diff options
Diffstat (limited to 'doc/integration')
| -rw-r--r-- | doc/integration/advanced_search/elasticsearch.md | 6 | ||||
| -rw-r--r-- | doc/integration/clickhouse.md | 126 | ||||
| -rw-r--r-- | doc/integration/diffblue_cover.md | 89 | ||||
| -rw-r--r-- | doc/integration/gitpod.md | 4 | ||||
| -rw-r--r-- | doc/integration/img/diffblue_cover_diff_v16_8.png | bin | 0 -> 95590 bytes | |||
| -rw-r--r-- | doc/integration/img/diffblue_cover_workflow_after_v16_8.png | bin | 0 -> 42684 bytes | |||
| -rw-r--r-- | doc/integration/img/gitpod_web_interface_v13_4.png | bin | 99925 -> 0 bytes | |||
| -rw-r--r-- | doc/integration/index.md | 1 | ||||
| -rw-r--r-- | doc/integration/jira/connect-app.md | 8 | ||||
| -rw-r--r-- | doc/integration/jira/dvcs/troubleshooting.md | 30 | ||||
| -rw-r--r-- | doc/integration/jira/troubleshooting.md | 10 | ||||
| -rw-r--r-- | doc/integration/kerberos.md | 2 | ||||
| -rw-r--r-- | doc/integration/partner_marketplace.md | 8 | ||||
| -rw-r--r-- | doc/integration/saml.md | 16 | ||||
| -rw-r--r-- | doc/integration/shibboleth.md | 2 | ||||
| -rw-r--r-- | doc/integration/sourcegraph.md | 2 | ||||
| -rw-r--r-- | doc/integration/vault.md | 2 |
17 files changed, 261 insertions, 45 deletions
diff --git a/doc/integration/advanced_search/elasticsearch.md b/doc/integration/advanced_search/elasticsearch.md index 0a456e6c73e..896ad18033b 100644 --- a/doc/integration/advanced_search/elasticsearch.md +++ b/doc/integration/advanced_search/elasticsearch.md @@ -997,7 +997,7 @@ To create both an indexing and a non-indexing Sidekiq process in one node: ``` 1. Save the file and [reconfigure GitLab](../../administration/restart_gitlab.md) -for the changes to take effect. + for the changes to take effect. 1. On all other Rails and Sidekiq nodes, ensure that `sidekiq['routing_rules']` is the same as above. 1. Run the Rake task to [migrate existing jobs](../../administration/sidekiq/sidekiq_job_migration.md): @@ -1029,7 +1029,7 @@ To handle these queue groups on two nodes: ``` 1. Save the file and [reconfigure GitLab](../../administration/restart_gitlab.md) -for the changes to take effect. + for the changes to take effect. 1. To set up the non-indexing Sidekiq process, on your non-indexing Sidekiq node, change the `/etc/gitlab/gitlab.rb` file to: @@ -1052,7 +1052,7 @@ for the changes to take effect. 1. On all other Rails and Sidekiq nodes, ensure that `sidekiq['routing_rules']` is the same as above. 1. Save the file and [reconfigure GitLab](../../administration/restart_gitlab.md) -for the changes to take effect. + for the changes to take effect. 1. Run the Rake task to [migrate existing jobs](../../administration/sidekiq/sidekiq_job_migration.md): ```shell diff --git a/doc/integration/clickhouse.md b/doc/integration/clickhouse.md new file mode 100644 index 00000000000..1382488ad57 --- /dev/null +++ b/doc/integration/clickhouse.md @@ -0,0 +1,126 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments +--- + +# ClickHouse integration guidelines **(EXPERIMENT)** + +This feature is an [Experiment](../policy/experiment-beta-support.md). + +Instructions about how to setup integration between GitLab and ClickHouse database. + +## Setup + +To setup ClickHouse as the GitLab data storage: + +1. [Run ClickHouse Cluster and configure database](#run-and-configure-clickhouse). +1. [Configure GitLab connection to Clickhouse](#configure-the-gitlab-connection-to-clickhouse). +1. [Run ClickHouse migrations](#run-clickhouse-migrations). + +### Run and configure ClickHouse + +The most straightforward way to run ClickHouse is with [ClickHouse Cloud](https://clickhouse.cloud/). +You can also [run ClickHouse on your own server](https://clickhouse.com/docs/en/install). Refer to the ClickHouse +documentation regarding [recommendations for self-managed instances](https://clickhouse.com/docs/en/install#recommendations-for-self-managed-clickhouse). + +When you run ClickHouse on a hosted server, various data points might impact the resource consumption, like the number +of builds that run on your instance each month, the selected hardware, the data center choice to host ClickHouse, and more. +Regardless, the cost should not be significant. + +NOTE: +ClickHouse is a secondary data store for GitLab. All your data is still stored in Postgres, +and only duplicated in ClickHouse for analytics purposes. + +To create necessary user and database objects: + +1. Generate a secure password and save it. +1. Sign in to the ClickHouse SQL console. +1. Execute the following command. Replace `PASSWORD_HERE` with the generated password. + + ```sql + CREATE DATABASE gitlab_clickhouse_main_production; + CREATE USER gitlab IDENTIFIED WITH sha256_password BY 'PASSWORD_HERE'; + CREATE ROLE gitlab_app; + GRANT SELECT, INSERT, ALTER, CREATE, UPDATE, DROP, TRUNCATE, OPTIMIZE ON gitlab_clickhouse_main_production.* TO gitlab_app; + GRANT gitlab_app TO gitlab; + ``` + +### Configure the GitLab connection to ClickHouse + +::Tabs + +:::TabTitle Linux package + +To provide GitLab with ClickHouse credentials: + +1. Edit `/etc/gitlab/gitlab.rb`: + + ```ruby + gitlab_rails['clickhouse_databases']['main']['database'] = 'gitlab_clickhouse_main_production' + gitlab_rails['clickhouse_databases']['main']['url'] = 'https://example.com/path' + gitlab_rails['clickhouse_databases']['main']['username'] = 'gitlab' + gitlab_rails['clickhouse_databases']['main']['password'] = 'PASSWORD_HERE' # replace with the actual password + ``` + +1. Save the file and reconfigure GitLab: + + ```shell + sudo gitlab-ctl reconfigure + ``` + +:::TabTitle Helm chart (Kubernetes) + +1. Save the ClickHouse password as a Kubernetes Secret: + + ```shell + kubectl create secret generic gitlab-clickhouse-password --from-literal="main_password=PASSWORD_HERE" + ``` + +1. Export the Helm values: + + ```shell + helm get values gitlab > gitlab_values.yaml + ``` + +1. Edit `gitlab_values.yaml`: + + ```yaml + global: + clickhouse: + enabled: true + main: + username: default + password: + secret: gitlab-clickhouse-password + key: main_password + database: gitlab_clickhouse_main_production + url: 'http://example.com' + ``` + +1. Save the file and apply the new values: + + ```shell + helm upgrade -f gitlab_values.yaml gitlab gitlab/gitlab + ``` + +::EndTabs + +To verify that your connection is set up successfully: + +1. Log in to [Rails console](../administration/operations/rails_console.md#starting-a-rails-console-session) +1. Execute the following: + + ```ruby + ClickHouse::Client.select('SELECT 1', :main) + ``` + + If successful, the command returns `[{"1"=>1}]` + +### Run ClickHouse migrations + +To create the required database objects execute: + +```shell +sudo gitlab-rake gitlab:clickhouse:migrate +``` diff --git a/doc/integration/diffblue_cover.md b/doc/integration/diffblue_cover.md new file mode 100644 index 00000000000..bd1d026b5ef --- /dev/null +++ b/doc/integration/diffblue_cover.md @@ -0,0 +1,89 @@ +--- +stage: Verify +group: Pipeline Execution +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments" +description: >- + How to configure the Diffblue Cover GitLab integration - Cover Pipeline for + GitLab +--- + +# Diffblue Cover **(FREE ALL)** + +You can integrate the [Diffblue Cover](https://www.diffblue.com/) reinforcement learning AI tool into your CI/CD pipelines, to automatically write and maintain Java unit tests for your GitLab projects. +The Diffblue Cover Pipeline for GitLab integration allows you to automatically: + +- Write a baseline unit test suite for your projects. +- Write new unit tests for new code. +- Update existing unit tests in your code. +- Remove existing unit tests in your code when they're no longer required. + + + +## Configure the integration + +To integrate Diffblue Cover into your pipeline: + +1. Find and configure the Diffblue Cover integration. +1. Configure a pipeline for a sample project using the GitLab pipeline editor and the Diffblue Cover pipeline template. +1. Create a full baseline unit test suite for the project. + +### Configure Diffblue Cover + +1. On the left sidebar, select **Search or go to** and find your project. + - If you want to test the integration with a sample project, you can [import](../user/project/import/repo_by_url.md) + the Diffblue [Spring PetClinic sample project](https://github.com/diffblue/demo-spring-petclinic). +1. Select **Settings > Integrations**. +1. Find **Diffblue Cover** and select **Configure**. +1. Complete the fields: + + - Select the **Active** checkbox. + - Enter your Diffblue Cover **License key** provided in your welcome email or by your organization. + If needed, select the [**Try Diffblue Cover**](https://www.diffblue.com/try-cover/gitlab) link to sign up for a free trial. + - Enter details of your GitLab access token (**Name** and **Secret**) to allow Diffblue Cover to access your project. + In general, use a GitLab [project access token](../user/project/settings/project_access_tokens.md) with the `Developer` role, plus `api` and `write_repository` scopes. + If necessary you can use a [group access token](../user/group/settings/group_access_tokens.md) or a [personal access token](../user/profile/personal_access_tokens.md), again with the `Developer` role, plus `api` and `write_repository` scopes. + + NOTE: + Using an access token with excessive permissions is a security risk. + If you use a Personal access token, consider creating a dedicated user with access limited to just the project, minimizing the impact of the token being leaked. + +1. Select **Save changes**. + Your Diffblue Cover integration is now <mark style="color:green;">**Active**</mark> and ready for use in your project. + +### Configure a pipeline + +Here we'll create a merge request pipeline for the project that will download the latest version of Diffblue Cover, build the project, write Java unit tests for the project, and commit the changes to the branch. + +1. On the left sidebar, select **Search or go to** and find your project. +1. Select **Build > Pipeline editor**. +1. Select **Configure pipeline** to create the `.gitlab-ci.yml` file. +1. Select **Browse templates** and find the `Diffblue-Cover.gitlab-ci.yml` template file. +1. Select the file and copy the contents to your project's `.gitlab-ci.yml` file. + + NOTE: + When using the Diffblue Cover pipeline template with your own project and existing pipeline file, add the Diffblue template content to your file and modify as needed. + For more information, see [Cover Pipeline for GitLab](https://docs.diffblue.com/features/cover-pipeline/cover-pipeline-for-gitlab) in the Diffblue documentation. + +1. Enter a commit message. +1. Enter a new **Branch** name. For example, `add-diffblue-cover-pipeline`. +1. Select **Start a new merge request with these changes**. +1. Select **Commit changes**. + +### Create a baseline unit test suite + +1. In the **New merge request** form, enter a **Title** (for example, "Add Cover pipeline and create baseline unit test suite") and fill out the other fields. +1. Select **Create merge request**. The merge request pipeline runs Diffblue Cover to create the baseline unit test suite for the project. +1. Once the pipeline completes, the changes can be reviewed from the **Changes** tab. When you're happy, merge the updates to your repo. Go to the `src/test` folders in the project repository to see the unit tests created by Diffblue Cover (suffixed with `*DiffblueTest.java`). + +## Subsequent code changes + +When performing subsequent code changes to a project, the merge request pipeline will run Diffblue Cover but will only update the associated tests. +The resulting diff can then be analyzed to check the new behavior, catch regressions, and spot any unplanned behavioral changes to the code. + + + +## Next steps + +This topic demonstrates some of the key features of Cover Pipeline for GitLab and how to use the integration in a pipeline. +The wider and deeper functionality, provided through `dcover` commands in the pipeline template, can be implemented to expand your unit test capabilities even further. +For more information, see [Cover Pipeline for GitLab](https://docs.diffblue.com/features/cover-pipeline/cover-pipeline-for-gitlab) in the Diffblue documentation. diff --git a/doc/integration/gitpod.md b/doc/integration/gitpod.md index 05ffaa98a42..2c074162634 100644 --- a/doc/integration/gitpod.md +++ b/doc/integration/gitpod.md @@ -16,9 +16,7 @@ your Git branches like a CI/CD server. This means you don't have to wait for dependencies to be downloaded and builds to finish, you can start coding immediately. With