diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-08-03 21:10:18 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-08-03 21:10:18 +0300 |
| commit | 9be457ffc1727f6a942a68c16e47ca0bcaa2f64a (patch) | |
| tree | 5c006f5e268f88603a69da3c1c3056030b0afca7 /doc | |
| parent | 388e0fbbd00e04a10e3ac1084945aa18a781c40c (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/administration/logs/index.md | 17 | ||||
| -rw-r--r-- | doc/administration/settings/account_and_limit_settings.md | 20 | ||||
| -rw-r--r-- | doc/api/graphql/reference/index.md | 1 | ||||
| -rw-r--r-- | doc/api/packages/nuget.md | 9 | ||||
| -rw-r--r-- | doc/api/settings.md | 5 | ||||
| -rw-r--r-- | doc/development/ai_architecture.md | 2 | ||||
| -rw-r--r-- | doc/development/ai_features.md | 50 | ||||
| -rw-r--r-- | doc/development/documentation/styleguide/word_list.md | 6 | ||||
| -rw-r--r-- | doc/development/img/architecture.png | bin | 0 -> 378194 bytes | |||
| -rw-r--r-- | doc/security/index.md | 2 | ||||
| -rw-r--r-- | doc/security/project_import_decompressed_archive_size_limits.md | 34 | ||||
| -rw-r--r-- | doc/security/user_email_confirmation.md | 13 | ||||
| -rw-r--r-- | doc/user/gitlab_com/index.md | 1 | ||||
| -rw-r--r-- | doc/user/group/access_and_permissions.md | 1 | ||||
| -rw-r--r-- | doc/user/packages/composer_repository/index.md | 10 | ||||
| -rw-r--r-- | doc/user/permissions.md | 2 |
16 files changed, 127 insertions, 46 deletions
diff --git a/doc/administration/logs/index.md b/doc/administration/logs/index.md index f18fa05416b..60d4ee223ee 100644 --- a/doc/administration/logs/index.md +++ b/doc/administration/logs/index.md @@ -820,6 +820,23 @@ This file is located at: This structured log file records internal activity in the `mail_room` gem. Its name and path are configurable, so the name and path may not match the above. +## `web_hooks.log` + +> Introduced in GitLab 16.3. + +This file is located at: + +- `/var/log/gitlab/gitlab-rails/web_hooks.log` on Linux package installations. +- `/home/git/gitlab/log/web_hooks.log` on self-compiled installations. + +The back-off, disablement, and re-enablement events for Webhook are recorded in this file. For example: + +```json +{"severity":"INFO","time":"2020-11-24T02:30:59.860Z","hook_id":12,"action":"backoff","disabled_until":"2020-11-24T04:30:59.860Z","backoff_count":2,"recent_failures":2} +{"severity":"INFO","time":"2020-11-24T02:30:59.860Z","hook_id":12,"action":"disable","disabled_until":null,"backoff_count":5,"recent_failures":100} +{"severity":"INFO","time":"2020-11-24T02:30:59.860Z","hook_id":12,"action":"enable","disabled_until":null,"backoff_count":0,"recent_failures":0} +``` + ## Reconfigure logs Reconfigure log files are in `/var/log/gitlab/reconfigure` for Linux package installations. Self-compiled installations diff --git a/doc/administration/settings/account_and_limit_settings.md b/doc/administration/settings/account_and_limit_settings.md index 592abe814d9..de0b43f9dda 100644 --- a/doc/administration/settings/account_and_limit_settings.md +++ b/doc/administration/settings/account_and_limit_settings.md @@ -135,6 +135,26 @@ To modify the maximum download file size for imports by direct transfer: 1. Expand **Account and limit**. 1. Increase or decrease by changing the value in **Direct transfer maximum download file size (MB)**. Set to `0` to set no download file size limit. +## Maximum decompressed file size for imported archives + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128218) in GitLab 16.3. + +When you [import a project](../../user/project/settings/import_export.md), you can specify the maximum decompressed file size for imported archives. The default value is 25 GB. + +When you import a compressed file, the decompressed size cannot exceed the maximum decompressed file size limit. If the decompressed size exceeds the configured limit, the following error is returned: + +```plaintext +Decompressed archive size validation failed. +``` + +To modify the maximum decompressed file size for imports in GitLab: + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > General**. +1. Expand **Account and limit**. +1. Set another value for **Maximum decompressed size (MiB)**. + ## Personal access token