Add latest changes from gitlab-org/gitlab@master
This commit is contained in:
parent
2ccc9aaf48
commit
12866a3931
|
@ -83,3 +83,5 @@ module Ci
|
|||
end
|
||||
end
|
||||
end
|
||||
|
||||
Ci::BuildMetadata.prepend_if_ee('EE::Ci::BuildMetadata')
|
||||
|
|
|
@ -0,0 +1,30 @@
|
|||
{
|
||||
"description": "CI builds metadata secrets",
|
||||
"type": "object",
|
||||
"patternProperties": {
|
||||
".*": {
|
||||
"type": "object",
|
||||
"patternProperties": {
|
||||
"^vault$": {
|
||||
"type": "object",
|
||||
"required": ["path", "field", "engine"],
|
||||
"properties": {
|
||||
"path": { "type": "string" },
|
||||
"field": { "type": "string" },
|
||||
"engine": {
|
||||
"type": "object",
|
||||
"required": ["name", "path"],
|
||||
"properties": {
|
||||
"path": { "type": "string" },
|
||||
"name": { "type": "string" }
|
||||
},
|
||||
"additionalProperties": false
|
||||
}
|
||||
},
|
||||
"additionalProperties": false
|
||||
}
|
||||
},
|
||||
"additionalProperties": false
|
||||
}
|
||||
}
|
||||
}
|
|
@ -86,34 +86,22 @@
|
|||
%li
|
||||
%span.light Current sign-in IP:
|
||||
%strong
|
||||
- if @user.current_sign_in_ip # rubocop:disable Style/RedundantCondition
|
||||
= @user.current_sign_in_ip
|
||||
- else
|
||||
never
|
||||
= @user.current_sign_in_ip || _('never')
|
||||
|
||||
%li
|
||||
%span.light Current sign-in at:
|
||||
%strong
|
||||
- if @user.current_sign_in_at
|
||||
= @user.current_sign_in_at.to_s(:medium)
|
||||
- else
|
||||
never
|
||||
= @user.current_sign_in_at&.to_s(:medium) || _('never')
|
||||
|
||||
%li
|
||||
%span.light Last sign-in IP:
|
||||
%strong
|
||||
- if @user.last_sign_in_ip # rubocop:disable Style/RedundantCondition
|
||||
= @user.last_sign_in_ip
|
||||
- else
|
||||
never
|
||||
= @user.last_sign_in_ip || _('never')
|
||||
|
||||
%li
|
||||
%span.light Last sign-in at:
|
||||
%strong
|
||||
- if @user.last_sign_in_at
|
||||
= @user.last_sign_in_at.to_s(:medium)
|
||||
- else
|
||||
never
|
||||
= @user.last_sign_in_at&.to_s(:medium) || _('never')
|
||||
|
||||
%li
|
||||
%span.light Sign-in count:
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
- elsif type == 'checkbox'
|
||||
= form.check_box name
|
||||
- elsif type == 'select'
|
||||
= form.select name, options_for_select(choices, value ? value : default_choice), {}, { class: "form-control"} # rubocop:disable Style/RedundantCondition
|
||||
= form.select name, options_for_select(choices, value || default_choice), {}, { class: "form-control"}
|
||||
- elsif type == 'password'
|
||||
= form.password_field name, autocomplete: "new-password", placeholder: placeholder, class: "form-control", required: value.blank? && required, data: { qa_selector: "#{name.downcase.gsub('\s', '')}_field" }
|
||||
- if help
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Add ci_builds_metadata.secrets column
|
||||
merge_request: 34480
|
||||
author:
|
||||
type: added
|
|
@ -0,0 +1,19 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
class AddSecretsToCiBuildsMetadata < ActiveRecord::Migration[6.0]
|
||||
include Gitlab::Database::MigrationHelpers
|
||||
|
||||
DOWNTIME = false
|
||||
|
||||
def up
|
||||
with_lock_retries do
|
||||
add_column :ci_builds_metadata, :secrets, :jsonb, default: {}, null: false
|
||||
end
|
||||
end
|
||||
|
||||
def down
|
||||
with_lock_retries do
|
||||
remove_column :ci_builds_metadata, :secrets
|
||||
end
|
||||
end
|
||||
end
|
|
@ -1075,7 +1075,8 @@ CREATE TABLE public.ci_builds_metadata (
|
|||
config_variables jsonb,
|
||||
has_exposed_artifacts boolean,
|
||||
environment_auto_stop_in character varying(255),
|
||||
expanded_environment_name character varying(255)
|
||||
expanded_environment_name character varying(255),
|
||||
secrets jsonb DEFAULT '{}'::jsonb NOT NULL
|
||||
);
|
||||
|
||||
CREATE SEQUENCE public.ci_builds_metadata_id_seq
|
||||
|
@ -14047,6 +14048,7 @@ COPY "schema_migrations" (version) FROM STDIN;
|
|||
20200602143020
|
||||
20200603073101
|
||||
20200603180338
|
||||
20200604001128
|
||||
20200604143628
|
||||
20200604145731
|
||||
20200604174544
|
||||
|
|
|
@ -163,7 +163,7 @@ configuration.
