diff options
Diffstat (limited to 'doc/user/admin_area')
46 files changed, 315 insertions, 174 deletions
diff --git a/doc/user/admin_area/abuse_reports.md b/doc/user/admin_area/abuse_reports.md index 4c346d7dfe8..62f3bd3625c 100644 --- a/doc/user/admin_area/abuse_reports.md +++ b/doc/user/admin_area/abuse_reports.md @@ -1,7 +1,7 @@ --- stage: Manage group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference, howto --- @@ -73,7 +73,7 @@ page:  -NOTE: **Note:** +NOTE: Users can be [blocked](../../api/users.md#block-user) and [unblocked](../../api/users.md#unblock-user) using the GitLab API. diff --git a/doc/user/admin_area/activating_deactivating_users.md b/doc/user/admin_area/activating_deactivating_users.md index 96b39ae7116..1bca1751d2e 100644 --- a/doc/user/admin_area/activating_deactivating_users.md +++ b/doc/user/admin_area/activating_deactivating_users.md @@ -1,7 +1,7 @@ --- stage: Manage group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto --- @@ -43,7 +43,7 @@ Please note that for the deactivation option to be visible to an admin, the user Users can also be deactivated using the [GitLab API](../../api/users.md#deactivate-user). -NOTE: **Note:** +NOTE: A deactivated user does not consume a [seat](../../subscriptions/self_managed/index.md#billable-users). ## Activating a user @@ -61,9 +61,9 @@ To do this: Users can also be activated using the [GitLab API](../../api/users.md#activate-user). -NOTE: **Note:** +NOTE: Activating a user changes the user's state to active and consumes a [seat](../../subscriptions/self_managed/index.md#billable-users). -TIP: **Tip:** +NOTE: A deactivated user can also activate their account themselves by simply logging back in via the UI. diff --git a/doc/user/admin_area/analytics/convdev.md b/doc/user/admin_area/analytics/convdev.md index 3ffda3f4400..d0f3a34e15e 100644 --- a/doc/user/admin_area/analytics/convdev.md +++ b/doc/user/admin_area/analytics/convdev.md @@ -3,3 +3,6 @@ redirect_to: 'dev_ops_report.md' --- This document was moved to [another location](dev_ops_report.md). + +<!-- This redirect file can be deleted after February 1, 2021. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/admin_area/analytics/dev_ops_report.md b/doc/user/admin_area/analytics/dev_ops_report.md index d1f80e63c04..8f629fd4250 100644 --- a/doc/user/admin_area/analytics/dev_ops_report.md +++ b/doc/user/admin_area/analytics/dev_ops_report.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # DevOps Report **(CORE)** @@ -9,20 +9,20 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/30469) in GitLab 9.3. > - [Renamed from Conversational Development Index](https://gitlab.com/gitlab-org/gitlab/-/issues/20976) in GitLab 12.6. -NOTE: **Note:** -Your GitLab instance's [usage ping](../settings/usage_statistics.md#usage-ping) must be activated in order to use this feature. - The DevOps Report gives you an overview of your entire instance's adoption of [Concurrent DevOps](https://about.gitlab.com/topics/concurrent-devops/) from planning to monitoring. To see DevOps Report, go to **Admin Area > Analytics > DevOps Report**. -## DevOps Score +## DevOps Score **(CORE)** -DevOps Score displays the usage of GitLab's major features on your instance over -the last 30 days, averaged over the number of active users in that time period. It also -provides a Lead score per feature, which is calculated based on GitLab's analysis +NOTE: +Your GitLab instance's [usage ping](../settings/usage_statistics.md#usage-ping) must be activated in order to use this feature. + +The DevOps Score tab displays the usage of major GitLab features on your instance over +the last 30 days, averaged over the number of billable users in that time period. It also +provides a Lead score per feature, which is calculated based on GitLab analysis of top-performing instances based on [usage ping data](../settings/usage_statistics.md#usage-ping) that GitLab has collected. Your score is compared to the lead score of each feature and then expressed as a percentage at the bottom of said feature. Your overall **DevOps Score** is an average of your feature scores. You can use this score to compare your DevOps status to other organizations. @@ -32,6 +32,48 @@ Your overall **DevOps Score** is an average of your feature scores. You can use The page also provides helpful links to articles and GitLab docs, to help you improve your scores. -Usage ping data is aggregated on GitLab's servers for analysis. Your usage +Usage ping data is aggregated on GitLab servers for analysis. Your usage information is **not sent** to any other GitLab instances. If you have just started using GitLab, it may take a few weeks for data to be collected before this feature is available. + +## DevOps Adoption **(ULTIMATE)** + +[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/247112) in GitLab 13.7. + +The DevOps Adoption tab shows you which segments of your organization are using the most essential features of GitLab: + +- Issues +- Merge Requests +- Approvals +- Runners +- Pipelines +- Deploys +- Scanning + +Segments are arbitrary collections of GitLab groups that you define. You might define a segment to represent a small team, a large department, or a whole organization. You are limited to creating a maximum of 20 segments, and each segment is limited to a maximum of 20 groups. Buttons to manage your segments appear in the DevOps Adoption section of the page. + +DevOps Adoption allows you to: + +- Verify whether you are getting the return on investment that you expected from GitLab. +- Identify specific groups that are lagging in their adoption of GitLab so you can help them along in their DevOps journey. +- Find the groups that have adopted certain features and can provide guidance to other groups on how to use those features. + + + +### Disable or enable DevOps Adoption + +DevOps Adoption is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to disable it. + +To disable it: + +```ruby +Feature.disable(:devops_adoption_feature) +``` + +To enable it: + +```ruby +Feature.enable(:devops_adoption_feature) +``` diff --git a/doc/user/admin_area/analytics/img/dev_ops_adoption_v13_7.png b/doc/user/admin_area/analytics/img/dev_ops_adoption_v13_7.png Binary files differnew file mode 100644 index 00000000000..0f1f16bead6 --- /dev/null +++ b/doc/user/admin_area/analytics/img/dev_ops_adoption_v13_7.png diff --git a/doc/user/admin_area/analytics/index.md b/doc/user/admin_area/analytics/index.md index 3d53cd73dd2..098d758e42a 100644 --- a/doc/user/admin_area/analytics/index.md +++ b/doc/user/admin_area/analytics/index.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Instance-level analytics diff --git a/doc/user/admin_area/analytics/instance_statistics.md b/doc/user/admin_area/analytics/instance_statistics.md new file mode 100644 index 00000000000..44fd04198b1 --- /dev/null +++ b/doc/user/admin_area/analytics/instance_statistics.md @@ -0,0 +1,5 @@ +--- +redirect_to: 'usage_trends.md' +--- + +This document was moved to [another location](usage_trends.md). diff --git a/doc/user/admin_area/analytics/usage_trends.md b/doc/user/admin_area/analytics/usage_trends.md index cf12f1f24c6..aeb577b8183 100644 --- a/doc/user/admin_area/analytics/usage_trends.md +++ b/doc/user/admin_area/analytics/usage_trends.md @@ -1,7 +1,7 @@ --- stage: Manage -group: Value Stream Management -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +group: Optimize +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Usage Trends **(CORE)** @@ -12,7 +12,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - It's enabled on GitLab.com. > - It's recommended for production use. -CAUTION: **Warning:** +WARNING: This feature might not be available to you. Check the **version history** note above for details. Usage Trends gives you an overview of how much data your instance contains, and how quickly this volume is changing over time. diff --git a/doc/user/admin_area/analytics/user_cohorts.md b/doc/user/admin_area/analytics/user_cohorts.md index c9b62e258ae..1d2d0029860 100644 --- a/doc/user/admin_area/analytics/user_cohorts.md +++ b/doc/user/admin_area/analytics/user_cohorts.