/doc/administration/auth/how_to_configure_ldap_gitlab_ce/index.md index 35620be7d7e..acb39ae0f78 100644 --- a/doc/administration/auth/how_to_configure_ldap_gitlab_ce/index.md +++ b/doc/administration/auth/how_to_configure_ldap_gitlab_ce/index.md @@ -14,7 +14,7 @@ GitLab has supported LDAP integration since [version 2.2](https://about.gitlab.c ### Choosing an LDAP Server -The main reason organizations choose to utilize a LDAP server is to keep the entire organization's user base consolidated into a central repository. Users can access multiple applications and systems across the IT environment using a single login. Because LDAP is an open, vendor-neutral, industry standard application protocol, the number of applications using LDAP authentication continues to increase. +The main reason organizations choose to utilize a LDAP server is to keep the entire organization's user base consolidated into a central repository. Users can access multiple applications and systems across the IT environment using a single login. Because LDAP is an open, vendor-neutral, industry standard application protocol, the number of applications using LDAP authentication continues to increase. There are many commercial and open source [directory servers](https://en.wikipedia.org/wiki/Directory_service#LDAP_implementations) that support the LDAP protocol. Deciding on the right directory server highly depends on the existing IT environment in which the server will be integrated with. @@ -32,9 +32,9 @@ For example, [Active Directory](https://docs.microsoft.com/en-us/previous-versio We won't cover the installation and configuration of Windows Server or Active Directory Domain Services in this tutorial. There are a number of resources online to guide you through this process: -- Install Windows Server 2012 - (`technet.microsoft.com`) - [Installing Windows Server 2012](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj134246(v=ws.11)) +- Install Windows Server 2012 - (`technet.microsoft.com`) - [Installing Windows Server 2012](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj134246(v=ws.11)) -- Install Active Directory Domain Services (AD DS) (`technet.microsoft.com`)- [Install Active Directory Domain Services](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/install-active-directory-domain-services--level-100-#BKMK_PS) +- Install Active Directory Domain Services (AD DS) (`technet.microsoft.com`) - [Install Active Directory Domain Services](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/install-active-directory-domain-services--level-100-#BKMK_PS) > **Shortcut:** You can quickly install AD DS via PowerShell using `Install-WindowsFeature AD-Domain-Services -IncludeManagementTools` diff --git a/doc/administration/geo/replication/troubleshooting.md b/doc/administration/geo/replication/troubleshooting.md index e075a2b132e..3a8219bdbc2 100644 --- a/doc/administration/geo/replication/troubleshooting.md +++ b/doc/administration/geo/replication/troubleshooting.md @@ -215,7 +215,7 @@ sudo gitlab-rake gitlab:geo:check - Ensure that you entered the `external_url` or `gitlab_rails['geo_node_name']` when adding the secondary node in the admin are of the **primary** node. - Prior to GitLab 12.4, edit the secondary node in the Admin Area of the **primary** node and ensure that there is a trailing `/` in the `Name` field. -1. Check returns Exception: PG::UndefinedTable: ERROR: relation "geo_nodes" does not exist +1. Check returns `Exception: PG::UndefinedTable: ERROR: relation "geo_nodes" does not exist` ```plaintext Checking Geo ... @@ -252,7 +252,7 @@ sudo gitlab-rake gitlab:geo:check The following sections outline troubleshooting steps for fixing replication errors. -### Message: "ERROR: replication slots can only be used if max_replication_slots > 0"? +### Message: `ERROR: replication slots can only be used if max_replication_slots > 0`? This means that the `max_replication_slots` PostgreSQL variable needs to be set on the **primary** database. In GitLab 9.4, we have made this setting @@ -263,7 +263,7 @@ Be sure to restart PostgreSQL for this to take effect. See the [PostgreSQL replication setup][database-pg-replication] guide for more details. -### Message: "FATAL: could not start WAL streaming: ERROR: replication slot "geo_secondary_my_domain_com" does not exist"? +### Message: `FATAL: could not start WAL streaming: ERROR: replication slot "geo_secondary_my_domain_com" does not exist`? This occurs when PostgreSQL does not have a replication slot for the **secondary** node by that name. diff --git a/doc/administration/gitaly/index.md b/doc/administration/gitaly/index.md index c12826c80cd..1bd027ac0c9 100644 --- a/doc/administration/gitaly/index.md +++ b/doc/administration/gitaly/index.md @@ -777,7 +777,7 @@ two checks. The result of both of these checks is cached. see if we can access filesystem underneath the Gitaly server directly. If so, use the Rugged patch. -To see if GitLab Rails can access the repo filesystem directly, we use +To see if GitLab Rails can access the repo filesystem directly, we use the following heuristic: - Gitaly ensures that the filesystem has a metadata file in its root @@ -1010,7 +1010,7 @@ unset https_proxy When updating the `gitaly['listen_addr']` or `gitaly['prometheus_listen_addr']` values, Gitaly may continue to listen on the old address after a `sudo gitlab-ctl reconfigure`. -When this occurs, performing a `sudo gitlab-ctl restart` will resolve the issue. This will no longer be necessary after [this issue](https://gitlab.com/gitlab-org/gitaly/issues/2521) is resolved. +When this occurs, performing a `sudo gitlab-ctl restart` will resolve the issue. This will no longer be necessary after [this issue](https://gitlab.com/gitlab-org/gitaly/issues/2521) is resolved. ### Praefect diff --git a/doc/administration/high_availability/README.md b/doc/administration/high_availability/README.md index e05a34a9c3e..c74beb11241 100644 --- a/doc/administration/high_availability/README.md +++ b/doc/administration/high_availability/README.md @@ -78,24 +78,41 @@ References: ## GitLab components and configuration instructions -The GitLab application depends on the following [components](../../development/architecture.md#component-diagram) -and services. They are included in the reference architectures along with our -recommendations for their use and configuration. They are presented in the order -in which you would typically configure them. - -| Component | Description | Configuration Instructions | -|-------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------| -| [Load Balancer(s)](load_balancer.md)[^6] | Handles load balancing for the GitLab nodes where required. | [Load balancer HA configuration](load_balancer.md) | -| [Consul](../../development/architecture.md#consul)[^3] | Service discovery and health checks/failover | [Consul HA configuration](consul.md) **(PREMIUM ONLY)** | -| [PostgreSQL](../../development/architecture.md#postgresql) | Database | [Database HA configuration](database.md) | -| [PgBouncer](../../development/architecture.md#pgbouncer) | Database Pool Manager | [PgBouncer HA configuration](pgbouncer.md) **(PREMIUM ONLY)** | -| [Redis](../../development/architecture.md#redis)[^3] with Redis Sentinel | Key/Value store for shared data with HA watcher service | [Redis HA configuration](redis.md) | -| [Gitaly](../../development/architecture.md#gitaly)[^2] [^5] [^7] | Recommended high-level storage for Git repository data. | [Gitaly HA configuration](gitaly.md) | -| [Sidekiq](../../development/architecture.md#sidekiq) | Asynchronous/Background jobs | | -| [Cloud Object Storage service](object_storage.md)[^4] | Recommended store for shared data objects such as LFS, Uploads, Artifacts, etc... | [Cloud Object Storage configuration](object_storage.md) | -| [GitLab application nodes](../../development/architecture.md#unicorn)[^1] | (Unicorn / Puma, Workhorse) - Web-requests (UI, API, Git over HTTP) | [GitLab app HA/scaling configuration](gitlab.md) | -| [NFS](nfs.md)[^5] [^7] | Shared disk storage service. Can be used as an alternative for Gitaly or Object Storage. Required for GitLab Pages. | [NFS configuration](nfs.md) | -| [Prometheus](../../development/architecture.md#prometheus) and [Grafana](../../development/architecture.md#grafana) | GitLab environment monitoring | [Monitoring node for scaling/HA](monitoring_node.md) | +The GitLab application depends on the following [components](../../development/architecture.md#component-diagram). +It can also depend on several third party services depending on +your environment setup. Here we'll detail both in the order in which +you would typically configure them along with our recommendations for +their use and configuration. + +### Third party services + +Here's some details of several third party services a typical environment +will depend on. The services can be provided by numerous applications +or providers and further advice can be given on how best to select. +These should be configured first, before the [GitLab components](#gitlab-components). + +| Component | Description | Configuration instructions | +|--------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------| +| [Load Balancer(s)](load_balancer.md)[^6] | Handles load balancing for the GitLab nodes where required | [Load balancer HA configuration](load_balancer.md) | +| [Cloud Object Storage service](object_storage.md)[^4] | Recommended store for shared data objects | [Cloud Object Storage configuration](object_storage.md) | +| [NFS](nfs.md)[^5] [^7] | Shared disk storage service. Can be used as an alternative for Gitaly or Object Storage. Required for GitLab Pages | [NFS configuration](nfs.md) | + +### GitLab components + +Next are all of the components provided directly by GitLab. As mentioned +earlier, they are presented in the typical order you would configure +them. + +| Component | Description | Configuration instructions | +|---------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------|---------------------------------------------------------------| +| [Consul](../../development/architecture.md#consul)[^3] | Service discovery and health checks/failover | [Consul HA configuration](consul.md) **(PREMIUM ONLY)** | +| [PostgreSQL](../../development/architecture.md#postgresql) | Database | [Database HA configuration](database.md) | +| [PgBouncer](../../development/architecture.md#pgbouncer) | Database Pool Manager | [PgBouncer HA configuration](pgbouncer.md) **(PREMIUM ONLY)** | +| [Redis](../../development/architecture.md#redis)[^3] with Redis Sentinel | Key/Value store for shared data with HA watcher service | [Redis HA configuration](redis.md) | +| [Gitaly](../../development/architecture.md#gitaly)[^2] [^5] [^7] | Recommended high-level storage for Git repository data | [Gitaly HA configuration](gitaly.md) | +| [Sidekiq](../../development/architecture.md#sidekiq) | Asynchronous/Background jobs | | +| [GitLab application nodes](../../development/architecture.md#unicorn)[^1] | (Unicorn / Puma, Workhorse) - Web-requests (UI, API, Git over HTTP) | [GitLab app HA/scaling configuration](gitlab.md) | +| [Prometheus](../../development/architecture.md#prometheus) and [Grafana](../../development/architecture.md#grafana) | GitLab environment monitoring | [Monitoring node for scaling/HA](monitoring_node.md) | In some cases, components can be combined on the same nodes to reduce complexity as well. diff --git a/doc/administration/high_availability/monitoring_node.md b/doc/administration/high_availability/monitoring_node.md index d293fc350fa..a12b865cb91 100644 --- a/doc/administration/high_availability/monitoring_node.md +++ b/doc/administration/high_availability/monitoring_node.md @@ -74,8 +74,8 @@ Omnibus: ## Migrating to Service Discovery Once monitoring using Service Discovery is enabled with `consul['monitoring_service_discovery'] = true`, -ensure that `prometheus['scrape_configs']` is not set in `/etc/gitlab/gitlab.rb`. Setting both -`consul['monitoring_service_discovery'] = true` and `prometheus['scrape_configs']` in `/etc/gitlab/gitlab.rb` +ensure that `prometheus['scrape_configs']` is not set in `/etc/gitlab/gitlab.rb`. Setting both +`consul['monitoring_service_discovery'] = true` and `prometheus['scrape_configs']` in `/etc/gitlab/gitlab.rb` will result in errors. <!-- ## Troubleshooting diff --git a/doc/administration/lfs/manage_large_binaries_with_git_lfs.md b/doc/administration/lfs/manage_large_binaries_with_git_lfs.md index 025b547c37e..da6567348aa 100644 --- a/doc/administration/lfs/manage_large_binaries_with_git_lfs.md +++ b/doc/administration/lfs/manage_large_binaries_with_git_lfs.md @@ -113,7 +113,7 @@ created or updated with the following content: ``` You can also register a file type as lockable without using LFS -(In order to be able to lock/unlock a file you need a remote server that implements the LFS File Locking API), +(In order to be able to lock/unlock a file you need a remote server that implements the LFS File Locking API), in order to do that you can edit the `.gitattributes` file manually: ```shell diff --git a/doc/administration/monitoring/performance/influxdb_configuration.md b/doc/administration/monitoring/performance/influxdb_configuration.md index 234d0dc2e88..b81f0ce1506 100644 --- a/doc/administration/monitoring/performance/influxdb_configuration.md +++ b/doc/administration/monitoring/performance/influxdb_configuration.md @@ -150,7 +150,7 @@ before creating a database. _**Note:** If you [created an admin user](#create-a-new-admin-user) and enabled [HTTP authentication](#http), remember to append the username (`-username <username>`) -and password (`-password <password>`) you set earlier to the commands below._ +and password (`-password <password>`) you set earlier to the commands below._ Run the following command to create a database named `gitlab`: diff --git a/doc/administration/troubleshooting/sidekiq.md b/doc/administration/troubleshooting/sidekiq.md index 8176ebab2e8..73598bb9441 100644 --- a/doc/administration/troubleshooting/sidekiq.md +++ b/doc/administration/troubleshooting/sidekiq.md @@ -307,4 +307,4 @@ has number of drawbacks, as mentioned in [Why Ruby’s Timeout is dangerous (and > - while creating an object to save to the database afterwards > - in any of your code, regardless of whether it could have possibly raised an exception before > -> Nobody writes code to defend against an exception being raised on literally any line. That’s not even possible. So Thread.raise is basically like a sneak attack on your code that could result in almost anything. It would probably be okay if it were pure-functional code that did not modify any state. But this is Ruby, so that’s unlikely :) +> Nobody writes code to defend against an exception being raised on literally any line. That’s not even possible. So Thread.raise is basically like a sneak attack on your code that could result in almost anything. It would probably be okay if it were pure-functional code that did not modify any state. But this is Ruby, so that’s unlikely :) diff --git a/doc/api/epic_issues.md b/doc/api/epic_issues.md index e23639ce8b0..b001749ff5b 100644 --- a/doc/api/epic_issues.md +++ b/doc/api/epic_issues.md @@ -8,7 +8,7 @@ Epics are available only in Ultimate. If epics feature is not available a `403` ## List issues for an epic -Gets all issues that are assigned to an epic and the authenticated user has access to. +Gets all issues that are assigned to an epic and the authenticated user has access to. ```plaintext GET /groups/:id/epics/:epic_iid/issues @@ -17,7 +17,7 @@ GET /groups/:id/epics/:epic_iid/issues | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | -| `epic_iid` | integer/string | yes | The internal ID of the epic. | +| `epic_iid` | integer/string | yes | The internal ID of the epic. | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/1/epics/5/issues/ @@ -113,8 +113,8 @@ POST /groups/:id/epics/:epic_iid/issues/:issue_id | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | -| `epic_iid` | integer/string | yes | The internal ID of the epic. | -| `issue_id` | integer/string | yes | The ID of the issue. | +| `epic_iid` | integer/string | yes | The internal ID of the epic. | +| `issue_id` | integer/string | yes | The ID of the issue. | ```shell curl --header POST "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/1/epics/5/issues/55 @@ -219,8 +219,8 @@ DELETE /groups/:id/epics/:epic_iid/issues/:epic_issue_id | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | -----------------------------------------------------------------------------------------------------| | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | -| `epic_iid` | integer/string | yes | The internal ID of the epic. | -| `epic_issue_id` | integer/string | yes | The ID of the issue - epic association. | +| `epic_iid` | integer/string | yes | The internal ID of the epic. | +| `epic_issue_id` | integer/string | yes | The ID of the issue - epic association. | ```shell curl --header DELETE "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/1/epics/5/issues/11 @@ -325,7 +325,7 @@ PUT /groups/:id/epics/:epic_iid/issues/:epic_issue_id | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | -----------------------------------------------------------------------------------------------------| | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | -| `epic_iid` | integer/string | yes | The internal ID of the epic. | +| `epic_iid` | integer/string | yes | The internal ID of the epic. | | `epic_issue_id` | integer/string | yes | The ID of the issue - epic association. | | `move_before_id` | integer/string | no | The ID of the issue - epic association that should be placed before the link in the question. | | `move_after_id` | integer/string | no | The ID of the issue - epic association that should be placed after the link in the question. | diff --git a/doc/api/epics.md b/doc/api/epics.md index fddf7e22d0d..0a99ac6262b 100644 --- a/doc/api/epics.md +++ b/doc/api/epics.md @@ -167,7 +167,7 @@ GET /groups/:id/epics/:epic_iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | -| `epic_iid` | integer/string | yes | The internal ID of the epic. | +| `epic_iid` | integer/string | yes | The internal ID of the epic. | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/1/epics/5 @@ -309,7 +309,7 @@ PUT /groups/:id/epics/:epic_iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | -| `epic_iid` | integer/string | yes | The internal ID of the epic | +| `epic_iid` | integer/string | yes | The internal ID of the epic | | `title` | string | no | The title of an epic | | `description` | string | no | The description of an epic. Limited to 1,048,576 characters. | | `labels` | string | no | The comma separated list of labels | @@ -379,7 +379,7 @@ DELETE /groups/:id/epics/:epic_iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| | `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | -| `epic_iid` | integer/string | yes | The internal ID of the epic. | +| `epic_iid` | integer/string | yes | The internal ID of the epic. | ```shell curl --header DELETE "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/groups/1/epics/5 diff --git a/doc/api/group_level_variables.md b/doc/api/group_level_variables.md index 95a68283f1d..1812aaa3bff 100644 --- a/doc/api/group_level_variables.md +++ b/doc/api/group_level_variables.md @@ -1,4 +1,4 @@ -# Group-level Variables API +# Group-level Variables API > [Introduced][ce-34519] in GitLab 9.5 diff --git a/doc/api/keys.md b/doc/api/keys.md index 05933e5a1d1..d4eb1161a97 100644 --- a/doc/api/keys.md +++ b/doc/api/keys.md @@ -24,6 +24,7 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" 'https://gitlab.example.com/a "title": "Sample key 25", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt1256k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=", "created_at": "2015-09-03T07:24:44.627Z", + "expires_at": "2020-05-05T00:00:00.000Z" "user": { "name": "John Smith", "username": "john_smith", @@ -92,6 +93,7 @@ Example response: "title": "Sample key 1", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt1016k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=", "created_at": "2019-11-14T15:11:13.222Z", + "expires_at": "2020-05-05T00:00:00.000Z" "user": { "id": 1, "name": "Administrator", diff --git a/doc/api/merge_request_context_commits.md b/doc/api/merge_request_context_commits.md index 260be467a06..4fbef3594d6 100644 --- a/doc/api/merge_request_context_commits.md +++ b/doc/api/merge_request_context_commits.md @@ -1,4 +1,4 @@ -# Merge request context commits API +# Merge request context commits API ## List MR context commits diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md index bda4f05d23d..3c31ebf067b 100644 --- a/doc/api/merge_requests.md +++ b/doc/api/merge_requests.md @@ -1296,13 +1296,13 @@ PUT /projects/:id/merge_requests/:merge_request_iid/merge Parameters: - `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user -- `merge_request_iid` (required) - Internal ID of MR -- `merge_commit_message` (optional) - Custom merge commit message -- `squash_commit_message` (optional) - Custom squash commit message -- `squash` (optional) - if `true` the commits will be squashed into a single commit on merge -- `should_remove_source_branch` (optional) - if `true` removes the source branch +- `merge_request_iid` (required) - Internal ID of MR +- `merge_commit_message` (optional) - Custom merge commit message +- `squash_commit_message` (optional) - Custom squash commit message +- `squash` (optional) - if `true` the commits will be squashed into a single commit on merge +- `should_remove_source_branch` (optional) - if `true` removes the source branch - `merge_when_pipeline_succeeds` (optional) - if `true` the MR is merged when the pipeline succeeds -- `sha` (optional) - if present, then this SHA must match the HEAD of the source branch, otherwise the merge will fail +- `sha` (optional) - if present, then this SHA must match the HEAD of the source branch, otherwise the merge will fail ```json { @@ -1457,7 +1457,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/merge_ref Parameters: - `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user -- `merge_request_iid` (required) - Internal ID of MR +- `merge_request_iid` (required) - Internal ID of MR ```json { diff --git a/doc/api/pipeline_schedules.md b/doc/api/pipeline_schedules.md index 580d7efb891..859e88d0945 100644 --- a/doc/api/pipeline_schedules.md +++ b/doc/api/pipeline_schedules.md @@ -141,7 +141,7 @@ curl --request POST --header "PRIVATE-TOKEN: k5ESFgWY2Qf5xEvDcFxZ" --form descri ## Edit a pipeline schedule -Updates the pipeline schedule of a project. Once the update is done, it will be rescheduled automatically. +Updates the pipeline schedule of a project. Once the update is done, it will be rescheduled automatically. ```plaintext PUT /projects/:id/pipeline_schedules/:pipeline_schedule_id diff --git a/doc/api/services.md b/doc/api/services.md index 061dd3f4ead..8c70033d71d 100644 --- a/doc/api/services.md +++ b/doc/api/services.md @@ -658,7 +658,7 @@ Send IRC messages, on update, to a list of recipients through an Irker gateway. Set Irker (IRC gateway) service for a project. -> NOTE: Irker does NOT have built-in authentication, which makes it vulnerable to spamming IRC channels if it is hosted outside of a firewall. Please make sure you run the daemon within a secured network to prevent abuse. For more details, read: <http://www.catb.org/~esr/irker/security.html>. +> NOTE: Irker does NOT have built-in authentication, which makes it vulnerable to spamming IRC channels if it is hosted outside of a firewall. Please make sure you run the daemon within a secured network to prevent abuse. For more details, read: <http://www.catb.org/~esr/irker/security.html>. ```plaintext PUT /projects/:id/services/irker diff --git a/doc/api/settings.md b/doc/api/settings.md index 1996f1ce144..2c75c175fdd 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -239,7 +239,7 @@ are listed in the descriptions of the relevant settings. | `external_auth_client_key_pass` | string | no | Passphrase to use for the private key when authenticating with the external service this is encrypted when stored | | `external_auth_client_key` | string | required by: `external_auth_client_cert` | Private key for the certificate when authentication is required for the external authorization service, this is encrypted when stored | | `external_authorization_service_default_label` | string | required by: `external_authorization_service_enabled` | The default classification label to use when requesting