diff options
37 files changed, 322 insertions, 254 deletions
diff --git a/.gitignore b/.gitignore index 9723e537f1c..881e08d5a14 100644 --- a/.gitignore +++ b/.gitignore @@ -47,6 +47,7 @@ eslint-report.html /config/puma.rb /config/secrets.yml /config/sidekiq.yml +/config/click_house.yml /config/registry.key /coverage/* /db/*.sqlite3 diff --git a/.gitlab/CODEOWNERS b/.gitlab/CODEOWNERS index 743141f1f9b..38b60413db5 100644 --- a/.gitlab/CODEOWNERS +++ b/.gitlab/CODEOWNERS @@ -59,6 +59,10 @@ GITALY_SERVER_VERSION @project_278964_bot6 @gitlab-org/maintainers/rails-backend /ee/app/finders/ /rubocop/rubocop-migrations.yml +[Create::IDE - Remote Development Scripts] @gitlab-org/maintainers/remote-development/backend +# This entry must occur before `/scripts/` in order to be matched first +/scripts/remote_development/ + [Engineering Productivity] @gl-quality/eng-prod /.gitlab-ci.yml /.gitlab/ci/ @@ -1448,8 +1452,7 @@ ee/lib/ee/api/entities/project.rb /ee/spec/elastic/migrate/ /ee/spec/support/elastic.rb -[Create::IDE - Remote Development Backend] @gitlab-org/maintainers/remote-development/backend - +[Create::IDE - Remote Development Backend] @gitlab-org/maintainers/remote-development/backend /ee/app/models/remote_development/ /ee/app/policies/remote_development/ /ee/app/finders/remote_development/ @@ -1474,10 +1477,8 @@ ee/lib/ee/api/entities/project.rb /ee/spec/services/remote_development/ /ee/lib/remote_development/ /qa/qa/specs/features/ee/browser_ui/3_create/remote_development/ -/scripts/remote_development/ - -[Create::IDE - Remote Development Frontend] @gitlab-org/maintainers/remote-development/frontend +[Create::IDE - Remote Development Frontend] @gitlab-org/maintainers/remote-development/frontend /ee/app/views/remote_development/ /ee/app/assets/javascripts/remote_development/ /ee/app/assets/javascripts/pages/remote_development/ diff --git a/.gitlab/ci/global.gitlab-ci.yml b/.gitlab/ci/global.gitlab-ci.yml index 99f27f61b93..c501d930352 100644 --- a/.gitlab/ci/global.gitlab-ci.yml +++ b/.gitlab/ci/global.gitlab-ci.yml @@ -382,6 +382,24 @@ variables: PG_VERSION: "15" +.use-pg14-clickhouse23: + services: + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:postgres-14-pgvector-0.4.1 + command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"] + alias: postgres + - name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:redis-cluster-6.2.12 + alias: rediscluster # configure connections in config/redis.yml + - name: redis:6.2-alpine + - name: clickhouse/clickhouse-server:23-alpine + alias: clickhouse + variables: + POSTGRES_HOST_AUTH_METHOD: trust + PG_VERSION: "14" + CLICKHOUSE_USER: clickhouse + CLICKHOUSE_PASSWORD: clickhouse + CLICKHOUSE_DEFAULT_ACCESS_MANAGEMENT: 1 + CLICKHOUSE_DB: gitlab_clickhouse_test + .use-kaniko: image: name: ${REGISTRY_HOST}/${REGISTRY_GROUP}/gitlab-build-images:kaniko diff --git a/.gitlab/ci/rails.gitlab-ci.yml b/.gitlab/ci/rails.gitlab-ci.yml index c0e08005f82..9338f5cf7e5 100644 --- a/.gitlab/ci/rails.gitlab-ci.yml +++ b/.gitlab/ci/rails.gitlab-ci.yml @@ -266,6 +266,11 @@ rspec fast_spec_helper: # Load fast_spec_helper as well just in case there are no specs available. - bin/rspec --dry-run spec/fast_spec_helper.rb $fast_spec_helper_specs +rspec unit clickhouse: + extends: + - .rspec-base-pg14-clickhouse23 + - .rails:rules:clickhouse-changes + gitlab:setup: extends: .db-job-base variables: @@ -1190,7 +1195,7 @@ rspec-ee system pg15 es8: needs: ["setup-test-env", "retrieve-tests-metadata", "compile-test-assets", "detect-tests"] script: - !reference [.base-script, script] - - rspec_fail_fast "${MATCHING_TESTS_PATH}" "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~zoekt" + - rspec_fail_fast "${MATCHING_TESTS_PATH}" "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~zoekt --tag ~click_house" rspec fail-fast: extends: diff --git a/.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb b/.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb index fc5eccb99a2..4584cba0282 100644 --- a/.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb +++ b/.gitlab/ci/rails/rspec-foss-impact.gitlab-ci.yml.erb @@ -39,7 +39,7 @@ dont-interrupt-me: RSPEC_TESTS_MAPPING_ENABLED: "true" script: - !reference [.base-script, script] - - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~level:background_migration --tag ~zoekt" + - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~level:background_migration --tag ~zoekt --tag ~click_house" artifacts: expire_in: 7d paths: @@ -54,7 +54,7 @@ rspec migration foss-impact: <% end %> script: - !reference [.base-script, script] - - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~zoekt" + - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~zoekt --tag ~click_house" <% end %> <% if rspec_files_per_test_level[:background_migration][:files].size > 0 %> diff --git a/.gitlab/ci/rails/shared.gitlab-ci.yml b/.gitlab/ci/rails/shared.gitlab-ci.yml index 12bbad1bc62..9c2b0406f02 100644 --- a/.gitlab/ci/rails/shared.gitlab-ci.yml +++ b/.gitlab/ci/rails/shared.gitlab-ci.yml @@ -76,7 +76,7 @@ include: # spec/lib, yet background migration tests are also sitting there, # and they should run on their own jobs so we don't need to run them # in unit tests again. - - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~level:background_migration" + - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~level:background_migration --tag ~click_house" after_script: - echo -e "\e[0Ksection_start:`date +%s`:report_results_section[collapsed=true]\r\e[0KReport results" - | @@ -110,7 +110,7 @@ include: .rspec-base-migration: script: - !reference [.base-script, script] - - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~zoekt" + - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag ~quarantine --tag ~zoekt --tag ~click_house" after_script: - !reference [.rspec-base, after_script] @@ -129,6 +129,16 @@ include: - .rspec-base - .use-pg14 +.rspec-base-pg14-clickhouse23: + extends: + - .rspec-base + - .use-pg14-clickhouse23 + script: + - cp config/click_house.yml.example config/click_house.yml + - 'sed -i "s|url:.