diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-02 12:07:27 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-02 12:07:27 +0300 |
commit | 7e8ecb5c00aae3b7072a5b8ff2c53db03c0bc579 (patch) | |
tree | e89c4b3d7af5db6805951e2847472b2e29e77bfd /doc | |
parent | f58c22e1cd553626dbfa4f347afb86544865cfbe (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
-rw-r--r-- | doc/administration/auth/jwt.md | 3 | ||||
-rw-r--r-- | doc/administration/geo/index.md | 5 | ||||
-rw-r--r-- | doc/administration/geo/replication/object_storage.md | 2 | ||||
-rw-r--r-- | doc/administration/geo/setup/index.md | 4 | ||||
-rw-r--r-- | doc/api/groups.md | 26 | ||||
-rw-r--r-- | doc/api/users.md | 14 | ||||
-rw-r--r-- | doc/architecture/blueprints/ci_pipeline_components/img/catalogs.png | bin | 102551 -> 30325 bytes | |||
-rw-r--r-- | doc/development/documentation/styleguide/word_list.md | 4 | ||||
-rw-r--r-- | doc/user/admin_area/settings/instance_template_repository.md | 4 | ||||
-rw-r--r-- | doc/user/application_security/api_fuzzing/index.md | 8 | ||||
-rw-r--r-- | doc/user/application_security/secret_detection/index.md | 5 | ||||
-rw-r--r-- | doc/user/img/explain_this_vulnerability.png | bin | 371791 -> 120342 bytes | |||
-rw-r--r-- | doc/user/packages/generic_packages/index.md | 4 |
13 files changed, 58 insertions, 21 deletions
diff --git a/doc/administration/auth/jwt.md b/doc/administration/auth/jwt.md index 9994b374038..bdcd6fc89cc 100644 --- a/doc/administration/auth/jwt.md +++ b/doc/administration/auth/jwt.md @@ -70,6 +70,9 @@ JWT provides you with a secret key for you to use. For more information on each configuration option refer to the [OmniAuth JWT usage documentation](https://github.com/mbleigh/omniauth-jwt#usage). + WARNING: + Incorrectly configuring these settings can result in an insecure instance. + 1. Change `YOUR_APP_SECRET` to the client secret and set `auth_url` to your redirect URL. 1. Save the configuration file. 1. For the changes to take effect: diff --git a/doc/administration/geo/index.md b/doc/administration/geo/index.md index 31de7f5c62f..be12ec97441 100644 --- a/doc/administration/geo/index.md +++ b/doc/administration/geo/index.md @@ -199,7 +199,8 @@ This list of limitations only reflects the latest version of GitLab. If you are - [Pages access control](../../user/project/pages/pages_access_control.md) doesn't work on secondaries. See [GitLab issue #9336](https://gitlab.com/gitlab-org/gitlab/-/issues/9336) for details. - [GitLab chart with Geo](https://docs.gitlab.com/charts/advanced/geo/) does not support [Unified URLs](secondary_proxy/index.md#set-up-a-unified-url-for-geo-sites). See [GitLab issue #3522](https://gitlab.com/gitlab-org/charts/gitlab/-/issues/3522) for more details. - [Disaster recovery](disaster_recovery/index.md) for multi-secondary sites causes downtime due to the complete re-synchronization and re-configuration of all non-promoted secondaries. -- For Git over SSH, secondary sites must use the same port as the primary. [GitLab issue #339262](https://gitlab.com/gitlab-org/gitlab/-/issues/339262) proposes to remove this limitation. +- For Git over SSH, to make the project clone URL display correctly regardless of which site you are browsing, secondary sites must use the same port as the primary. [GitLab issue #339262](https://gitlab.com/gitlab-org/gitlab/-/issues/339262) proposes to remove this limitation. +- Git push over SSH against a secondary site does not work for pushes over 1.86 GB. [GitLab issue #413109](https://gitlab.com/gitlab-org/gitlab/-/issues/413109) tracks this bug. ### Limitations on replication/verification @@ -275,7 +276,7 @@ For information on configuring Geo for multiple nodes, see [Geo for multiple ser ### Configuring Geo with Object Storage -For information on configuring Geo with object storage, see [Geo with Object storage](replication/object_storage.md). +For information on configuring Geo with Object storage, see [Geo with Object storage](replication/object_storage.md). ### Disaster Recovery diff --git a/doc/administration/geo/replication/object_storage.md b/doc/administration/geo/replication/object_storage.md index 8128eaf5310..b39acf2466d 100644 --- a/doc/administration/geo/replication/object_storage.md +++ b/doc/administration/geo/replication/object_storage.md @@ -9,7 +9,7 @@ type: howto Geo can be used in combination with