prefix > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20968) in GitLab 13.7. diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 5b4d8fc1389..09c9d138c3f 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -6888,6 +6888,7 @@ Input type: `UserAddOnAssignmentCreateInput` | Name | Type | Description | | ---- | ---- | ----------- | +| <a id="mutationuseraddonassignmentcreateaddonpurchase"></a>`addOnPurchase` | [`AddOnPurchase`](#addonpurchase) | AddOnPurchase state after mutation. | | <a id="mutationuseraddonassignmentcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | <a id="mutationuseraddonassignmentcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | diff --git a/doc/api/packages/nuget.md b/doc/api/packages/nuget.md index cbfd12c7233..075201d14cb 100644 --- a/doc/api/packages/nuget.md +++ b/doc/api/packages/nuget.md @@ -324,7 +324,8 @@ Example response: "version": "1.3.0.17", "tags": "", "packageContent": "https://gitlab.example.com/api/v4/projects/1/packages/nuget/download/MyNuGetPkg/1.3.0.17/helloworld.1.3.0.17.nupkg", - "summary": "Summary of the package", + "description": "Description of the package", + "summary": "Description of the package", "published": "2023-05-08T17:23:25Z", } } @@ -367,7 +368,8 @@ Example response: "version": "1.3.0.17", "tags": "", "packageContent": "https://gitlab.example.com/api/v4/projects/1/packages/nuget/download/MyNuGetPkg/1.3.0.17/helloworld.1.3.0.17.nupkg", - "summary": "Summary of the package", + "description": "Description of the package", + "summary": "Description of the package", "published": "2023-05-08T17:23:25Z", } } @@ -405,7 +407,8 @@ Example response: "authors": "Author1, Author2", "id": "MyNuGetPkg", "title": "MyNuGetPkg", - "summary": "Summary of the package", + "description": "Description of the package", + "summary": "Description of the package", "totalDownloads": 0, "verified": true, "version": "1.3.0.17", diff --git a/doc/api/settings.md b/doc/api/settings.md index 64f8129a003..03417ac7ebc 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -44,6 +44,7 @@ Example response: "max_export_size": 50, "max_import_size": 50, "max_import_remote_file_size": 10240, + "max_decompressed_archive_size": 25600, "user_oauth_applications" : true, "updated_at" : "2016-01-04T15:44:55.176Z", "session_expire_delay" : 10080, @@ -185,6 +186,7 @@ Example response: "max_export_size": 50, "max_import_size": 50, "max_import_remote_file_size": 10240, + "max_decompressed_archive_size": 25600, "session_expire_delay": 10080, "default_ci_config_path" : null, "default_project_visibility": "internal", @@ -456,9 +458,10 @@ listed in the descriptions of the relevant settings. | `maintenance_mode` **(PREMIUM)** | boolean | no | When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests. | | `max_artifacts_size` | integer | no | Maximum artifacts size in MB. | | `max_attachment_size` | integer | no | Limit attachment size in MB. | +| `max_decompressed_archive_size` | integer | no | Maximum decompressed file size for imported archives in MB. Set to `0` for unlimited. Default is `25600`. | | `max_export_size` | integer | no | Maximum export size in MB. 0 for unlimited. Default = 0 (unlimited). | | `max_import_size` | integer | no | Maximum import size in MB. 0 for unlimited. Default = 0 (unlimited). [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/251106) from 50 MB to 0 in GitLab 13.8. | -| `max_import_remote_file_size` | integer | no | Maximum remote file size for imports from external object storages. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384976) in GitLab 16.3. | +| `max_import_remote_file_size` | integer | no | Maximum remote file size for imports from external object storages. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/384976) in GitLab 16.3. | | `max_pages_size` | integer | no | Maximum size of pages repositories in MB. | | `max_personal_access_token_lifetime` **(ULTIMATE SELF)** | integer | no | Maximum allowable lifetime for access tokens in days. When left blank, default value of 365 is applied. When set, value must be 365 or less. When changed, existing access tokens with an expiration date beyond the maximum allowable lifetime are revoked.