*$|url: http://clickhouse:8123|g" config/click_house.yml' + - !reference [.base-script, script] + - rspec_paralellized_job "--fail-fast=${RSPEC_FAIL_FAST_THRESHOLD} --tag click_house" + .rspec-base-pg14-as-if-foss: extends: - .rspec-base diff --git a/.gitlab/ci/rules.gitlab-ci.yml b/.gitlab/ci/rules.gitlab-ci.yml index 5df4d7a5fe5..295f22258e9 100644 --- a/.gitlab/ci/rules.gitlab-ci.yml +++ b/.gitlab/ci/rules.gitlab-ci.yml @@ -2066,6 +2066,11 @@ changes: *code-backstage-patterns when: always +.rails:rules:clickhouse-changes: + rules: + - <<: *if-merge-request + changes: ["**/*click_house*"] + ######################### # Static analysis rules # ######################### diff --git a/config/click_house.yml.example b/config/click_house.yml.example new file mode 100644 index 00000000000..aa790115f10 --- /dev/null +++ b/config/click_house.yml.example @@ -0,0 +1,6 @@ +test: + main: + database: gitlab_clickhouse_test + url: 'http://localhost:8123' + username: clickhouse + password: clickhouse diff --git a/data/deprecations/14-10-old-search-migration-removal.yml b/data/deprecations/14-10-old-search-migration-removal.yml index 4700063e68f..260880dda57 100644 --- a/data/deprecations/14-10-old-search-migration-removal.yml +++ b/data/deprecations/14-10-old-search-migration-removal.yml @@ -3,7 +3,10 @@ removal_milestone: "15.0" breaking_change: true body: | - As Advanced Search migrations usually require support multiple code paths for a long period of time, it’s important to clean those up when we safely can. We use GitLab major version upgrades as a safe time to remove backward compatibility for indices that have not been fully migrated. See the [upgrade documentation](https://docs.gitlab.com/ee/update/index.html#upgrading-to-a-new-major-version) for details. + As Advanced Search migrations usually require support multiple code paths for a long period of time, + it's important to clean those up when we safely can. We use GitLab major version upgrades as a safe + time to remove backward compatibility for indices that have not been fully migrated. See the + [upgrade documentation](https://docs.gitlab.com/ee/update/index.html#upgrading-to-a-new-major-version) for details. stage: enablement tiers: premium, ultimate issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/359133 diff --git a/data/deprecations/14-8-sast-analyzer-removals.yml b/data/deprecations/14-8-sast-analyzer-removals.yml index 7ab9f716097..427833d569e 100644 --- a/data/deprecations/14-8-sast-analyzer-removals.yml +++ b/data/deprecations/14-8-sast-analyzer-removals.yml @@ -29,8 +29,8 @@ If you've already dismissed a vulnerability finding from one of the deprecated analyzers, the replacement attempts to respect your previous dismissal. The system behavior depends on: - - whether you’ve excluded the Semgrep-based analyzer from running in the past. - - which analyzer first discovered the vulnerabilities shown in the project’s Vulnerability Report. + - whether you've excluded the Semgrep-based analyzer from running in the past. + - which analyzer first discovered the vulnerabilities shown in the project's Vulnerability Report. See [Vulnerability translation documentation](https://docs.gitlab.com/ee/user/application_security/sast/analyzers.html#vulnerability-translation) for further details. diff --git a/data/deprecations/14-9-deprecate-testcoveragesetting.yml b/data/deprecations/14-9-deprecate-testcoveragesetting.yml index 1f50aab1c27..52f58fc707e 100644 --- a/data/deprecations/14-9-deprecate-testcoveragesetting.yml +++ b/data/deprecations/14-9-deprecate-testcoveragesetting.yml @@ -8,6 +8,6 @@ [project setting for test coverage parsing](https://docs.gitlab.com/ee/ci/pipelines/settings.html#add-test-coverage-results-using-project-settings-removed) is being removed. - Instead, using the project’s `.gitlab-ci.yml`, provide a regular expression with the `coverage` keyword to set + Instead, using the project's `.gitlab-ci.yml`, provide a regular expression with the `coverage` keyword to set testing coverage results in merge requests. stage: verify diff --git a/data/deprecations/15-0-oauth-noexpiry.yml b/data/deprecations/15-0-oauth-noexpiry.yml index e27ac4d8725..1eeb912a588 100644 --- a/data/deprecations/15-0-oauth-noexpiry.yml +++ b/data/deprecations/15-0-oauth-noexpiry.yml @@ -11,7 +11,7 @@ tokens before GitLab 15.0 is released: 1. Edit the application. - 1. Select **Expire access tokens** to enable them. Tokens must be revoked or they don’t expire. + 1. Select **Expire access tokens** to enable them. Tokens must be revoked or they don't expire. # The following items are not published on the docs page, but may be used in the future. reporter: hsutor diff --git a/data/deprecations/16-2-agentk-builtin-gitops.yml b/data/deprecations/16-2-agentk-builtin-gitops.yml new file mode 100644 index 00000000000..297c069bc47 --- /dev/null +++ b/data/deprecations/16-2-agentk-builtin-gitops.yml @@ -0,0 +1,13 @@ +- title: "The pull-based deployment features of the GitLab agent for Kubernetes is deprecated" + removal_milestone: "17.0" + announcement_milestone: "16.2" + breaking_change: true # (required) Change to false if this is not a breaking change. + reporter: nagyv-gitlab # (required) GitLab username of the person reporting the change + stage: deploy + issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/406545 + body: | # (required) Do not modify this line, instead modify the lines below. + We are deprecating the built-in pull-based deployment features of the GitLab agent for Kubernetes in favor of Flux and related integrations. + + The GitLab agent for Kubernetes **is not deprecated**. This change affects only the pull-based functionality of the agent. All other functionality will remain intact, and GitLab will continue to support the agent for Kubernetes. + + If you use the agent for pull-based deployments, you should [migrate to Flux](https://docs.gitlab.com/ee/user/clusters/agent/gitops/agent.html#migrate-to-flux). Because Flux is a mature CNCF project for GitOps, we decided to [integrate Flux with GitLab in February 2023](https://about.gitlab.com/blog/2023/02/08/why-did-we-choose-to-integrate-fluxcd-with-gitlab/). diff --git a/doc/.vale/gitlab/SubstitutionWarning.yml b/doc/.vale/gitlab/SubstitutionWarning.yml index edae364af05..d9d4200e88b 100644 --- a/doc/.vale/gitlab/SubstitutionWarning.yml +++ b/doc/.vale/gitlab/SubstitutionWarning.yml @@ -18,8 +18,11 @@ swap: click: "select" code base: "codebase" config: "configuration" + confirmation box: "confirmation dialog" + confirmation dialog box: "confirmation dialog" deselect: "clear" deselected: "cleared" + dialog box: "dialog" distro: "distribution" docs: "documentation" e-mail: "email" @@ -31,6 +34,9 @@ swap: it is recommended: "you should" logged in user: "authenticated user" logged-in user: "authenticated user" + modal dialog: "dialog" + modal window: "dialog" + modal: "dialog" n/a: "not applicable" navigate to: "go to" OAuth2: "OAuth 2.0" @@ -39,6 +45,9 @@ swap: once that: "after that" once the: "after the" once you: "after you" + pop-up window: "dialog" + pop-up: "dialog" + popup: "dialog" repo: "repository" signed in user: "authenticated user" signed-in user: "authenticated user" diff --git a/doc/administration/monitoring/performance/performance_bar.md b/doc/administration/monitoring/performance/performance_bar.md index 04c7b74f1bd..8afec54dab2 100644 --- a/doc/administration/monitoring/performance/performance_bar.md +++ b/doc/administration/monitoring/performance/performance_bar.md @@ -22,7 +22,7 @@ From left to right, the performance bar displays: - **Current Host**: the current host serving the page. - **Database queries**: the time taken (in milliseconds) and the total number of database queries, displayed in the format `00ms / 00 (00 cached) pg`. Select to display - a modal window with more details. You can use this to see the following + a dialog with more details. You can use this