diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-18 21:08:42 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-04-18 21:08:42 +0300 |
commit | 9f2bc6fc4c27d0703260352c79463fbc62555ac8 (patch) | |
tree | b65188898a054771df56298e4737837e999c8866 /doc | |
parent | b6b9abb7cdb61f18d6fc5222e52486d7f6c482dc (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
-rw-r--r-- | doc/ci/yaml/index.md | 12 | ||||
-rw-r--r-- | doc/development/feature_development.md | 1 | ||||
-rw-r--r-- | doc/update/background_migrations.md | 41 | ||||
-rw-r--r-- | doc/update/deprecations.md | 35 | ||||
-rw-r--r-- | doc/user/application_security/vulnerabilities/index.md | 16 | ||||
-rw-r--r-- | doc/user/infrastructure/iac/terraform_state.md | 6 | ||||
-rw-r--r-- | doc/user/infrastructure/iac/troubleshooting.md | 9 | ||||
-rw-r--r-- | doc/user/packages/package_registry/supported_functionality.md | 2 |
8 files changed, 103 insertions, 19 deletions
diff --git a/doc/ci/yaml/index.md b/doc/ci/yaml/index.md index fc903144a87..681e1937c26 100644 --- a/doc/ci/yaml/index.md +++ b/doc/ci/yaml/index.md @@ -3501,6 +3501,7 @@ docker build: - If the pipeline is a merge request pipeline, check `Dockerfile` for changes. - If `Dockerfile` has changed, add the job to the pipeline as a manual job, and the pipeline continues running even if the job is not triggered (`allow_failure: true`). +- A maximum of 50 patterns or file paths can be defined per `rules:changes` section. - If `Dockerfile` has not changed, do not add job to any pipeline (same as `when: never`). - [`rules:changes:paths`](#ruleschangespaths) is the same as `rules:changes` without any subkeys. @@ -3613,11 +3614,12 @@ job: - Glob patterns are interpreted with Ruby [`File.fnmatch`](https://docs.ruby-lang.org/en/2.7.0/File.html#method-c-fnmatch) with the flags `File::FNM_PATHNAME | File::FNM_DOTMATCH | File::FNM_EXTGLOB`. -- For performance reasons, GitLab matches a maximum of 10,000 `exists` patterns or - file paths. After the 10,000th check, rules with patterned globs always match. - In other words, `exists` always reports `true` if more than 10,000 checks - run. Repositories with less than 10,000 files might still be impacted if the `exists` - rules are checked more than 10,000 times. +- For performance reasons, GitLab performs a maximum of 10,000 checks against + `exists` patterns or file paths. After the 10,000th check, rules with patterned + globs always match. In other words, the `exists` rule always assumes a match in + projects with more than 10,000 files, or if there are fewer than 10,000 files but + the `exists` rules are checked more than 10,000 times. +- A maximum of 50 patterns or file paths can be defined per `rules:exists` section. - `exists` resolves to `true` if any of the listed files are found (an `OR` operation). #### `rules:allow_failure` diff --git a/doc/development/feature_development.md b/doc/development/feature_development.md index 5547390949d..5828855a725 100644 --- a/doc/development/feature_development.md +++ b/doc/development/feature_development.md @@ -80,6 +80,7 @@ Consult these topics for information on contributing to specific GitLab features - [Sidekiq guidelines](sidekiq/index.md) for working with Sidekiq workers - [Working with Gitaly](gitaly.md) - [Advanced search integration docs](advanced_search.md) +- [Working with merge request diffs](merge_request_concepts/diffs/index.md) - [Approval Rules](merge_request_concepts/approval_rules.md) - [Repository mirroring](repository_mirroring.md) - [Uploads development guide](uploads/index.md) diff --git a/doc/update/background_migrations.md b/doc/update/background_migrations.md index 47b786f2894..be6ad43fa8a 100644 --- a/doc/update/background_migrations.md +++ b/doc/update/background_migrations.md @@ -203,6 +203,47 @@ To disable it: Feature.disable(:optimize_batched_migrations) ``` +### Parallel execution + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/104027) +> in GitLab 15.7, [behind a feature flag](../user/feature_flags.md), +> [enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/372316). +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to +> [disable it](#enable-or-disable-parallel-execution-for-batched-background-migrations). + +There can be [risks when disabling released