| | `max_ssh_key_lifetime` **(ULTIMATE SELF)** | integer | no | Maximum allowable lifetime for SSH keys in days. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1007) in GitLab 14.6. | diff --git a/doc/development/ai_architecture.md b/doc/development/ai_architecture.md index 16df1fc1b04..0490613b116 100644 --- a/doc/development/ai_architecture.md +++ b/doc/development/ai_architecture.md @@ -15,7 +15,7 @@ AI is moving very quickly, and we need to be able to keep pace with changes in t The following diagram from the [architecture blueprint](../architecture/blueprints/ai_gateway/index.md) shows a simplified view of how the different components in GitLab interact. The abstraction layer helps avoid code duplication within the REST APIs within the `AI API` block. - + ## SaaS-based AI abstraction layer diff --git a/doc/development/ai_features.md b/doc/development/ai_features.md index 2a0e4d36858..79d03ff6c72 100644 --- a/doc/development/ai_features.md +++ b/doc/development/ai_features.md @@ -1,6 +1,6 @@ --- -stage: none -group: none +stage: ModelOps +group: AI Framework info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments --- @@ -421,6 +421,52 @@ module EE end ``` +### Pairing requests with responses + +Because multiple users' requests can be processed in parallel, when receiving responses, +it can be difficult to pair a response with its original request. The `requestId` +field can be used for this purpose, because both the request and response are assured +to have the same `requestId` UUID. + +### Caching + +AI requests and responses can be cached. Cached conversation is being used to +display user interaction with AI features. In the current implementation, this cache +is not used to skip consecutive calls to the AI service when a user repeats +their requests. + +```graphql +query { + aiMessages { + nodes { + id + requestId + content + role + errors + timestamp + } + } +} +``` + +This cache is especially useful for chat functionality. For other services, +caching is disabled. (It can be enabled for a service by using `skip_cache: false` +option.) + +Caching has following limitations: + +- Messages are stored in Redis stream. +- There is a single stream of messages per user. This means that all services + currently share the same cache. If needed, this could be extended to multiple + streams per user (after checking with the infrastructure team that Redis can handle + the estimated amount of messages). +- Only the last 50 messages (requests + responses) are kept. +- Expiration time of the stream is 3 days since adding last message. +- User can access only their own messages. There is no authorization on the caching + level, and any authorization (if accessed by not current user) is expected on + the service layer. + ### Check if feature is allowed for this resource based on namespace settings There are two settings allowed on root namespace level that restrict the use of AI features: diff --git a/doc/development/documentation/styleguide/word_list.md b/doc/development/documentation/styleguide/word_list.md index c15588d2462..b983002dbed 100644 --- a/doc/development/documentation/styleguide/word_list.md +++ b/doc/development/documentation/styleguide/word_list.md @@ -1298,6 +1298,12 @@ Use lowercase for **runner managers**. These are a type of runner that can creat Use lowercase for **runner workers**. This is the process created by the runner on the host computing platform to run jobs. See also [GitLab Runner](#gitlab-runner). +## runner authentication token + +Use **runner authentication token** instead of variations like **runner token**, **authentication token**, or **token**. +Runners are assigned runner authentication tokens when they are created, and use them to authenticate with GitLab when +they execute jobs. + ## (s) Do not use **(s)** to make a word optionally plural. It can slow down comprehension. For example: diff --git a/doc/development/img/architecture.png b/doc/development/img/architecture.png Binary files differnew file mode 100644 index 00000000000..dea8b5ddb45 --- /dev/null +++ b/doc/development/img/architecture.png diff --git a/doc/security/index.md b/doc/security/index.md index 1b486ab5feb..0ac2ab17e71 100644 --- a/doc/security/index.md +++ b/doc/security/index.md @@ -24,7 +24,7 @@ type: index - [Proxying images](asset_proxy.md) - [CI/CD variables](../ci/variables/index.md#cicd-variable-security) - [Token overview](token_overview.md) -- [Project Import decompressed archive size limits](project_import_decompressed_archive_size_limits.md) +- [Maximum decompressed file size for imported archives](../administration/settings/account_and_limit_settings.md#maximum-decompressed-file-size-for-imported-archives) - [Responding to security incidents](responding_to_security_incidents.md) To harden your GitLab instance and minimize the risk of unwanted user account creation, consider access control features like [Sign up restrictions](../administration/settings/sign_up_restrictions.md) and [Authentication options](../topics/authentication/index.md). For more detailed information, refer to [Hardening](hardening.md). diff --git a/doc/security/project_import_decompressed_archive_size_limits.md b/doc/security/project_import_decompressed_archive_size_limits.md index 980a084347a..48767740625 100644 --- a/doc/security/project_import_decompressed_archive_size_limits.md +++ b/doc/security/project_import_decompressed_archive_size_limits.md @@ -1,31 +1,11 @@ --- -stage: Manage -group: Authentication and Authorization -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments -type: reference, howto +redirect_to: '../administration/settings/account_and_limit_settings.md#maximum-decompressed-file-size-for-imported-archives' +remove_date: '2023-11-02' --- -# Project import decompressed archive size limits **(FREE SELF)** +This document was moved to [another location](../administration/settings/account_and_limit_settings.md#maximum-decompressed-file-size-for-imported-archives). -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31564) in GitLab 13.2. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/63025) in GitLab 14.0. - -When using [Project Import](../user/project/settings/import_export.md), the size of the decompressed project archive is limited to 10 Gb. - -If decompressed size exceeds this limit, `Decompressed archive size validation failed` error is returned. - -## Enable/disable size validation - -If you have a project with decompressed size exceeding this limit, -it is possible to disable the validation by turning off the -`validate_import_decompressed_archive_size` feature flag. - -Start a [Rails console](../administration/operations/rails_console.md#starting-a-rails-console-session). - -```ruby -# Disable -Feature.disable(:validate_import_decompressed_archive_size) - -# Enable -Feature.enable(:validate_import_decompressed_archive_size) -``` +<!-- This redirect file can be deleted after <2023-11-02>. --> +<!-- Redirects that point to other docs in the same project expire in three months. --> +<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html --> diff --git a/doc/security/user_email_confirmation.md b/doc/security/user_email_confirmation.md index f2c0052c2b8..899fed0b584 100644 --- a/doc/security/user_email_confirmation.md +++ b/doc/security/user_email_confirmation.md @@ -21,14 +21,7 @@ they confirm their email address. By default, a user can confirm their account within 24 hours after the confirmation email was sent. After 24 hours, the confirmation token becomes invalid. -<!-- ## Troubleshooting +## Automatically delete unconfirmed users **(PREMIUM SELF)** -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. - -Each scenario can be a third-level heading, for example `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +When email confirmation is turned on, administrators can enable the setting to +[automatically delete unconfirmed users](../administration/moderate_users.md#automatically-delete-unconfirmed-users). diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md index f6008b9b31a..8455042381d 100644 --- a/doc/user/gitlab_com/index.md +++ b/doc/user/gitlab_com/index.md @@ -212,6 +212,7 @@ the default value [is the same as for self-managed instances](../../administrati | Maximum remote file size for imports from external object storages | 10 GB | | Maximum download file size when importing from source GitLab instances by direct transfer | 5 GB | | Maximum attachment size | 