to see the following details for each query: - **In a transaction**: shows up below the query if it was executed in the context of a transaction diff --git a/doc/administration/settings/files_api_rate_limits.md b/doc/administration/settings/files_api_rate_limits.md new file mode 100644 index 00000000000..cb5442c957f --- /dev/null +++ b/doc/administration/settings/files_api_rate_limits.md @@ -0,0 +1,51 @@ +--- +stage: Create +group: Source Code +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +type: reference +--- + +# Rate limits on Repository files API **(FREE SELF)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68561) in GitLab 14.3. +> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/75918) in GitLab 14.6. [Feature flag `files_api_throttling`](https://gitlab.com/gitlab-org/gitlab/-/issues/338903) removed. + +The [Repository files API](../../api/repository_files.md) enables you to +fetch, create, update, and delete files in your repository. To improve the security +and durability of your web application, you can enforce +[rate limits](../../security/rate_limits.md) on this API. Any rate limits you +create for the Files API override the [general user and IP rate limits](user_and_ip_rate_limits.md). + +## Define Files API rate limits + +Rate limits for the Files API are disabled by default. When enabled, they supersede +the general user and IP rate limits for requests to the +[Repository files API](../../api/repository_files.md). You can keep any general user +and IP rate limits already in place, and increase or decrease the rate limits +for the Files API. No other new features are provided by this override. + +Prerequisite: + +- You must have administrator access to the instance. + +To override the general user and IP rate limits for requests to the Repository files API: + +1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). +1. Select **Admin Area**. +1. Select **Settings > Network**. +1. Expand **Files API Rate Limits**. +1. Select the checkboxes for the types of rate limits you want to enable: + - **Unauthenticated API request rate limit** + - **Authenticated API request rate limit** +1. If you selected **unauthenticated**: + 1. Select the **Max unauthenticated API requests per period per IP**. + 1. Select the **Unauthenticated API rate limit period in seconds**. +1. If you selected **authenticated**: + 1. Select the **Max authenticated API requests per period per user**. + 1. Select the **Authenticated API rate limit period in seconds**. + +## Related topics + +- [Rate limits](../../security/rate_limits.md) +- [Repository files API](../../api/repository_files.md) +- [User and IP rate limits](user_and_ip_rate_limits.md) diff --git a/doc/administration/silent_mode/index.md b/doc/administration/silent_mode/index.md index bdbaf40f28e..0b04654beaa 100644 --- a/doc/administration/silent_mode/index.md +++ b/doc/administration/silent_mode/index.md @@ -71,6 +71,10 @@ Incoming emails still raise issues, but the users who sent the emails to [Servic Triggering webhook tests via the UI results in HTTP status 500 responses. +### Remote mirrors + +Updates on [remote mirrors](../../user/project/repository/mirror/index.md) (pushing to, and pulling from them) are suppressed. + ### Integrations Executable [integrations](../../user/project/integrations/index.md) are suppressed. diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index 8d925bdf6ff..665d303137c 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -12126,6 +12126,19 @@ Representation of a GitLab user. | <a id="achievementupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp the achievement was last updated. | | <a id="achievementuserachievements"></a>`userAchievements` **{warning-solid}** | [`UserAchievementConnection`](#userachievementconnection) | **Introduced** in 15.10. This feature is an Experiment. It can be changed or removed at any time. Recipients for the achievement. | +### `AddOnPurchase` + +Represents AddOn purchase for Namespace. + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="addonpurchaseassignedquantity"></a>`assignedQuantity` | [`Int!`](#int) | Number of seats assigned. | +| <a id="addonpurchaseid"></a>`id` | [`GitlabSubscriptionsAddOnPurchaseID!`](#gitlabsubscriptionsaddonpurchaseid) | ID of AddOnPurchase. | +| <a id="addonpurchasename"></a>`name` | [`String!`](#string) | Name of AddOn. | +| <a id="addonpurchasepurchasedquantity"></a>`purchasedQuantity` | [`Int!`](#int) | Number of seats purchased. | + ### `AgentConfiguration` Configuration details for an Agent. @@ -15989,6 +16002,18 @@ four standard [pagination arguments](#connection-pagination-arguments): | ---- | ---- | ----------- | | <a id="groupachievementsids"></a>`ids` | [`[AchievementsAchievementID!]`](#achievementsachievementid) | Filter achievements by IDs. | +##### `Group.addOnPurchase` + +AddOnPurchase associated with the namespace. + +Returns [`AddOnPurchase`](#addonpurchase). + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="groupaddonpurchaseaddonname"></a>`addOnName` | [`String!`](#string) | AddOn name. | + ##### `Group.billableMembersCount` Number of billable users in the group. @@ -19192,6 +19217,18 @@ four standard [pagination arguments](#connection-pagination-arguments): | ---- | ---- | ----------- | | <a id="namespaceachievementsids"></a>`ids` | [`[AchievementsAchievementID!]`](#achievementsachievementid) | Filter achievements by IDs. | +##### `Namespace.addOnPurchase` + +AddOnPurchase associated with the namespace. + +Returns [`AddOnPurchase`](#addonpurchase). + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="namespaceaddonpurchaseaddonname"></a>`addOnName` | [`String!`](#string) | AddOn name. | + ##### `Namespace.complianceFrameworks` Compliance frameworks available to projects in this namespace. @@ -27544,6 +27581,12 @@ A `GitlabErrorTrackingDetailedErrorID` is a global ID. It is encoded as a string An example `GitlabErrorTrackingDetailedErrorID` is: `"gid://gitlab/Gitlab::ErrorTracking::DetailedError/1"`. +### `GitlabSubscriptionsAddOnPurchaseID` + +A `GitlabSubscriptionsAddOnPurchaseID` is a global ID. It is encoded as a string. + +An example `GitlabSubscriptionsAddOnPurchaseID` is: `"gid://gitlab/GitlabSubscriptions::AddOnPurchase/1"`. + ### `GlobalID` A global identifier. diff --git a/doc/development/documentation/feature_flags.md b/doc/development/documentation/feature_flags.md index 5cee300481b..a08052bf0e4 100644 --- a/doc/development/documentation/feature_flags.md +++ b/doc/development/documentation/feature_flags.md @@ -72,7 +72,7 @@ FLAG: A `FLAG` note renders on the GitLab documentation site as: FLAG: -On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](../../administration/feature_flags.md) named `example_flag`. +On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../../administration/feature_flags.md) named `example_flag`. On GitLab.com, this feature is not available. This feature is not ready for production use. @@ -80,15 +80,15 @@ This feature is not ready for production