Gitpod you can start coding instantly on any project, branch, and merge -request from any device, at any time, from your browser: - - +request from your browser. To use the GitLab Gitpod integration, it must be enabled for your GitLab instance. Users of: diff --git a/doc/integration/img/diffblue_cover_diff_v16_8.png b/doc/integration/img/diffblue_cover_diff_v16_8.png Binary files differnew file mode 100644 index 00000000000..1ee4dd954af --- /dev/null +++ b/doc/integration/img/diffblue_cover_diff_v16_8.png diff --git a/doc/integration/img/diffblue_cover_workflow_after_v16_8.png b/doc/integration/img/diffblue_cover_workflow_after_v16_8.png Binary files differnew file mode 100644 index 00000000000..21345600125 --- /dev/null +++ b/doc/integration/img/diffblue_cover_workflow_after_v16_8.png diff --git a/doc/integration/img/gitpod_web_interface_v13_4.png b/doc/integration/img/gitpod_web_interface_v13_4.png Binary files differdeleted file mode 100644 index 5cd9a6aad0f..00000000000 --- a/doc/integration/img/gitpod_web_interface_v13_4.png +++ /dev/null diff --git a/doc/integration/index.md b/doc/integration/index.md index 736f25f71d8..2a3154a739d 100644 --- a/doc/integration/index.md +++ b/doc/integration/index.md @@ -1,6 +1,7 @@ --- stage: Manage group: Import and Integrate +description: Projects, issues, authentication, security providers. info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments --- diff --git a/doc/integration/jira/connect-app.md b/doc/integration/jira/connect-app.md index 6f6a882031a..2dac6dd5cf5 100644 --- a/doc/integration/jira/connect-app.md +++ b/doc/integration/jira/connect-app.md @@ -104,15 +104,15 @@ When configuring the GitLab for Jira Cloud app on GitLab.com, you might encounte For self-managed GitLab, see [GitLab for Jira Cloud app administration](../../administration/settings/jira_cloud_app_troubleshooting.md). -### `Failed to link group` +### Error when connecting the app -After you connect the GitLab for Jira Cloud app, you might get this error: +When you connect the GitLab for Jira Cloud app, you might get this error: ```plaintext Failed to link group. Please try again. ``` -`403` status code is returned if the user information cannot be fetched from Jira due to insufficient permissions. +A `403 Forbidden` is returned if the user information cannot be fetched from Jira because of insufficient permissions. -To resolve this issue, ensure that the Jira user that installs and configures the GitLab for Jira Cloud app meets certain +To resolve this issue, ensure the Jira user that installs and configures the app meets certain [requirements](../../administration/settings/jira_cloud_app.md#jira-user-requirements). diff --git a/doc/integration/jira/dvcs/troubleshooting.md b/doc/integration/jira/dvcs/troubleshooting.md index ee697f1bffd..04113975f06 100644 --- a/doc/integration/jira/dvcs/troubleshooting.md +++ b/doc/integration/jira/dvcs/troubleshooting.md @@ -6,9 +6,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Troubleshooting Jira DVCS connector **(FREE ALL)** -Refer to the items in this section if you're having problems with your Jira DVCS connector. +When working with the [Jira DVCS connector](index.md), you might encounter the following issues. -## Jira cannot access GitLab server +## Jira cannot access the GitLab server If you complete the **Add New Account** form, authorize access, and you receive this error, Jira and GitLab cannot connect. No other error messages @@ -20,9 +20,10 @@ Error obtaining access token. Cannot access https://gitlab.example.com from Jira ## Session token bug in Jira -When using GitLab 15.0 and later (including GitLab.com) with Jira Server, you might experience -a [session token bug in Jira](https://jira.atlassian.com/browse/JSWSERVER-21389). As a workaround, -ensure Jira Server is version 9.1.0 and later or 8.20.11 and later. +When you use GitLab 15.0 and later with Jira Server, you might encounter a +[session token bug in Jira](https://jira.atlassian.com/browse/JSWSERVER-21389). + +To resolve this issue, ensure Jira Server is version 9.1.0 and later or 8.20.11 and later. ## SSL and TLS problems @@ -42,7 +43,7 @@ Error obtaining access token. Cannot access