100 MB | +| [Maximum decompressed file size for imported archives](../../administration/settings/account_and_limit_settings.md#maximum-decompressed-file-size-for-imported-archives) | 25 GB | If you are near or over the repository size limit, you can either [reduce your repository size with Git](../project/repository/reducing_the_repo_size_using_git.md) diff --git a/doc/user/group/access_and_permissions.md b/doc/user/group/access_and_permissions.md index 8bebaae003c..fa6130fe56d 100644 --- a/doc/user/group/access_and_permissions.md +++ b/doc/user/group/access_and_permissions.md @@ -101,6 +101,7 @@ Keep in mind that restricting group access by IP address has the following impli - IP access restrictions for Git operations via SSH are supported on GitLab SaaS. IP access restrictions applied to self-managed instances are possible with [`gitlab-sshd`](../../administration/operations/gitlab_sshd.md) with [PROXY protocol](../../administration/operations/gitlab_sshd.md#proxy-protocol-support) enabled. +- IP restriction is not applicable to shared resources belonging to a group. Any shared resource is accessible to a user even if that user is not able to access the group. ## Restrict group access by domain **(PREMIUM)** diff --git a/doc/user/packages/composer_repository/index.md b/doc/user/packages/composer_repository/index.md index 3f8b0761188..60bb6c4f59d 100644 --- a/doc/user/packages/composer_repository/index.md +++ b/doc/user/packages/composer_repository/index.md @@ -38,7 +38,7 @@ Prerequisites: the [Composer specification](https://getcomposer.org/doc/04-schema.md#version). If the version is not valid, for example, it has three dots (`1.0.0.0`), an error (`Validation failed: Version is invalid`) occurs when you publish. -- A valid `composer.json` file. +- A valid `composer.json` file at the project root directory. - The Packages feature is enabled in a GitLab repository. - The project ID, which is on the project's home page. - One of the following token types: @@ -324,6 +324,14 @@ If you committed your `composer.lock`, you could do a `composer install` in CI w In GitLab 14.10 and later, authorization is required for the [downloading a package archive](../../../api/packages/composer.md#download-a-package-archive) endpoint. If you encounter a credentials prompt when you are using `composer install`, follow the instructions in the [install a composer package](#install-a-composer-package) section to create an `auth.json` file. +### Publish fails with `The file composer.json was not found` + +You might see an error that says `The file composer.json was not found`. + +This issue occurs when [configuration requirements for publishing a package](#publish-a-composer-package-by-using-the-api) are not met. + +To resolve the error, commit a `composer.json` file to the project root directory. + ## Supported CLI commands The GitLab Composer repository supports the following Composer CLI commands: diff --git a/doc/user/permissions.md b/doc/user/permissions.md index 6e7dcb7e5fd..a4b7db9361b 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -284,6 +284,7 @@ More details about the permissions for some project-level features follow. | Run CI/CD pipeline | | | | ✓ | ✓ | ✓ | | Run CI/CD pipeline for a protected branch | | | | ✓ (5) | ✓ (5) | ✓ | | Stop [environments](../ci/environments/index.md) | | | | ✓ | ✓ | ✓ | +| Run deployment job for a protected environment | | | ✓ (5) | ✓ (6) | ✓ (6) | ✓ | | View a job with [debug logging](../ci/variables/index.md#enable-debug-logging) | | | | ✓ | ✓ | ✓ | | Use pipeline editor | | | | ✓ | ✓ | ✓ | | Run [interactive web terminals](../ci/interactive_web_terminal/index.md) | | | | ✓ | ✓ | ✓ | @@ -307,6 +308,7 @@ More details about the permissions for some project-level features follow. - [In GitLab 13.0](https://gitlab.com/gitlab-org/gitlab/-/issues/35069) and later, run for a non-protected branch. 5. If the user is [allowed to merge or push to the protected branch](../ci/pipelines/index.md#pipeline-security-on-protected-branches). +6. If the user if [part of a group with at least the Reporter role](../ci/environments/protected_environments.md#deployment-only-access-to-protected-environments) <!-- markdownlint-enable MD029 --> |
