diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-05 06:10:19 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-05 06:10:19 +0300 |
commit | 24fca3804098db8d0083d35db1975d198467e9b8 (patch) | |
tree | d205c2c080897c5d2334a91d374899e014baf474 /doc | |
parent | dbc4b385d2c5577e82fe9cb63532f7f5ce23a9ea (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
-rw-r--r-- | doc/api/index.md | 5 | ||||
-rw-r--r-- | doc/ssh/index.md | 9 | ||||
-rw-r--r-- | doc/user/admin_area/settings/help_page.md | 26 | ||||
-rw-r--r-- | doc/user/application_security/api_fuzzing/index.md | 4 | ||||
-rw-r--r-- | doc/user/project/settings/project_access_tokens.md | 2 |
5 files changed, 37 insertions, 9 deletions
diff --git a/doc/api/index.md b/doc/api/index.md index d9b7afc2dc8..4048a27b81f 100644 --- a/doc/api/index.md +++ b/doc/api/index.md @@ -166,6 +166,11 @@ curl --header "Authorization: Bearer OAUTH-TOKEN" "https://gitlab.example.com/ap Read more about [GitLab as an OAuth2 provider](oauth2.md). +NOTE: +We recommend that OAuth access tokens have an expiration. You can use a `refresh_token` to refresh tokens. Integrations may need to be updated to refresh tokens prior to expiration, which is based on the [expires_in](https://datatracker.ietf.org/doc/html/rfc6749#appendix-A.14) property in the token endpoint response. + +A default refresh setting of two hours is tracked in [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/336598). + ### Personal/project access tokens You can use access tokens to authenticate with the API by passing it in either diff --git a/doc/ssh/index.md b/doc/ssh/index.md index fd95a483344..920117116e5 100644 --- a/doc/ssh/index.md +++ b/doc/ssh/index.md @@ -214,9 +214,12 @@ To use SSH with GitLab, copy your public key to your GitLab account. 1. In the **Title** text box, type a description, like _Work Laptop_ or _Home Workstation_. 1. Optional. In the **Expires at** box, select an expiration date. (Introduced in [GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36243).) - The expiration date is informational only, and does not prevent you from using - the key. However, administrators can view expiration dates and - use them for guidance when [deleting keys](../user/admin_area/credentials_inventory.md#delete-a-users-ssh-key). + In: + - GitLab 13.12 and earlier, the expiration date is informational only. It doesn't prevent + you from using the key. Administrators can view expiration dates and use them for + guidance when [deleting keys](../user/admin_area/credentials_inventory.md#delete-a-users-ssh-key). + - GitLab 14.0 and later, the expiration date is enforced. Administrators can + [allow expired keys to be used](../user/admin_area/settings/account_and_limit_settings.md#allow-expired-ssh-keys-to-be-used). - GitLab checks all SSH keys at 02:00 AM UTC every day. It emails an expiration notice for all SSH keys that expire on the current date. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.11.) - GitLab checks all SSH keys at 01:00 AM UTC every day. It emails an expiration notice for all SSH keys that are scheduled to expire seven days from now. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.11.) 1. Select **Add key**. diff --git a/doc/user/admin_area/settings/help_page.md b/doc/user/admin_area/settings/help_page.md index f941b5e69f2..1106425d64e 100644 --- a/doc/user/admin_area/settings/help_page.md +++ b/doc/user/admin_area/settings/help_page.md @@ -66,18 +66,24 @@ You can specify a custom URL to which users are directed when they: 1. In the **Support page URL** field, enter the URL. 1. Select **Save changes**. -## Redirect GitLab documentation links +## Redirect `/help` pages > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/43157) in GitLab 13.5. -> - Enabled on GitLab.com and is ready for production use. Available to GitLab.com administrators only. +> - Enabled on GitLab.com and is ready for production use. NOTE: On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the `:help_page_documentation_redirect` flag](../../../administration/feature_flags.md). On GitLab.com, this feature is available but can be configured by GitLab.com administrators only. -Documentation links go to the `/help` section on the instance by default, but you can -redirect these links to an external documentation site like `https://docs.gitlab.com`: +The `/help` URL of a GitLab instance displays a basic version of the documentation sourced from the +[`doc` directory](https://gitlab.com/gitlab-org/gitlab/-/tree/master/doc) of GitLab. `/help` links +are often used for contextual help. + +You can redirect these `/help` links to either: + +- The more navigable and searchable version published at [`docs.gitlab.com`](https://docs.gitlab.com). +- A destination that meets [necessary requirements](#destination-requirements). 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. In the left sidebar, select **Settings > Preferences**. @@ -85,6 +91,18 @@ redirect these links to an external documentation site like `https://docs.gitlab 1. In the **Documentation pages URL** field, enter the URL. 1. Select **Save changes**. +### Destination requirements + +When redirecting `/help`, GitLab: + +- Redirects requests to the specified URL. +- Appends `ee` and the documentation path to the URL. +- Appends `.html` to the URL, and removes `.md` if necessary. + +For example, if the URL is set to `https://docs.gitlab.com`, requests for +`/help/user/admin_area/settings/help_page.md` redirect to: +`https://docs.gitlab.com/ee/user/admin_area/settings/help_page.html`. + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md index e35415003c7..7ed36572be4 100644 --- a/doc/user/application_security/api_fuzzing/index.md +++ b/doc/user/application_security/api_fuzzing/index.md @@ -38,7 +38,7 @@ or other scanners) during a scan could cause inaccurate results. You can run a Web API fuzzing scan using the following methods: -- [OpenAPI Specification](#openapi-specification) - version 2.0 or 3.0 +- [OpenAPI Specification](#openapi-specification) - version 2, and 3. - [HTTP Archive](#http-archive-har) (HAR) - [Postman Collection](#postman-collection) - version 2.0 or 2.1 @@ -112,6 +112,8 @@ To generate an API Fuzzing configuration snippet: ### OpenAPI Specification +> Support for OpenAPI Specification v3.1 was +> [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327268) in GitLab 14.2. > Support for OpenAPI Specification using YAML format was > [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330583) in GitLab 14.0. > Support for OpenAPI Specification v3.0 was diff --git a/doc/user/project/settings/project_access_tokens.md b/doc/user/project/settings/project_access_tokens.md index 34f7a1aee92..9a6acdfc710 100644 --- a/doc/user/project/settings/project_access_tokens.md +++ b/doc/user/project/settings/project_access_tokens.md @@ -95,7 +95,7 @@ You may enable or disable project access token creation for all projects in a gr Even when creation is disabled, you can still use and revoke existing project access tokens. This setting is available only on top-level groups. -## Group access token workaround **(FREE SELF)** +## Group access token workaround **(FREE SELF)** NOTE: This section describes a workaround and is subject to change. |