diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-01 18:07:25 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-06-01 18:07:25 +0300 |
commit | fe09bd4d74025ea828425c6ffb0236549d51163f (patch) | |
tree | 68ebb6980ef07bcac528f83d927809b4d063c002 /doc | |
parent | cf19a51fc5711144b26f7123c14f9b64a7597195 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc')
-rw-r--r-- | doc/development/internal_api/index.md | 4 | ||||
-rw-r--r-- | doc/development/secure_coding_guidelines.md | 4 | ||||
-rw-r--r-- | doc/tutorials/build_application.md | 8 |
3 files changed, 12 insertions, 4 deletions
diff --git a/doc/development/internal_api/index.md b/doc/development/internal_api/index.md index c1c0177609b..4db9739d746 100644 --- a/doc/development/internal_api/index.md +++ b/doc/development/internal_api/index.md @@ -1254,7 +1254,7 @@ Example request: ```shell curl --verbose --request PATCH "https://gitlab.example.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" \ - --data '{ "Operations": [{"op":"Add","path":"name.formatted","value":"New Name"}] }' \ + --data '{ "Operations": [{"op":"Update","path":"name.formatted","value":"New Name"}] }' \ --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json" ``` @@ -1468,7 +1468,7 @@ Example request: ```shell curl --verbose --request PATCH "https://gitlab.example.com/api/scim/v2/application/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" \ - --data '{ "Operations": [{"op":"Add","path":"name.formatted","value":"New Name"}] }' \ + --data '{ "Operations": [{"op":"Update","path":"active","value":"false"}] }' \ --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json" ``` diff --git a/doc/development/secure_coding_guidelines.md b/doc/development/secure_coding_guidelines.md index e8fda066ca3..c5e7a58af0d 100644 --- a/doc/development/secure_coding_guidelines.md +++ b/doc/development/secure_coding_guidelines.md @@ -485,7 +485,7 @@ In order to prevent Path Traversal vulnerabilities, user-controlled filenames or #### GitLab specific validations -The methods `Gitlab::Utils.check_path_traversal!()` and `Gitlab::Utils.check_allowed_absolute_path!()` +The methods `Gitlab::PathTraversal.check_path_traversal!()` and `Gitlab::PathTraversal.check_allowed_absolute_path!()` can be used to validate user-supplied paths and prevent vulnerabilities. `check_path_traversal!()` will detect their Path Traversal payloads and accepts URL-encoded paths. `check_allowed_absolute_path!()` will check if a path is absolute and whether it is inside the allowed path list. By default, absolute @@ -495,7 +495,7 @@ parameter when using `check_allowed_absolute_path!()`. To use a combination of both checks, follow the example below: ```ruby -Gitlab::Utils.check_allowed_absolute_path_and_path_traversal!(path, path_allowlist) +Gitlab::PathTraversal.check_allowed_absolute_path_and_path_traversal!(path, path_allowlist) ``` In the REST API, we have the [`FilePath`](https://gitlab.com/gitlab-org/security/gitlab/-/blob/master/lib/api/validations/validators/file_path.rb) diff --git a/doc/tutorials/build_application.md b/doc/tutorials/build_application.md index cbeeb7a614f..f704a546612 100644 --- a/doc/tutorials/build_application.md +++ b/doc/tutorials/build_application.md @@ -22,6 +22,14 @@ Use CI/CD pipelines to automatically build, test, and deploy your code. | <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [Understand CI/CD rules](https://www.youtube.com/watch?v=QjQc-zeL16Q) (8m 56s) | Learn more about how to use CI/CD rules. | | | [Use Auto DevOps to deploy an application](../topics/autodevops/cloud_deployments/auto_devops_with_gke.md) | Deploy an application to Google Kubernetes Engine (GKE). | | +## Configure GitLab Runner + +Set up runners to run jobs in a pipeline. + +| Topic | Description | Good for beginners | +|-------|-------------|--------------------| +| [Configure GitLab Runner to use the Google Kubernetes Engine](configure_gitlab_runner_to_use_gke/index.md) | Learn how to configure GitLab Runner to use the GKE to run jobs. | | + ## Publish a static website Use GitLab Pages to publish a static website directly from your project. |