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Cohorts **(CORE)** diff --git a/doc/user/admin_area/appearance.md b/doc/user/admin_area/appearance.md index 23a6de38e17..b7f5afe7b70 100644 --- a/doc/user/admin_area/appearance.md +++ b/doc/user/admin_area/appearance.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto disqus_identifier: 'https://docs.gitlab.com/ee/customization/branded_login_page.html' --- @@ -16,15 +16,15 @@ section. By default, the navigation bar has the GitLab logo, but this can be customized with any image desired. It is optimized for images 28px high (any width), but any image can be -used (less than 1MB) and it will automatically be resized. +used (less than 1MB) and it is automatically resized.  Once you select and upload an image, click **Update appearance settings** at the bottom of the page to activate it in the GitLab instance. -NOTE: **Note:** -GitLab pipeline emails will also display the custom logo. +NOTE: +GitLab pipeline emails also display the custom logo. ## Favicon @@ -45,7 +45,7 @@ of the page to activate it in the GitLab instance. > - [Added](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/55057) to [GitLab Core](https://about.gitlab.com/pricing/) in 11.9. You can add a small header message, a small footer message, or both, to the interface -of your GitLab instance. These messages will appear on all projects and pages of the +of your GitLab instance. These messages appear on all projects and pages of the instance, including the sign in / sign up page. The default color is white text on an orange background, but this can be customized by clicking on **Customize colors**. @@ -69,7 +69,7 @@ and logo. You can make full use of [Markdown](../markdown.md) in the description  The optimal size for the logo is 640x360px, but any image can be used (below 1MB) -and it will be resized automatically. The logo image will appear between the title and +and it is resized automatically. The logo image appears between the title and the description, on the left of the sign-up page.  @@ -78,7 +78,7 @@ After you add a message, click **Update appearance settings** at the bottom of t to activate it in the GitLab instance. You can also click on the **Sign-in page** button, to review the saved appearance settings: -NOTE: **Note:** +NOTE: You can add also add a [customized help message](settings/help_page.md) below the sign in message or add [a Sign in text message](settings/sign_in_restrictions.md#sign-in-information). ## New project pages @@ -88,12 +88,12 @@ You can make full use of [Markdown](../markdown.md) in the description:  -The message will be displayed below the **New Project** message, on the left side +The message is displayed below the **New Project** message, on the left side of the **New project page**. After you add a message, click **Update appearance settings** at the bottom of the page to activate it in the GitLab instance. You can also click on the **New project page** -button, which will bring you to the new project page so you can review the change. +button, which brings you to the new project page so you can review the change.  diff --git a/doc/user/admin_area/approving_users.md b/doc/user/admin_area/approving_users.md index 430ad4f8899..af4d4e86e69 100644 --- a/doc/user/admin_area/approving_users.md +++ b/doc/user/admin_area/approving_users.md @@ -1,7 +1,7 @@ --- stage: Manage group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto --- diff --git a/doc/user/admin_area/blocking_unblocking_users.md b/doc/user/admin_area/blocking_unblocking_users.md index 989182db423..1dba9e5adda 100644 --- a/doc/user/admin_area/blocking_unblocking_users.md +++ b/doc/user/admin_area/blocking_unblocking_users.md @@ -1,7 +1,7 @@ --- stage: Manage group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto --- @@ -32,7 +32,7 @@ Personal projects, and group and user history of the blocked user are left intac Users can also be blocked using the [GitLab API](../../api/users.md#block-user). -NOTE: **Note:** +NOTE: A blocked user does not consume a [seat](../../subscriptions/self_managed/index.md#billable-users). ## Unblocking a user @@ -46,6 +46,6 @@ A blocked user can be unblocked from the Admin Area. To do this: Users can also be unblocked using the [GitLab API](../../api/users.md#unblock-user). -NOTE: **Note:** +NOTE: Unblocking a user changes the user's state to active and consumes a [seat](../../subscriptions/self_managed/index.md#billable-users). diff --git a/doc/user/admin_area/broadcast_messages.md b/doc/user/admin_area/broadcast_messages.md index 0bbdf5bc5e7..c96c57a99eb 100644 --- a/doc/user/admin_area/broadcast_messages.md +++ b/doc/user/admin_area/broadcast_messages.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference, howto --- @@ -47,13 +47,13 @@ The available placeholders are: - `{{username}}` - `{{instance_id}}` -If the user is not signed in, user related values will be empty. +If the user is not signed in, user related values are empty.  Broadcast messages can be managed using the [broadcast messages API](../../api/broadcast_messages.md). -NOTE: **Note:** +NOTE: If more than one banner message is active at one time, they are displayed in a stack in order of creation. If more than one notification message is active at one time, only the newest is shown. @@ -70,12 +70,12 @@ To add a broadcast message: 1. Select a date for the message to start and end. 1. Click the **Add broadcast message** button. -NOTE: **Note:** +NOTE: The **Background color** field expects the value to be a hexadecimal code because the form uses the [color_field](https://api.rubyonrails.org/v6.0.3.4/classes/ActionView/Helpers/FormHelper.html#method-i-color_field) helper method, which generates the proper HTML to render. -NOTE: **Note:** +NOTE: Once a broadcast message has expired, it is no longer displayed in the UI but is still listed in the list of broadcast messages. User can also dismiss a broadcast message if the option **Dismissable** is set. @@ -89,7 +89,7 @@ To edit a broadcast message: 1. From the list of broadcast messages, click the appropriate button to edit the message. 1. After making the required changes, click the **Update broadcast message** button. -TIP: **Tip:** +NOTE: Expired messages can be made active again by changing their end date. ## Deleting a broadcast message @@ -103,7 +103,7 @@ To delete a broadcast message: Once deleted, the broadcast message is removed from the list of broadcast messages. -NOTE: **Note:** +NOTE: Broadcast messages can be deleted while active. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/credentials_inventory.md b/doc/user/admin_area/credentials_inventory.md index fc04f9786b6..70bb070b13e 100644 --- a/doc/user/admin_area/credentials_inventory.md +++ b/doc/user/admin_area/credentials_inventory.md @@ -1,7 +1,7 @@ --- stage: Manage group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto --- diff --git a/doc/user/admin_area/custom_project_templates.md b/doc/user/admin_area/custom_project_templates.md index e148c5f063e..a9bc2ecf324 100644 --- a/doc/user/admin_area/custom_project_templates.md +++ b/doc/user/admin_area/custom_project_templates.md @@ -1,7 +1,7 @@ --- stage: Manage group: Import -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -20,10 +20,10 @@ available to the user if they have access to them. For example: - Private projects will be available only if the user is a member of the project. Repository and database information that are copied over to each new project are -identical to the data exported with -[GitLab's Project Import/Export](../project/settings/import_export.md). +identical to the data exported with the +[GitLab Project Import/Export](../project/settings/import_export.md). -NOTE: **Note:** +NOTE: To set project templates at a group level, see [Custom group-level project templates](../group/custom_project_templates.md). @@ -37,7 +37,7 @@ source for an entire GitLab instance by: 1. Selecting a group to use. 1. Pressing **Save changes**. -NOTE: **Note:** +NOTE: Projects below subgroups of the template group are **not** supported. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/diff_limits.md b/doc/user/admin_area/diff_limits.md index b9bd94e65be..b5fcab58535 100644 --- a/doc/user/admin_area/diff_limits.md +++ b/doc/user/admin_area/diff_limits.md @@ -1,7 +1,7 @@ --- stage: Create group: Source Code -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -20,10 +20,10 @@ shown. Patches greater than 10% of this size will be automatically collapsed, and a link to expand the diff will be presented. -NOTE: **Note:** +NOTE: Merge requests and branch comparison views will be affected. -CAUTION: **Caution:** +WARNING: This setting is experimental. An increased maximum will increase resource consumption of your instance. Keep this in mind when adjusting the maximum. diff --git a/doc/user/admin_area/geo_nodes.md b/doc/user/admin_area/geo_nodes.md index 28738ed52f3..81e987d25d6 100644 --- a/doc/user/admin_area/geo_nodes.md +++ b/doc/user/admin_area/geo_nodes.md @@ -1,7 +1,7 @@ --- stage: Enablement group: Geo -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto --- @@ -64,7 +64,7 @@ which is used by users. Internal URL does not need to be a private address. Internal URL defaults to External URL, but you can customize it under **Admin Area > Geo > Nodes**. -CAUTION: **Warning:** +WARNING: We recommend using an HTTPS connection while configuring the Geo nodes. To avoid breaking communication between **primary** and **secondary** nodes when using HTTPS, customize your Internal URL to point to a load balancer with TLS diff --git a/doc/user/admin_area/index.md b/doc/user/admin_area/index.md index fd8c72ad081..40cb6bd0853 100644 --- a/doc/user/admin_area/index.md +++ b/doc/user/admin_area/index.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -14,7 +14,7 @@ To access the Admin Area, either: - Click the Admin Area icon (**{admin}**). - Visit `/admin` on your self-managed instance. -NOTE: **Note:** +NOTE: Only admin users can access the Admin Area. ## Admin Area sections @@ -24,7 +24,7 @@ The Admin Area is made up of the following sections: | Section | Description | |:-----------------------------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | **{overview}** [Overview](#overview-section) | View your GitLab [Dashboard](#admin-dashboard), and administer [projects](#administering-projects), [users](#administering-users), [groups](#administering-groups), [jobs](#administering-jobs), [runners](#administering-runners), and [Gitaly servers](#administering-gitaly-servers). | -| **{monitor}** Monitoring | View GitLab [system information](#system-info), and information on [background jobs](#background-jobs), [logs](#logs), [health checks](monitoring/health_check.md), [requests profiles](#requests-profiles), and [audit logs](#audit-log). | +| **{monitor}** Monitoring | View GitLab [system information](#system-info), and information on [background jobs](#background-jobs), [logs](#logs), [health checks](monitoring/health_check.md), [requests profiles](#requests-profiles), and [audit events](#audit-events). | | **{messages}** Messages | Send and manage [broadcast messages](broadcast_messages.md) for your users. | | **{hook}** System Hooks | Configure [system hooks](../../system_hooks/system_hooks.md) for many events. | | **{applications}** Applications | Create system [OAuth applications](../../integration/oauth_provider.md) for integrations with other services. | @@ -37,7 +37,7 @@ The Admin Area is made up of the following sections: | **{lock}** Credentials **(ULTIMATE ONLY)** | View [credentials](credentials_inventory.md) that can be used to access your instance. | | **{template}** Service Templates | Create [service templates](../project/integrations/services_templates.md) for projects. | | **{labels}** Labels | Create and maintain [labels](labels.md) for your GitLab instance. | -| **{appearance}** Appearance | Customize [GitLab's appearance](appearance.md). | +| **{appearance}** Appearance | Customize [GitLab appearance](appearance.md). | | **{settings}** Settings | Modify the [settings](settings/index.md) for your GitLab instance. | ## Admin Dashboard @@ -94,7 +94,7 @@ The list of projects can be sorted by: A user can choose to hide or show archived projects in the list. -In the **Filter by name** field, type the project name you want to find, and GitLab will filter +In the **Filter by name** field, type the project name you want to find, and GitLab filters them as you type. Select from the **Namespace** dropdown to filter only projects in that namespace. @@ -322,6 +322,6 @@ The content of each log file is listed in chronological order. To minimize perfo The **Requests Profiles** page contains the token required for profiling. For more details, see [Request Profiling](../../administration/monitoring/performance/request_profiling.md). -### Audit Log **(PREMIUM ONLY)** +### Audit Events **(PREMIUM ONLY)** -The **Audit Log** page lists changes made within the GitLab server. With this information you can control, analyze, and track every change. +The **Audit Events** page lists changes made within the GitLab server. With this information you can control, analyze, and track every change. diff --git a/doc/user/admin_area/labels.md b/doc/user/admin_area/labels.md index 3c35276b843..cc9735df9d6 100644 --- a/doc/user/admin_area/labels.md +++ b/doc/user/admin_area/labels.md @@ -1,7 +1,7 @@ --- stage: Plan group: Project Management -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- diff --git a/doc/user/admin_area/license.md b/doc/user/admin_area/license.md index 2b0496b381a..d7710c362e5 100644 --- a/doc/user/admin_area/license.md +++ b/doc/user/admin_area/license.md @@ -1,7 +1,7 @@ --- stage: Growth group: Conversion -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto --- @@ -32,7 +32,7 @@ is locked. ## Uploading your license -The very first time you visit your GitLab EE installation signed in as an admin, +The very first time you visit your GitLab EE installation signed in as an administrator, you should see a note urging you to upload a license with a link that takes you to **Admin Area > License**. @@ -75,7 +75,7 @@ You can also specify a custom location and filename for the license: gitlab_rails['initial_license_file'] = "/path/to/license/file" ``` -CAUTION: **Caution:** +WARNING: These methods only add a license at the time of installation. Use the **{admin}** **Admin Area** in the web user interface to renew or upgrade licenses. @@ -94,13 +94,13 @@ You can review the license details at any time in the **License** section of the ## Notification before the license expires One month before the license expires, a message informing about the expiration -date is displayed to GitLab admins. Make sure that you update your +date is displayed to GitLab administrators. Make sure that you update your license, otherwise you miss all the paid features if your license expires. ## What happens when your license expires In case your license expires, GitLab locks down some features like Git pushes, -and issue creation, and displays a message to all admins to inform of the expired license. +and issue creation, and displays a message to all administrators to inform of the expired license. To get back all the previous functionality, you must upload a new license. To fall back to having only the Core features active, you must delete the diff --git a/doc/user/admin_area/merge_requests_approvals.md b/doc/user/admin_area/merge_requests_approvals.md index fb9ca21a214..5264f3b770b 100644 --- a/doc/user/admin_area/merge_requests_approvals.md +++ b/doc/user/admin_area/merge_requests_approvals.md @@ -1,7 +1,7 @@ --- stage: Create group: Source Code -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference, concepts --- diff --git a/doc/user/admin_area/monitoring/dev_ops_report.md b/doc/user/admin_area/monitoring/dev_ops_report.md index 9ad9830ed59..2cc9f153de3 100644 --- a/doc/user/admin_area/monitoring/dev_ops_report.md +++ b/doc/user/admin_area/monitoring/dev_ops_report.md @@ -3,3 +3,6 @@ redirect_to: '../analytics/dev_ops_report.md' --- This document was moved to [another location](../analytics/dev_ops_report.md). + +<!-- This redirect file can be deleted after February 1, 2021. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/admin_area/monitoring/health_check.md b/doc/user/admin_area/monitoring/health_check.md index 88c98248435..3c08a330b13 100644 --- a/doc/user/admin_area/monitoring/health_check.md +++ b/doc/user/admin_area/monitoring/health_check.