|
|||
|
||||
#### Encrypted S3 buckets
|
||||
|
||||
> Introduced in [GitLab 13.1](https://gitlab.com/gitlab-org/gitlab-workhorse/-/merge_requests/466) only for instance profiles.
|
||||
> Introduced in [GitLab 13.1](https://gitlab.com/gitlab-org/gitlab-workhorse/-/merge_requests/466) for instance profiles only.
|
||||
|
||||
When configured to use an instance profile, GitLab Workhorse
|
||||
will properly upload files to S3 buckets that have [SSE-S3 or SSE-KMS
|
||||
|
@ -185,44 +185,48 @@ that properly computes and sends the `Content-MD5` header to the server,
|
|||
which eliminates the need for comparing ETag headers. If the data is
|
||||
corrupted in transit, the S3 server will reject the file.
|
||||
|
||||
#### IAM Permissions
|
||||
##### Disabling the feature
|
||||
|
||||
To set up an instance profile, create an Amazon Identity Access and
|
||||
Management (IAM) role with the necessary permissions. The following
|
||||
example is a role for an S3 bucket named `test-bucket`:
|
||||
The Workhorse S3 client is enabled by default when the
|
||||
[`use_iam_profile` configuration option](#iam-permissions) is set to `true`.
|
||||
|
||||
```json
|
||||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Sid": "VisualEditor0",
|
||||
"Effect": "Allow",
|
||||
"Action": [
|
||||
"s3:PutObject",
|
||||
"s3:GetObject",
|
||||
"s3:AbortMultipartUpload",
|
||||
"s3:DeleteObject"
|
||||
],
|
||||
"Resource": "arn:aws:s3:::test-bucket/*"
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
Associate this role with your GitLab instance, and then configure GitLab
|
||||
to use it via the `use_iam_profile` configuration option. For example,
|
||||
when configuring uploads to use object storage, see the `AWS IAM profiles`
|
||||
section in [S3 compatible connection settings](uploads.md#s3-compatible-connection-settings).
|
||||
|
||||
#### Disabling the feature
|
||||
|
||||
The Workhorse S3 client is only enabled when the `use_iam_profile`
|
||||
configuration flag is `true`.
|
||||
|
||||
To disable this feature, ask a GitLab administrator with [Rails console access](feature_flags.md#how-to-enable-and-disable-features-behind-flags) to run the
|
||||
The feature can be disabled using the `:use_workhorse_s3_client` feature flag. To disable the
|
||||
feature, ask a GitLab administrator with
|
||||
[Rails console access](feature_flags.md#how-to-enable-and-disable-features-behind-flags) to run the
|
||||
following command:
|
||||
|
||||
```ruby
|
||||
Feature.disable(:use_workhorse_s3_client)
|
||||
```
|
||||
|
||||
#### IAM Permissions
|
||||
|
||||
To set up an instance profile:
|
||||
|
||||
1. Create an Amazon Identity Access and Management (IAM) role with the necessary permissions. The
|
||||
following example is a role for an S3 bucket named `test-bucket`:
|
||||
|
||||
```json
|
||||
{
|
||||
"Version": "2012-10-17",
|
||||
"Statement": [
|
||||
{
|
||||
"Sid": "VisualEditor0",
|
||||
"Effect": "Allow",
|
||||
"Action": [
|
||||
"s3:PutObject",
|
||||
"s3:GetObject",
|
||||
"s3:AbortMultipartUpload",
|
||||
"s3:DeleteObject"
|
||||
],
|
||||
"Resource": "arn:aws:s3:::test-bucket/*"
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
1. [Attach this role](https://aws.amazon.com/premiumsupport/knowledge-center/attach-replace-ec2-instance-profile/)
|
||||
to the EC2 instance hosting your GitLab instance.