Object Storage (AWS S3, or other compatible object storage). -Currently, **secondary** sites can use either: +**Secondary** sites can use one of the following: - The same storage bucket as the **primary** site. - A replicated storage bucket. diff --git a/doc/administration/geo/setup/index.md b/doc/administration/geo/setup/index.md index 20661aead5f..3f3a5c29e78 100644 --- a/doc/administration/geo/setup/index.md +++ b/doc/administration/geo/setup/index.md @@ -18,8 +18,8 @@ type: howto - Ensure the **primary** site has a [GitLab Premium or Ultimate](https://about.gitlab.com/pricing/) subscription to unlock Geo. You only need one license for all the sites. - Confirm the [requirements for running Geo](../index.md#requirements-for-running-geo) are met by all sites. For example, sites must use the same GitLab version, and sites must be able to communicate with each other over certain ports. -- Confirm the **primary** and **secondary** site storage configurations match. If the primary Geo site uses object storage, the secondary Geo site must use it too. See [Geo with Object storage] (../replication/object_storage.md) for more details. -- Ensure clocks are synchronized between the **primary** site and the **secondary** site. Synchronized clocks are required for Geo to function correctly. For example, if the clock drift between the **primary** and **secondary** sites exceeds 1 minute, replication will fail. +- Confirm the **primary** and **secondary** site storage configurations match. If the primary Geo site uses object storage, the secondary Geo site must use it too. For more information, see [Geo with Object storage](../replication/object_storage.md). +- Ensure clocks are synchronized between the **primary** site and the **secondary** site. Synchronized clocks are required for Geo to function correctly. For example, if the clock drift between the **primary** and **secondary** sites exceeds 1 minute, replication fails. ## Using Omnibus GitLab diff --git a/doc/api/groups.md b/doc/api/groups.md index 9b683ca8e1c..91c6611f62d 100644 --- a/doc/api/groups.md +++ b/doc/api/groups.md @@ -1269,6 +1269,32 @@ Example response: ] ``` +## Service Accounts **(PREMIUM)** + +### Create Service Account User + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/407775) in GitLab 16.1. + +Creates a service account user with an auto-generated email address and username. + +```plaintext +POST /groups/:id/service_accounts +``` + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/345/service_accounts" +``` + +Example response: + +```json +{ + "id": 57, + "username": "service_account_group_345_6018816a18e515214e0c34c2b33523fc", + "name": "Service account user" +} +``` + ## Hooks **(PREMIUM)** Also called Group Hooks and Webhooks. diff --git a/doc/api/users.md b/doc/api/users.md index 809d1474803..a69bae1c2cf 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -992,6 +992,20 @@ Example response: } ``` +## Create Service Account User **(PREMIUM)** + +> Ability to create a service account user was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/406782) in GitLab 16.1 + +Creates a service account user with an auto-generated email address and username. + +```plaintext +POST /service_accounts +``` + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/service_accounts" +``` + ## List user projects See the [list of user projects](projects.md#list-user-projects). diff --git a/doc/architecture/blueprints/ci_pipeline_components/img/catalogs.png b/doc/architecture/blueprints/ci_pipeline_components/img/catalogs.png Binary files differindex 9353c5266e5..8c83aede186 100644 --- a/doc/architecture/blueprints/ci_pipeline_components/img/catalogs.png +++ b/doc/architecture/blueprints/ci_pipeline_components/img/catalogs.png diff --git a/doc/development/documentation/styleguide/word_list.md b/doc/development/documentation/styleguide/word_list.md index 8a08fcd0cc8..83efbc5ab15 100644 --- a/doc/development/documentation/styleguide/word_list.md +++ b/doc/development/documentation/styleguide/word_list.md @@ -128,6 +128,10 @@ The token generated when you create an agent for Kubernetes. Use **agent access - secret token - authentication token +## AI, artificial intelligence + +Use **AI**. Do not spell out **artificial intelligence**. + ## air gap, air-gapped Use **offline environment** to describe installations that have physical