Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-10-27 21:08:59 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-10-27 21:08:59 +0300
commit: f3b9e205bb8dc4f0e8ebff79cf364fede886014b (patch)
tree: ce9819fa446271f94e32af2cca1c02d618c3d9aa /doc
parent: 2b1e7f7dac0fa5d7bb3bdf415cec1b3c67ed77b0 (diff)
5 files changed, 84 insertions, 48 deletions
diff --git a/doc/README.md b/doc/README.md
index 09638bb4ce8..ddec638505a 100644
--- a/doc/README.md
+++ b/doc/README.md
@@ -3,7 +3,7 @@ comments: false
 description: 'Learn how to use and administer GitLab, the most scalable Git-based fully integrated platform for software development.'
 ---
 
-<div class="display-none">
+<div class="d-none">
   <em>Visit <a href="https://docs.gitlab.com/ee/">docs.gitlab.com</a> for optimized
   navigation, discoverability, and readability.</em>
 </div>
diff --git a/doc/api/protected_environments.md b/doc/api/protected_environments.md
index 56b399cec9b..c42d6776341 100644
--- a/doc/api/protected_environments.md
+++ b/doc/api/protected_environments.md
@@ -96,7 +96,7 @@ POST /projects/:id/protected_environments
 ```
 
 ```shell
-curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/protected_environments?name=staging&deploy_access_levels%5B%5D%5Buser_id%5D=1"
+curl --header 'Content-Type: application/json' --request POST --data '{"name": "production", "deploy_access_levels": [{"group_id": 9899826}]}' --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/22034114/protected_environments"
 ```
 
 | Attribute | Type | Required | Description |
@@ -105,21 +105,22 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla
 | `name`                          | string         | yes | The name of the environment. |
 | `deploy_access_levels`          | array          | yes | Array of access levels allowed to deploy, with each described by a hash. |
 
-Elements in the `deploy_access_levels` array should take the
-form `{user_id: integer}`, `{group_id: integer}` or `{access_level: integer}`.
+Elements in the `deploy_access_levels` array should be one of `user_id`, `group_id` or
+`access_level`, and take the form `{user_id: integer}`, `{group_id: integer}` or
+`{access_level: integer}`.
 Each user must have access to the project and each group must [have this project shared](../user/project/members/share_project_with_groups.md).
 
 Example response:
 
 ```json
 {
-   "name":"staging",
+   "name":"production",
    "deploy_access_levels":[
       {
-         "access_level":null,
-         "access_level_description":"Administrator",
-         "user_id":1,
-         "group_id":null
+         "access_level":40,
+         "access_level_description":"protected-access-group",
+         "user_id":null,
+         "group_id":9899826
       }
    ]
 }
diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md
index 066a38d68de..8a4cc0c8ff2 100644
--- a/doc/raketasks/backup_restore.md
+++ b/doc/raketasks/backup_restore.md
@@ -940,9 +940,7 @@ message. Install the [correct GitLab version](https://packages.gitlab.com/gitlab
 and then try again.
 
 NOTE: **Note:**
-There is a known issue with restore not working with `pgbouncer`. The [workaround is to bypass
-`pgbouncer` and connect directly to the primary database node](../administration/postgresql/pgbouncer.md#procedure-for-bypassing-pgbouncer).
-[Read more about backup and restore with `pgbouncer`](#backup-and-restore-for-installations-using-pgbouncer).
+There is a known issue with restore not working with `pgbouncer`. [Read more about backup and restore with `pgbouncer`](#backup-and-restore-for-installations-using-pgbouncer).
 
 ### Restore for Docker image and GitLab Helm chart installations
 
@@ -1039,26 +1037,60 @@ practical use.
 
 ## Backup and restore for installations using PgBouncer
 
-PgBouncer can cause the following errors when performing backups and restores:
+Do NOT backup or restore GitLab through a PgBouncer connection. These
+tasks must [bypass PgBouncer and connect directly to the PostgreSQL primary database node](#bypassing-pgbouncer),
+or they will cause a GitLab outage.
+
+When the GitLab backup or restore task is used with PgBouncer, the
+following error message is shown:
 
 ```ruby
 ActiveRecord::StatementInvalid: PG::UndefinedTable
 ```
 