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: concepts, howto --- @@ -55,7 +55,7 @@ GET /-/health Example request: ```shell -curl 'https://gitlab.example.com/-/health' +curl "https://gitlab.example.com/-/health" ``` Example response: @@ -70,7 +70,7 @@ The readiness probe checks whether the GitLab instance is ready to accept traffic via Rails Controllers. The check by default does validate only instance-checks. -If the `all=1` parameter is specified, the check will also validate +If the `all=1` parameter is specified, the check also validates the dependent services (Database, Redis, Gitaly etc.) and gives a status for each. @@ -82,7 +82,7 @@ GET /-/readiness?all=1 Example request: ```shell -curl 'https://gitlab.example.com/-/readiness' +curl "https://gitlab.example.com/-/readiness" ``` Example response: @@ -97,7 +97,7 @@ Example response: } ``` -On failure, the endpoint will return a `503` HTTP status code. +On failure, the endpoint returns a `503` HTTP status code. This check does hit the database and Redis if authenticated via `token`. @@ -105,7 +105,7 @@ This check is being exempt from Rack Attack. ## Liveness -DANGER: **Warning:** +WARNING: In GitLab [12.4](https://about.gitlab.com/upcoming-releases/) the response body of the Liveness check was changed to match the example below. @@ -121,12 +121,12 @@ GET /-/liveness Example request: ```shell -curl 'https://gitlab.example.com/-/liveness' +curl "https://gitlab.example.com/-/liveness" ``` Example response: -On success, the endpoint will return a `200` HTTP status code, and a response like below. +On success, the endpoint returns a `200` HTTP status code, and a response like below. ```json { @@ -134,13 +134,13 @@ On success, the endpoint will return a `200` HTTP status code, and a response li } ``` -On failure, the endpoint will return a `503` HTTP status code. +On failure, the endpoint returns a `503` HTTP status code. This check is being exempt from Rack Attack. ## Access token (Deprecated) -NOTE: **Note:** +NOTE: Access token has been deprecated in GitLab 9.4 in favor of [IP whitelist](#ip-whitelist). An access token needs to be provided while accessing the probe endpoints. The current @@ -155,7 +155,7 @@ The access token can be passed as a URL parameter: https://gitlab.example.com/-/readiness?token=ACCESS_TOKEN ``` -NOTE: **Note:** +NOTE: In case the database or Redis service are inaccessible, the probe endpoints response is not guaranteed to be correct. You should switch to [IP whitelist](#ip-whitelist) from deprecated access token to avoid it. diff --git a/doc/user/admin_area/settings/account_and_limit_settings.md b/doc/user/admin_area/settings/account_and_limit_settings.md index 97c74483cc3..bc266216714 100644 --- a/doc/user/admin_area/settings/account_and_limit_settings.md +++ b/doc/user/admin_area/settings/account_and_limit_settings.md @@ -1,7 +1,7 @@ --- stage: Create group: Source Code -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers" +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" type: reference --- @@ -13,7 +13,7 @@ You can change the maximum file size for attachments in comments and replies in Navigate to **Admin Area (wrench icon) > Settings > General**, then expand **Account and Limit**. From here, you can increase or decrease by changing the value in `Maximum attachment size (MB)`. -NOTE: **Note:** +NOTE: If you choose a size larger than what is currently configured for the web server, you will likely get errors. See the [troubleshooting section](#troubleshooting) for more details. @@ -30,11 +30,30 @@ You can change the maximum file size for imports in GitLab. Navigate to **Admin Area (wrench icon) > Settings > General**, then expand **Account and Limit**. From here, you can increase or decrease by changing the value in `Maximum import size (MB)`. -NOTE: **Note:** +NOTE: If you choose a size larger than what is currently configured for the web server, you will likely get errors. See the [troubleshooting section](#troubleshooting) for more details. +## Personal Access Token prefix + +You can set a global prefix for all generated Personal Access Tokens. + +A prefix can help you identify PATs visually, as well as with automation tools. + +### Setting a prefix + +Only a GitLab administrator can set the prefix, which is a global setting applied +to any PAT generated in the system by any user: + +1. Navigate to **Admin Area > Settings > General**. +1. Expand the **Account and limit** section. +1. Fill in the **Personal Access Token prefix** field. +1. Click **Save changes**. + +It is also possible to configure the prefix via the [settings API](../../../api/settings.md) +using the `personal_access_token_prefix` field. + ## Repository size limit **(STARTER ONLY)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/740) in [GitLab Enterprise Edition 8.12](https://about.gitlab.com/releases/2016/09/22/gitlab-8-12-released/#limit-project-size-ee). @@ -71,7 +90,7 @@ These settings can be found within: 1. From the Group's homepage, navigate to **Settings > General**. 1. Fill in the **Repository size limit (MB)** field in the **Naming, visibility** section. 1. Click **Save changes**. -- GitLab's global settings: +- GitLab global settings: 1. From the Dashboard, navigate to **Admin Area > Settings > General**. 1. Expand the **Account and limit** section. 1. Fill in the **Size limit per repository (MB)** field. @@ -81,13 +100,13 @@ The first push of a new project, including LFS objects, will be checked for size and **will** be rejected if the sum of their sizes exceeds the maximum allowed repository size. -NOTE: **Note:** +NOTE: The repository size limit includes repository files and LFS, but does not include artifacts, uploads, wiki, packages, or snippets. For details on manually purging files, see [reducing the repository size using Git](../../project/repository/reducing_the_repo_size_using_git.md). -NOTE: **Note:** +NOTE: For GitLab.com repository size limits, see [accounts and limit settings](../../gitlab_com/index.md#account-and-limit-settings). ## Troubleshooting @@ -182,5 +201,5 @@ To do this: 1. Navigate to **Admin Area > Settings > General**, then expand **Account and Limit**. 1. Check the **Prevent users from changing their profile name** checkbox. -NOTE: **Note:** +NOTE: When this ability is disabled, GitLab administrators will still be able to update the name of any user in their instance via the [Admin UI](../index.md#administering-users) or the [API](../../../api/users.md#user-modification) diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md index b4867d33644..ef2eb046c21 100644 --- a/doc/user/admin_area/settings/continuous_integration.md +++ b/doc/user/admin_area/settings/continuous_integration.md @@ -1,7 +1,7 @@ --- stage: Verify group: Continuous Integration -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -62,7 +62,7 @@ To change it at the: 1. Change the value of **maximum artifacts size (in MB)**. 1. Click **Save changes** for the changes to take effect. -NOTE: **Note:** +NOTE: The setting at all levels is only available to GitLab administrators. ## Default artifacts expiration **(CORE ONLY)** @@ -80,7 +80,7 @@ This setting is set per job and can be overridden in [`.gitlab-ci.yml`](../../../ci/yaml/README.md#artifactsexpire_in). To disable the expiration, set it to `0`. The default unit is in seconds. -NOTE: **Note:** +NOTE: Any changes to this setting will apply to new artifacts only. The expiration time will not be updated for artifacts created before this setting was changed. The administrator may need to manually search for and expire previously-created @@ -172,7 +172,7 @@ but commented out to help encourage others to add to it in the future. --> ## Required pipeline configuration **(PREMIUM ONLY)** -CAUTION: **Caution:** +WARNING: This feature is being re-evaluated in favor of a different [compliance solution](https://gitlab.com/gitlab-org/gitlab/-/issues/34830). We recommend that users who haven't yet implemented this feature wait for diff --git a/doc/user/admin_area/settings/email.md b/doc/user/admin_area/settings/email.md index d956364b3ea..4ebfac57715 100644 --- a/doc/user/admin_area/settings/email.md +++ b/doc/user/admin_area/settings/email.md @@ -2,10 +2,9 @@ type: reference stage: Plan group: Project Management -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- - # Email **(CORE ONLY)** You can customize some of the content in emails sent from your GitLab instance. @@ -18,7 +17,7 @@ The logo in the header of some emails can be customized, see the [logo customiza > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/5031) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.7. -The additional text will appear at the bottom of any email and can be used for +The additional text appears at the bottom of any email and can be used for legal/auditing/compliance reasons. 