|
||||
1. Configure GitLab to use it via the `use_iam_profile` configuration option. For example, when
|
||||
configuring uploads to use object storage, see the `AWS IAM profiles` section in
|
||||
[S3-compatible connection settings](uploads.md#s3-compatible-connection-settings).
|
||||
|
|
|
@ -70,7 +70,7 @@ For source installations the following settings are nested under `uploads:` and
|
|||
| `proxy_download` | Set to true to enable proxying all files served. Option allows to reduce egress traffic as this allows clients to download directly from remote storage instead of proxying all data | `false` |
|
||||
| `connection` | Various connection options described below | |
|
||||
|
||||
### S3 compatible connection settings
|
||||
### S3-compatible connection settings
|
||||
|
||||
The connection settings match those provided by [Fog](https://github.com/fog), and are as follows:
|
||||
|
||||
|
|
|
@ -15,7 +15,7 @@ cloud provider more easily.
|
|||
|
||||
## AWS
|
||||
|
||||
GitLab provides Docker images to simplify working with AWS, and a template to make
|
||||
GitLab provides Docker images that you can use to [run AWS commands from GitLab CI/CD](#run-aws-commands-from-gitlab-cicd), and a template to make
|
||||
it easier to [deploy to AWS](#deploy-your-application-to-the-aws-elastic-container-service-ecs).
|
||||
|
||||
### Run AWS commands from GitLab CI/CD
|
||||
|
@ -87,6 +87,11 @@ GitLab provides a series of [CI templates that you can include in your project](
|
|||
To automate deployments of your application to your [Amazon Elastic Container Service](https://aws.amazon.com/ecs/) (AWS ECS)
|
||||
cluster, you can `include` the `Deploy-ECS.gitlab-ci.yml` template in your `.gitlab-ci.yml` file.
|
||||
|
||||
GitLab also provides [Docker images](https://gitlab.com/gitlab-org/cloud-deploy/-/tree/master/aws) that can be used in your `gitlab-ci.yml` file to simplify working with AWS:
|
||||
|
||||
- Use `registry.gitlab.com/gitlab-org/cloud-deploy/aws-base:latest` to use AWS CLI commands.
|
||||
- Use `registry.gitlab.com/gitlab-org/cloud-deploy/aws-ecs:latest` to deploy your application to AWS ECS.
|
||||
|
||||
Before getting started with this process, you need a cluster on AWS ECS, as well as related
|
||||
components, like an ECS service, ECS task definition, a database on AWS RDS, etc.
|
||||
[Read more about AWS ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/Welcome.html).
|
||||
|
|
|
@ -133,28 +133,28 @@ build_b:
|
|||
|
||||
test_a:
|
||||
stage: test
|
||||
needs: build_a
|
||||
needs: [build_a]
|
||||
script:
|
||||
- echo "This test job will start as soon as build_a finishes."
|
||||
- echo "It will not wait for build_b, or other jobs in the build stage, to finish."
|
||||
|
||||
test_b:
|
||||
stage: test
|
||||
needs: build_b
|
||||
needs: [build_b]
|
||||
script:
|
||||
- echo "This test job will start as soon as build_b finishes."
|
||||
- echo "It will not wait for other jobs in the build stage to finish."
|
||||
|
||||
deploy_a:
|
||||
stage: deploy
|
||||
needs: test_a
|
||||
needs: [test_a]
|
||||
script:
|
||||
- echo "Since build_a and test_a run quickly, this deploy job can run much earlier."