https://gitlab.example.com from Jira issued by a public certificate authority, add the appropriate certificate (such as your organization's root certificate) to the Java Truststore on Jira Server. -For help with Jira setup, see the Atlassian documentation and Atlassian Support: +For more information about setting up Jira, see the Atlassian documentation and Atlassian Support. - [Add a certificate](https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html) to the trust store. @@ -68,7 +69,7 @@ The message `Successfully connected` indicates a successful TLS handshake. If there are problems, the Java TLS library generates errors that you can look up for more detail. -## Scope error when connecting to Jira using DVCS +## Scope error when connecting to Jira with DVCS ```plaintext The requested scope is invalid, unknown, or malformed. @@ -83,7 +84,7 @@ Potential resolutions: [GitLab account configuration](index.md#create-a-gitlab-application-for-dvcs). Review the **Scopes** field and ensure the `api` checkbox is selected. -## Jira error adding account and no repositories listed +## Error when adding an account in Jira After you complete the **Add New Account** form in Jira and authorize access, you might encounter these issues: @@ -100,13 +101,12 @@ To resolve this issue: [Contact GitLab Support](https://about.gitlab.com/support/) if none of these reasons apply. -## `410 : Gone` error when connecting to Jira - -When you connect to Jira and synchronize repositories, you may receive a `410 : Gone` error. +## `410 Gone` when connecting to Jira +When you connect to Jira and synchronize repositories, you might get a `410 Gone` error. This issue occurs when you use the Jira DVCS connector and your integration is configured to use **GitHub Enterprise**. -For more information and possible fixes, see [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/340160). +For more information, see [issue 340160](https://gitlab.com/gitlab-org/gitlab/-/issues/340160). ## Synchronization issues @@ -123,7 +123,7 @@ resynchronize the information: For more information, see the [Atlassian documentation](https://support.atlassian.com/jira-cloud-administration/docs/integrate-with-development-tools/). -## `Sync Failed` error when refreshing repository data +## `Sync Failed` when refreshing repository data If you get a `Sync Failed` error in Jira when [refreshing repository data](index.md#refresh-data-imported-to-jira) for specific projects, check your Jira DVCS connector logs. Look for errors that occur when executing requests to API resources in GitLab. For example: @@ -132,8 +132,8 @@ Failed to execute request [https://gitlab.com/api/v4/projects/:id/merge_requests {"message":"403 Forbidden"} ``` -If you find a `{"message":"403 Forbidden"}` error, it is possible that this specific project has some [GitLab features disabled](../../../user/project/settings/project_features_permissions.md#configure-project-features-and-permissions). -In the example above, the merge requests feature is disabled. +If you get a `403 Forbidden` error, this project might have some [GitLab features disabled](../../../user/project/settings/project_features_permissions.md#configure-project-features-and-permissions). +In the previous example, the merge requests feature is disabled. To resolve the issue, enable the relevant feature: diff --git a/doc/integration/jira/troubleshooting.md b/doc/integration/jira/troubleshooting.md index 6c8b49b4159..a9f190068b4 100644 --- a/doc/integration/jira/troubleshooting.md +++ b/doc/integration/jira/troubleshooting.md @@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Troubleshooting Jira issue integration **(FREE ALL)** -This page contains a list of common issues you might encounter when working with the [Jira issue integration](configure.md). +When working with the [Jira issue integration](configure.md), you might encounter the following issues. ## GitLab cannot link to a Jira issue @@ -70,7 +70,7 @@ If GitLab cannot close a Jira issue: - Ensure the transition ID you set in the Jira settings matches the one your project must have to close an issue. For more information, see - [automatic issue transitions](issues.md#automatic-issue-transitions) and [custom issue transitions](issues.md#custom-issue-transitions). + [Automatic issue transitions](issues.md#automatic-issue-transitions) and [Custom issue transitions](issues.md#custom-issue-transitions). - Make sure the Jira issue is not already marked as resolved: - Check the Jira issue resolution field is not set. - Check the issue is not struck through in Jira lists. @@ -122,7 +122,7 @@ To resolve this issue, see WARNING: Commands that change data can cause damage if not run correctly or under the right conditions. Always run commands in a test environment first and have a backup instance ready to restore. -### Change all projects on the instance +### Change all projects on an instance To change all Jira projects to use instance-level integration settings: @@ -189,7 +189,7 @@ To change all Jira projects in a group (and its subgroups) to use group-level in end ``` -## Update the Jira issue integration password for all projects +## Update the integration password for all projects WARNING: Commands that change data can cause damage if not run correctly or under the right conditions. Always run commands in a test environment first and have a backup instance ready to restore. @@ -212,7 +212,7 @@ When [viewing Jira issues](issues.md#view-jira-issues) in GitLab, you might enco ### `500 We're sorry` when accessing a Jira issue in GitLab When accessing a Jira issue in GitLab, you might get a `500 We're sorry. Something went wrong on our end` error. -Check [`production.log`](../../administration/logs/index.md#productionlog) to see if it contains the following exception: +Check [`production.log`](../../administration/logs/index.md#productionlog) to see if the file contains the following exception: ```plaintext :NoMethodError (undefined method 'duedate' for #<JIRA::Resource::Issue:0x00007f406d7b3180>) diff --git a/doc/integration/kerberos.md b/doc/integration/kerberos.md index b5515a730d3..8f2e121cb26 100644 --- a/doc/integration/kerberos.md +++ b/doc/integration/kerberos.md @@ -4,7 +4,7 @@ group: Authentication info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments" --- -# Use Kerberos as an OAuth 2.0 authentication provider **(FREE SELF)** +# Integrate GitLab with Kerberos **(FREE SELF)** GitLab can integrate with [Kerberos](https://web.mit.edu/kerberos/) as an authentication mechanism. diff --git a/doc/integration/partner_marketplace.md b/doc/integration/partner_marketplace.md index 36aef0a0a90..cbcb8f70164 100644 --- a/doc/integration/partner_marketplace.md +++ b/doc/integration/partner_marketplace.md @@ -124,8 +124,8 @@ curl \ To create a new customer subscription from a Marketplace partner client application, - Make an authorized POST request to the -[`/api/v1/marketplace/subscriptions`](https://customers.staging.gitlab.com/openapi_docs/marketplace#/marketplace/post_api_v1_marketplace_subscriptions) -endpoint in the Customers Portal with the following parameters in JSON format: + [`/api/v1/marketplace/subscriptions`](https://customers.staging.gitlab.com/openapi_docs/marketplace#/marketplace/post_api_v1_marketplace_subscriptions) + endpoint in the Customers Portal with the following parameters in JSON format: | Parameter | Type | Required | Description | |--------------------------|--------|----------|------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -144,8 +144,8 @@ If the subscription creation is unsuccessful, the response body includes an erro To get the status of a given subscription, - Make an authorized GET request to the -[`/api/v1/marketplace/subscriptions/{external_subscription_id}`](https://customers.staging.gitlab.com/openapi_docs/marketplace#/marketplace/get_api_v1_marketplace_subscriptions__external_subscription_id_) -endpoint in the Customers Portal. + [`/api/v1/marketplace/subscriptions/{external_subscription_id}`](https://customers.staging.gitlab.com/openapi_docs/marketplace#/marketplace/get_api_v1_marketplace_subscriptions__external_subscription_id_) + endpoint in the Customers Portal. The request must include the Marketplace partner system ID of the subscription to fetch the status for. diff --git a/doc/integration/saml.md b/doc/integration/saml.md index 3423b1bde6d..466c1ec7ed0 