diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-06 12:10:02 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-06 12:10:02 +0300 |
commit | 51c20446a0dcf2f5f4a0254230876bd472a254e7 (patch) | |
tree | 5fc1658c6a240e49d9bc76113f33c500b45500bc /doc | |
parent | 0c4b9cacd575b3e71e41a13f042062b3adcb4caf (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
-rw-r--r-- | doc/api/vulnerability_exports.md | 70 | ||||
-rw-r--r-- | doc/development/documentation/index.md | 2 | ||||
-rw-r--r-- | doc/user/packages/index.md | 4 | ||||
-rw-r--r-- | doc/user/permissions.md | 1 |
4 files changed, 53 insertions, 24 deletions
diff --git a/doc/api/vulnerability_exports.md b/doc/api/vulnerability_exports.md index f2666783087..42dafc1612a 100644 --- a/doc/api/vulnerability_exports.md +++ b/doc/api/vulnerability_exports.md @@ -1,6 +1,6 @@ -# Project Vulnerabilities API **(ULTIMATE)** +# Vulnerability export API **(ULTIMATE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/197494) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.10. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/issues/197494) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.10. [Updated](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/30397) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.0. CAUTION: **Caution:** This API is currently in development and is protected by a **disabled** @@ -17,21 +17,21 @@ across GitLab releases. Every API call to vulnerability exports must be [authenticated](README.md#authentication). +## Create a project-level vulnerability export + +Creates a new vulnerability export for a project. + Vulnerability export permissions inherit permissions from their project. If a project is private and a user isn't a member of the project to which the vulnerability belongs, requests to that project return a `404 Not Found` status code. Vulnerability exports can be only accessed by the export's author. -## Create vulnerability export - -Creates a new vulnerability export. - If an authenticated user doesn't have permission to [create a new vulnerability](../user/permissions.md#project-members-permissions), this request results in a `403` status code. ```plaintext -POST /projects/:id/vulnerability_exports +POST /security/projects/:id/vulnerability_exports ``` | Attribute | Type | Required | Description | @@ -39,7 +39,7 @@ POST /projects/:id/vulnerability_exports | `id` | integer or string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the project which the authenticated user is a member of | ```shell -curl --header POST "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/1/vulnerability_exports +curl --header POST "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/security/projects/1/vulnerability_exports ``` The created vulnerability export will be automatically deleted after 1 hour. @@ -56,8 +56,40 @@ Example response: "started_at": null, "finished_at": null, "_links": { - "self": "https://gitlab.example.com/api/v4/projects/1/vulnerability_exports/2", - "download": "https://gitlab.example.com/api/v4/projects/1/vulnerability_exports/2/download" + "self": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2", + "download": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download" + } +} +``` + +## Create an instance-level vulnerability export + +Creates a new vulnerability export for the projects of the user selected in the Security Dashboard. + +```plaintext +POST /security/vulnerability_exports +``` + +```shell +curl --header POST "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/security/vulnerability_exports +``` + +The created vulnerability export is automatically deleted after one hour. + +Example response: + +```json +{ + "id": 2, + "created_at": "2020-03-30T09:35:38.746Z", + "project_id": null, + "format": "csv", + "status": "created", + "started_at": null, + "finished_at": null, + "_links": { + "self": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2", + "download": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download" } } ``` @@ -67,16 +99,15 @@ Example response: Gets a single vulnerability export. ```plaintext -POST /projects/:id/vulnerability_exports/:vulnerability_export_id +GET /security/vulnerability_exports/:id ``` | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer or string | yes | The vulnerability's ID | -| `vulnerability_export_id` | integer or string | yes | The vulnerability export's ID | +| `id` | integer or string | yes | The vulnerability export's ID | ```shell -curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/1/vulnerability_exports/2 +curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/security/vulnerability_exports/2 ``` If the vulnerability export isn't finished, the response is `202 Accepted`. @@ -93,8 +124,8 @@ Example response: "started_at": "2020-03-30T09:36:54.469Z", "finished_at": "2020-03-30T09:36:55.008Z", "_links": { - "self": "https://gitlab.example.com/api/v4/projects/1/vulnerability_exports/2", - "download": "https://gitlab.example.com/api/v4/projects/1/vulnerability_exports/2/download" + "self": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2", + "download": "https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download" } } ``` @@ -104,16 +135,15 @@ Example response: Downloads a single vulnerability export. ```plaintext -POST /projects/:id/vulnerability_exports/:vulnerability_export_id/download +GET /security/vulnerability_exports/:id/download ``` | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer or string | yes | The vulnerability's ID | -| `vulnerability_export_id` | integer or string | yes | The vulnerability export's ID | +| `id` | integer or string | yes | The vulnerability export's ID | ```shell -curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/projects/1/vulnerability_exports/2/download +curl --header "PRIVATE-TOKEN: <your_access_token>" https://gitlab.example.com/api/v4/security/vulnerability_exports/2/download ``` The response will be `404 Not Found` if the vulnerability export is not finished yet or was not found. diff --git a/doc/development/documentation/index.md b/doc/development/documentation/index.md index 2724958314c..ac96cfd77d8 100644 --- a/doc/development/documentation/index.md +++ b/doc/development/documentation/index.md @@ -405,8 +405,6 @@ merge request with new or changed docs is submitted, are: - [`internal_anchors`](https://gitlab.com/gitlab-org/gitlab/blob/master/.gitlab/ci/docs.gitlab-ci.yml#L69) checks that all internal anchors (ex: `[link](../index.md#internal_anchor)`) are valid. -- If any code or the `doc/README.md` file is changed, a full pipeline will run, which - runs tests for [`/help`](#gitlab-help-tests). ### Running tests diff --git a/doc/user/packages/index.md b/doc/user/packages/index.md index cb3cb26ebb1..d7072a7a2a0 100644 --- a/doc/user/packages/index.md +++ b/doc/user/packages/index.md @@ -20,8 +20,8 @@ The Packages feature allows GitLab to act as a repository for the following: If you cannot find the **{package}** **Packages > List** entry under your project's sidebar, it is not enabled in your GitLab instance. Ask your -administrator to enable GitLab Package Registry following the administration -documentation. +administrator to enable GitLab Package Registry following the [administration +documentation](../../administration/packages/index.md). Once enabled for your GitLab instance, to enable Package Registry for your project: diff --git a/doc/user/permissions.md b/doc/user/permissions.md index 854744f3090..07fba61ca34 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -150,6 +150,7 @@ The following table depicts the various user permission levels in a project. | Manage [push rules](../push_rules/push_rules.md) | | | | ✓ | ✓ | | Switch visibility level | | | | | ✓ | | Transfer project to another namespace | | | | | ✓ | +| Remove fork relationship | | | | | ✓ | | Remove project | | | | | ✓ | | Delete issues | | | | | ✓ | | Disable notification emails | | | | | ✓ | |