|
||||
- echo "It does not need to wait for build_b or test_b."
|
||||
|
||||
deploy_b:
|
||||
stage: deploy
|
||||
needs: test_b
|
||||
needs: [test_b]
|
||||
script:
|
||||
- echo "Since build_b and test_b run slowly, this deploy job will run much later."
|
||||
```
|
||||
|
@ -228,13 +228,13 @@ build_a:
|
|||
|
||||
test_a:
|
||||
stage: test
|
||||
needs: build_a
|
||||
needs: [build_a]
|
||||
script:
|
||||
- echo "This job tests something."
|
||||
|
||||
deploy_a:
|
||||
stage: deploy
|
||||
needs: test_a
|
||||
needs: [test_a]
|
||||
script:
|
||||
- echo "This job deploys something."
|
||||
```
|
||||
|
@ -257,13 +257,13 @@ build_b:
|
|||
|
||||
test_b:
|
||||
stage: test
|
||||
needs: build_b
|
||||
needs: [build_b]
|
||||
script:
|
||||
- echo "This job tests something else."
|
||||
|
||||
deploy_b:
|
||||
stage: deploy
|
||||
needs: test_b
|
||||
needs: [test_b]
|
||||
script:
|
||||
- echo "This job deploys something else."
|
||||
```
|
||||
|
|
|
@ -38,9 +38,14 @@ multiple projects.
|
|||
If you are using a self-managed instance of GitLab, your administrator can create
|
||||
shared Runners and configure them to use the
|
||||
[executor](https://docs.gitlab.com/runner/executors/README.html) you want.
|
||||
The administrator can also configure a maximum number of Shared Runner [pipeline minutes for
|
||||
each group](../../user/admin_area/settings/continuous_integration.md#shared-runners-pipeline-minutes-quota-starter-only).
|
||||
|
||||
If you are using GitLab.com, you can select from a list of
|
||||
[shared Runners that GitLab maintains](../../user/gitlab_com/index.md#shared-runners).
|
||||
You can use Shared Runners for a limited number of
|
||||
[minutes](../../subscriptions/index.md#ci-pipeline-minutes) each month, based on
|
||||
your [GitLab.com tier](https://about.gitlab.com/pricing/).
|
||||
|
||||
#### How shared Runners pick jobs
|
||||
|
||||
|
|
|
@ -18,7 +18,7 @@ To enable (or disable) [Auto DevOps](../../../topics/autodevops/index.md)
|
|||
for all projects:
|
||||
|
||||
1. Go to **Admin Area > Settings > CI/CD**
|
||||
1. Check (or uncheck to disable) the box that says "Default to Auto DevOps pipeline for all projects"
|
||||
1. Check (or uncheck to disable) the box that says **Default to Auto DevOps pipeline for all projects**.
|
||||
1. Optionally, set up the [Auto DevOps base domain](../../../topics/autodevops/index.md#auto-devops-base-domain)
|
||||
which is going to be used for Auto Deploy and Auto Review Apps.
|
||||
1. Hit **Save changes** for the changes to take effect.
|
||||
|
@ -48,19 +48,19 @@ To change it at the:
|
|||
|
||||
1. Go to **Admin Area > Settings > CI/CD**.
|
||||
1. Change the value of maximum artifacts size (in MB).
|
||||
1. Hit **Save changes** for the changes to take effect.
|
||||
1. Click **Save changes** for the changes to take effect.
|
||||
|
||||
- [Group level](../../group/index.md#group-settings) (this will override the instance setting):
|
||||
|
||||
1. Go to the group's **Settings > CI / CD > General Pipelines**.
|
||||
1. Change the value of **maximum artifacts size (in MB)**.
|
||||
1. Press **Save changes** for the changes to take effect.
|
||||
1. Click **Save changes** for the changes to take effect.
|
||||
|
||||
- [Project level](../../../ci/pipelines/settings.md) (this will override the instance and group settings):
|
||||
|
||||
1. Go to the project's **Settings > CI / CD > General Pipelines**.
|
||||
1. Change the value of **maximum artifacts size (in MB)**.
|
||||
1. Press **Save changes** for the changes to take effect.
|
||||
1. Click **Save changes** for the changes to take effect.
|
||||
|
||||
NOTE: **Note**
|
||||
The setting at all levels is only available to GitLab administrators.