100644 --- a/doc/integration/saml.md +++ b/doc/integration/saml.md @@ -666,10 +666,12 @@ IdPs, contact your provider's support. Prerequisites: - Make sure you have access to a -[Google Workspace Super Admin account](https://support.google.com/a/answer/2405986#super_admin). + [Google Workspace Super Admin account](https://support.google.com/a/answer/2405986#super_admin). + +To set up a Google Workspace: 1. Use the following information, and follow the instructions in -[Set up your own custom SAML application in Google Workspace](https://support.google.com/a/answer/6087519?hl=en). + [Set up your own custom SAML application in Google Workspace](https://support.google.com/a/answer/6087519?hl=en). | | Typical value | Description | |:-----------------|:---------------------------------------------------|:----------------------------------------------------------------------------------------------| @@ -2437,7 +2439,10 @@ The value given is added to the current time at which the response is validated. ::EndTabs -### Designate a unique attribute for the `uid` +### Designate a unique attribute for the `uid` (optional) + +By default, the users `uid` is set as the `NameID` attribute in the SAML response. To designate +a different attribute for the `uid`, you can set the `uid_attribute`. Before setting the `uid` to a unique attribute, make sure that you have configured the following attributes so your SAML users cannot change them: @@ -2448,10 +2453,7 @@ the following attributes so your SAML users cannot change them: If users can change these attributes, they can sign in as other authorized users. See your SAML IdP documentation for information on how to make these attributes unchangeable. - -By default, the `uid` is set as the `name_id` in the SAML response. To designate -a unique attribute for the `uid`, you can set the `uid_attribute`. In the following -example, the value of `uid` attribute in the SAML response is set as the `uid_attribute`. +In the following example, the value of `uid` attribute in the SAML response is set as the `uid_attribute`. ::Tabs diff --git a/doc/integration/shibboleth.md b/doc/integration/shibboleth.md index f30f073bf08..0ff99a144c2 100644 --- a/doc/integration/shibboleth.md +++ b/doc/integration/shibboleth.md @@ -4,7 +4,7 @@ group: Authentication info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Use Shibboleth as an OAuth 2.0 authentication provider **(FREE SELF)** +# Use Shibboleth as an authentication provider **(FREE SELF)** NOTE: Use the [GitLab SAML integration](saml.md) to integrate specific Shibboleth identity providers (IdPs). For Shibboleth federation support (Discovery Service), use this document. diff --git a/doc/integration/sourcegraph.md b/doc/integration/sourcegraph.md index f6fb387f016..198dda7ec95 100644 --- a/doc/integration/sourcegraph.md +++ b/doc/integration/sourcegraph.md @@ -42,7 +42,7 @@ If you are using an HTTPS connection to GitLab, you must [configure HTTPS](https 1. Navigate to the site Admin Area in Sourcegraph. 1. [Configure your GitLab external service](https://docs.sourcegraph.com/admin/external_service/gitlab). -You can skip this step if you already have your GitLab repositories searchable in Sourcegraph. + You can skip this step if you already have your GitLab repositories searchable in Sourcegraph. 1. Validate that you can search your repositories from GitLab in your Sourcegraph instance by running a test query. 1. Add your GitLab instance URL to the [`corsOrigin` setting](https://docs.sourcegraph.com/admin/config/site_config#corsOrigin) in your site configuration. diff --git a/doc/integration/vault.md b/doc/integration/vault.md index 54ade6c1066..8a76ef02215 100644 --- a/doc/integration/vault.md +++ b/doc/integration/vault.md @@ -4,7 +4,7 @@ group: Environments info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments --- -# Use Vault as a GitLab OpenID Connect authentication provider **(FREE ALL)** +# Vault authentication with GitLab OpenID Connect **(FREE ALL)** [Vault](https://www.vaultproject.io/) is a secrets management application offered by HashiCorp. It allows you to store and manage sensitive information such as secret environment |