-There is a [known issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/3470) for restore not working
-with `pgbouncer`.
+This happens because the task uses `pg_dump`, which [sets a null search
+path and explicitly includes the schema in every SQL query](https://gitlab.com/gitlab-org/gitlab/-/issues/23211)
+to address [CVE-2018-1058](https://www.postgresql.org/about/news/postgresql-103-968-9512-9417-and-9322-released-1834/).
+
+Since connections are reused with PgBouncer in transaction pooling mode,
+PostgreSQL fails to search the default `public` schema. As a result,
+this clearing of the search path causes tables and columns to appear
+missing.
+
+### Bypassing PgBouncer
+
+There are two ways to fix this:
+
+1. [Use environment variables to override the database settings](#environment-variable-overrides) for the backup task.
+1. Reconfigure a node to [connect directly to the PostgreSQL primary database node](../administration/postgresql/pgbouncer.md#procedure-for-bypassing-pgbouncer).
+
+#### Environment variable overrides
 
-To workaround this issue, the GitLab server will need to bypass `pgbouncer` and
-[connect directly to the primary database node](../administration/postgresql/pgbouncer.md#procedure-for-bypassing-pgbouncer)
-to perform the database restore.
+By default, GitLab uses the database configuration stored in a
+configuration file (`database.yml`). However, you can override the database settings
+for the backup and restore task by setting environment
+variables that are prefixed with `GITLAB_BACKUP_`:
+
+- `GITLAB_BACKUP_PGHOST`
+- `GITLAB_BACKUP_PGUSER`
+- `GITLAB_BACKUP_PGPORT`
+- `GITLAB_BACKUP_PGPASSWORD`
+- `GITLAB_BACKUP_PGSSLMODE`
+- `GITLAB_BACKUP_PGSSLKEY`
+- `GITLAB_BACKUP_PGSSLCERT`
+- `GITLAB_BACKUP_PGSSLROOTCERT`
+- `GITLAB_BACKUP_PGSSLCRL`
+- `GITLAB_BACKUP_PGSSLCOMPRESSION`
+
+For example, to override the database host and port to use 192.168.1.10
+and port 5432 with the Omnibus package:
+
+```shell
+sudo GITLAB_BACKUP_PGHOST=192.168.1.10 GITLAB_BACKUP_PGPORT=5432 /opt/gitlab/bin/gitlab-backup create
+```
 
-There is also a [known issue](https://gitlab.com/gitlab-org/gitlab/-/issues/23211)
-with PostgreSQL 9 and running a database backup through PgBouncer that can cause
-an outage to GitLab. If you're still on PostgreSQL 9 and upgrading PostgreSQL isn't
-an option, workarounds include having a dedicated application node just for backups,
-configured to connect directly the primary database node as noted above. You're
-advised to upgrade your PostgreSQL version though, GitLab 11.11 shipped with PostgreSQL
-10.7, and that is the recommended version for GitLab 12+.
+See the [PostgreSQL documentation](https://www.postgresql.org/docs/12/libpq-envars.html)
+for more details on what these parameters do.
 
 ## Additional notes
 
diff --git a/doc/user/application_security/coverage_fuzzing/index.md b/doc/user/application_security/coverage_fuzzing/index.md
index 9508407ccae..0d619659bd1 100644
--- a/doc/user/application_security/coverage_fuzzing/index.md
+++ b/doc/user/application_security/coverage_fuzzing/index.md
@@ -30,6 +30,7 @@ Docker image with the fuzz engine to run your app.
 | Swift    | [libfuzzer](https://github.com/apple/swift/blob/master/docs/libFuzzerIntegration.md) | [swift-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/swift-fuzzing-example) |
 | Rust     | [cargo-fuzz (libFuzzer support)](https://github.com/rust-fuzz/cargo-fuzz) | [rust-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/rust-fuzzing-example) |
 | Java     | [JQF](https://github.com/rohanpadhye/JQF) | [java-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/java-fuzzing-example) |
+| Java     | [javafuzz](https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/javafuzz) (recommended) | [javafuzz-fuzzing-example](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/javafuzz-fuzzing-example) |
 
 ## Configuration
 
diff --git a/doc/user/packages/index.md b/doc/user/packages/index.md
index 53ba3d01b3e..8e999de8f4c 100644
--- a/doc/user/packages/index.md
+++ b/doc/user/packages/index.md
@@ -30,31 +30,33 @@ The Package Registry supports the following formats:
 
 You can also use the [API](../../api/packages.md) to administer the Package Registry.
 
-The GitLab [Container Registry](container_registry/index.md) is a secure and private registry for container images.
-It's built on open source software and completely integrated within GitLab.
-Use GitLab CI/CD to create and publish images. Use the GitLab [API](../../api/container_registry.md) to
-manage the registry across groups and projects.
+## Accepting contributions
 
-The [Dependency Proxy](dependency_proxy/index.md) is a local proxy for frequently-used upstream images and packages.
-
-## Suggested contributions
-
-Consider contributing to GitLab. This [development documentation](../../development/packages.md) will
+The below table lists formats that are not supported, but are accepting Community contributions for. Consider contributing to GitLab. This [development documentation](../../development/packages.md) will
 guide you through the process. Or check out how other members of the community
 are adding support for [PHP](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/17417) or [Terraform](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18834).
 