|
||||
|
@ -74,7 +74,7 @@ and the default value is `30 days`.
|
|||
|
||||
1. Go to **Admin Area > Settings > CI/CD**.
|
||||
1. Change the value of default expiration time.
|
||||
1. Hit **Save changes** for the changes to take effect.
|
||||
1. Click **Save changes** for the changes to take effect.
|
||||
|
||||
This setting is set per job and can be overridden in
|
||||
[`.gitlab-ci.yml`](../../../ci/yaml/README.md#artifactsexpire_in).
|
||||
|
@ -100,9 +100,10 @@ On GitLab.com, the quota is calculated based on your
|
|||
|
||||
To change the pipelines minutes quota:
|
||||
|
||||
1. Go to **Admin Area > Settings > CI/CD**
|
||||
1. Set the pipeline minutes quota limit.
|
||||
1. Hit **Save changes** for the changes to take effect
|
||||
1. Go to **Admin Area > Settings > CI/CD**.
|
||||
1. Expand **Continuous Integration and Deployment**.
|
||||
1. In the **Pipeline minutes quota** box, enter the maximum number of minutes.
|
||||
1. Click **Save changes** for the changes to take effect.
|
||||
|
||||
---
|
||||
|
||||
|
@ -111,8 +112,8 @@ also change each group's pipeline minutes quota to override the global value.
|
|||
|
||||
1. Navigate to the **Admin Area > Overview > Groups** and hit the **Edit**
|
||||
button for the group you wish to change the pipeline minutes quota.
|
||||
1. Set the pipeline minutes quota to the desired value
|
||||
1. Hit **Save changes** for the changes to take effect.
|
||||
1. In the **Pipeline Minutes Quota** box, enter the maximum number of minutes.
|
||||
1. Click **Save changes** for the changes to take effect.
|
||||
|
||||
Once saved, you can see the build quota in the group admin view.
|
||||
The quota can also be viewed in the project admin view if shared Runners
|
||||
|
@ -142,6 +143,8 @@ Once that time passes, the jobs will be archived and no longer able to be
|
|||
retried. Make it empty to never expire jobs. It has to be no less than 1 day,
|
||||
for example: <code>15 days</code>, <code>1 month</code>, <code>2 years</code>.
|
||||
|
||||
As of June 22, 2020 the [value is set](../../gitlab_com/index.md#gitlab-cicd) to 3 months on GitLab.com. Jobs created before that date will be archived after September 22, 2020.
|
||||
|
||||
## Default CI configuration path
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18073) in GitLab 12.5.
|
||||
|
|
|
@ -83,6 +83,7 @@ Below are the current settings regarding [GitLab CI/CD](../../ci/README.md).
|
|||
| [Max jobs in active pipelines](../../administration/instance_limits.md#number-of-jobs-in-active-pipelines) | `500` for Free tier, unlimited otherwise | Unlimited
|
||||
| [Max pipeline schedules in projects](../../administration/instance_limits.md#number-of-pipeline-schedules) | `10` for Free tier, `50` for all paid tiers | Unlimited |
|
||||
| [Max number of instance level variables](../../administration/instance_limits.md#number-of-instance-level-variables) | `25` | `25` |
|
||||
| [Scheduled Job Archival](../../user/admin_area/settings/continuous_integration.md#archive-jobs-core-only) | 3 months | Never |
|
||||
|
||||
## Repository size limit
|
||||
|
||||
|
|
|
@ -27428,6 +27428,9 @@ msgstr ""
|
|||
msgid "needs to be between 10 minutes and 1 month"
|
||||
msgstr ""
|
||||
|
||||
msgid "never"
|
||||
msgstr ""
|
||||
|
||||
msgid "never expires"
|
||||
msgstr ""
|
||||
|
||||
|
|
Loading…
Reference in New Issue