Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
9e26af2dd9
commit
0834f497fc
|
@ -182,16 +182,18 @@ group, GitLab revokes their `admin` role when syncing.
|
|||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/1793) in GitLab 12.0.
|
||||
|
||||
"Lock memberships to LDAP synchronization" setting allows instance administrators
|
||||
to lock down user abilities to invite new members to a group.
|
||||
GitLab administrators can prevent group members from inviting new members to subgroups that have their membership synchronized with LDAP.
|
||||
|
||||
When enabled, the following applies:
|
||||
Global group membership lock only applies to subgroups of the top-level group where LDAP synchronization is configured. No user can modify the
|
||||
membership of a top-level group configured for LDAP synchronization.
|
||||
|
||||
When global group memberships lock is enabled:
|
||||
|
||||
- Only an administrator can manage memberships of any group including access levels.
|
||||
- Users are not allowed to share a project with other groups or invite members to
|
||||
a project created in a group.
|
||||
|
||||
To enable it, you must:
|
||||
To enable global group memberships lock:
|
||||
|
||||
1. [Configure LDAP](index.md#configure-ldap).
|
||||
1. On the top bar, select **Main menu > Admin**.
|
||||
|
|
|
@ -660,7 +660,7 @@ balancer and include sensitive details in assertions that you do not want appear
|
|||
in logs. Most organizations should not need additional encryption at this layer.
|
||||
|
||||
The SAML integration supports EncryptedAssertion. You should define the private
|
||||
key and the public certificate of your GitLab instance in the SAML settings:
|
||||
key and the public certificate of your GitLab instance in the SAML settings. When you define the key and certificate, replace all line feeds in the key file with `\n`. This makes the key file one long string with no line feeds.
|
||||
|
||||
```yaml
|
||||
args: {
|
||||
|
@ -669,12 +669,8 @@ args: {
|
|||
idp_sso_target_url: 'https://login.example.com/idp',
|
||||
issuer: 'https://gitlab.example.com',
|
||||
name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
|
||||
certificate: '-----BEGIN CERTIFICATE-----
|
||||
<redacted>
|
||||
-----END CERTIFICATE-----',
|
||||
private_key: '-----BEGIN PRIVATE KEY-----
|
||||
<redacted>
|
||||
-----END PRIVATE KEY-----'
|
||||
certificate: '-----BEGIN CERTIFICATE-----\n<redacted>\n-----END CERTIFICATE-----',
|
||||
private_key: '-----BEGIN PRIVATE KEY-----\n<redacted>\n-----END PRIVATE KEY-----'
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -703,12 +699,8 @@ args: {
|
|||
idp_sso_target_url: 'https://login.example.com/idp',
|
||||
issuer: 'https://gitlab.example.com',
|
||||
name_identifier_format: 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
|
||||
certificate: '-----BEGIN CERTIFICATE-----
|
||||
<redacted>
|
||||
-----END CERTIFICATE-----',
|
||||
private_key: '-----BEGIN PRIVATE KEY-----
|
||||
<redacted>
|
||||
-----END PRIVATE KEY-----',
|
||||
certificate: '-----BEGIN CERTIFICATE-----\n<redacted>\n-----END CERTIFICATE-----',
|
||||
private_key: '-----BEGIN PRIVATE KEY-----\n<redacted>\n-----END PRIVATE KEY-----',
|
||||
security: {
|
||||
authn_requests_signed: true, # enable signature on AuthNRequest
|
||||
want_assertions_signed: true, # enable the requirement of signed assertion
|
||||
|
|
|
@ -1,7 +1,11 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module QA
|
||||
RSpec.describe 'Create', :reliable, product_group: :editor do
|
||||
RSpec.describe 'Create', :reliable, product_group: :editor, quarantine: {
|
||||
only: { subdomain: 'pre' },
|
||||
type: :investigating,
|
||||
issue: 'https://gitlab.com/gitlab-org/gitlab/-/issues/378697'
|
||||
} do
|
||||
describe 'Multiple file snippet' do
|
||||
let(:first_file_content) { 'First file content' }
|
||||
let(:second_file_content) { 'Second file content' }
|
||||
|
|
Loading…
Reference in New Issue