authorization and no classification label has been specified on the project | -| `external_authorization_service_enabled` | boolean | no | (**If enabled, requires:** `external_authorization_service_default_label`, `external_authorization_service_timeout` and `external_authorization_service_url` ) Enable using an external authorization service for accessing projects | +| `external_authorization_service_enabled` | boolean | no | (**If enabled, requires:** `external_authorization_service_default_label`, `external_authorization_service_timeout` and `external_authorization_service_url`) Enable using an external authorization service for accessing projects | | `external_authorization_service_timeout` | float | required by: `external_authorization_service_enabled` | The timeout after which an authorization request is aborted, in seconds. When a request times out, access is denied to the user. (min: 0.001, max: 10, step: 0.001) | | `external_authorization_service_url` | string | required by: `external_authorization_service_enabled` | URL to which authorization requests will be directed | | `file_template_project_id` | integer | no | **(PREMIUM)** The ID of a project to load custom file templates from | diff --git a/doc/api/users.md b/doc/api/users.md index c80a65aae45..239afa38548 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -754,7 +754,7 @@ POST /user/keys Parameters: - `title` (required) - new SSH Key's title -- `key` (required) - new SSH key +- `key` (required) - new SSH key ```json { @@ -791,9 +791,9 @@ POST /users/:id/keys Parameters: -- `id` (required) - id of specified user +- `id` (required) - id of specified user - `title` (required) - new SSH Key's title -- `key` (required) - new SSH key +- `key` (required) - new SSH key ## Delete SSH key for current user @@ -819,7 +819,7 @@ DELETE /users/:id/keys/:key_id Parameters: - `id` (required) - id of specified user -- `key_id` (required) - SSH key ID +- `key_id` (required) - SSH key ID ## List all GPG keys @@ -1130,7 +1130,7 @@ POST /users/:id/emails Parameters: -- `id` (required) - id of specified user +- `id` (required) - id of specified user - `email` (required) - email address - `skip_confirmation` (optional) - Skip confirmation and assume e-mail is verified - true or false (default) @@ -1158,7 +1158,7 @@ DELETE /users/:id/emails/:email_id Parameters: - `id` (required) - id of specified user -- `email_id` (required) - email ID +- `email_id` (required) - email ID ## Block user diff --git a/doc/ci/examples/deployment/composer-npm-deploy.md b/doc/ci/examples/deployment/composer-npm-deploy.md index 4ca817908ed..ae0880adef2 100644 --- a/doc/ci/examples/deployment/composer-npm-deploy.md +++ b/doc/ci/examples/deployment/composer-npm-deploy.md @@ -23,7 +23,7 @@ before_script: - php -r "unlink('composer-setup.php');" ``` -This will make sure we have all requirements ready. Next, we want to run `composer install` to fetch all PHP dependencies and `npm install` to load Node.js packages, then run the `npm` script. We need to append them into `before_script` section: +This will make sure we have all requirements ready. Next, we want to run `composer install` to fetch all PHP dependencies and `npm install` to load Node.js packages, then run the `npm` script. We need to append them into `before_script` section: ```yaml before_script: diff --git a/doc/ci/jenkins/index.md b/doc/ci/jenkins/index.md index fe937bb1f3a..2678936ae70 100644 --- a/doc/ci/jenkins/index.md +++ b/doc/ci/jenkins/index.md @@ -53,7 +53,7 @@ There are some high level differences between the products worth mentioning: - by [webhook](../triggers/README.md#triggering-a-pipeline-from-a-webhook) - by [ChatOps](../chatops/README.md) - You can control which jobs run in which cases, depending on how they are triggered, +- You can control which jobs run in which cases, depending on how they are triggered, with the [`rules` syntax](../yaml/README.md#rules). - GitLab [pipeline scheduling concepts](../pipelines/schedules.md) are also different than with Jenkins. - All jobs within a single stage always run in parallel, and all stages run in sequence. We are planning @@ -78,7 +78,9 @@ There are some high level differences between the products worth mentioning: also leverage [`protected environments`](../yaml/README.md#protecting-manual-jobs-premium) to control who is able to approve them. - GitLab comes with a [container registry](../../user/packages/container_registry/index.md), and we recommend using - container images to set up your build environment. + container images to set up your build environment. For example, set up one pipeline that builds your build environment + itself and publish that to the container registry. Then, have your pipelines use this instead of each building their + own environment, which will be slower and may be less consistent. We have extensive docs on [how to use the Container Registry](../../user/packages/container_registry/index.md). - Totally stuck and not sure where to turn for advice? The [GitLab community forum](https://forum.gitlab.com/) can be a great resource. ## Groovy vs. YAML diff --git a/doc/ci/pipelines/schedules.md b/doc/ci/pipelines/schedules.md index 3bd42899542..ea98638ae53 100644 --- a/doc/ci/pipelines/schedules.md +++ b/doc/ci/pipelines/schedules.md @@ -86,7 +86,7 @@ To change the Sidekiq worker's frequency: 1. Edit the `gitlab_rails['pipeline_schedule_worker_cron']` value in your instance's `gitlab.rb` file. 1. [Reconfigure GitLab](../../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. -For GitLab.com, refer to the [dedicated settings page](../../user/gitlab_com/index.md#cron-jobs). +For GitLab.com, refer to the [dedicated settings page](../../user/gitlab_com/index.md#gitlab-cicd). ## Working with scheduled pipelines diff --git a/doc/ci/review_apps/index.md b/doc/ci/review_apps/index.md index bdef2eca1f2..e19167f6d9a 100644 --- a/doc/ci/review_apps/index.md +++ b/doc/ci/review_apps/index.md @@ -200,7 +200,8 @@ Feature.enable(:anonymous_visual_review_feedback) The feedback form is served through a script you add to pages in your Review App. If you have [Developer permissions](../../user/permissions.md) to the project, you can access it by clicking the **Review** button in the **Pipeline** section -of the merge request. +of the merge request. The form modal will also show a dropdown for changed pages +if [route maps](#route-maps) are configured in the project.  diff --git a/doc/ci/services/postgres.md b/doc/ci/services/postgres.md index bd389783a1d..4cf3e429c63 100644 --- a/doc/ci/services/postgres.md +++ b/doc/ci/services/postgres.md @@ -119,7 +119,7 @@ We have set up an [Example PostgreSQL Project][postgres-example-repo] for your convenience that runs on [GitLab.com](https://gitlab.com) using our publicly available [shared runners](../runners/README.md). -Want to hack on it? Simply fork it, commit and push your changes. Within a few +Want to hack on it? Simply fork it, commit and push your changes. Within a few moments the changes will be picked by a public runner and the job will begin. [hub-pg]: https://hub.docker.com/_/postgres diff --git a/doc/ci/services/redis.md b/doc/ci/services/redis.md index b04b36f7a04..f22ee87a9d3 100644 --- a/doc/ci/services/redis.md +++ b/doc/ci/services/redis.md @@ -66,5 +66,5 @@ We have set up an [Example Redis Project](https://gitlab.com/gitlab-examples/red that runs on [GitLab.com](https://gitlab.com) using our publicly available [shared runners](../runners/README.md). -Want to hack on it? Simply fork it, commit and push your changes. Within a few +Want to hack on it? Simply fork it, commit and push your changes. Within a few moments the changes will be picked by a public runner and the job will begin. diff --git a/doc/ci/triggers/README.md b/doc/ci/triggers/README.md index 4e597b883d0..00070594ded 100644 --- a/doc/ci/triggers/README.md +++ b/doc/ci/triggers/README.md @@ -123,7 +123,7 @@ settings page which provides self-explanatory examples. When a rerun of a pipeline is triggered, the information is exposed in GitLab's UI under the **Jobs** page and the jobs are marked as triggered 'by API'. - + --- diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md index 84bd67b42c3..e0c41d821a6 