features](../administration/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +To speed up the execution of batched background migrations, two migrations are executed at the same time. + +[GitLab administrators with access to the GitLab Rails console](../administration/feature_flags.md) can change +the number of batched background migrations executed in parallel: + +```ruby +ApplicationSetting.update_all(database_max_running_batched_background_migrations: 4) +``` + +#### Enable or disable parallel execution for batched background migrations + +Parallel execution for batched background migrations is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +```ruby +Feature.enable(:batched_migrations_parallel_execution) +``` + +To disable it: + +```ruby +Feature.disable(:batched_migrations_parallel_execution) +``` + ## Troubleshooting ### Enable or disable background migrations diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md index d8f12898b08..4eb34a5a4af 100644 --- a/doc/update/deprecations.md +++ b/doc/update/deprecations.md @@ -87,6 +87,19 @@ Due to limited customer usage, Browser Performance Testing is deprecated and wil </div> +<div class="deprecation " data-milestone="17.0"> + +### Deprecate legacy shell escaping and quoting runner shell executor + +<div class="deprecation-notes"> +- Announced in: GitLab <span class="milestone">15.11</span> +- End of Support: GitLab <span class="milestone">17.9</span> +</div> + +The runner's legacy escape sequence mechanism to handle variable expansion implements a sub-optimal implementation of Ansi-C quoting. This method means that the runner would expand arguments included in double quotes. As of 15.11, we are deprecating the legacy escaping and quoting methods in the runner shell executor. + +</div> + <div class="deprecation breaking-change" data-milestone="17.0"> ### DingTalk OmniAuth provider @@ -442,6 +455,28 @@ During the transition to the GitLab Observability UI, we will migrate the [GitLa </div> </div> +<div class="milestone-wrapper" data-milestone="16.1"> + +## GitLab 16.1 + +<div class="deprecation " data-milestone="16.1"> + +### GitLab Runner images based on Alpine 3.12, 3.13, 3.14 + +<div class="deprecation-notes"> +- Announced in: GitLab <span class="milestone">15.11</span> +- End of Support: GitLab <span class="milestone">16.1</span> +</div> + +We will stop publishing runner images based on the following, end-of-life Alpine versions: + +- Alpine 3.12 +- Alpine 3.13 +- Alpine 3.14 (end-of-life on 2023-05-23) + +</div> +</div> + <div class="milestone-wrapper" data-milestone="16.0"> ## GitLab 16.0 diff --git a/doc/user/application_security/vulnerabilities/index.md b/doc/user/application_security/vulnerabilities/index.md index 98691625293..0cfeafe1fed 100644 --- a/doc/user/application_security/vulnerabilities/index.md +++ b/doc/user/application_security/vulnerabilities/index.md @@ -38,6 +38,19 @@ A vulnerability's status can be: - **Resolved**: The vulnerability has been fixed or is no longer present. Resolved vulnerabilities that are reintroduced and detected by subsequent scans have a _new_ vulnerability record created. +## Vulnerability dismissal reasons + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4942) in GitLab 15.11 with a feature flag named `dismissal_reason`. +> - Enabled on GitLab.com in GitLab 15.11. For self-managed customers, [contact Support](https://about.gitlab.com/support/) if you would like to use this feature in GitLab 15.11. + +When dismissing a vulnerability, one of the following reasons must be chosen to clarify why it is being dismissed: + +- **Acceptable risk**: The vulnerability is known, and has not been remediated or mitigated, but is considered to be an acceptable business risk. +- **False positive**: An error in reporting in which a test result incorrectly indicates the presence of a vulnerability in a system when the vulnerability is not present. +- **Mitigating control**: A management, operational, or technical control (that is, safeguard or countermeasure) employed by an organization that provides equivalent or comparable protection for an information system. +- **Used in tests**: The finding is not a vulnerability because it is part of a test or is test data. +- **Not applicable**: The vulnerability is known, and has not been remediated or mitigated, but is considered to be in a part of the application that will not be updated. + ## Change status of a vulnerability To change a vulnerability's status from its Vulnerability Page: @@ -46,6 +59,9 @@ To change a vulnerability's status from its Vulnerability Page: 1. On the left sidebar, select **Security and Compliance > Vulnerability report**. 