1. Go to **Admin Area > Settings > Preferences** (`/admin/application_settings/preferences`). @@ -37,10 +36,10 @@ In order to change this option: 1. Go to **Admin Area > Settings > Preferences** (`/admin/application_settings/preferences`). 1. Expand the **Email** section. -1. Enter the desire hostname in the **Custom hostname (for private commit emails)** field. -1. Click **Save changes**. +1. Enter the desired hostname in the **Custom hostname (for private commit emails)** field. +1. Select **Save changes**. -NOTE: **Note:** +NOTE: Once the hostname gets configured, every private commit email using the previous hostname, will not get recognized by GitLab. This can directly conflict with certain [Push rules](../../../push_rules/push_rules.md) such as `Check whether author is a GitLab user` and `Check whether committer is the current authenticated user`. diff --git a/doc/user/admin_area/settings/external_authorization.md b/doc/user/admin_area/settings/external_authorization.md index 80bca6f5b2c..18ae7e6f05a 100644 --- a/doc/user/admin_area/settings/external_authorization.md +++ b/doc/user/admin_area/settings/external_authorization.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -17,30 +17,30 @@ authorization with your own defined service. ## Overview -Once the external service is configured and enabled, when a project is accessed, -a request is made to the external service with the user information and project -classification label assigned to the project. When the service replies with a -known response, the result is cached for 6 hours. +After the external service is configured and enabled, when a project is +accessed, a request is made to the external service with the user information +and project classification label assigned to the project. When the service +replies with a known response, the result is cached for six hours. -If the external authorization is enabled, GitLab will further block pages and +If the external authorization is enabled, GitLab further blocks pages and functionality that render cross-project data. That includes: - Most pages under Dashboard (Activity, Milestones, Snippets, Assigned merge requests, Assigned issues, To-Do List). - Under a specific group (Activity, Contribution analytics, Issues, Issue boards, Labels, Milestones, Merge requests). -- Global and Group search will be disabled. +- Global and Group search are disabled. This is to prevent performing to many requests at once to the external authorization service. Whenever access is granted or denied this is logged in a log file called -`external-policy-access-control.log`. -Read more about logs GitLab keeps in the [omnibus documentation](https://docs.gitlab.com/omnibus/settings/logs.html). +`external-policy-access-control.log`. Read more about the logs GitLab keeps in +the [Omnibus GitLab documentation](https://docs.gitlab.com/omnibus/settings/logs.html). ## Configuration -The external authorization service can be enabled by an admin on the GitLab's +The external authorization service can be enabled by an administrator on the GitLab **Admin Area > Settings > General** page:  @@ -48,7 +48,7 @@ The external authorization service can be enabled by an admin on the GitLab's The available required properties are: - **Service URL**: The URL to make authorization requests to. When leaving the - URL blank, cross project features will remain available while still being able + URL blank, cross project features remain available while still being able to specify classification labels for projects. - **External authorization request timeout**: The timeout after which an authorization request is aborted. When a request times out, access is denied @@ -58,19 +58,21 @@ The available required properties are: - **Client authentication key**: Private key for the certificate when authentication is required for the external authorization service, this is encrypted when stored. -- **Client authentication key password**: Passphrase to use for the private key when authenticating with the external service this is encrypted when stored. +- **Client authentication key password**: Passphrase to use for the private key + when authenticating with the external service this is encrypted when stored. - **Default classification label**: The classification label to use when requesting authorization if no specific label is defined on the project When using TLS Authentication with a self signed certificate, the CA certificate -needs to be trusted by the OpenSSL installation. When using GitLab installed using -Omnibus, learn to install a custom CA in the -[omnibus documentation](https://docs.gitlab.com/omnibus/settings/ssl.html). Alternatively learn where to install -custom certificates using `openssl version -d`. +needs to be trusted by the OpenSSL installation. When using GitLab installed +using Omnibus, learn to install a custom CA in the +[Omnibus GitLab documentation](https://docs.gitlab.com/omnibus/settings/ssl.html). +Alternatively, learn where to install custom certificates by using +`openssl version -d`. ## How it works -When GitLab requests access, it will send a JSON POST request to the external +When GitLab requests access, it sends a JSON POST request to the external service with this body: ```json @@ -85,14 +87,17 @@ service with this body: } ``` -The `user_ldap_dn` is optional and is only sent when the user is logged in +The `user_ldap_dn` is optional and is only sent when the user is signed in through LDAP. -`identities` will contain the details of all the identities associated with the user. This will be an empty array if there are no identities associated with the user. +`identities` contains the details of all the identities associated with the +user. This is an empty array if there are no identities associated with the +user. When the external authorization service responds with a status code 200, the user is granted access. When the external service responds with a status code -401 or 403, the user is denied access. In any case, the request is cached for 6 hours. +401 or 403, the user is denied access. In any case, the request is cached for +six hours. When denying access, a `reason` can be optionally specified in the JSON body: @@ -102,20 +107,20 @@ When denying access, a `reason` can be optionally specified in the JSON body: } ``` -Any other status code than 200, 401 or 403 will also deny access to the user, but the -response will not be cached. +Any other status code than 200, 401 or 403 also deny access to the user, but the +response isn't cached. If the service times out (after 500ms), a message "External Policy Server did -not respond" will be displayed. +not respond" is displayed. ## Classification labels You can use your own classification label in the project's **Settings > General > General project settings** page in the "Classification label" box. When no classification label is specified on a project, the default -label defined in the [global settings](#configuration) will be used. +label defined in the [global settings](#configuration) is used. -The label will be shown on all project pages in the upper right corner. +The label is shown on all project pages in the upper right corner.  diff --git a/doc/user/admin_area/settings/gitaly_timeouts.md b/doc/user/admin_area/settings/gitaly_timeouts.md index cac05678a1a..d196dc1730e 100644 --- a/doc/user/admin_area/settings/gitaly_timeouts.md +++ b/doc/user/admin_area/settings/gitaly_timeouts.md @@ -1,7 +1,7 @@ --- stage: Create group: Gitaly -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers" +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" type: reference --- diff --git a/doc/user/admin_area/settings/help_page.md b/doc/user/admin_area/settings/help_page.md index c0237c3da73..1ac54bdc037 100644 --- a/doc/user/admin_area/settings/help_page.md +++ b/doc/user/admin_area/settings/help_page.