use. | If the feature is... | Use this text | |--------------------------|---------------| -| Available | ``On self-managed GitLab, by default this feature is available. To hide the feature, ask an administrator to [disable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | -| Unavailable | ``On self-managed GitLab, by default this feature is not available. To make it available, ask an administrator to [enable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | -| Available to some users | ``On self-managed GitLab, by default this feature is available to a subset of users. To show or hide the feature for all, ask an administrator to [change the status of the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | -| Available, per-group | ``On self-managed GitLab, by default this feature is available. To hide the feature per group, ask an administrator to [disable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | -| Unavailable, per-group | ``On self-managed GitLab, by default this feature is not available. To make it available per group, ask an administrator to [enable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | -| Available, per-project | ``On self-managed GitLab, by default this feature is available. To hide the feature per project or for your entire instance, ask an administrator to [disable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | -| Unavailable, per-project | ``On self-managed GitLab, by default this feature is not available. To make it available per project or for your entire instance, ask an administrator to [enable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | -| Available, per-user | ``On self-managed GitLab, by default this feature is available. To hide the feature per user, ask an administrator to [disable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | -| Unavailable, per-user | ``On self-managed GitLab, by default this feature is not available. To make it available per user, ask an administrator to [enable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Available | ``On self-managed GitLab, by default this feature is available. To hide the feature, an administrator can [disable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Unavailable | ``On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Available to some users | ``On self-managed GitLab, by default this feature is available to a subset of users. To show or hide the feature for all, an administrator can [change the status of the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Available, per-group | ``On self-managed GitLab, by default this feature is available. To hide the feature per group, an administrator can [disable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Unavailable, per-group | ``On self-managed GitLab, by default this feature is not available. To make it available per group, an administrator can [enable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Available, per-project | ``On self-managed GitLab, by default this feature is available. To hide the feature per project or for your entire instance, an administrator can [disable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Unavailable, per-project | ``On self-managed GitLab, by default this feature is not available. To make it available per project or for your entire instance, an administrator can [enable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Available, per-user | ``On self-managed GitLab, by default this feature is available. To hide the feature per user, an administrator can [disable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | +| Unavailable, per-user | ``On self-managed GitLab, by default this feature is not available. To make it available per user, an administrator can [enable the feature flag](<path to>/administration/feature_flags.md) named `flag_name`.`` | ### GitLab.com availability information @@ -113,7 +113,7 @@ The following examples show the progression of a feature flag. FLAG: On self-managed GitLab, by default this feature is not available. To make it available, -ask an administrator to [enable the feature flag](../administration/feature_flags.md) named `forti_token_cloud`. +an administrator can [enable the feature flag](../administration/feature_flags.md) named `forti_token_cloud`. The feature is not ready for production use. ``` @@ -125,7 +125,7 @@ When the feature is enabled in production, you can update the version history: FLAG: On self-managed GitLab, by default this feature is available. To hide the feature per user, -ask an administrator to [disable the feature flag](../administration/feature_flags.md) named `forti_token_cloud`. +an administrator can [disable the feature flag](../administration/feature_flags.md) named `forti_token_cloud`. ``` And, when the feature is done and fully available to all users: diff --git a/doc/topics/build_your_application.md b/doc/topics/build_your_application.md index 340cb7a1db8..48e81e26b02 100644 --- a/doc/topics/build_your_application.md +++ b/doc/topics/build_your_application.md @@ -4,14 +4,10 @@ group: unassigned info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments --- -# Build your application **(FREE)** +# Use CI/CD to build your application **(FREE)** Add your source code to a repository, create merge requests to check in code, and use CI/CD to generate your application. Include packages in your app and output it to a variety of environments. -- [Repositories](../user/project/repository/index.md) -- [Merge requests](../user/project/merge_requests/index.md) - [CI/CD](../ci/index.md) - [Runners](https://docs.gitlab.com/runner/) -- [GitLab Pages](../user/project/pages/index.md) -- [Packages and registries](../user/packages/index.md) diff --git a/doc/topics/manage_code.md b/doc/topics/manage_code.md new file mode 100644 index 00000000000..e37be90c0d6 --- /dev/null +++ b/doc/topics/manage_code.md @@ -0,0 +1,10 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +--- + +# Manage your code **(FREE)** + +- [Repositories](../user/project/repository/index.md) +- [Merge requests](../user/project/merge_requests/index.md) diff --git a/doc/topics/release_your_application.md b/doc/topics/release_your_application.md index e8dba553cab..3cc5e9a66b3 100644 --- a/doc/topics/release_your_application.md +++ b/doc/topics/release_your_application.md @@ -15,8 +15,10 @@ release features incrementally. - [Environments and deployments](../ci/environments/index.md) - [Releases](../user/project/releases/index.md) +- [Packages and registries](../user/packages/index.md) - [Review Apps](../ci/review_apps/index.md) - [Feature flags](../operations/feature_flags.md) +- [GitLab Pages](../user/project/pages/index.md) ## Related topics diff --git a/doc/update/deprecations.md b/doc/update/deprecations.md index 0e172a1d311..99a89a419f0 100644 --- a/doc/update/deprecations.md +++ b/doc/update/deprecations.md @@ -710,6 +710,24 @@ The [`gitlab-runner exec`](https://docs.gitlab.com/runner/commands/#gitlab-runne <div