1. Select the vulnerability's description. 1. From the **Status** dropdown list select a status, then select **Change status**. + + In GitLab 15.11 and later, you must select a [dismissal reason](#vulnerability-dismissal-reasons) when you change a vulnerability's status to **Dismissed**. + 1. Optionally, at the bottom of the page, add a comment to the log entry. Details of the status change, including who made the change and when, are recorded in the diff --git a/doc/user/infrastructure/iac/terraform_state.md b/doc/user/infrastructure/iac/terraform_state.md index 87404699ad7..7b95a7267af 100644 --- a/doc/user/infrastructure/iac/terraform_state.md +++ b/doc/user/infrastructure/iac/terraform_state.md @@ -7,10 +7,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w # GitLab-managed Terraform state **(FREE)** > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2673) in GitLab 13.0. -> - Support for state names that contain periods introduced in GitLab 15.7 [with a flag](../../../administration/feature_flags.md) named `allow_dots_on_tf_state_names`. Disabled by default. [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106861) in GitLab 15.7. - -FLAG: -On self-managed GitLab, by default support for state names that contain periods is not available. To make it available, ask an administrator to [enable the feature flag](../../../administration/feature_flags.md) named `allow_dots_on_tf_state_names`. On GitLab.com, support for state names that contain periods is available. Requests for state files might generate HTTP 404 errors after enabling this feature. For more information, see [Troubleshooting the Terraform integration with GitLab](troubleshooting.md#state-not-found-if-the-state-name-contains-a-period). +> - Support for state names that contain periods introduced in GitLab 15.7 [with a flag](../../../administration/feature_flags.md) named `allow_dots_on_tf_state_names`. Disabled by default. +> - Support for state names that contain periods [generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/385597) in GitLab 16.0. Feature flag `allow_dots_on_tf_state_names` removed. Terraform uses state files to store details about your infrastructure configuration. With Terraform remote [backends](https://www.terraform.io/language/settings/backends/configuration), diff --git a/doc/user/infrastructure/iac/troubleshooting.md b/doc/user/infrastructure/iac/troubleshooting.md index 624bb5ff276..d770c0111d0 100644 --- a/doc/user/infrastructure/iac/troubleshooting.md +++ b/doc/user/infrastructure/iac/troubleshooting.md @@ -160,12 +160,3 @@ If your `TF_HTTP_ADDRESS`, `TF_HTTP_LOCK_ADDRESS` and `TF_HTTP_UNLOCK_ADDRESS` a to update the state names there. Alternatively, you can [migrate your terraform state](terraform_state.md#migrate-to-a-gitlab-managed-terraform-state). - -#### Self-managed GitLab instances - -By default, support for state names with periods is not enabled on self-managed GitLab. -You can enable it from the Rails console: - -```ruby -Feature.enable(:allow_dots_on_tf_state_names) -``` diff --git a/doc/user/packages/package_registry/supported_functionality.md b/doc/user/packages/package_registry/supported_functionality.md index 0c7813beae0..0f359c70525 100644 --- a/doc/user/packages/package_registry/supported_functionality.md +++ b/doc/user/packages/package_registry/supported_functionality.md @@ -35,7 +35,7 @@ Packages can be pulled from your project, group, or instance. | Package type | Project | Group | Instance | |-----------------------------------------------------|---------|-------|----------| | [Maven](../maven_repository/index.md) | Y | Y | Y | -| [npm](../npm_registry/index.md) | Y | Y | Y | +| [npm](../npm_registry/index.md) | Y | N | Y | | [NuGet](../nuget_repository/index.md) | Y | Y | N | | [PyPI](../pypi_repository/index.md) | Y | Y | N | | [Generic packages](../generic_packages/index.md) | Y | N | N | |