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: howto --- @@ -13,7 +13,7 @@ to go for help. You can customize and display this information on the GitLab ser ## Adding a help message to the help page -You can add a help message, which will be shown on the GitLab `/help` page (e.g., +You can add a help message, which is shown on the GitLab `/help` page (e.g., <https://gitlab.com/help>) in a new section at the top of the `/help` page: 1. Navigate to **Admin Area > Settings > Preferences**, then expand **Help page**. @@ -27,7 +27,7 @@ You can add a help message, which will be shown on the GitLab `/help` page (e.g. ## Adding a help message to the login page **(STARTER)** -You can add a help message, which will be shown on the GitLab login page in a new section +You can add a help message, which is shown on the GitLab login page in a new section titled `Need Help?`, located below the login page message: 1. Navigate to **Admin Area > Settings > Preferences**, then expand **Help page**. diff --git a/doc/user/admin_area/settings/img/user_and_ip_rate_limits.png b/doc/user/admin_area/settings/img/user_and_ip_rate_limits.png Binary files differindex 53dc0e4ac87..5056e8354a9 100644 --- a/doc/user/admin_area/settings/img/user_and_ip_rate_limits.png +++ b/doc/user/admin_area/settings/img/user_and_ip_rate_limits.png diff --git a/doc/user/admin_area/settings/import_export_rate_limits.md b/doc/user/admin_area/settings/import_export_rate_limits.md index 92cb2a1a109..c6b965c18d3 100644 --- a/doc/user/admin_area/settings/import_export_rate_limits.md +++ b/doc/user/admin_area/settings/import_export_rate_limits.md @@ -2,7 +2,7 @@ type: reference stage: Manage group: Import -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Project/Group Import/Export rate limits diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md index 21d495de5b7..a7641ec22ca 100644 --- a/doc/user/admin_area/settings/index.md +++ b/doc/user/admin_area/settings/index.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: index --- @@ -34,7 +34,8 @@ Access the default page for admin area settings by navigating to **Admin Area > | Option | Description | | ------ | ----------- | | [Elasticsearch](../../../integration/elasticsearch.md#enabling-advanced-search) | Elasticsearch integration. Elasticsearch AWS IAM. | -| [PlantUML](../../../administration/integration/plantuml.md#gitlab) | Allow rendering of PlantUML diagrams in AsciiDoc documents. | +| [Kroki](../../../administration/integration/kroki.md#enable-kroki-in-gitlab) | Allow rendering of diagrams in AsciiDoc and Markdown documents using [kroki.io](https://kroki.io). | +| [PlantUML](../../../administration/integration/plantuml.md#gitlab) | Allow rendering of PlantUML diagrams in AsciiDoc and Markdown documents. | | [Slack application](../../../user/project/integrations/gitlab_slack_application.md#configuration) **(FREE ONLY)** | Slack integration allows you to interact with GitLab via slash commands in a chat window. This option is only available on GitLab.com, though it may be [available for self-managed instances in the future](https://gitlab.com/gitlab-org/gitlab/-/issues/28164). | | [Third party offers](third_party_offers.md) | Control the display of third party offers. | | [Snowplow](../../../development/product_analytics/snowplow.md) | Configure the Snowplow integration. | @@ -63,8 +64,8 @@ Access the default page for admin area settings by navigating to **Admin Area > | Option | Description | | ------ | ----------- | | [Continuous Integration and Deployment](continuous_integration.md) | Auto DevOps, runners and job artifacts. | -| [Required pipeline configuration](continuous_integration.md#required-pipeline-configuration) **(PREMIUM ONLY)** | Set an instance-wide auto included [pipeline configuration](../../../ci/yaml/README.md). This pipeline configuration will be run after the project's own configuration. | -| [Package Registry](continuous_integration.md#package-registry-configuration) | Settings related to the use and experience of using GitLab's Package Registry. Note there are [risks involved](../../packages/container_registry/index.md#use-with-external-container-registries) in enabling some of these settings. | +| [Required pipeline configuration](continuous_integration.md#required-pipeline-configuration) **(PREMIUM ONLY)** | Set an instance-wide auto included [pipeline configuration](../../../ci/yaml/README.md). This pipeline configuration is run after the project's own configuration. | +| [Package Registry](continuous_integration.md#package-registry-configuration) | Settings related to the use and experience of using the GitLab Package Registry. Note there are [risks involved](../../packages/container_registry/index.md#use-with-external-container-registries) in enabling some of these settings. | ## Reporting @@ -98,7 +99,7 @@ Access the default page for admin area settings by navigating to **Admin Area > | Option | Description | | ------ | ----------- | -| Geo | Geo allows you to replicate your GitLab instance to other geographical locations. Redirects to **Admin Area > Geo > Settings**, and will no longer be available at **Admin Area > Settings > Geo** in [GitLab 13.0](https://gitlab.com/gitlab-org/gitlab/-/issues/36896). | +| Geo | Geo allows you to replicate your GitLab instance to other geographical locations. Redirects to **Admin Area > Geo > Settings** are no longer available at **Admin Area > Settings > Geo** in [GitLab 13.0](https://gitlab.com/gitlab-org/gitlab/-/issues/36896). | ## Preferences @@ -111,6 +112,6 @@ Access the default page for admin area settings by navigating to **Admin Area > | [Gitaly timeouts](gitaly_timeouts.md) | Configure Gitaly timeouts. | | Localization | [Default first day of the week](../../profile/preferences.md) and [Time tracking](../../project/time_tracking.md#limit-displayed-units-to-hours). | -NOTE: **Note:** +NOTE: You can change the [Default first day of the week](../../profile/preferences.md) for the entire GitLab instance in the **Localization** section of **Admin Area > Settings > Preferences**. diff --git a/doc/user/admin_area/settings/instance_template_repository.md b/doc/user/admin_area/settings/instance_template_repository.md index 20f2812bc39..42fa7fe6f54 100644 --- a/doc/user/admin_area/settings/instance_template_repository.md +++ b/doc/user/admin_area/settings/instance_template_repository.md @@ -1,7 +1,7 @@ --- stage: Create group: Source Code -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers" +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" type: reference --- diff --git a/doc/user/admin_area/settings/project_integration_management.md b/doc/user/admin_area/settings/project_integration_management.md index c09bb6f3c67..fe4e84b98ac 100644 --- a/doc/user/admin_area/settings/project_integration_management.md +++ b/doc/user/admin_area/settings/project_integration_management.md @@ -1,7 +1,7 @@ --- stage: Create group: Ecosystem -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Project integration management @@ -26,7 +26,7 @@ Only the complete settings for an integration can be inherited. Per-field inheri 1. Select an integration. 1. Enter configuration details and click **Save changes**. -CAUTION: **Caution:** +WARNING: This may affect all or most of the groups and projects on your GitLab instance. Please review the details below. @@ -59,7 +59,7 @@ integration on all non-configured groups and projects by default. 1. Select an integration. 1. Enter configuration details and click **Save changes**. -CAUTION: **Caution:** +WARNING: This may affect all or most of the subgroups and projects belonging to the group. Please review the details below. If this is the first time you are setting up group-level settings for an integration: diff --git a/doc/user/admin_area/settings/protected_paths.md b/doc/user/admin_area/settings/protected_paths.md index bb6fff9650d..870735f5be7 100644 --- a/doc/user/admin_area/settings/protected_paths.md +++ b/doc/user/admin_area/settings/protected_paths.