class="deprecation breaking-change" data-milestone="17.0"> +### The pull-based deployment features of the GitLab agent for Kubernetes is deprecated + +<div class="deprecation-notes"> +- Announced in: GitLab <span class="milestone">16.2</span> +- This is a [breaking change](https://docs.gitlab.com/ee/update/terminology.html#breaking-change). +- To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/406545). +</div> + +We are deprecating the built-in pull-based deployment features of the GitLab agent for Kubernetes in favor of Flux and related integrations. + +The GitLab agent for Kubernetes **is not deprecated**. This change affects only the pull-based functionality of the agent. All other functionality will remain intact, and GitLab will continue to support the agent for Kubernetes. + +If you use the agent for pull-based deployments, you should [migrate to Flux](https://docs.gitlab.com/ee/user/clusters/agent/gitops/agent.html#migrate-to-flux). Because Flux is a mature CNCF project for GitOps, we decided to [integrate Flux with GitLab in February 2023](https://about.gitlab.com/blog/2023/02/08/why-did-we-choose-to-integrate-fluxcd-with-gitlab/). + +</div> + +<div class="deprecation breaking-change" data-milestone="17.0"> + ### Trigger jobs can mirror downstream pipeline status exactly <div class="deprecation-notes"> @@ -2622,8 +2640,8 @@ This change will be reflected in the automatic language detection portion of the If you've already dismissed a vulnerability finding from one of the deprecated analyzers, the replacement attempts to respect your previous dismissal. The system behavior depends on: -- whether you’ve excluded the Semgrep-based analyzer from running in the past. -- which analyzer first discovered the vulnerabilities shown in the project’s Vulnerability Report. +- whether you've excluded the Semgrep-based analyzer from running in the past. +- which analyzer first discovered the vulnerabilities shown in the project's Vulnerability Report. See [Vulnerability translation documentation](https://docs.gitlab.com/ee/user/application_security/sast/analyzers.html#vulnerability-translation) for further details. @@ -3283,7 +3301,7 @@ You should [opt in](https://docs.gitlab.com/ee/integration/oauth_provider.html#e tokens before GitLab 15.0 is released: 1. Edit the application. -1. Select **Expire access tokens** to enable them. Tokens must be revoked or they don’t expire. +1. Select **Expire access tokens** to enable them. Tokens must be revoked or they don't expire. </div> @@ -3372,7 +3390,10 @@ If you rely on Java 8 being present in the analyzer environment, you must take a - To discuss this change or learn more, see the [deprecation issue](https://gitlab.com/gitlab-org/gitlab/-/issues/359133). </div> -As Advanced Search migrations usually require support multiple code paths for a long period of time, it’s important to clean those up when we safely can. We use GitLab major version upgrades as a safe time to remove backward compatibility for indices that have not been fully migrated. See the [upgrade documentation](https://docs.gitlab.com/ee/update/index.html#upgrading-to-a-new-major-version) for details. +As Advanced Search migrations usually require support multiple code paths for a long period of time, +it's important to clean those up when we safely can. We use GitLab major version upgrades as a safe +time to remove backward compatibility for indices that have not been fully migrated. See the +[upgrade documentation](https://docs.gitlab.com/ee/update/index.html#upgrading-to-a-new-major-version) for details. </div> @@ -3737,7 +3758,7 @@ To simplify setting a test coverage pattern, in GitLab 15.0 the [project setting for test coverage parsing](https://docs.gitlab.com/ee/ci/pipelines/settings.html#add-test-coverage-results-using-project-settings-removed) is being removed. -Instead, using the project’s `.gitlab-ci.yml`, provide a regular expression with the `coverage` keyword to set +Instead, using the project's `.gitlab-ci.yml`, provide a regular expression with the `coverage` keyword to set testing coverage results in merge requests. </div> diff --git a/doc/user/admin_area/settings/files_api_rate_limits.md b/doc/user/admin_area/settings/files_api_rate_limits.md index 9f7a2d13b8e..c87cac2b8ac 100644 --- a/doc/user/admin_area/settings/files_api_rate_limits.md +++ b/doc/user/admin_area/settings/files_api_rate_limits.md @@ -1,51 +1,11 @@ --- -stage: Create -group: Source Code -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments -type: reference +redirect_to: '../../../administration/settings/files_api_rate_limits.md' +remove_date: '2023-10-14' --- -# Rate limits on Repository files API **(FREE SELF)** +This document was moved to [another location](../../../administration/settings/files_api_rate_limits.md). -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/68561) in GitLab 14.3. -> - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/75918) in GitLab 14.6. [Feature flag `files_api_throttling`](https://gitlab.com/gitlab-org/gitlab/-/issues/338903) removed. - -The [Repository files API](../../../api/repository_files.md) enables you to -fetch, create, update, and delete files in your repository. To improve the security -and durability of your web application, you can enforce -[rate limits](../../../security/rate_limits.md) on this API. Any rate limits you -create for the Files API override the [general user and IP rate limits](user_and_ip_rate_limits.md). - -## Define Files API rate limits - -Rate limits for the Files API are disabled by default. When enabled, they supersede -the general user and IP rate limits for requests to the -[Repository files API](../../../api/repository_files.md). You can keep any general user -and IP rate limits already in place, and increase or decrease the rate limits -for the Files API. No other new features are provided by this override. - -Prerequisite: - -- You must have administrator access to the instance. - -To override the general user and IP rate limits for requests to the Repository files API: - -1. On the left sidebar, expand the top-most chevron (**{chevron-down}**). -1. Select **Admin Area**. -1. Select **Settings > Network**. -1. Expand **Files API Rate Limits**. -1. Select the checkboxes for the types of rate limits you want to enable: - - **Unauthenticated API request rate limit** - - **Authenticated API request rate limit** -1. If you selected **unauthenticated**: - 1. Select the **Max unauthenticated API requests per period per IP**. - 1. Select the **Unauthenticated API rate limit period in seconds**. -1. If you selected **authenticated**: - 1. Select the **Max authenticated API requests per period per user**. - 1. Select the **Authenticated API rate limit period in seconds**. - -## Related topics - -- [Rate limits](../../../security/rate_limits.md) -- [Repository files API](../../../api/repository_files.md) -- [User and IP rate limits](user_and_ip_rate_limits.md) +<!-- This redirect file can be deleted after <2023-10-14>. --> +<!