100644 --- a/doc/ci/yaml/README.md +++ b/doc/ci/yaml/README.md @@ -867,6 +867,10 @@ CAUTION: **Warning:** There are some points to be aware of when [using this feature with new branches or tags *without* pipelines for merge requests](#using-onlychanges-without-pipelines-for-merge-requests). +CAUTION: **Warning:** +There are some points to be aware of when +[using this feature with scheduled pipelines](#using-onlychanges-with-scheduled-pipelines). + ##### Using `only:changes` with pipelines for merge requests With [pipelines for merge requests](../merge_request_pipelines/index.md), @@ -931,6 +935,12 @@ This could result in some unexpected behavior, including: - When pushing a new commit, the changed files are calculated using the previous commit as the base SHA. +##### Using `only:changes` with scheduled pipelines + +`only:changes` always evaluates as "true" in [Scheduled pipelines](../pipelines/schedules.md). +All files are considered to have "changed" when a scheduled pipeline +runs. + ### `rules` > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/29011) in GitLab 12.3. @@ -3042,7 +3052,7 @@ include: > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/issues/53903) in GitLab 11.7. To include files from another private project under the same GitLab instance, -use `include:file`. This file is referenced using full paths relative to the +use `include:file`. This file is referenced using full paths relative to the root directory (`/`). For example: ```yaml diff --git a/doc/development/code_review.md b/doc/development/code_review.md index 7b00e3cea0d..471dcba4c2a 100644 --- a/doc/development/code_review.md +++ b/doc/development/code_review.md @@ -455,7 +455,7 @@ helped us with overall code quality (using delegation, `&.` those types of things), and making the code more robust. **["Support multiple assignees for merge requests"](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/10161)**: -A good example of collaboration on an MR touching multiple parts of the codebase. Nick pointed out interesting edge cases, James Lopes also joined in raising concerns on import/export feature. +A good example of collaboration on an MR touching multiple parts of the codebase. Nick pointed out interesting edge cases, James Lopes also joined in raising concerns on import/export feature. ### Credits diff --git a/doc/development/contributing/issue_workflow.md b/doc/development/contributing/issue_workflow.md index a00f7cff651..7239bd2e52a 100644 --- a/doc/development/contributing/issue_workflow.md +++ b/doc/development/contributing/issue_workflow.md @@ -137,7 +137,7 @@ their color is `#A8D695`. with `_` replaced with a space. For instance, the "Continuous Integration" group is represented by the -~"group::continuous integration" label in the `gitlab-org` group since its key +~"group::continuous integration" label in the `gitlab-org` group since its key under `stages.manage.groups` is `continuous_integration`. The current group labels can be found by [searching the labels list for `group::`](https://gitlab.com/groups/gitlab-org/-/labels?search=group::). diff --git a/doc/development/database_review.md b/doc/development/database_review.md index 32f67e14fe3..a624abc2929 100644 --- a/doc/development/database_review.md +++ b/doc/development/database_review.md @@ -185,6 +185,6 @@ NOTE: **Note:** Keep in mind that all runtimes should be measured against GitLab | Migration Type | Execution Time Recommended | Notes | |----|----|---| -| Regular migrations on `db/migrate` | `3 minutes` | A valid exception are index creation as this can take a long time. | +| Regular migrations on `db/migrate` | `3 minutes` | A valid exception are index creation as this can take a long time. | | Post migrations on `db/post_migrate` | `10 minutes` | | | Background migrations | --- | Since these are suitable for larger tables, it's not possible to set a precise timing guideline, however, any single query must stay below `1 second` execution time with cold caches. | diff --git a/doc/development/fe_guide/development_process.md b/doc/development/fe_guide/development_process.md index 64bc01c181c..92f3c82a6ea 100644 --- a/doc/development/fe_guide/development_process.md +++ b/doc/development/fe_guide/development_process.md @@ -4,7 +4,7 @@ You can find more about the organization of the frontend team in the [handbook]( ## Development Checklist -The idea is to remind us about specific topics during the time we build a new feature or start something. This is a common practice in other industries (like pilots) that also use standardised checklists to reduce problems early on. +The idea is to remind us about specific topics during the time we build a new feature or start something. This is a common practice in other industries (like pilots) that also use standardised checklists to reduce problems early on. Copy the content over to your issue or merge request and if something doesn't apply simply remove it from your current list. diff --git a/doc/development/fe_guide/icons.md b/doc/development/fe_guide/icons.md index 36537a22e67..ea321330c41 100644 --- a/doc/development/fe_guide/icons.md +++ b/doc/development/fe_guide/icons.md @@ -65,7 +65,7 @@ export default { </template> ``` -- **name** Name of the Icon in the SVG Sprite ([Overview is available here][svg-preview]). +- **name** Name of the Icon in the SVG Sprite ([Overview is available here][svg-preview]). - **size (optional)** Number value for the size which is then mapped to a specific CSS class (Available Sizes: 8, 12, 16, 18, 24, 32, 48, 72 are mapped to `sXX` css classes) - **css-classes (optional)** Additional CSS Classes to add to the svg tag. diff --git a/doc/development/file_storage.md b/doc/development/file_storage.md index a4a5f84313a..bc3c16bd45d 100644 --- a/doc/development/file_storage.md +++ b/doc/development/file_storage.md @@ -40,7 +40,7 @@ they are still not 100% standardized. You can see them below: | Issues/MR/Notes Legacy Markdown attachments | no | uploads/-/system/note/attachment/:id/:filename | `AttachmentUploader` | Note | | Design Management design thumbnails (EE) | yes | uploads/-/system/design_management/action/image_v432x230/:id/:filename | `DesignManagement::DesignV432x230Uploader` | DesignManagement::Action | | CI Artifacts (CE) | yes | `shared/artifacts/:disk_hash[0..1]/:disk_hash[2..3]/:disk_hash/:year_:month_:date/:job_id/:job_artifact_id` (:disk_hash is SHA256 digest of project_id) | `JobArtifactUploader` | Ci::JobArtifact | -| LFS Objects (CE) | yes | shared/lfs-objects/:hex/:hex/:object_hash | `LfsObjectUploader` | LfsObject | +| LFS Objects (CE) | yes | shared/lfs-objects/:hex/:hex/:object_hash | `LfsObjectUploader` | LfsObject | | External merge request diffs | yes | shared/external-diffs/merge_request_diffs/mr-:parent_id/diff-:id | `ExternalDiffUploader` | MergeRequestDiff | CI Artifacts and LFS Objects behave differently in CE and EE. In CE they inherit the `GitlabUploader` diff --git a/doc/development/permissions.md b/doc/development/permissions.md index 9e67079d1bc..bca137337fc 100644 --- a/doc/development/permissions.md +++ b/doc/development/permissions.md @@ -9,11 +9,11 @@ anything that deals with permissions, all of them should be considered. Groups and projects can have the following visibility levels: -- public (20) - an entity is visible to everyone +- public (20) - an entity is visible to everyone - internal (10) - an entity is visible to logged in users - private (0) - an entity is visible only to the approved members of the entity -The visibility level of a group can be changed only if all subgroups and +The visibility level of a group can be changed only if all subgroups and subprojects have the same or lower visibility level. (e.g., a group can be set to internal only if all subgroups and projects are internal or private). diff --git a/doc/development/query_recorder.md b/doc/development/query_recorder.md index 4963090ef27..f2c5b8b9848 100644 --- a/doc/development/query_recorder.md +++ b/doc/development/query_recorder.md @@ -65,7 +65,7 @@ There are multiple ways to find the source of queries. `QueryRecorder#occurrences_by_line_method` returns a sorted array based on `data`, sorted by `count`. 