diff options
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/development/pipelines.md | 3 | ||||
| -rw-r--r-- | doc/development/testing_guide/end_to_end/index.md | 1 | ||||
| -rw-r--r-- | doc/development/testing_guide/end_to_end/rspec_metadata_tests.md | 13 | ||||
| -rw-r--r-- | doc/security/unlock_user.md | 2 | ||||
| -rw-r--r-- | doc/topics/autodevops/index.md | 9 |
5 files changed, 23 insertions, 5 deletions
diff --git a/doc/development/pipelines.md b/doc/development/pipelines.md index ec0e5df6a92..1454f91ac20 100644 --- a/doc/development/pipelines.md +++ b/doc/development/pipelines.md @@ -91,7 +91,8 @@ and are as follows: 1. For `master` branch, create a pipeline (this includes on schedules, pushes, merges, etc.). 1. For tags, create a pipeline. 1. If `$GITLAB_INTERNAL` isn't set, don't create a pipeline. - 1. For stable, auto-deploy, and security branches, create a pipeline. +1. For stable, auto-deploy, and security branches, create a pipeline. +1. For any other cases (e.g. when pushing a branch with no MR for it), no pipeline is created. ## `rules`, `if:` conditions and `changes:` patterns diff --git a/doc/development/testing_guide/end_to_end/index.md b/doc/development/testing_guide/end_to_end/index.md index 65ee2b0a759..d701af20ec3 100644 --- a/doc/development/testing_guide/end_to_end/index.md +++ b/doc/development/testing_guide/end_to_end/index.md @@ -183,6 +183,7 @@ Continued reading: - [Best Practices](best_practices.md) - [Testing with feature flags](feature_flags.md) - [Flows](flows.md) +- [RSpec metadata/tags](rspec_metadata_tests.md) ## Where can I ask for help? diff --git a/doc/development/testing_guide/end_to_end/rspec_metadata_tests.md b/doc/development/testing_guide/end_to_end/rspec_metadata_tests.md new file mode 100644 index 00000000000..abc7c88b4f2 --- /dev/null +++ b/doc/development/testing_guide/end_to_end/rspec_metadata_tests.md @@ -0,0 +1,13 @@ +# RSpec metadata for end-to-end tests + +This is a partial list of the [RSpec metadata](https://relishapp.com/rspec/rspec-core/docs/metadata/user-defined-metadata) +(a.k.a. tags) that are used in our end-to-end tests. + +<!-- Please keep the tags in alphabetical order --> + +| Tag | Description | +|-|-| +| `:elasticsearch` | The test requires an Elasticsearch service. It is used by the [instance-level scenario](https://gitlab.com/gitlab-org/gitlab-qa#definitions) [`Test::Integration::Elasticsearch`](https://gitlab.com/gitlab-org/gitlab/-/blob/72b62b51bdf513e2936301cb6c7c91ec27c35b4d/qa/qa/ee/scenario/test/integration/elasticsearch.rb) to include only tests that require Elasticsearch. | +| `:orchestrated` | The GitLab instance under test may be [configured by `gitlab-qa`](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/master/docs/what_tests_can_be_run.md#orchestrated-tests) to be different to the default GitLab configuration, or `gitlab-qa` may launch additional services in separate docker containers, or both. Tests tagged with `:orchestrated` are excluded when testing environments where we can't dynamically modify GitLab's configuration (for example, Staging). | +| `:quarantine` | The test has been [quarantined](https://about.gitlab.com/handbook/engineering/quality/guidelines/debugging-qa-test-failures/#quarantining-tests), will run in a separate job that only includes quarantined tests, and is allowed to fail. The test will be skipped in its regular job so that if it fails it will not hold up the pipeline. | +| `:requires_admin` | The test requires an admin account. Tests with the tag are excluded when run against Canary and Production environments. | diff --git a/doc/security/unlock_user.md b/doc/security/unlock_user.md index 7c015525fdf..befb5d12877 100644 --- a/doc/security/unlock_user.md +++ b/doc/security/unlock_user.md @@ -4,7 +4,7 @@ type: howto # How to unlock a locked user from the command line -After six failed login attempts a user gets in a locked state. +After ten failed login attempts a user gets in a locked state. To unlock a locked user: diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md index b078eb25b6a..77e35eee76d 100644 --- a/doc/topics/autodevops/index.md +++ b/doc/topics/autodevops/index.md @@ -744,9 +744,9 @@ workers: By default, all Kubernetes pods are [non-isolated](https://kubernetes.io/docs/concepts/services-networking/network-policies/#isolated-and-non-isolated-pods), -and accept traffic from any source. You can use +meaning that they will accept traffic to and from any source. You can use [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/network-policies/) -to restrict connections to selected pods or namespaces. +to restrict connections to and from selected pods, namespaces, and the Internet. NOTE: **Note:** You must use a Kubernetes network plugin that implements support for @@ -767,7 +767,7 @@ networkPolicy: The default policy deployed by the auto deploy pipeline will allow traffic within a local namespace and from the `gitlab-managed-apps` namespace. All other inbound connection will be blocked. Outbound -traffic is not affected by the default policy. +traffic (for example, to the Internet) is not affected by the default policy. You can also provide a custom [policy specification](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.16/#networkpolicyspec-v1-networking-k8s-io) via the `.gitlab/auto-deploy-values.yaml` file, for example: @@ -788,6 +788,9 @@ networkPolicy: app.gitlab.com/managed_by: gitlab ``` +For more information on how to install Network Policies, see +[Install Cilium using GitLab CI](../../user/clusters/applications.md#install-cilium-using-gitlab-ci). + #### Web Application Firewall (ModSecurity) customization > [Introduced](https://gitlab.com/gitlab-org/charts/auto-deploy-app/-/merge_requests/44) in GitLab 12.8. |