-- Redirects that point to other docs in the same project expire in three months. --> +<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html --> diff --git a/doc/user/clusters/agent/gitops/agent.md b/doc/user/clusters/agent/gitops/agent.md index 4c9fb8e0e31..07ed2b3a691 100644 --- a/doc/user/clusters/agent/gitops/agent.md +++ b/doc/user/clusters/agent/gitops/agent.md @@ -4,7 +4,7 @@ group: Environments info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments --- -# Using GitOps with the agent for Kubernetes **(FREE)** +# Using GitOps with the agent for Kubernetes (deprecated) **(FREE)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259669) in GitLab 13.7. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332227) in GitLab 14.0, the `resource_inclusions` and `resource_exclusions` attributes were removed and `reconcile_timeout`, `dry_run_strategy`, `prune`, `prune_timeout`, `prune_propagation_policy`, and `inventory_policy` attributes were added. @@ -12,9 +12,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/346585) to make the `id` attribute optional in GitLab 15.7. > - Specifying a branch, tag, or commit reference to fetch the Kubernetes manifest files [introduced](https://gitlab.com/groups/gitlab-org/-/epics/4516) in GitLab 15.7. -NOTE: -From GitLab 15.10, you should use [Flux](../gitops.md) for GitOps. For more information, see -[this announcement blog post](https://about.gitlab.com/blog/2023/02/08/why-did-we-choose-to-integrate-fluxcd-with-gitlab/). +WARNING: +This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/406545) in GitLab 16.2. You should use the [Flux integration](../gitops.md) for GitOps. This diagram shows the repositories and main actors in a GitOps deployment: @@ -125,7 +124,7 @@ To get the most out of your Flux integration, see the [Flux Kustomization CRD](h To update a Kubernetes cluster by using GitOps, complete the following steps. -1. Ensure you have a working Kubernetes cluster, and that the manifests or [Helm charts](helm.md) are in a GitLab project. +1. Ensure you have a working Kubernetes cluster, and that the manifests are in a GitLab project. 1. In the same project, [register and install the GitLab agent](../install/index.md). 1. Configure the agent configuration file so that the agent monitors the project for changes to the Kubernetes manifests. Use the [GitOps configuration reference](#gitops-configuration-reference) for guidance. @@ -208,7 +207,6 @@ are checked for drift. This facilitates the use of in-cluster controllers to mod ## Related topics -- [Deploying Helm charts with the GitOps workflow](helm.md) - [GitOps working examples for training and demos](https://gitlab.com/groups/guided-explorations/gl-k8s-agent/gitops/-/wikis/home) - [Self-paced classroom workshop](https://gitlab-for-eks.awsworkshop.io) (Uses AWS EKS, but you can use for other Kubernetes clusters) - [Managing Kubernetes secrets in a GitOps workflow](secrets_management.md) diff --git a/doc/user/clusters/agent/gitops/helm.md b/doc/user/clusters/agent/gitops/helm.md index 182fd87e6f9..22587cd0e5d 100644 --- a/doc/user/clusters/agent/gitops/helm.md +++ b/doc/user/clusters/agent/gitops/helm.md @@ -1,152 +1,11 @@ --- -stage: Deploy -group: Environments -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments +redirect_to: '../gitops.md' +remove_date: '2023-10-22' --- -# Using Helm charts to update a Kubernetes cluster (Experiment) **(FREE)** +This document was moved to [another location](../gitops.md). -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/371019) in GitLab 15.4. -> - Specifying a branch, tag, or commit reference to fetch the Kubernetes manifest files [introduced](https://gitlab.com/groups/gitlab-org/-/epics/4516) in GitLab 15.7. - -You can deploy Helm charts to your Kubernetes cluster and keep the resources in your cluster in sync -with your charts and values. To do this, you use the pull-based GitOps features of the agent for -Kubernetes. - -This feature is an Experiment and [an epic exists](https://gitlab.com/groups/gitlab-org/-/epics/7938) -to track future work. Tell us about your use cases by leaving comments in the epic. - -NOTE: -This feature is an Experiment. In future releases, to accommodate new features, the configuration format might change without notice. - -## GitOps workflow steps - -To update a Kubernetes cluster by using GitOps with charts, complete the following steps. - -1. Ensure you have a working Kubernetes cluster, and that the chart is in a GitLab project. -1. In the same project, [register and install the GitLab agent](../install/index.md). -1. Configure the agent configuration file so that the agent monitors the project for changes to the chart. - Use the [GitOps configuration reference](#helm-configuration-reference) for guidance. - -## Helm chart with GitOps workflow - -To update a Kubernetes cluster by using Helm charts: - -1. Ensure you have a working Kubernetes cluster. -1. In a GitLab project: - - Store your Helm charts. - - [Register and install the GitLab agent](../install/index.md). -1. Update the agent configuration file so that the agent monitors the project for changes to the chart. - Use the [configuration reference](#helm-configuration-reference) for guidance. - -Any time you commit updates to your chart repository, the agent applies the chart in the cluster. - -## Helm configuration reference - -The following snippet shows an example of the possible keys and values for the GitOps section of an [agent configuration file](../install/index.md#create-an-agent-configuration-file) (`config.yaml`). - -```yaml -gitops: - charts: - - release_name: my-application-release - source: - project: - id: my-group/my-project-with-chart - ref: - branch: production - path: dir-in-project/with/charts - namespace: my-ns - max_history: 1 - values: - - inline: - someKey: example value -``` - -| Keyword | Description | -|--|--| -| `charts` | List of charts you want to be applied in your cluster. Charts are applied concurrently. | -| `release_name` | Required. Name of the release to use when applying the chart. | -| `values` | Optional. [Custom values](#custom-values) for the release. An array of objects. Only supports `inline` values. | -| `namespace` | Optional. Namespace to use when applying the chart. Defaults to `default`. | -| `max_history` | Optional. Maximum number of release [revisions to store in the cluster](https://helm.sh/docs/helm/helm_history/). | -| `source` | Required. From where the chart should get installed. Only supports project sources. | -| `source.project.id` | Required. ID of the project where Helm chart is committed. Authentication is not supported. | -| `source.project.ref` | Optional. Git reference in the configured Git repository to fetch the Chart from. If not specified or empty, the default branch is used. If specified, it must contain either `branch`, `tag`, or `commit`. | -| `source.project.ref.branch` | Branch name in the configured Git repository to fetch the Chart