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- diff --git a/doc/user/admin_area/settings/push_event_activities_limit.md b/doc/user/admin_area/settings/push_event_activities_limit.md index cf23ea12ef4..484bb7b0a14 100644 --- a/doc/user/admin_area/settings/push_event_activities_limit.md +++ b/doc/user/admin_area/settings/push_event_activities_limit.md @@ -1,7 +1,7 @@ --- stage: Create group: Source Code -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers" +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" type: reference --- diff --git a/doc/user/admin_area/settings/rate_limit_on_issues_creation.md b/doc/user/admin_area/settings/rate_limit_on_issues_creation.md index 3f8ef7c9d01..30cc64ccaa0 100644 --- a/doc/user/admin_area/settings/rate_limit_on_issues_creation.md +++ b/doc/user/admin_area/settings/rate_limit_on_issues_creation.md @@ -2,7 +2,7 @@ type: reference stage: Plan group: Project Management -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- # Rate limits on issue creation diff --git a/doc/user/admin_area/settings/rate_limits_on_raw_endpoints.md b/doc/user/admin_area/settings/rate_limits_on_raw_endpoints.md index 96cd71033d0..9ffd46e9ba6 100644 --- a/doc/user/admin_area/settings/rate_limits_on_raw_endpoints.md +++ b/doc/user/admin_area/settings/rate_limits_on_raw_endpoints.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -12,7 +12,7 @@ type: reference This setting allows you to rate limit the requests to raw endpoints, defaults to `300` requests per minute. It can be modified in **Admin Area > Settings > Network > Performance Optimization**. -For example, requests over `300` per minute to `https://gitlab.com/gitlab-org/gitlab-foss/raw/master/app/controllers/application_controller.rb` will be blocked. Access to the raw file will be released after 1 minute. +For example, requests over `300` per minute to `https://gitlab.com/gitlab-org/gitlab-foss/raw/master/app/controllers/application_controller.rb` are blocked. Access to the raw file is released after 1 minute.  diff --git a/doc/user/admin_area/settings/sign_in_restrictions.md b/doc/user/admin_area/settings/sign_in_restrictions.md index 7ab1d396e8b..92ad8eced95 100644 --- a/doc/user/admin_area/settings/sign_in_restrictions.md +++ b/doc/user/admin_area/settings/sign_in_restrictions.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -25,9 +25,9 @@ You can restrict the password authentication for web interface and Git over HTTP ## Two-factor authentication -When this feature enabled, all users will have to use the [two-factor authentication](../../profile/account/two_factor_authentication.md). +When this feature enabled, all users must use the [two-factor authentication](../../profile/account/two_factor_authentication.md). -Once the two-factor authentication is configured as mandatory, the users will be allowed +Once the two-factor authentication is configured as mandatory, the users are allowed to skip forced configuration of two-factor authentication for the configurable grace period in hours. @@ -44,13 +44,13 @@ see [Email notification for unknown sign-ins](../../profile/unknown_sign_in_noti ## Sign-in information -All users that are not logged-in will be redirected to the page represented by the configured -"Home page URL" if value is not empty. +All users that are not logged in are redirected to the page represented by the configured +**Home page URL** if value is not empty. -All users will be redirect to the page represented by the configured "After sign out path" +All users are redirected to the page represented by the configured **After sign out path** after sign out if value is not empty. -In the Sign-in restrictions section, scroll to the "Sign-in text" text box. You can add a +In the **Sign-in restrictions** section, scroll to the **Sign-in text** field. You can add a custom message for your users in Markdown format. For example, if you include the following information in the noted text box: @@ -61,7 +61,7 @@ For example, if you include the following information in the noted text box: To access this text box, navigate to Admin Area > Settings > General, and expand the "Sign-in restrictions" section. ``` -Your users will see the "Custom sign-in text" when they navigate to the sign-in screen for your +Your users see the **Custom sign-in text** when they navigate to the sign-in screen for your GitLab instance:  diff --git a/doc/user/admin_area/settings/sign_up_restrictions.md b/doc/user/admin_area/settings/sign_up_restrictions.md index 5ea034ff4d2..213c8c4116a 100644 --- a/doc/user/admin_area/settings/sign_up_restrictions.md +++ b/doc/user/admin_area/settings/sign_up_restrictions.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -51,10 +51,13 @@ To enforce confirmation of the email address used for new sign ups: > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4315) in GitLab 13.6. -When the number of users reaches the user cap, any user who is added or requests access must be +When the number of billable users reaches the user cap, any user who is added or requests access must be [approved](../approving_users.md#approving-a-user) by an administrator before they can start using their account. +If an administrator increases or removes the user cap, the users in pending approval state will be +automatically approved in a background job. + ## Soft email confirmation > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/47003) in GitLab 12.2. @@ -63,7 +66,7 @@ their account. > - It's recommended for production use. > - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-soft-email-confirmation). -CAUTION: **Warning:** +WARNING: This feature might not be available to you. Check the **version history** note above for details. The soft email confirmation improves the signup experience for new users by allowing diff --git a/doc/user/admin_area/settings/terms.md b/doc/user/admin_area/settings/terms.md index 95c32af5716..b6826035116 100644 --- a/doc/user/admin_area/settings/terms.md +++ b/doc/user/admin_area/settings/terms.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -29,7 +29,7 @@ To enforce acceptance of a Terms of Service and Privacy Policy:  For each update to the terms, a new version is stored. When a user accepts or declines the terms, -GitLab will record which version they accepted or declined. +GitLab records which version they accepted or declined. ## New users @@ -37,28 +37,28 @@ When this feature is enabled, a checkbox is added to the sign-up form.  -This checkbox will be required during sign up. +This checkbox is required during sign up. Users can review the terms entered in the admin panel before -accepting. The page will be opened in a new window so they can +accepting. The page is opened in a new window so they can continue their registration afterwards. ## Accepting terms When this feature is enabled, the users that have not accepted the -terms of service will be presented with a screen where they can either +terms of service are presented with a screen where they can either accept or decline the terms.  -If the user accepts the terms, they will be directed to where they -were going. After a sign-in or sign-up this will most likely be the +If the user accepts the terms, they are directed to where they +were going. After a sign-in or sign-up this is most likely the dashboard. If the user was already logged in when the feature was turned on, -they will be asked to accept the terms on their next interaction. +they are asked to accept the terms on their next interaction. -If a user declines the terms, they will be signed out. +If a user declines the terms, they are signed out. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/settings/third_party_offers.md b/doc/user/admin_area/settings/third_party_offers.md index f0e53115cb1..84511339842 100644 --- a/doc/user/admin_area/settings/third_party_offers.md +++ b/doc/user/admin_area/settings/third_party_offers.