barriers or security policies that prevent or limit internet access. Do not use **air gap**, **air gapped**, or **air-gapped**. For example: diff --git a/doc/user/admin_area/settings/instance_template_repository.md b/doc/user/admin_area/settings/instance_template_repository.md index 026782ae83b..dc80fd88820 100644 --- a/doc/user/admin_area/settings/instance_template_repository.md +++ b/doc/user/admin_area/settings/instance_template_repository.md @@ -43,7 +43,6 @@ are supported: | `.gitignore` | `gitignore` | `.gitignore` | | `.gitlab-ci.yml` | `gitlab-ci` | `.yml` | | `LICENSE` | `LICENSE` | `.txt` | -| `metrics-dashboard.yml` | `metrics-dashboards` | `.yml` | Each template must go in its respective subdirectory, have the correct extension and not be empty. So, the hierarchy should look like this: @@ -62,9 +61,6 @@ extension and not be empty. So, the hierarchy should look like this: |-- LICENSE |-- custom_license.txt |-- another_license.txt -|-- metrics-dashboards - |-- custom_metrics-dashboard.yml - |-- another_metrics-dashboard.yml ``` Your custom templates are displayed on the dropdown list when a new file is added through the GitLab UI: diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md index b613b0cc33e..46f6dd63d3f 100644 --- a/doc/user/application_security/api_fuzzing/index.md +++ b/doc/user/application_security/api_fuzzing/index.md @@ -2606,14 +2606,6 @@ deploy-test-target: - environment_url.txt ``` -<!-- -### Target Container - -The API Fuzzing template supports launching a docker container containing an API target using docker-in-docker. - -TODO ---> - ### Use OpenAPI with an invalid schema There are cases where the document is autogenerated with an invalid schema or cannot be edited manually in a timely manner. In those scenarios, the API Fuzzing is able to perform a relaxed validation by setting the variable `FUZZAPI_OPENAPI_RELAXED_VALIDATION`. We recommend providing a fully compliant OpenAPI document to prevent unexpected behaviors. diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md index 1f07e9a5eb7..be89fbc6800 100644 --- a/doc/user/application_security/secret_detection/index.md +++ b/doc/user/application_security/secret_detection/index.md @@ -107,7 +107,8 @@ Secret Detection can detect if a secret was added in one commit and removed in a In a merge request, Secret Detection scans every commit made on the source branch. To use this feature, you must use the [`latest` Secret Detection template](#templates), as it supports - [merge request pipelines](../../../ci/pipelines/merge_request_pipelines.md). + [merge request pipelines](../../../ci/pipelines/merge_request_pipelines.md). Secret Detection's + results are only available after the pipeline is completed. ## Templates @@ -116,7 +117,7 @@ provided with GitLab upgrades, allowing you to benefit from any improvements and Available templates: -- [`Secret-Detection.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Secret-Detection.gitlab-ci.yml): Stable version of the Secret Detection CI/CD template. +- [`Secret-Detection.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Secret-Detection.gitlab-ci.yml): Stable, default version of the Secret Detection CI/CD template. - [`Secret-Detection.latest.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Secret-Detection.latest.gitlab-ci.yml): Latest version of the Secret Detection template. WARNING: diff --git a/doc/user/img/explain_this_vulnerability.png b/doc/user/img/explain_this_vulnerability.png Binary files differindex 0880ad5f875..bb938241911 100644 --- a/doc/user/img/explain_this_vulnerability.png +++ b/doc/user/img/explain_this_vulnerability.png diff --git a/doc/user/packages/generic_packages/index.md b/doc/user/packages/generic_packages/index.md index e6ee4caa5d4..d24808674dc 100644 --- a/doc/user/packages/generic_packages/index.md +++ b/doc/user/packages/generic_packages/index.md @@ -225,12 +225,12 @@ If you are receiving `HTTP 500: Internal Server Error` responses when publishing # Consolidated Object Storage settings gitlab_rails['object_store']['connection'] = { # Other connection settings - `aws_signature_version` => '4' + 'aws_signature_version' => '4' } # OR # Storage-specific form settings gitlab_rails['packages_object_store_connection'] = { # Other connection settings - `aws_signature_version` => '4' + 'aws_signature_version' => '4' } ``` |