from. | -| `source.project.ref.tag` | Tag name in the configured Git repository to fetch the Chart from. | -| `source.project.ref.commit` | Commit SHA in the configured Git repository to fetch the Chart from. | -| `source.project.path` | Optional. Path of the chart in the project repository. Root of the repository is used by default. Should be the directory with the `Chart.yaml` file. | - -## Custom values - -> [Introduced](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/merge_requests/766) in GitLab 15.6. Requires both GitLab and the installed agent to be version 15.6 or later. - -To customize the values for a release, set the `values` key. It must be -an array of objects. Each object must have exactly one top-level key that describes -where the values come from. The supported top-level keys are: - -- `inline`: Specify the values inline in YAML format, similar to a Helm values - file. - -When installing a chart with custom values: - -- Custom values get merged on top of the chart's default `values.yaml` file. -- Values from subsequent entries in the `values` array overwrite values from - previous entries. - -Example: - -```yaml -gitops: - charts: - - release_name: some-release - values: - - inline: - someKey: example value - # ... -``` - -## Automatic drift remediation - -Drift happens when the current configuration of an infrastructure resource differs from its desired configuration. -Typically, drift is caused by manually editing resources directly, rather than by editing the code that describes the desired state. Minimizing the risk of drift helps to ensure configuration consistency and successful operations. - -In GitLab, the agent for Kubernetes regularly compares the desired state from the chart source with -the actual state from the Kubernetes cluster. Deviations from the desired state are fixed at every check. These checks -happen automatically every 5 minutes. They are not configurable. - -## Example repository layout - -```plaintext -/my-chart - ├── templates - | └── ... - ├── charts - | └── ... - ├── Chart.yaml - ├── Chart.lock - ├── values.yaml - ├── values.schema.json - └── some-file-used-in-chart.txt -``` - -## Known issues - -The following are known issues: - -- Your chart must be in a GitLab project. The project must be an agent configuration project or a public - project. This known issue also exists for manifest-based GitOps and is tracked in - [this epic](https://gitlab.com/groups/gitlab-org/-/epics/7704). -- Values for the chart must be in a `values.yaml` file. This file must be with the chart, - in the same project and path. -- Because of drift detection and remediation, the release history stored in the cluster is not useful. - A new release is created every five minutes and the oldest release is discarded. - Eventually history consists only of the same information. - View [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/372023) for details. - -## Troubleshooting - -### Agent cannot find values for the chart - -Make sure values are in `values.yaml` and in the same directory as the `Chart.yaml` file. -The filename must be lowercase, with `.yaml` extension (not `.yml`). +<!-- This redirect file can be deleted after 2023-10-22. --> +<!-- Redirects that point to other docs in the same project expire in three months. --> +<!-- Redirects that point to docs in a different project or site (for example, link is not relative and starts with `https:`) expire in one year. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html --> diff --git a/doc/user/clusters/agent/gitops/secrets_management.md b/doc/user/clusters/agent/gitops/secrets_management.md index 6e1b7da9c6c..a9590f34183 100644 --- a/doc/user/clusters/agent/gitops/secrets_management.md +++ b/doc/user/clusters/agent/gitops/secrets_management.md @@ -4,7 +4,11 @@ group: Environments info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments --- -# Managing Kubernetes secrets in a GitOps workflow +# Managing Kubernetes secrets in a GitOps workflow (deprecated) + +WARNING: +This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/406545) in GitLab 16.2. +To manage cluster resources with GitOps, you should use the [Flux integration](../../../clusters/agent/gitops.md). You should never store Kubernetes secrets in unencrypted form in a `git` repository. If you use a GitOps workflow, you can follow these steps to securely manage your secrets. diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md index 54559ef93b4..504e59dd97f 100644 --- a/doc/user/gitlab_com/index.md +++ b/doc/user/gitlab_com/index.md @@ -26,15 +26,23 @@ GitLab.com uses the default [SSH key restrictions](../../security/ssh_keys_restr ## SSH host keys fingerprints -Below are the fingerprints for SSH host keys on GitLab.com. The first time you -connect to a GitLab.com repository, one of these keys is displayed in the output. +Go to the current instance configuration to see the SSH host key fingerprints on +GitLab.com. + +1. Sign in to GitLab. +1. On the left sidebar, select **Help** (**{question-o}**) > **Help**. +1. On the Help page, select **Check the current instance configuration**. + +In the instance configuration, you see the **SSH host key fingerprints**: | Algorithm | MD5 (deprecated) | SHA256 | |------------------|------------------|---------| +| ECDSA | `f1:d0:fb:46:73:7a:70:92:5a:ab:5d:ef:43:e2:1c:35` | `HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw` | | ED25519 | `2e:65:6a:c8:cf:bf:b2:8b:9a:bd:6d:9f:11:5c:12:16` | `eUXGGm1YGsMAS7vkcx6JOJdOGHPem5gQp4taiCfCLB8` | | RSA | `b6:03:0e:39:97:9e:d0:e7:24:ce:a3:77:3e:01:42:09` | `ROQFvPThGrW4RuWLoL9tq9I9zJ42fK4XywyRtbOz/EQ` | -| DSA (deprecated) | `7a:47:81:3a:ee:89:89:64:33:ca:44:52:3d:30:d4:87` | `p8vZBUOR0XQz6sYiaWSMLmh0t9i8srqYKool/Xfdfqw` | -| ECDSA | `f1:d0:fb:46:73:7a:70:92:5a:ab:5d:ef:43:e2:1c:35` | `HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw` | + +The first time you connect to a GitLab.com repository, one of these keys is +displayed in the output. ## SSH `known_hosts` entries diff --git a/doc/user/infrastructure/clusters/deploy/inventory_object.md b/doc/user/infrastructure/clusters/deploy/inventory_object.md index 50185966267..4c55a87a52c 100644 --- a/doc/user/infrastructure/clusters/deploy/inventory_object.md +++ b/doc/user/infrastructure/clusters/deploy/inventory_object.md @@ -4,11 +4,15 @@ group: Environments info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/product/ux/technical-writing/#assignments --- -# Tracking cluster resources managed by GitLab **(FREE)** +# Tracking cluster resources managed by GitLab (deprecated) **(FREE)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332227) in GitLab 14.0. > - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/346567) from GitLab Premium to GitLab Free in 15.3. +WARNING: +This feature was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/406545) in GitLab 16.2. +To manage cluster resources with GitOps, you should use the [Flux integration](../../../clusters/agent/gitops.md). + GitLab uses