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- diff --git a/doc/user/admin_area/settings/usage_statistics.md b/doc/user/admin_area/settings/usage_statistics.md index d4080b3921a..02b1428177f 100644 --- a/doc/user/admin_area/settings/usage_statistics.md +++ b/doc/user/admin_area/settings/usage_statistics.md @@ -1,13 +1,13 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- # Usage statistics **(CORE ONLY)** -GitLab Inc. will periodically collect information about your instance in order +GitLab Inc. periodically collects information about your instance in order to perform various actions. All statistics are opt-out. You can enable/disable them in the @@ -22,7 +22,7 @@ If your GitLab instance is behind a proxy, set the appropriate [proxy configurat ## Version Check **(CORE ONLY)** -If enabled, version check will inform you if a new version is available and the +If enabled, version check informs you if a new version is available and the importance of it through a status. This is shown on the help page (i.e. `/help`) for all signed in users, and on the admin pages. The statuses are: @@ -37,10 +37,10 @@ GitLab Inc. collects your instance's version and hostname (through the HTTP referer) as part of the version check. No other information is collected. This information is used, among other things, to identify to which versions -patches will need to be backported, making sure active GitLab instances remain +patches must be backported, making sure active GitLab instances remain secure. -If you disable version check, this information will not be collected. Enable or +If you disable version check, this information isn't collected. Enable or disable the version check in **Admin Area > Settings > Metrics and profiling > Usage statistics**. ### Request flow example @@ -65,8 +65,8 @@ See [Usage Ping guide](../../../development/product_analytics/usage_ping.md). ## Instance-level statistics **(CORE ONLY)** -Once usage ping is enabled, GitLab will gather data from other instances and -will be able to show [usage statistics](../analytics/index.md) +After usage ping is enabled, GitLab gathers data from other instances and +can show [usage statistics](../analytics/index.md) of your instance to your admins in **Admin Area > Analytics**. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/settings/user_and_ip_rate_limits.md b/doc/user/admin_area/settings/user_and_ip_rate_limits.md index af3e0c5b63b..3f0d75dc682 100644 --- a/doc/user/admin_area/settings/user_and_ip_rate_limits.md +++ b/doc/user/admin_area/settings/user_and_ip_rate_limits.md @@ -1,7 +1,7 @@ --- stage: none group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -53,12 +53,70 @@ users to not set that header and bypass the GitLab rate limiter. Note that the bypass only works if the header is set to `1`. Requests that bypassed the rate limiter because of the bypass header -will be marked with `"throttle_safelist":"throttle_bypass_header"` in +are marked with `"throttle_safelist":"throttle_bypass_header"` in [`production_json.log`](../../../administration/logs.md#production_jsonlog). To disable the bypass mechanism, make sure the environment variable `GITLAB_THROTTLE_BYPASS_HEADER` is unset or empty. +## Allowing specific users to bypass authenticated request rate limiting + +Similarly to the bypass header described above, it is possible to allow +a certain set of users to bypass the rate limiter. This only applies +to authenticated requests: with unauthenticated requests, by definition +GitLab does not know who the user is. + +The allowlist is configured as a comma-separated list of user IDs in +the `GITLAB_THROTTLE_USER_ALLOWLIST` environment variable. If you want +users 1, 53 and 217 to bypass the authenticated request rate limiter, +the allowlist configuration would be `1,53,217`. + +- For [Omnibus](https://docs.gitlab.com/omnibus/settings/environment-variables.html), + set `'GITLAB_THROTTLE_USER_ALLOWLIST' => '1,53,217'` in `gitlab_rails['env']`. +- For source installations, set `export GITLAB_THROTTLE_USER_ALLOWLIST=1,53,217` + in `/etc/default/gitlab`. + +Requests that bypassed the rate limiter because of the user allowlist +are marked with `"throttle_safelist":"throttle_user_allowlist"` in +[`production_json.log`](../../../administration/logs.md#production_jsonlog). + +At application startup, the allowlist is logged in [`auth.log`](../../../administration/logs.md#authlog). + +## Trying out throttling settings before enforcing them + +> [Introduced](https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/629) in GitLab 13.6. + +Trying out throttling settings can be done by setting the +`GITLAB_THROTTLE_DRY_RUN` environment variable to a comma-separated +list of throttle names. + +The possible names are: + +- `throttle_unauthenticated` +- `throttle_authenticated_api` +- `throttle_authenticated_web` +- `throttle_unauthenticated_protected_paths` +- `throttle_authenticated_protected_paths_api` +- `throttle_authenticated_protected_paths_web` + +For example: trying out throttles for all authenticated requests to +non-protected paths could be done by setting +`GITLAB_THROTTLE_DRY_RUN='throttle_authenticated_web,throttle_authenticated_api'`. + +To enable the dry-run mode for all throttles, the variable can be set +to `*`. + +Setting a throttle to dry-run mode will log a message to the +[`auth.log`](../../../administration/logs.md#authlog) when it would +hit the limit, while letting the request continue as normal. The log +message will contain an `env` field set to `track`. The `matched` +field will contain the name of throttle that was hit. + +It is important to set the environment variable **before** enabling +the rate limiting in the settings. The settings in the admin panel +take effect immediately, while setting the environment variable +requires a restart of all the Puma processes. + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/admin_area/settings/visibility_and_access_controls.md b/doc/user/admin_area/settings/visibility_and_access_controls.md index 3740dc95c12..fe1841e7020 100644 --- a/doc/user/admin_area/settings/visibility_and_access_controls.md +++ b/doc/user/admin_area/settings/visibility_and_access_controls.md @@ -1,7 +1,7 @@ --- stage: Create group: Source Code -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers" +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" type: reference --- @@ -43,7 +43,7 @@ To do this: 1. Uncheck the **Allow owners to manage default branch protection per group** checkbox. -NOTE: **Note:** +NOTE: GitLab administrators can still update the default branch protection of a group. ## Default project creation protection @@ -74,7 +74,7 @@ To ensure only admin users can delete projects: By default, a project marked for deletion will be permanently removed with immediate effect. By default, a group marked for deletion will be permanently removed after 7 days. -CAUTION: **Warning:** +WARNING: The default behavior of [Delayed Project deletion](https://gitlab.com/gitlab-org/gitlab/-/issues/32935) in GitLab 12.6 was changed to [Immediate deletion](https://gitlab.com/gitlab-org/gitlab/-/issues/220382) in GitLab 13.2. @@ -151,7 +151,7 @@ For more details, see [Exporting a project and its data](../../../user/project/s > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4696) in GitLab 8.10. -With GitLab's access restrictions, you can select with which protocols users can communicate with +With GitLab access restrictions, you can select with which protocols users can communicate with GitLab. Disabling an access protocol does not block access to the server itself via those ports. The ports @@ -180,7 +180,7 @@ When only one protocol is enabled: On top of these UI restrictions, GitLab will deny all Git actions on the protocol not selected. -CAUTION: **Important:** +WARNING: Starting with [GitLab 10.7](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/18021), HTTP(S) protocol will be allowed for Git clone or fetch requests done by GitLab Runner from CI/CD jobs, even if _Only SSH_ was selected. @@ -208,7 +208,7 @@ To specify a custom Git clone URL for HTTP(S): 1. Enter a root URL for **Custom Git clone URL for HTTP(S)**. 1. Click on **Save changes**. -NOTE: **Note:** +NOTE: SSH clone URLs can be customized in `gitlab.rb` by setting `gitlab_rails['gitlab_ssh_host']` and other related settings. diff --git a/doc/user/admin_area/user_cohorts.md b/doc/user/admin_area/user_cohorts.md index ec0153ac3b6..a95501c0bde 100644 --- a/doc/user/admin_area/user_cohorts.md +++ b/doc/user/admin_area/user_cohorts.md @@ -3,3 +3,6 @@ redirect_to: 'analytics/user_cohorts.md' --- This document was moved to [another location](analytics/user_cohorts.md). + +<!-- This redirect file can be deleted after February 1, 2021. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> |