-| Format | Use case |
+| Format | Status |
 | ------ | ------ |
-| [Cargo](https://gitlab.com/gitlab-org/gitlab/-/issues/33060) | Cargo is the Rust package manager. Build, publish and share Rust packages  |
-| [Chef](https://gitlab.com/gitlab-org/gitlab/-/issues/36889) | Configuration management with Chef using all the benefits of a repository manager. |
-| [CocoaPods](https://gitlab.com/gitlab-org/gitlab/-/issues/36890) | Speed up development with Xcode and CocoaPods. |
-| [Conda](https://gitlab.com/gitlab-org/gitlab/-/issues/36891) | Secure and private local Conda repositories. |
-| [CRAN](https://gitlab.com/gitlab-org/gitlab/-/issues/36892) | Deploy and resolve CRAN packages for the R language. |
-| [Debian](https://gitlab.com/gitlab-org/gitlab/-/issues/5835) | Host and provision Debian packages. |
-| [Opkg](https://gitlab.com/gitlab-org/gitlab/-/issues/36894) | Optimize your work with OpenWrt using Opkg repositories. |
-| [P2](https://gitlab.com/gitlab-org/gitlab/-/issues/36895) | Host all your Eclipse plugins in your own GitLab P2 repository. |
-| [Puppet](https://gitlab.com/gitlab-org/gitlab/-/issues/36897) | Configuration management meets repository management with Puppet repositories. |
-| [RPM](https://gitlab.com/gitlab-org/gitlab/-/issues/5932) | Distribute RPMs directly from GitLab. |
-| [RubyGems](https://gitlab.com/gitlab-org/gitlab/-/issues/803) | Use GitLab to host your own gems. |
-| [SBT](https://gitlab.com/gitlab-org/gitlab/-/issues/36898) | Resolve dependencies from and deploy build output to SBT repositories when running SBT builds. |
-| [Vagrant](https://gitlab.com/gitlab-org/gitlab/-/issues/36899) | Securely host your Vagrant boxes in local repositories. |
+| Chef      | [#36889](https://gitlab.com/gitlab-org/gitlab/-/issues/36889) |
+| CocoaPods | [#36890](https://gitlab.com/gitlab-org/gitlab/-/issues/36890) |
+| CocoaPods | [#36891](https://gitlab.com/gitlab-org/gitlab/-/issues/36891) |
+| Conda     | [#36891](https://gitlab.com/gitlab-org/gitlab/-/issues/36891) |
+| CRAN      | [#36892](https://gitlab.com/gitlab-org/gitlab/-/issues/36892) |
+| Debian    | [WIP: Merge Request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/44746) |
+| Opkg      | [#36894](https://gitlab.com/gitlab-org/gitlab/-/issues/36894) |
+| P2        | [#36895](https://gitlab.com/gitlab-org/gitlab/-/issues/36895) |
+| Puppet    | [#36897](https://gitlab.com/gitlab-org/gitlab/-/issues/36897) |
+| RPM       | [#5932](https://gitlab.com/gitlab-org/gitlab/-/issues/5932) |
+| RubyGems  | [#803](https://gitlab.com/gitlab-org/gitlab/-/issues/803) |
+| SBT       | [#36898](https://gitlab.com/gitlab-org/gitlab/-/issues/36898) |
+| Terraform | [WIP: Merge Request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18834) |
+| Vagrant   | [#36899](https://gitlab.com/gitlab-org/gitlab/-/issues/36899) |
+
+## Container Registry
+
+The GitLab [Container Registry](container_registry/index.md) is a secure and private registry for container images. It's built on open source software and completely integrated within GitLab. Use GitLab CI/CD to create and publish images. Use the GitLab [API](../../api/container_registry.md) to manage the registry across groups and projects.
+
+## Dependency Proxy
+
+The [Dependency Proxy](dependency_proxy/index.md) is a local proxy for frequently-used upstream images and packages.
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-10-27 21:08:59 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-10-27 21:08:59 +0300
commit	f3b9e205bb8dc4f0e8ebff79cf364fede886014b (patch)
tree	ce9819fa446271f94e32af2cca1c02d618c3d9aa /doc
parent	2b1e7f7dac0fa5d7bb3bdf415cec1b3c67ed77b0 (diff)