an inventory object to track the resources you deploy to your cluster. The inventory object is a `ConfigMap` that contains a list of controlled objects. The managed resources use the `cli-utils.sigs.k8s.io/inventory-id` annotation. diff --git a/doc/user/project/merge_requests/reviews/suggestions.md b/doc/user/project/merge_requests/reviews/suggestions.md index 933713d4fef..a5fcdae12b8 100644 --- a/doc/user/project/merge_requests/reviews/suggestions.md +++ b/doc/user/project/merge_requests/reviews/suggestions.md @@ -76,11 +76,11 @@ FLAG: On self-managed GitLab, by default this feature is available. To hide the feature, ask an administrator to [disable the feature flag](../../../../administration/feature_flags.md) named `content_editor_on_issues`. On GitLab.com, this feature is available. -When you insert suggestions using the WYSIWYG -[rich text editor](https://about.gitlab.com/direction/plan/knowledge/content_editor/), you can step +When you insert suggestions, you can use the WYSIWYG +[rich text editor](https://about.gitlab.com/direction/plan/knowledge/content_editor/) to move up and down the source file's line numbers in the UI. -To add or subtract changed lines, next to **From lines**, select **+** or **-**. +To add or subtract changed lines, next to **From line**, select **+** or **-**.  diff --git a/doc/user/project/repository/mirror/index.md b/doc/user/project/repository/mirror/index.md index a013b8a9560..58c6c343282 100644 --- a/doc/user/project/repository/mirror/index.md +++ b/doc/user/project/repository/mirror/index.md @@ -95,6 +95,9 @@ You can also manually trigger an update: - According to [the pull mirroring interval limit](../../../../administration/instance_limits.md#pull-mirroring-interval) set by the administrator on self-managed instances. +NOTE: +[GitLab Silent Mode](../../../../administration/silent_mode/index.md) disables both push and pull updates. + ### Force an update While mirrors are scheduled to update automatically, you can force an immediate update unless: diff --git a/doc/user/project/repository/mirror/pull.md b/doc/user/project/repository/mirror/pull.md index 7f4aa66d8df..56e85157c03 100644 --- a/doc/user/project/repository/mirror/pull.md +++ b/doc/user/project/repository/mirror/pull.md @@ -55,13 +55,14 @@ After you configure a GitLab repository as a pull mirror: ## Configure pull mirroring -Prerequisite: +Prerequisites: - If your remote repository is on GitHub and you have [two-factor authentication (2FA) configured](https://docs.github.com/en/authentication/securing-your-account-with-two-factor-authentication-2fa), create a [personal access token for GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) with the `repo` scope. If 2FA is enabled, this personal access token serves as your GitHub password. +- [GitLab Silent Mode](../../../../administration/silent_mode/index.md) is not enabled. 1. On the left sidebar, at the top, select **Search GitLab** (**{search}**) to find your project. 1. Select **Settings > Repository**. diff --git a/doc/user/project/repository/mirror/push.md b/doc/user/project/repository/mirror/push.md index 857cd80cde2..26a60002f0e 100644 --- a/doc/user/project/repository/mirror/push.md +++ b/doc/user/project/repository/mirror/push.md @@ -30,6 +30,9 @@ it is deleted from the remote mirror on the next push. Branches with unmerged changes are kept. If a branch diverges, the **Mirroring repositories** section displays an error. +[GitLab Silent Mode](../../../../administration/silent_mode/index.md) disables pushing to, +and pulling from, remote mirrors. + ## Configure push mirroring To set up push mirroring for an existing project: diff --git a/qa/qa/page/component/dropdown.rb b/qa/qa/page/component/dropdown.rb index f0cab83686d..5f60a789900 100644 --- a/qa/qa/page/component/dropdown.rb +++ b/qa/qa/page/component/dropdown.rb @@ -33,8 +33,9 @@ module QA def clear_current_selection_if_present expand_select_list unless dropdown_open? + Support::WaitForRequests.wait_for_requests - if has_css?('button[data-testid="listbox-reset-button"]') + if has_css?('button[data-testid="listbox-reset-button"]', wait: 0) find('button[data-testid="listbox-reset-button"]').click end diff --git a/scripts/rspec_helpers.sh b/scripts/rspec_helpers.sh index bb81972b6b8..fd478cbd3ae 100644 --- a/scripts/rspec_helpers.sh +++ b/scripts/rspec_helpers.sh @@ -123,7 +123,7 @@ function rspec_simple_job_with_retry () { function rspec_db_library_code() { local db_files="spec/lib/gitlab/database/" - rspec_simple_job_with_retry "-- ${db_files}" + rspec_simple_job_with_retry "--tag ~click_house -- ${db_files}" } # Below is the list of options (https://linuxcommand.org/lc3_man_pages/seth.html) diff --git a/spec/lib/gitlab/database/click_house_client_spec.rb b/spec/lib/gitlab/database/click_house_client_spec.rb index 9260475fa4f..16b7fb82c4a 100644 --- a/spec/lib/gitlab/database/click_house_client_spec.rb +++ b/spec/lib/gitlab/database/click_house_client_spec.rb @@ -3,9 +3,31 @@ require 'spec_helper' RSpec.describe 'ClickHouse::Client', feature_category: :database do - it 'does not have any databases configured' do - databases = ClickHouse::Client.configuration.databases + context 'when click_house spec tag is not added' do + it 'does not have any ClickHouse databases configured' do + databases = ClickHouse::Client.configuration.databases - expect(databases).to be_empty + expect(databases).to be_empty + end + end + + describe 'when click_house spec tag is added', :click_house do + around do |example| + with_net_connect_allowed do + example.run + end + end + + it 'has a ClickHouse database configured' do + databases = ClickHouse::Client.configuration.databases + + expect(databases).not_to be_empty + end + + it 'returns data from the DB' do + result = ClickHouse::Client.execute("SELECT 1 AS value", :main) + + expect(result).to eq([{ 'value' => 1 }]) + end end end diff --git a/spec/lib/gitlab/usage_data_metrics_spec.rb b/spec/lib/gitlab/usage_data_metrics_spec.rb index 1f52819fd9e..e8881e986eb 100644 --- a/spec/lib/gitlab/usage_data_metrics_spec.rb +++ b/spec/lib/gitlab/usage_data_metrics_spec.rb @@ -4,6 +4,8 @@ require 'spec_helper' RSpec.describe Gitlab::UsageDataMetrics, :with_license, feature_category: :service_ping do describe '.uncached_data' do + let(:aggregate) { instance_double('Gitlab::Usage::Metrics::Aggregates::Aggregate') } + subject { described_class.uncached_data } around do |example| @@ -13,6 +15,11 @@ RSpec.describe Gitlab::UsageDataMetrics, :with_license, feature_category: :servi end before do + # stub time-consuming and unnecessary computation + allow(Gitlab::UsageDataCounters::HLLRedisCounter).to receive(:unique_events).and_return(1) + allow(Gitlab::Usage::Metrics::Aggregates::Aggregate).to receive(:new).and_return(aggregate) + allow(aggregate).to receive(:calculate_count_for_aggregation).and_return(1) + allow_next_instance_of(Gitlab::Database::BatchCounter) do |batch_counter| allow(batch_counter).to receive(:transaction_open?).and_return(false) end |