1. You can output the call backtrace for the specific `QueryRecorder` instance you want - by using `ActiveRecord::QueryRecorder.new(query_recorder_debug: true)`. The output + by using `ActiveRecord::QueryRecorder.new(query_recorder_debug: true)`. The output will be in `test.log` 1. Using the environment variable `QUERY_RECORDER_DEBUG`, the call backtrace will be output for all tests. diff --git a/doc/development/scalability.md b/doc/development/scalability.md index 3a9f5387b11..b3387526ccd 100644 --- a/doc/development/scalability.md +++ b/doc/development/scalability.md @@ -67,7 +67,7 @@ kind of partitioning. Sharding is likely more difficult and will require significant changes to the schema and application. For example, if we have to store projects in many different databases, we immediately run into the question, "How -can we retrieve data across different projects?" One answer to this is +can we retrieve data across different projects?" One answer to this is to abstract data access into API calls that abstract the database from the application, but this is a significant amount of work. diff --git a/doc/development/testing_guide/end_to_end/best_practices.md b/doc/development/testing_guide/end_to_end/best_practices.md index 97daf4885ca..e1807f2b53f 100644 --- a/doc/development/testing_guide/end_to_end/best_practices.md +++ b/doc/development/testing_guide/end_to_end/best_practices.md @@ -10,7 +10,7 @@ But if the login feature is already covered with end-to-end tests through the GU Let's say that, on average, the process to perform a successful login through the GUI takes 2 seconds. -Now, realize that almost all tests need the user to be logged in, and that we need every test to run in isolation, meaning that tests cannot interfere with each other. This would mean that for every test the user needs to log in, and "waste 2 seconds". +Now, realize that almost all tests need the user to be logged in, and that we need every test to run in isolation, meaning that tests cannot interfere with each other. This would mean that for every test the user needs to log in, and "waste 2 seconds". Now, multiply the number of tests per 2 seconds, and as your test suite grows, the time to run it grows with it, and this is not sustainable. diff --git a/doc/development/testing_guide/end_to_end/quick_start_guide.md b/doc/development/testing_guide/end_to_end/quick_start_guide.md index 5d5715df372..e1024eace40 100644 --- a/doc/development/testing_guide/end_to_end/quick_start_guide.md +++ b/doc/development/testing_guide/end_to_end/quick_start_guide.md @@ -39,7 +39,7 @@ Sometimes you may notice that there is already good coverage in lower test level - Take a look at the [How to test at the correct level?](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/development/testing_guide/testing_levels.md#how-to-test-at-the-correct-level) section of the [Testing levels](https://gitlab.com/gitlab-org/gitlab/blob/master/doc/development/testing_guide/testing_levels.md) document -- Look into the frequency in which such a feature is changed (_Stable features that don't change very often might not be worth covering with end-to-end tests if they're already covered in lower levels_) +- Look into the frequency in which such a feature is changed (_Stable features that don't change very often might not be worth covering with end-to-end tests if they're already covered in lower levels_) - Finally, discuss with the developer(s) involved in developing the feature and the tests themselves, to get their feeling diff --git a/doc/install/aws/index.md b/doc/install/aws/index.md index e763a6919f7..c05d8b4b0da 100644 --- a/doc/install/aws/index.md +++ b/doc/install/aws/index.md @@ -353,7 +353,7 @@ TIP: **Tip:** If you do not want to maintain bastion hosts, you can set up [AWS 1. Review all your settings and, if you're happy, click **Launch**. 1. Acknowledge that you have access to an existing key pair or create a new one. Click **Launch Instance**. -Confirm that you can SHH into the instance: +Confirm that you can SSH into the instance: 1. On the EC2 Dashboard, click on **Instances** in the left menu. 1. Select **Bastion Host A** from your list of instances. @@ -367,6 +367,12 @@ Confirm that you can SHH into the instance: 1. Under the **Add Tags** section, we’ll set `Key: Name` and `Value: Bastion Host B` so that we can easily identify our two instances. 1. For the security group, select the existing `bastion-sec-group` we created above. +### Use SSH Agent Forwarding + +EC2 instances running Linux use private key files for SSH authentication. You'll connect to your bastion host using an SSH client and the private key file stored on your client. Since the private key file is not present on the bastion host, you will not be able to connect to your instances in private subnets. + +Storing private key files on your bastion host is a bad idea. To get around this, use SSH agent forwarding on your client. See [Securely Connect to Linux Instances Running in a Private Amazon VPC](https://aws.amazon.com/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/) for a step-by-step guide on how to use SSH agent forwarding. + ## Deploying GitLab inside an auto scaling group We'll use AWS's wizard to deploy GitLab and then SSH into the instance to diff --git a/doc/install/installation.md b/doc/install/installation.md index 61d04258e31..c742d9ca464 100644 --- a/doc/install/installation.md +++ b/doc/install/installation.md @@ -563,7 +563,7 @@ NOTE: **Note:** If you want to use HTTPS, see [Using HTTPS](#using-https) for the additional steps. NOTE: **Note:** -Make sure your hostname can be resolved on the machine itself by either a proper DNS record or an additional line in `/etc/hosts` ("127.0.0.1 hostname"). This might be necessary, for example, if you set up GitLab behind a reverse proxy. If the hostname cannot be resolved, the final installation check will fail with `Check GitLab API access: FAILED. code: 401` and pushing commits will be rejected with `[remote rejected] master -> master (hook declined)`. +Make sure your hostname can be resolved on the machine itself by either a proper DNS record or an additional line in `/etc/hosts` ("127.0.0.1 hostname"). This might be necessary, for example, if you set up GitLab behind a reverse proxy. If the hostname cannot be resolved, the final installation check will fail with `Check GitLab API access: FAILED. code: 401` and pushing commits will be rejected with `[remote rejected] master -> master (hook declined)`. NOTE: **Note:** GitLab Shell application startup time can be greatly reduced by disabling RubyGems. This can be done in several ways: diff --git a/doc/install/requirements.md b/doc/install/requirements.md index cfab6352e46..a6bea3938b3 100644 --- a/doc/install/requirements.md +++ b/doc/install/requirements.md @@ -42,7 +42,7 @@ Please consider using a virtual machine to run GitLab. ### Ruby versions -GitLab requires Ruby (MRI) 2.6. Beginning in GitLab 12.2, we no longer support Ruby 2.5 and lower. +GitLab requires Ruby (MRI) 2.6. Beginning in GitLab 12.2, we no longer support Ruby 2.5 and lower. You must use the standard MRI implementation of Ruby. We love [JRuby](https://www.jruby.org/) and [Rubinius](https://rubinius.com), but GitLab diff --git a/doc/integration/jira_development_panel.md b/doc/integration/jira_development_panel.md index 2f365cc04da..8b83f885fdd 100644 --- a/doc/integration/jira_development_panel.md +++ b/doc/integration/jira_development_panel.md @@ -131,7 +131,7 @@ The **GitLab for Jira** App is only compatible with GitLab.com **and** Jira Clou 1. After installing, click **Get started** to go to the configurations page. This page is always available under **Jira Settings > Apps > Manage apps**.  -1. Enter the group or personal namespace in the **Namespace** field and click **Link namespace to Jira**. Make sure you are logged in on GitLab.com and the namespace has a Silver or above license. The user setting up _GitLab for Jira_ must have **Maintainer** access to the GitLab namespace. +1. Enter the group or personal namespace in the **Namespace** field and click **Link namespace to Jira**. Make sure you are logged in on GitLab.com and the namespace has a Silver or above license. The user setting up _GitLab for Jira_ must have **Maintainer** access to the GitLab namespace. NOTE: **Note:** The GitLab user only needs access when adding a new namespace. For syncing with Jira, we do not depend on the user's token. @@ -150,7 +150,7 @@ In this case, enable cross-site cookies in your browser. ## Usage -Once the integration is set up on GitLab and Jira you may refer any Jira issue by its ID in branch names, commit messages and merge request titles on GitLab's side, +Once the integration is set up on GitLab and Jira you may refer any Jira issue by its ID in branch names, commit messages and merge request titles on GitLab's side, and you will be able to see the linked `branches`, `commits`, and `merge requests` when entering a Jira issue (inside the Jira issue, merge requests will be called "pull requests"). diff --git a/doc/integration/kerberos.md b/doc/integration/kerberos.md index 14f3bdae864..68cf193a434 100644 --- a/doc/integration/kerberos.md +++ b/doc/integration/kerberos.md @@ -248,7 +248,7 @@ OmniauthKerberosSpnegoController: failed to process Negotiate/Kerberos authentic ``` This is usually seen when the browser is unable to contact the Kerberos server -directly. It will fall back to an unsupported mechanism known as +directly. It will fall back to an unsupported mechanism known as [`IAKERB`](https://k5wiki.kerberos.org/wiki/Projects/IAKERB), which tries to use the GitLab server as an intermediary to the Kerberos server. diff --git a/doc/ssh/README.md b/doc/ssh/README.md index fa4a5bdccdf..c08e83677ea 100644 --- a/doc/ssh/README.md +++ b/doc/ssh/README.md @@ -186,8 +186,11 @@ Now, it's time to add the newly created public key to your GitLab account. 1. Navigating to **SSH Keys** and pasting your **public** key from the clipboard into the **Key** field. If you: - Created the key with a comment, this will appear in the **Title** field. - Created the key without a comment, give your key an identifiable title like _Work Laptop_ or _Home Workstation_. + 1. Choose an (optional) expiry date for the key under "Expires at" section. (Introduced in [GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36243)) 1. Click the **Add key** button. +SSH keys that have "expired" using this procedure will still be valid in GitLab workflows. As the GitLab-configured expiration date is not included in the SSH key itself, you can still export public SSH keys as needed. + NOTE: **Note:** If you manually copied your public SSH key make sure you copied the entire key starting with `ssh-ed25519` (or `ssh-rsa`) and ending with your email. diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md index db012ef584b..4e75102d808 100644 --- a/doc/topics/autodevops/index.md +++ b/doc/topics/autodevops/index.md @@ -666,7 +666,7 @@ To use Auto Deploy on a Kubernetes 1.16+ cluster, you must: This will opt-in to using a version of the PostgreSQL chart that supports Kubernetes 1.16 and higher. -CAUTION: **Caution:** Opting into `AUTO_DEVOPS_POSTGRES_CHANNEL` version `2` will delete +DANGER: **Danger:** Opting into `AUTO_DEVOPS_POSTGRES_CHANNEL` version `2` will delete the version `1` PostgreSQL database. Please backup the contents of the PostgreSQL database first before opting into version `2`, so that you can restore into the version `2` database. diff --git a/doc/user/analytics/value_stream_analytics.md b/doc/user/analytics/value_stream_analytics.md index 71863b8b643..6bc629427aa 100644 --- a/doc/user/analytics/value_stream_analytics.md +++ b/doc/user/analytics/value_stream_analytics.md @@ -133,12 +133,12 @@ environments is configured. From the above example you can conclude the time it took each stage to complete as long as their total time: -- **Issue**: 2h (11:00 - 09:00) -- **Plan**: 1h (12:00 - 11:00) -- **Code**: 2h (14:00 - 12:00) -- **Test**: 5min +- **Issue**: 2h (11:00 - 09:00) +- **Plan**: 1h (12:00 - 11:00) +- **Code**: 2h (14:00 - 12:00) +- **Test**: 5min - **Review**: 5h (19:00 - 14:00) -- **Staging**: 30min (19:30 - 19:00) +- **Staging**: 30min (19:30 - 19:00) - **Total**: Since this stage measures the sum of median time of all previous stages, we cannot calculate it if we don't know the status of the stages before. In case this is the very first cycle that is run in the project, diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md index 4382c69a9ac..da9cecf110c 100644 --- a/doc/user/application_security/index.md +++ b/doc/user/application_security/index.md @@ -13,6 +13,35 @@ information provided, you can immediately begin risk analysis and remediation. For an overview of application security with GitLab, see [Security Deep Dive](https://www.youtube.com/watch?v=k4vEJnGYy84). +## Quick start + +Get started quickly with Dependency Scanning, License Scanning, and Static Application Security +Testing (SAST) by adding the following to your `.gitlab-ci.yml`: + +```yaml +include: + - template: Dependency-Scanning.gitlab-ci.yml + - template: License-Scanning.gitlab-ci.yml + - template: SAST.gitlab-ci.yml +``` + +To add Dynamic Application Security Testing (DAST) scanning, add the following to your +`.gitlab-ci.yml` and replace `https://staging.example.com` with a staging server's web address: + +```yaml +include: + - template: DAST.gitlab-ci.yml + +variables: + DAST_WEBSITE: https://staging.example.com +``` + +To ensure the DAST scanner runs *after* deploying the application to the staging server, review the [DAST full documentation](dast/index.md). + +To add Container Scanning, follow the steps listed in the [Container Scanning documentation](container_scanning/index.md#requirements). + +To further configure any of the other scanners, refer to each scanner's documentation. + ## Security scanning tools GitLab uses the following tools to scan and report known vulnerabilities found in your project. diff --git a/doc/user/compliance/license_compliance/img/policies_maintainer_add_v12_9.png b/doc/user/compliance/license_compliance/img/policies_maintainer_add_v12_9.png Binary files differnew file mode 100644 index 00000000000..6dc7d3a0924 --- /dev/null +++ b/doc/user/compliance/license_compliance/img/policies_maintainer_add_v12_9.png diff --git a/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v12_9.png b/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v12_9.png Binary files differnew file mode 100644 index 00000000000..31abbcf2d44 --- /dev/null +++ b/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v12_9.png diff --git a/doc/user/compliance/license_compliance/img/policies_v12_9.png b/doc/user/compliance/license_compliance/img/policies_v12_9.png Binary files differnew file mode 100644 index 00000000000..6c6247320dc --- /dev/null +++ b/doc/user/compliance/license_compliance/img/policies_v12_9.png diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md index 03a7ffd195a..2679dc85f42 100644 --- a/doc/user/compliance/license_compliance/index.md +++ b/doc/user/compliance/license_compliance/index.md @@ -50,7 +50,7 @@ The following languages and package managers are supported. | Language | Package managers | Scan Tool | |------------|-------------------------------------------------------------------|----------------------------------------------------------| | JavaScript | [Bower](https://bower.io/), [npm](https://www.npmjs.com/), [yarn](https://yarnpkg.com/) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) |[License Finder](https://github.com/pivotal/LicenseFinder)| -| Go | [Godep](https://github.com/tools/godep), go get ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), gvt ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), glide ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), dep ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), trash ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) and govendor ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), [go mod](https://github.com/golang/go/wiki/Modules) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) |[License Finder](https://github.com/pivotal/LicenseFinder)| +| Go | [Godep](https://github.com/tools/godep), go get ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), gvt ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), glide ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), dep ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), trash ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) and govendor ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)), [go mod](https://github.com/golang/go/wiki/Modules) ([experimental support](https://github.com/pivotal/LicenseFinder#experimental-project-types)) |[License Finder](https://github.com/pivotal/LicenseFinder)| | Java | [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/) |[License Finder](https://github.com/pivotal/LicenseFinder)| | .NET | [Nuget](https://www.nuget.org/) (.NET Framework is supported via the [mono project](https://www.mono-project.com/). Windows specific dependencies are not supported at this time.) |[License Finder](https://github.com/pivotal/LicenseFinder)| | Python | [pip](https://pip.pypa.io/en/stable/) |[License Finder](https://github.com/pivotal/LicenseFinder)| @@ -324,3 +324,19 @@ in your project's sidebar, and you'll see the licenses displayed, where: - **Component:** The components which have this license.  + +## Policies + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/22465) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9. + +The **Policies** tab allows you to see your project's software license policies +and the associated classifications for each. + +Policies can be configured by maintainers of the project. + + + + +Developers of the project can view the policies configured in a project. + + diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md index bb43cb9ed4a..8c6da131c6d 100644 --- a/doc/user/gitlab_com/index.md +++ b/doc/user/gitlab_com/index.md @@ -74,7 +74,7 @@ Below are the current settings regarding [GitLab CI/CD](../../ci/README.md). | ----------- | ----------------- | ------------- | | Artifacts maximum size (uncompressed) | 1G | 100M | | Artifacts [expiry time](../../ci/yaml/README.md#artifactsexpire_in) | kept forever | deleted after 30 days unless otherwise specified | -| Scheduled Pipeline Cron | `*/5 * * * *` | `*/19 * * * *` | +| Scheduled Pipeline Cron | `*/5 * * * *` | `19 * * * *` | | [Max jobs in active pipelines](../../administration/instance_limits.md#number-of-jobs-in-active-pipelines) | `500` for Free tier, unlimited otherwise | Unlimited ## Repository size limit @@ -372,15 +372,6 @@ NOTE: **Note:** The `SIDEKIQ_MEMORY_KILLER_MAX_RSS` setting is `16000000` on Sidekiq import nodes and Sidekiq export nodes. -## Cron jobs - -Periodically executed jobs by Sidekiq, to self-heal GitLab, do external -synchronizations, run scheduled pipelines, etc.: - -| Setting | GitLab.com | Default | -|-------- |------------- |------------- | -| `pipeline_schedule_worker` | `19 * * * *` | `19 * * * *` | - ## PostgreSQL GitLab.com being a fairly large installation of GitLab means we have changed diff --git a/doc/user/project/integrations/prometheus.md b/doc/user/project/integrations/prometheus.md index 51e687252a1..4976ca75bf7 100644 --- a/doc/user/project/integrations/prometheus.md +++ b/doc/user/project/integrations/prometheus.md @@ -170,7 +170,7 @@ Variables for Prometheus queries must be lowercase. There are 2 methods to specify a variable in a query or dashboard: 1. Variables can be specified using the [Liquid template format](https://help.shopify.com/en/themes/liquid/basics), for example `{{ci_environment_slug}}` ([added](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20793) in GitLab 12.6). -1. You can also enclose it in quotation marks with curly braces with a leading percent, for example `"%{ci_environment_slug}"`. This method is deprecated though and support will be [removed in the next major release](https://gitlab.com/gitlab-org/gitlab/issues/37990). +1. You can also enclose it in quotation marks with curly braces with a leading percent, for example `"%{ci_environment_slug}"`. This method is deprecated though and support will be [removed in the next major release](https://gitlab.com/gitlab-org/gitlab/issues/37990). ### Defining custom dashboards per project diff --git a/doc/user/project/issues/design_management.md b/doc/user/project/issues/design_management.md index f7fa8c84d9e..79ad6efd150 100644 --- a/doc/user/project/issues/design_management.md +++ b/doc/user/project/issues/design_management.md @@ -46,10 +46,16 @@ If the requirements are not met, the **Designs** tab displays a message to the u Designs support short references in Markdown, but this needs to be enabled by setting the `:design_management_reference_filter_gfm_pipeline` feature flag. +## Supported files + +Files uploaded must have a file extension of either `png`, `jpg`, `jpeg`, +`gif`, `bmp`, `tiff` or `ico`. + +Support for [SVG files](https://gitlab.com/gitlab-org/gitlab/issues/12771) +and [PDFs](https://gitlab.com/gitlab-org/gitlab/issues/32811) is planned for a future release. + ## Limitations -- Files uploaded must have a file extension of either `png`, `jpg`, `jpeg`, `gif`, `bmp`, `tiff` or `ico`. - The [`svg` extension is not yet supported](https://gitlab.com/gitlab-org/gitlab/issues/12771). - Design uploads are limited to 10 files at a time. - Design Management data [isn't deleted when a project is destroyed](https://gitlab.com/gitlab-org/gitlab/issues/13429) yet. @@ -77,6 +83,11 @@ of the design, and will replace the previous version. Designs cannot be added if the issue has been moved, or its [discussion is locked](../../discussions/#lock-discussions). +[Introduced](https://gitlab.com/gitlab-org/gitlab/issues/34353) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.9, +you can drag and drop designs onto the dedicated dropzone to upload them. + + + ### Skipped designs Designs with the same filename as an existing uploaded design _and_ whose content has not changed will be skipped. diff --git a/doc/user/project/issues/img/design_drag_and_drop_uploads_v12_9.png b/doc/user/project/issues/img/design_drag_and_drop_uploads_v12_9.png Binary files differnew file mode 100644 index 00000000000..61ce3692808 --- /dev/null +++ b/doc/user/project/issues/img/design_drag_and_drop_uploads_v12_9.png diff --git a/doc/user/project/merge_requests/code_quality.md b/doc/user/project/merge_requests/code_quality.md index a4b7f0e5fb4..ddc9e427ac2 100644 --- a/doc/user/project/merge_requests/code_quality.md +++ b/doc/user/project/merge_requests/code_quality.md @@ -27,6 +27,8 @@ in the merge request widget area:  +For more information, see the Code Climate list of [Supported Languages for Maintainability](https://docs.codeclimate.com/docs/supported-languages-for-maintainability). + ## Use cases For instance, consider the following workflow: diff --git a/doc/user/project/releases/img/release_with_milestone_v12_9.png b/doc/user/project/releases/img/release_with_milestone_v12_9.png Binary files differnew file mode 100644 index 00000000000..53100e33955 --- /dev/null +++ b/doc/user/project/releases/img/release_with_milestone_v12_9.png diff --git a/doc/user/project/releases/img/releases_v12_9.png b/doc/user/project/releases/img/releases_v12_9.png Binary files differnew file mode 100644 index 00000000000..bd23cf76651 --- /dev/null +++ b/doc/user/project/releases/img/releases_v12_9.png diff --git a/doc/user/project/releases/index.md b/doc/user/project/releases/index.md index f6e35ab03db..85da9d9be43 100644 --- a/doc/user/project/releases/index.md +++ b/doc/user/project/releases/index.md @@ -83,10 +83,11 @@ Releases can optionally be associated with one or more by including a `milestones` array in your requests to the [Releases API](../../../api/releases/index.md#create-a-release). -Releases display this association with the **Milestone** indicator near -the top of the Release block on the **Project overview > Releases** page. +Releases display this association with the **Milestone** indicator in the top +section of the Release block on the **Project overview > Releases** page, along +with some statistics about the issues in the milestone(s). - + Below is an example of milestones with no Releases, one Release, and two Releases, respectively. @@ -104,7 +105,7 @@ associated with a large number of Releases. Navigate to **Project > Releases** in order to see the list of releases for a given project. - + ### Number of Releases |
